Buffer Over Flow Help3r

1. <?
2.  
3. # Tester !
4.  
5. if($_POST['tester']){
6.  
7. header("Content-disposition: filename=".$_POST['fn']);
8. header('Content-type: unknown/unknown');
9.  
10. for($i=0; $i<= $_POST['num'] ; $i++){
11. echo ($_POST['option'] == 'A') ?"A" : md5($i);
12. }
13.  
14. exit;
15.  
16. }
17.  
18. # Reverse and Hex Decode !
19.  
20. if($_POST['decode']){
21.  
22. $r = array(6,4,2,0);
23.  
24. foreach($r as $n){
25.  
26. $x[]=substr($_POST['hex'],$n,2);
27.  
28. }
29.  
30. $result=hexstr(implode($x));
31.  
32. }
33.  
34. # buffer !
35.  
36. if($_POST['bf']){
37.  
38.  
39. $x = explode($_POST["buff"],file_get_contents($_FILES["f2"]["tmp_name"]));
40.  
41. $buffer = strlen($x[0]);
42.  
43. }
44.  
45. # revrse title !
46.  
47. if($_POST['rt']){
48.  
49. $r = array(6,4,2,0);
50.  
51. foreach($r as $n){
52.  
53. $x[]="\x".substr($_POST['ret'],$n,2);
54.  
55. }
56.  
57. $rt=implode($x);
58.  
59. }
60.  
61.  
62. ?>
63.  
64. <html>
65.  
66. <head>
67. <meta http-equiv="Content-Language" content="fr">
68. <meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
69. <title>Buffer Over Flow Help3r by Inconnu Dz</title>
70. <link rel="stylesheet" type="text/css" href="https://www.facebook.com/ghost.attack.dz" />
71. <style>
72. *{ background:black; color:white; font-family:Verdana; font-size:12;}
73. </style>
74. </head>
75.  
76. <body>
77.  
78. <p align="center">&nbsp;</p>
79. <p align="center">&nbsp;</p>
80. <p align="center">
81. <p align="center"><br>
82.  
83. </p>
84.  
85. <form method="POST" action="">
86.     <p align="center">Test3r : <select size="1" name="option">
87.     <option>A</option>
88.     <option>md5</option>
89.     </select> <input type="text" name="num" size="7" value="5000"><input type="text" name="fn" size="8" value="test.m3u">
90.     <input type="submit" value="Make .!" name="tester"></p>
91. </form>
92. <hr width="40%">
93. <form method="POST" action="">
94.     <p align="center">Reverse and Hex Decode :
95.     <input type="text" name="hex" size="15"><input type="submit" value="Decode !" name="decode"></p>
96. </form>
97. <p align="center"><? echo ($result) ? "# Result : [ <b>".$result."</b> ]":""; ?></p>
98. <hr width="40%">
99. <form method="POST" enctype="multipart/form-data" action="">
100.     <p align="center">Junk num : <input type="text" name="buff" size="10" value="hex result"> <input type="file" name="f2" size="20"><input type="submit" value="Do it !" name="bf"></p>
101. </form>
102. <p align="center"><? echo ($buffer) ? "# junk is : [ <b>".$buffer."</b> ] :D":""; ?></p>
103. <hr width="40%">
104. <form method="POST" action="">
105.     <p align="center">Reverse Title : <input type="text" name="ret" size="10" value=""><input type="submit" value="Do it !" name="rt"></p>
106. </form>
107. <p align="center"><? echo ($rt) ? "# Ret is : [ <b>".$rt."</b> ] :D":"<br>"; ?></p>
108. <p align="center"><b>
109. <a href="https://www.facebook.com/ghost.attack.dz">By Inconnu Dz</a>
110. <p align="center">&nbsp;</p>
111.  
112. </body>
113.  
114. </html>
115. <?
116.  
117. # Functions !
118.  
119. Function hexstr($hexstr) {
120.   $hexstr = str_replace(' ', '', $hexstr);
121.   $hexstr = str_replace('\x', '', $hexstr);
122.   $retstr = pack('H*', $hexstr);
123.   return $retstr;
124. }
125.  
126. ?>