Jump to content
albertynos

PHP Shell Finder

By albertynos, in Programe utile

Recommended Posts

Ganav Newbie

Ganav

Posted
Posted

Am observat ca sunt unele probleme legate de sintaxa(in array-ul de shell-uri exista o intrare de tipul ...,"shell1.php",,"shell2.php". Codul editat este mai jos:

<p align="center"> <img border="0? src="http://img213.imageshack.us/img213/2766/76507468.jpg"</p>

<link href="http://dz48-coders.org/indexi/pic/favicon.ico" type="image/x-icon" rel="shortcut icon" />

<title>PHP Shell Finder by PirateHack ~ UBERS</title>

<body background="http://i.imgur.com/Hu89kme.png" bgcolor="black">

   <style> body,td,th{ font: 8pt Lucida,Tahoma;margin:0;vertical-align:top;color:#00ff00; } table.info{ color:#000;background-color:#222; } span,h1,a{ color: $color !important; } span{ font-weight: bolder; } h1{ border-left:7px solid $color;padding: 3px 5px;font: 14pt Verdana;background-color:#333;margin:0px; } div.content{ padding: 5px;margin-left:5px;background-color:#222; } a{ text-decoration:none; } a:hover{ text-decoration:underline; } .ml1{ border:1px solid #555;padding:5px;margin:0;overflow: auto; } .bigarea{ width:100%;height:300px; } input,textarea,select{ margin:0;color:#999;background-color:#222;border:1px solid $color; font: 8pt Tahoma,’Tahoma’; } form{ margin:0px; } #toolsTbl{ text-align:center; } .toolsInp{ width: 300px } .main th{text-align:left;background-color:#5e5e5e;} .main tr:hover{background-color:#5e5e5e} .l1{background-color:#444} .l2{background-color:#333} pre{font-family:Courier,Monospace;} .found { color: #008000; font-weight: bold; } .damane { color: #FFFF00; font-weight: bold; } .scan { color: #A52A2A; font-weight: bold; } .start { color: #0000FF; font-weight: bold; } // –> </style>

   </head>  

   <body>

      <p align="center"> </p>

      <p align="center"> </p>

      <p align="center"> </p>

      <p align="center"><font color="FC0000" size="4"> SHELL Finder by PirateHack ~ UBERS.org, Edit by TheB</font></p>

      <br> 

      <form action="" method="post">

         <p align="center"> <input name="traget" type="text" size="30" value="http://website.com"/><br> <br><br> <input name="scan" size="80" value="SCAN THIS" type="submit"> 

      </form>

      <?php  /*  Coded by PirateHack  Website: HackShqip.AL  */  

		set_time_limit(0);  

		if (isset($_POST["scan"])) 

		{  

			$url = $_POST['traget'];  

			echo "<br /><span class=\"start\">Scanning ".$url."<br /><br /></span>";  

			echo "Results:<br /><br />";  

			$shells = array("WSO.php", "dz.php", "cpanel.php", "cpn.php","sql.php","mysql.php","madspot.php", "Cgishell.pl","killer.php","changeall.php","2.php","Sh3ll.php","dz0.php","dam.php","user.php","dom.php","whmcs.php", "vb.zip","r00t.php","c99.php","gaza.php","1.php","wp.zip"."wp-content/plugins/disqus-comment-system/disqus.php" , "d0mains.php","wp-content/plugins/akismet/akismet.php","madspotshell.php","Sym.php","c22.php","c100.php", "wp-content/plugins/akismet/admin.php#","wp-content/plugins/google-sitemap-generator/sitemap-core.php#", "wp-content/plugins/akismet/widget.php#","Cpanel.php","zone-h.php","tmp/user.php","tmp/Sym.php","cp.php", "tmp/madspotshell.php","tmp/root.php","tmp/whmcs.php","tmp/index.php","tmp/2.php","tmp/dz.php","tmp/cpn.php", "tmp/changeall.php","tmp/Cgishell.pl","tmp/sql.php","tmp/admin.php","cliente/downloads/h4xor.php", "whmcs/downloads/dz.php","L3b.php","d.php","tmp/d.php","tmp/L3b.php","wp-content/plugins/akismet/admin.php", "templates/rhuk_milkyway/index.php","templates/beez/index.php","admin1.php","upload.php","up.php","vb.zip","vb.rar", "admin2.asp","uploads.php","sa.php","sysadmins/","admin1/","administration/Sym.php","images/Sym.php", "/r57.php","/wp-content/plugins/disqus-comment-system/disqus.php","/shell.php","/sa.php","/admin.php", "/sa2.php","/2.php","/gaza.php","/up.php","/upload.php","/uploads.php","/templates/beez/index.php","shell.php","/amad.php", "/t00.php","/dz.php","/site.rar","/Black.php","/site.tar.gz","/home.zip","/home.rar","/home.tar","/home.tar.gz", "/forum.zip","/forum.rar","/forum.tar","/forum.tar.gz","/test.txt","/ftp.txt","/user.txt","/site.txt", "/cpanel","/awstats","/site.sql","/vb.sql","/forum.sql","/backup.sql","/back.sql","/data.sql","wp.rar/", "wp-content/plugins/disqus-comment-system/disqus.php","asp.aspx","/templates/beez/index.php","tmp/vaga.php", "tmp/killer.php","whmcs.php","tmp/killer.php","tmp/domaine.pl","tmp/domaine.php","useradmin/", "tmp/d0maine.php","d0maine.php","tmp/sql.php","tmp/dz1.php","dz1.php","forum.zip","Symlink.php","Symlink.pl", "forum.rar","joomla.zip","joomla.rar","wp.php","buck.sql","sysadmin.php","images/c99.php", "xd.php", "c100.php", "spy.aspx","xd.php","tmp/xd.php","sym/root/home/","billing/killer.php","tmp/upload.php","tmp/admin.php", "Server.php","tmp/uploads.php","tmp/up.php","Server/","wp-admin/c99.php","tmp/priv8.php","priv8.php","cgi.pl/", "tmp/cgi.pl","downloads/dom.php","templates/ja-helio-farsi/index.php","webadmin.html","admins.php", "/wp-content/plugins/count-per-day/js/yc/d00.php", "admins/","admins.asp","admins.php","test.php","/image/WSO.php","/image/dz.php","/images/cpanel.php","/image/cpn.php","/image/sql.php","/image/mysql.php","/image/madspot.php", "/image/Cgishell.pl","/image/killer.php","/image/changeall.php","/image/2.php","/image/Sh3ll.php","/image/dz0.php","/image/dam.php","/image/user.php","/image/dom.php","/image/whmcs.php", "/image/vb.zip","/image/r00t.php","/image/c99.php","/image/gaza.php","/image/1.php","/image/wp.zip"."wp-content/images/disqus.php", "/image/d0mains.php","wp-content/images/akismet.php","/image/madspotshell.php","/image/Sym.php","/image/c22.php","/image/c100.php", "wp-content/images/admin.php#","wp-content/images/sitemap-core.php#", "wp-content/images/widget.php#","Cpanel.php","zone-h.php","tmp/user.php","tmp/Sym.php","cp.php", "/image/madspotshell.php","/image/root.php","/image/whmcs.php","/image/index.php","/image/2.php","/image/dz.php","/image/cpn.php", "/image/changeall.php","/image/Cgishell.pl","/image/sql.php","/image/admin.php","/image/h4xor.php", "/image/dz.php","/image/L3b.php","/image/d.php","/image/d.php","/image/L3b.php","wp-content/images/admin.php", "templates/rhuk_milkyway/index.php","templates/beez/index.php","admin1.php","upload.php","up.php","vb.zip","vb.rar", "/image/admin2.asp","/image/uploads.php","/image/sa.php","/image/sysadmins/","/image/admin1/","/image/Sym.php","images/Sym.php", "/image/r57.php","/wp-content/images/disqus.php","/image/shell.php","/image/sa.php","/image/admin.php", "/image/sa2.php","/2.php","/image/gaza.php","/image/up.php","/image/upload.php","/image/uploads.php","/image/index.php","/image/shell.php","/image/amad.php", "/image/t00.php","/image/dz.php","/image/site.rar","/image/Black.php","/image/site.tar.gz","/image/home.zip","/image/home.rar","/image/home.tar","/image/home.tar.gz", "/image/forum.zip","/image/forum.rar","/image/forum.tar","/image/forum.tar.gz","/image/test.txt","/image/ftp.txt","/user.txt","/site.txt", "/admin/cpanel","/awstats","/image/site.sql","/image/vb.sql","/image/forum.sql","/image/backup.sql","/image/back.sql","/image/data.sql","/image/wp.rar/", "wp-content/images/disqus.php","/image/asp.aspx","/image/index.php","/image/vaga.php", "/image/killer.php","/image/whmcs.php","/image/killer.php","/images/domaine.pl","/image/domaine.php","/image/useradmin/", "/image/d0maine.php","/image/d0maine.php","/image/sql.php","/images/dz1.php","/image/dz1.php","/image/forum.zip","/image/Symlink.php","/image/Symlink.pl", "forum.rar","joomla.zip","joomla.rar","wp.php","buck.sql","sysadmin.php","images/c99.php", "xd.php", "c100.php", "spy.aspx","xd.php","tmp/xd.php","sym/root/home/","billing/killer.php","tmp/upload.php","tmp/admin.php", "Server.php","/image/uploads.php","/image/up.php","Server/","/image/c99.php","/images/priv8.php","/image/priv8.php","/image/cgi.pl/", "/image/cgi.pl","/image/dom.php","/images/index.php","/image/webadmin.html","/image/admins.php", "/wp-content/image/d00.php", "/image/admins/","/image/admins.asp","/image/admins.php","/image/test.php","/images/WSO.php","/images/dz.php","/e107_administrator/cpanel.php","/images/cpn.php","/images/sql.php","/images/mysql.php","/image/madspot.php", "/images/Cgishell.pl","/images/killer.php","/images/changeall.php","/images/2.php","/images/Sh3ll.php","/images/dz0.php","/images/dam.php","/images/user.php","/images/dom.php","/images/whmcs.php", "/images/vb.zip","/images/r00t.php","/images/c99.php","/images/gaza.php","/images/1.php","/images/wp.zip"."wp-content/disqus.php", "/image/d0mains.php","wp-content/images/akismet.php","/image/madspotshell.php","/image/Sym.php","/image/c22.php","/image/c100.php", "wp-content/images/admin.php#","wp-content/images/sitemap-core.php#", "wp-content/images/widget.php#","Cpanel.php","zone-h.php","tmp/user.php","tmp/Sym.php","cp.php", "/image/madspotshell.php","/image/root.php","/image/whmcs.php","/image/index.php","/image/2.php","/image/dz.php","/image/cpn.php", "/image/changeall.php","/image/Cgishell.pl","/image/sql.php","/image/admin.php","/image/h4xor.php", "/image/dz.php","/image/L3b.php","/image/d.php","/image/d.php","/image/L3b.php","wp-content/images/admin.php", "templates/rhuk_milkyway/index.php","templates/beez/index.php","admin1.php","upload.php","up.php","vb.zip","vb.rar", "/images/admin2.asp","/images/uploads.php","/images/sa.php","/images/sysadmins/","/images/admin1/","/images/Sym.php","images/Sym.php", "/images/r57.php","/wp-content/disqus.php","/images/shell.php","/images/sa.php","/images/admin.php", "/images/sa2.php","images/2.php","/images/gaza.php","/images/up.php","/images/upload.php","/images/uploads.php","/images/index.php","/images/shell.php","/images/amad.php", "/images/t00.php","/images/dz.php","/images/site.rar","/images/Black.php","/images/site.tar.gz","/images/home.zip","/images/home.rar","/images/home.tar","/images/home.tar.gz", "/images/forum.zip","/images/forum.rar","/images/forum.tar","/images/forum.tar.gz","/images/test.txt","/images/ftp.txt","/e107_images/user.txt","/e107_images/site.txt", "/administrator/cpanel","/awstats","/images/site.sql","/images/vb.sql","/images/forum.sql","/images/backup.sql","/images/back.sql","/images/data.sql","/images/wp.rar/", "/e107_images/disqus.php","/images/asp.aspx","/images/index.php","/images/vaga.php", "/images/killer.php","/images/whmcs.php","/images/killer.php","/images/domaine.pl","/images/domaine.php","/images/useradmin/", "/images/d0maine.php","/images/d0maine.php","/images/sql.php","/e107_images/dz1.php","/images/dz1.php","/images/forum.zip","/images/Symlink.php","/images/Symlink.pl", "forum.rar","/e107_images/joomla.zip","/e107_downloads/joomla.rar","/e107_images/wp.php","/e107_images/buck.sql","/e107_images/sysadmin.php","/e107_images/c99.php", "/e107_images/xd.php", "/e107_images/c100.php", "spy.aspx","xd.php","tmp/xd.php","sym/root/home/","billing/killer.php","/images/upload.php","images/admin.php", "Server.php","/images/uploads.php","/images/up.php","Server/","/image/c99.php","/images/priv8.php","/image/priv8.php","/image/cgi.pl/", "/images/cgi.pl","/images/dom.php","/image/index.php","/images/webadmin.html","/images/admins.php", "/wp-content/images/d00.php", "/images/admins/","/images/admins.asp","/images/admins.php","/images/test.php");  

			//Start Scan 

			foreach ($shells as $shell)

			{ 

				$headers = get_headers($url.$shell);  

				if (eregi('200', $headers[0])) 

				{ 

					//Result 

					echo "<a href=\"$url.$shell\">$url$shell</a> <span class=\"found\">Founded!</span><br /><br/><br/>"; 

					//By PirateHackf edit by TheB 

					$dz = fopen("shells.txt", "a+"); 

					$suck = "$url.$shell"; fwrite($dz, $suck."\n"); 

				} 

			} 

			//Result In Text File (shells.txt) 

			echo "<span class=\"damane\">Click Here to See Shells Founded On a txt File [ <a href=\"./shells.txt\" target=\"_blank\">shells.txt</a> ]</span>"; } ?></center> 

      <center>

         <p align="center"> </p>

         <p align="center"> </p>

         <p align="center"><font color="#F6358A" size="4?></font><br><br> Where there is a shell, there is a way .</p>

         </p> 

         <p>

      </center>

</body>

</html>



			
		


		
			

				
					
						

	
	
		

			
				
				

					
				

			
			
			
		

	


					
				
				
			

		

		
	


	
    


	



					
				
					
					
					






					
				
			
			



		

	


	
	

	
		
		

			
				
				

	
		

			
Join the conversation

			

	
				
					You can post now and register later.
				
				If you have an account, sign in now to post with your account.
				
			

	
		

	




	
	
		
	
		
	
		
	
	
		
		
	
	

		

		


	
		Guest
	


		

			
				
					
				
					
						
    
							
  • 
								


	
	
	
	

								
							
    • 
						

					
				
					
				
			
			
				
					
						
							
						
						



    

		
		

			
		

		
			
 Reply to this topic...

		
		

			

				
					×
					  Pasted as rich text.   Paste as plain text instead
				
			

		

		

			

				  Only 75 emoji are allowed.
			

		

		

			

				×
				  Your link has been automatically embedded.   Display as a link instead
			

		

		

			

			

		

		

			

				×
				  Your previous content has been restored.   Clear editor
			

		

		

			

				×
				  You cannot paste images directly. Upload or insert images from URL.
			

		

		
	

		
	

	

	

		

			×
			
		

		

	



						
					
				
					
				
					
				
			
			
    
				
					
						
					
						
					
						
							
  • 
								


    
	

    

								
							
    • 
						
					
				
				
					
  • 

	

    • 
				
			

		

	



			
		

	

	
		

			


		

		

			



		

	







	

		
			
				Go to topic listing
			
		
	

	




	

	

	


	

	




								


							

							


						

					

					
				

				

				

			

		

		
		


	×
	

		

			

			

				

					
				


			

			
		

	






	×
	

		

			
    
				
  • Create New...
    •